Update readme documentation.

This commit is contained in:
Jeffrey Forman 2012-04-19 20:10:29 -04:00
parent 6f17343e23
commit 755b9eb36a
1 changed files with 26 additions and 6 deletions

View File

@ -1,7 +1,7 @@
# Binder # # Binder #
Home: Home:
A Django web application for viewing and (hopefully some day) editing your BIND DNS Zones. A Django web application for viewing and editing your BIND DNS zones.
## Requirements ## ## Requirements ##
@ -9,8 +9,9 @@ Packages:
* [Django](http://www.djangoproject.com) * [Django](http://www.djangoproject.com)
* Python * Python
* [Beautiful Soup](http://www.crummy.com/software/BeautifulSoup/) * [python-beautifulsoup](http://www.crummy.com/software/BeautifulSoup/)
* [dns python](http://www.dnspython.org/) * [python-dnspython](http://www.dnspython.org/)
* python-sqlite (if you will be using sqlite during development)
* [Bind DNS Server](http://www.isc.org/software/bind). At least version 9.5.x, which is needed for gathering remote statistics. * [Bind DNS Server](http://www.isc.org/software/bind). At least version 9.5.x, which is needed for gathering remote statistics.
## Installation & Configuration ## ## Installation & Configuration ##
@ -18,12 +19,32 @@ Packages:
### BIND Name Servers ### ### BIND Name Servers ###
In each of the BIND servers you wish to be able to query, the following stanza will be needed in your named.conf: In each of the BIND servers you wish to be able to query, the following stanza will be needed in your named.conf:
This tells BIND to publish statistics on all interfaces on tcp port 853. There is a simple ACL allowing localhost and the noted subnet, 10.10.0.0/24, to access statistics. This can be verified by querying your DNS server with your perferred web browser at [http://dnsserver:853](http://dnsserver:853/)
In each zone specification, you will need to determine how locked down you want zone updates and transfer to be.
include "/etc/bind/dynzone.key";
statistics-channels { statistics-channels {
inet * port 853 allow { localhost; 10.10.0.0/24; }; inet * port 853 allow { 10.10.0.0/24; };
}; };
This tells BIND to listen on all available interfaces on port 853. There is a simple ACL allowing localhost and the noted subnet, 10.10.0.0/24, to access statistics. This can be verified by querying your DNS server with your perferred web browser at [http://dnsserver:853](http://dnsserver:853/) controls {
inet * port 953 allow { 10.10.0.0/24; } keys { dynzone-key; };
};
zone "dynzone.yourdomain.org" IN {
type master;
file "/var/cache/bind/master/db.dynzone.yourdomain.org";
allow-update { key dynzone-key; };
};
Where /etc/bind/test.key:
key dynzone-key {
algorithm hmac-md5;
secret "foobar...BhBrq+Ra3fBzhA4IWjXY85AVUdxkSSObbw3D30xgsf.....";
};
### Django Application ### ### Django Application ###
@ -33,7 +54,6 @@ Using the Admin UI, add each DNS Server to the 'Bind Servers' model under the bc
Once you have completed this, surf over to the URL where the binder Django app is installed and enjoy. Once you have completed this, surf over to the URL where the binder Django app is installed and enjoy.
## Todo ## ## Todo ##
* Associate Keys with DNS Servers * Associate Keys with DNS Servers