Bind9 kompakt: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 1: | Zeile 1: | ||
= '''systemd-resolved''' abschalten = | = '''systemd-resolved''' abschalten = | ||
| − | * systemctl disable systemd-resolved | + | * '''systemctl disable systemd-resolved''' |
| − | * systemctl stop systemd-resolved | + | * '''systemctl stop systemd-resolved''' |
= Installation = | = Installation = | ||
| − | * apt-get install bind9 | + | * '''apt-get install bind9''' |
= ''/etc/resolv.conf'' setzen = | = ''/etc/resolv.conf'' setzen = | ||
| − | * rm /etc/resolv.conf | + | * '''rm /etc/resolv.conf''' |
| − | * echo nameserver 127.0.0.1 > /etc/resolv.conf | + | * '''echo nameserver 127.0.0.1 > /etc/resolv.conf''' |
= Test = | = Test = | ||
| Zeile 37: | Zeile 37: | ||
* vi /var/cache/bind/vulkan.int | * vi /var/cache/bind/vulkan.int | ||
| − | |||
$TTL 300 | $TTL 300 | ||
vulkan.int. IN SOA unaris.vulkan.int. technik.xinux.de. ( | vulkan.int. IN SOA unaris.vulkan.int. technik.xinux.de. ( | ||
| Zeile 48: | Zeile 47: | ||
IN NS unaris.vulkan.int. | IN NS unaris.vulkan.int. | ||
unaris IN A 192.168.25.4 | unaris IN A 192.168.25.4 | ||
| − | |||
;Erklärung | ;Erklärung | ||
| Zeile 67: | Zeile 65: | ||
== restart bind == | == restart bind == | ||
| − | + | +systemctl restart bind9 ## test | |
| − | + | ||
| − | + | +host -t a unaris.vulkan.int 127.0.0.1 Using domain server: Name: 127.0.0.1 Addrallow-transfer { 192.168.249.121 };ess: 127.0.0.1#53 Aliases: | |
| − | + | ||
| − | |||
| − | |||
| − | |||
| − | |||
unaris.vulkan.int has address 192.168.25.4 | unaris.vulkan.int has address 192.168.25.4 | ||
| Zeile 82: | Zeile 76: | ||
add to /etc/bind/named.conf.local | add to /etc/bind/named.conf.local | ||
| − | + | ||
zone "25.168.192.in-addr.arpa" { | zone "25.168.192.in-addr.arpa" { | ||
type master; | type master; | ||
file "25.168.192.in-addr.arpa"; | file "25.168.192.in-addr.arpa"; | ||
}; | }; | ||
| − | |||
== zone file == | == zone file == | ||
+vi /var/cache/bind/25.168.192.in-addr.arpa | +vi /var/cache/bind/25.168.192.in-addr.arpa | ||
| − | + | ||
$TTL 300 | $TTL 300 | ||
@ IN SOA unaris.vulkan.int. technik.xinux.de. ( | @ IN SOA unaris.vulkan.int. technik.xinux.de. ( | ||
| Zeile 98: | Zeile 91: | ||
IN NS unaris.vulkan.int. | IN NS unaris.vulkan.int. | ||
4 IN PTR unaris.vulkan.int. | 4 IN PTR unaris.vulkan.int. | ||
| − | |||
= restart bind = | = restart bind = | ||
| Zeile 107: | Zeile 99: | ||
+host -t ptr 192.168.25.4 127.0.0.1 | +host -t ptr 192.168.25.4 127.0.0.1 | ||
| − | + | ||
Using domain server: | Using domain server: | ||
Name: 127.0.0.1 | Name: 127.0.0.1 | ||
| Zeile 114: | Zeile 106: | ||
4.25.168.192.in-addr.arpa domain name pointer unaris.vulkan.int. | 4.25.168.192.in-addr.arpa domain name pointer unaris.vulkan.int. | ||
| − | |||
= Eintragen der Forward Nameserver = | = Eintragen der Forward Nameserver = | ||
+cat /etc/bind/named.conf.options | +cat /etc/bind/named.conf.options | ||
| − | + | ||
options { | options { | ||
directory "/var/cache/bind"; | directory "/var/cache/bind"; | ||
| Zeile 129: | Zeile 120: | ||
.... | .... | ||
}; | }; | ||
| − | |||
= Generate = | = Generate = | ||
| − | |||
$TTL 300 | $TTL 300 | ||
@ IN SOA dozent.it150.int. technik.xinux.de. ( | @ IN SOA dozent.it150.int. technik.xinux.de. ( | ||
| Zeile 148: | Zeile 137: | ||
$GENERATE 150-150 server.it$ A 10.0.$.21 | $GENERATE 150-150 server.it$ A 10.0.$.21 | ||
$GENERATE 150-150 desktop.it$ A 192.168.$.11 | $GENERATE 150-150 desktop.it$ A 192.168.$.11 | ||
| − | |||
;Ergebnis | ;Ergebnis | ||
| − | + | ||
desktop.it101.int. 300 IN A 192.168.101.11 | desktop.it101.int. 300 IN A 192.168.101.11 | ||
firewall.it101.int. 300 IN A 192.168.2.101 | firewall.it101.int. 300 IN A 192.168.2.101 | ||
| Zeile 175: | Zeile 163: | ||
... | ... | ||
... | ... | ||
| − | |||
= Links = | = Links = | ||
+https://wolfgang.dautermann.at/vortraege/CLT2010-Bind9.pdf | +https://wolfgang.dautermann.at/vortraege/CLT2010-Bind9.pdf | ||
Version vom 22. Februar 2023, 07:34 Uhr
systemd-resolved abschalten
- systemctl disable systemd-resolved
- systemctl stop systemd-resolved
Installation
- apt-get install bind9
/etc/resolv.conf setzen
- rm /etc/resolv.conf
- echo nameserver 127.0.0.1 > /etc/resolv.conf
Test
- host -t a www.xinux.de
forward zone
lokale Konfiguration
- zu /etc/bind/named.conf.local hinzufügen
zone "vulkan.int" {
type master;
file "vulkan.int";
};
- Erklärung
- zone - Name der Zone
- type - Type der Zone - master - slave
- file - Name der Datei wo die Informationen zu finden sind
Zonendatei
- vi /var/cache/bind/vulkan.int
$TTL 300
vulkan.int. IN SOA unaris.vulkan.int. technik.xinux.de. (
2011090204 ;
14400 ;
3600 ;
3600000 ;
86400 ;
)
IN NS unaris.vulkan.int.
