Рубрики
debian daemons \ демоны \ службы \ сервисы

debian \ BIND \ DNS-Server \ DNS \ bind9 \ host \ dig \ nslookup

Настройка:
1. nano /etc/bind/named.conf.local

zone "d0.b14esh.ru" {
type master;
file "/etc/bind/master/b14esh.ru.zone";
allow-transfer { 127.0.0.1 ; };
};

zone "10.10.10.in-addr.arpa" {
type master;
file "/etc/bind/master/10.10.10.in-addr.arpa.zone";
};

2. nano /etc/bind/named.conf.options

 acl "acl_trusted_transfer" {
      none;
 };

 acl "acl_trusted_clients" {
     127.0.0.0/8;            // localhost (RFC 3330) - Loopback-Device addresses    127.0.0.0 - 127.255.255.255  
     // 192.168.0.0/16;     // Private Network (RFC 1918) - e. e. LAN              192.168.0.0 - 192.168.255.255 
     10.0.0.0/24;          // Private Network (RFC 1918) - e. g. VPN              10.0.0.0 - 10.255.255.255
 };

options {
        directory "/var/cache/bind";
        pid-file "/var/run/named/named.pid";
        version "not currently available"; 
        listen-on-v6 { none; };
        listen-on { any; };
        notify no;

        allow-query { acl_trusted_clients; };
        allow-query-cache { acl_trusted_clients; };
        allow-recursion { acl_trusted_clients; };
        allow-transfer {  none; };
        allow-update { none; };
        
        dnssec-validation yes;
        auth-nxdomain no; # conform to RFC1035

        empty-zones-enable yes;
        
        recursion yes;
        
        //additional-from-auth no;
        //additional-from-cache no;
        
        forwarders {
                // Router DNS
                10.0.0.1;

                // Google Public DNS
                //8.8.8.8;
                //8.8.4.4;
 
                // OpenDNS
                //208.67.222.222;
                //208.67.220.220;
                   };

};

3 nano. /etc/bind/master/10.10.10.in-addr.arpa.zone

$TTL 30
$ORIGIN 10.10.10.in-addr.arpa.
@ SOA gw.d0.b14esh.ru. root.d0.b14esh.ru. (
20120200
1h
10m
1d
30 )
  NS gw.d0.b14esh.ru.
  MX 10 gw.d0.b14esh.ru.

10 PTR gw.d0.b14esh.ru.
20 PTR win2003.d0.b14esh.ru.
30 PTR win2008.d0.b14esh.ru.
120 PTR winxp.d0.b14esh.ru.

4. nano /etc/bind/master/b14esh.ru.zone

$TTL 30
$ORIGIN d0.b14esh.ru.
@ SOA gw root 20120200 1h 10m 1d 30
  NS gw
  MX 10 gw

gw A 10.10.10.10
winxp A 10.10.10.120
win2003 A 10.10.10.20
win2008 A 10.10.10.30

5. nano /etc/resolv.conf

nameserver 127.0.01
domain my.domain

Проверка сервера


named-checkconf -z проверка зон
named-checkconf проверка конфигов
rndc reconfig перечетать конфиги

nslookup
host
dig

host -la my.domain
host 127.0.0.1

www.myservak.ru. FQDN
/etc/nsswitch что смотрит первым сетевому интерфейсу file(hosts или resolv)