Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
centos:bind_nameserver [07.11.2008 21:36. ] – angelegt django | centos:bind_nameserver [20.04.2018 10:26. ] (aktuell) – Externe Bearbeitung 127.0.0.1 | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ====== BIND Nameserver ====== | ||
+ | Mit BIND((Berkeley Internet Name Domain)) richten wir uns für unser SOHO((SmallOfficeHomeOffice))-LAN ein Domain-Name-System-Server oder kurz DNS((Domain Name System))ein. | ||
+ | \\ | ||
+ | DNS wurde in den beiden RFC 1034 und RFC 1035 definiert und bekam von der Internet Assigned Numbers Authority die beiden Ports 53/UDP und 53/TCP. | ||
+ | ===== Installation ===== | ||
+ | Zu erst installieren wir uns die beiden Pakete **bind** und **bind-chroot**. Letzters hilft uns, unseren DNS in einem chroot((change root directory))-Umgebung laufen zu lassen. Hierzu reicht quasi die installation von **bind-chroot**, | ||
+ | < | ||
+ | ===== Konfiguration ===== | ||
+ | ==== named.conf ==== | ||
+ | Als erstes erstellen wir uns unsere Serverkonfigurationsdatei: | ||
+ | # vim / | ||
+ | < | ||
+ | // Red Hat BIND Configuration Tool | ||
+ | // | ||
+ | // Default initial " | ||
+ | // | ||
+ | |||
+ | options { | ||
+ | allow-query { | ||
+ | 127.0.0.1; | ||
+ | 192.168.100.0/ | ||
+ | }; | ||
+ | |||
+ | |||
+ | |||
+ | query-source address 192.168.100.1 port * | ||
+ | |||
+ | |||
+ | |||
+ | ; | ||
+ | forwarders { 212.18.3.5; | ||
+ | 212.18.0.5; | ||
+ | }; | ||
+ | |||
+ | random-device "/ | ||
+ | directory "/ | ||
+ | dump-file "/ | ||
+ | statistics-file "/ | ||
+ | /* | ||
+ | * If there is a firewall between you and nameservers you want | ||
+ | * to talk to, you might need to uncomment the query-source | ||
+ | * directive below. | ||
+ | * questions using port 53, but BIND 8.1 uses an unprivileged | ||
+ | * port by default. | ||
+ | */ | ||
+ | // query-source address * port 53; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type hint; | ||
+ | file " | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | allow-update { none; }; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | allow-update { none; }; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | allow-update { none; }; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | allow-update { none; }; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | allow-update { none; }; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | allow-update { none; }; | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | }; | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file " | ||
+ | }; | ||
+ | | ||
+ | |||
+ | include "/ | ||
+ | |||
+ | ==== Forward-Auflösung ==== | ||
+ | Als nächstes legen wir uns für die // | ||
+ | < | ||
+ | $TTL 86400 | ||
+ | @ | ||
+ | 2008110701 | ||
+ | 3H ; refresh | ||
+ | 15M ; retry | ||
+ | 1W ; expiry | ||
+ | 1D ) ; minimum | ||
+ | |||
+ | IN NS nss.nausch.org. | ||
+ | IN MX 10 nss | ||
+ | |||
+ | ldap IN CNAME nss | ||
+ | time IN CNAME nss | ||
+ | |||
+ | nausch.org. | ||
+ | *.nausch.org. | ||
+ | |||
+ | nss | ||
+ | |||
+ | GXP-2000 | ||
+ | ST-100 | ||
+ | SPA-2100-1 | ||
+ | SPA-2100-2 | ||
+ | snom360 | ||
+ | snom320 | ||
+ | snom300-1 | ||
+ | snom300-2 | ||
+ | snom300-3 | ||
+ | snom-m3 | ||
+ | ==== Reverse-Auflösung ==== | ||
+ | Für die // | ||
+ | < | ||
+ | $TTL 2D | ||
+ | @ IN SOA nss.nausch.org. root.nss.nausch.org. ( | ||
+ | 2008110701 | ||
+ | 3H ; refresh | ||
+ | 1H ; retry | ||
+ | 1W ; expiry | ||
+ | 1D ) ; minimum | ||
+ | |||
+ | @ IN NS | ||
+ | |||
+ | 1 IN PTR nss.nausch.org. | ||
+ | 50 IN PTR GXP-2000.nausch.org. | ||
+ | 51 IN PTR ST-100.nausch.org. | ||
+ | 52 IN PTR SPA-2100-1.nausch.org. | ||
+ | 53 IN PTR SPA-2100-2.nausch.org. | ||
+ | 54 IN PTR snom360.nausch.org. | ||
+ | 55 IN PTR snom320.nausch.org. | ||
+ | 56 IN PTR snom300-1.nausch.org. | ||
+ | 57 IN PTR snom300-2.nausch.org. | ||
+ | 58 IN PTR snom300-3.nausch.org. | ||
+ | 59 IN PTR snom-m3.nausch.org.</ | ||
+ | Weiter legen wir uns noch folgende Dateien an | ||
+ | ==== localdomain.zone ==== | ||
+ | < | ||
+ | @ IN SOA localhost root.localhost ( | ||
+ | 42 ; serial (d. adams) | ||
+ | 3H ; refresh | ||
+ | 15M ; retry | ||
+ | 1W ; expiry | ||
+ | 1D ) ; minimum | ||
+ | IN NS | ||
+ | localhost | ||
+ | ==== localhost.zone ==== | ||
+ | < | ||
+ | @ IN SOA @ root ( | ||
+ | 42 ; serial (d. adams) | ||
+ | 3H ; refresh | ||
+ | 15M ; retry | ||
+ | 1W ; expiry | ||
+ | 1D ) ; minimum | ||
+ | |||
+ | IN NS @ | ||
+ | IN A 127.0.0.1 | ||
+ | IN AAAA :: | ||
+ | ==== named.broadcast ==== | ||
+ | < | ||
+ | @ IN SOA localhost. | ||
+ | 42 ; serial (d. adams) | ||
+ | 3H ; refresh | ||
+ | 15M ; retry | ||
+ | 1W ; expiry | ||
+ | 1D ) ; minimum | ||
+ | IN NS localhost.</ | ||
+ | ==== named.ip6.local ==== | ||
+ | < | ||
+ | @ | ||
+ | 42 ; Serial | ||
+ | 28800 ; Refresh | ||
+ | 14400 ; Retry | ||
+ | 3600000 | ||
+ | 86400 ) ; Minimum | ||
+ | | ||
+ | 1 IN PTR | ||
+ | ==== named.local ==== | ||
+ | < | ||
+ | @ | ||
+ | 42 ; Serial | ||
+ | 28800 ; Refresh | ||
+ | 14400 ; Retry | ||
+ | 3600000 | ||
+ | 86400 ) ; Minimum | ||
+ | IN NS localhost. | ||
+ | 1 | ||
+ | ==== named.root ==== | ||
+ | < | ||
+ | ; version of root zone: 2007082400 | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | . | ||
+ | A.ROOT-SERVERS.NET. | ||
+ | B.ROOT-SERVERS.NET. | ||
+ | C.ROOT-SERVERS.NET. | ||
+ | D.ROOT-SERVERS.NET. | ||
+ | E.ROOT-SERVERS.NET. | ||
+ | F.ROOT-SERVERS.NET. | ||
+ | G.ROOT-SERVERS.NET. | ||
+ | H.ROOT-SERVERS.NET. | ||
+ | I.ROOT-SERVERS.NET. | ||
+ | J.ROOT-SERVERS.NET. | ||
+ | K.ROOT-SERVERS.NET. | ||
+ | L.ROOT-SERVERS.NET. | ||
+ | M.ROOT-SERVERS.NET. | ||
+ | ==== named.zero ==== | ||
+ | < | ||
+ | @ IN SOA localhost. | ||
+ | 42 ; serial (d. adams) | ||
+ | 3H ; refresh | ||
+ | 15M ; retry | ||
+ | 1W ; expiry | ||
+ | 1D ) ; minimum | ||
+ | IN NS localhost.</ | ||
+ | ===== Nameserver starten ===== | ||
+ | Den ersten Start unseres DNS-Servers nehmen wir wie folgt vor. | ||
+ | < | ||
+ | named starten: | ||
+ | Im syslog wird der erfolgreiche Start entsprechend quittiert: | ||
+ | < | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | Nov 7 21:40:17 mnss named[17041]: | ||
+ | ===== automatisches Starten des Dienste beim Systemstart ===== | ||
+ | Damit nun unser DNS-Server beim Booten automatisch gestartet wird, nehmen wir noch folgende Konfigurationsschritte vor. | ||
+ | < | ||
+ | Anschließend überprüfen wir noch unsere Änderung: | ||
+ | < | ||
+ | named | ||
+ | |||
+ | ====== Links ====== | ||
+ | * **[[wiki: | ||
+ | * **[[http:// | ||
+ | |||