unaris IN A 192.168.25.4
- Erklärung
- $TTL 300 - 300 Sekunden wird der Namenseintrag im lokalen Cache gehalten.
- vulkan.int - Name der Domain
- SOA - Start of Authority - Wer ist Zuständig
- unaris.vulkan.int. - Primärer Nameserver
- technik.xinux.de. - Mailadresse - @ wird durch . ersetzt
- 2011090204 - Seriennummer, Datum + Version
- 14400 - Refresh Zeit
- 3600 - Wiederholungszeit beim Nichterreichen.
- 3600000 - Maximale Gültikeit beim Nichterreichen.
- 86400 - Negativer Cache
- IN - Internet Name
- NS - Namerver Record
- A - A Record
restart bind
+systemctl restart bind9 ## test
+host -t a unaris.vulkan.int 127.0.0.1 Using domain server: Name: 127.0.0.1 Addrallow-transfer { 192.168.249.121 };ess: 127.0.0.1#53 Aliases:
unaris.vulkan.int has address 192.168.25.4
reverse zone
config file
add to /etc/bind/named.conf.local
zone "25.168.192.in-addr.arpa" {
type master;
file "25.168.192.in-addr.arpa";
};
zone file
+vi /var/cache/bind/25.168.192.in-addr.arpa
$TTL 300
@ IN SOA unaris.vulkan.int. technik.xinux.de. (
2011090204 14400 3600 3600000 86400)
IN NS unaris.vulkan.int.
4 IN PTR unaris.vulkan.int.
restart bind
+systemctl restart bind9
tests
+host -t ptr 192.168.25.4 127.0.0.1
Using domain server: Name: 127.0.0.1 Address: 127.0.0.1#53 Aliases: 4.25.168.192.in-addr.arpa domain name pointer unaris.vulkan.int.
Eintragen der Forward Nameserver
+cat /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
forwarders {
10.80.0.2;
10.80.0.3;
};
....
....
};
Generate
$TTL 300
@ IN SOA dozent.it150.int. technik.xinux.de. (
2022092001 14400 3600 3600000 86400
)
IN NS dozent.it150.int.
dozent.it150 IN A 192.168.2.200
; DHCP - Range 192.168.2.0/24
$GENERATE 101-112 firewall.it$ A 192.168.2.$
$GENERATE 101-112 server.it$ A 10.0.$.21
$GENERATE 101-112 desktop.it$ A 192.168.$.11
$GENERATE 150-150 firewall.it$ A 192.168.2.$
$GENERATE 150-150 server.it$ A 10.0.$.21
$GENERATE 150-150 desktop.it$ A 192.168.$.11
- Ergebnis
desktop.it101.int. 300 IN A 192.168.101.11 firewall.it101.int. 300 IN A 192.168.2.101 server.it101.int. 300 IN A 10.0.101.21 desktop.it102.int. 300 IN A 192.168.102.11 firewall.it102.int. 300 IN A 192.168.2.102 server.it102.int. 300 IN A 10.0.102.21 desktop.it103.int. 300 IN A 192.168.103.11 firewall.it103.int. 300 IN A 192.168.2.103 server.it103.int. 300 IN A 10.0.103.21 desktop.it104.int. 300 IN A 192.168.104.11 firewall.it104.int. 300 IN A 192.168.2.104 server.it104.int. 300 IN A 10.0.104.21 desktop.it105.int. 300 IN A 192.168.105.11 firewall.it105.int. 300 IN A 192.168.2.105 server.it105.int. 300 IN A 10.0.105.21 desktop.it106.int. 300 IN A 192.168.106.11 firewall.it106.int. 300 IN A 192.168.2.106 server.it106.int. 300 IN A 10.0.106.21 desktop.it107.int. 300 IN A 192.168.107.11 firewall.it107.int. 300 IN A 192.168.2.107 server.it107.int. 300 IN A 10.0.107.21 desktop.it108.int. 300 IN A 192.168.108.11 ... ...