Aktuelle Version vom 27. Februar 2023, 08:29 Uhr

systemd-resolved wenn er läuft abschalten

systemctl disable systemd-resolved
systemctl stop systemd-resolved

Installation

apt-get install bind9

/etc/resolv.conf setzen

rm /etc/resolv.conf
echo nameserver 127.0.0.1 > /etc/resolv.conf
echo search vulkan.int >> /etc/resolv.conf

Test

host -t a www.xinux.de

dnssec-validation abschalten

vi /etc/bind/named.conf.options

  dnssec-validation no;

forward zone

lokale Konfiguration

auf ns1.vulkan.int

zu /etc/bind/named.conf.local hinzufügen

zone "vulkan.int" {
type master;
    file "vulkan.int";
};

Erklärung

zone - Name der Zone
type - Type der Zone - master - slave
file - Name der Datei wo die Informationen zu finden sind

Zonendatei

Forward Zone

vi /var/cache/bind/vulkan.int

$TTL 300
@ IN SOA  ns1 technik.xinux.de. (
                        2022090204 14400 3600 3600000 86400)
        IN NS      ns1
ns1      IN A       192.168.34.1

Erklärung

$TTL 300 - 300 Sekunden wird der Namenseintrag im lokalen Cache gehalten.
vulkan.int - Name der Domain
SOA - Start of Authority - Wer ist Zuständig
ns1.vulkan.int. - Primärer Nameserver
technik.xinux.de. - Mailadresse - @ wird durch . ersetzt
2022090204 - Seriennummer, