named.conf

logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
};

options {
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    secroots-file "/var/named/data/named.secroots";
    recursing-file "/var/named/data/named.recursing";
    allow-query { localhost;192.168.200.0/24; };
    allow-recursion { localhost;192.168.200.254; };
    forwarders { 192.168.200.1; };
    recursion yes;
    dnssec-enable yes;
    dnssec-validation yes;
    managed-keys-directory "/var/named/dynamic";
    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
    include "/etc/crypto-policies/back-ends/bind.config";
};

zone "{{ BASE_DOMAIN }}" IN {
    type master;
    file "zone.db";
    allow-update { none; };
};

zone "." IN {
    type hint;
    file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";