as this thread is approaching 100 msgs, time for a wrap up. below is where i *Think* i am, .... ;)
*1. thanks to all that have provided dns configuration/testing insights*
*2. i am not going to serve email*
*3. i am not going to use views in named.conf, /etc/hosts trimmed to include only 127.0.0.1 & ::1*
*4. my current /etc/named.conf*
// // named.conf //
options { // listen-on port 53 { 127.0.0.1; }; // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; secroots-file "/var/named/data/named.secroots"; recursing-file "/var/named/data/named.recursing"; allow-query { any; };
recursion no;
dnssec-enable yes; dnssec-validation yes;
managed-keys-directory "/var/named/dynamic"; geoip-directory "/usr/share/GeoIP";
pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key";
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */ include "/etc/crypto-policies/back-ends/bind.config"; };
logging { channel default_debug { file "data/named.run"; severity dynamic; }; };
zone "linuxlighthouse.com" { type master; file "/var/named/linuxlighthouse.com.db"; allow-update { none; }; };
zone "." IN { type hint; file "named.ca"; };
include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
*5. dns config file* ; $TTL 3D ; default ttl for records without a specified lifetime $ORIGIN linuxlighthouse.com. linuxlighthouse.com. CAA 0 issue "letsencrypt.org" @ IN SOA ws.linuxlighthouse.com. root.linuxlighthouse.com. ( 2021050301 ; serial number 16384 ; ns refresh 2048 ; ns retry 1048576 ; authority expiry 2560 ); min (RFC2308 §4) IN NS ws.linuxlighthouse.com. IN NS ns3.attdns.com. ; IN MX linuxlighthouse.com. ws IN A 108.220.213.121 www IN A 108.220.213.121 IN A 108.220.213.121
*6. added www definition, caa record, and updated serial number*
*7. finally, an att service issue, do they secondary my dns config (or not)*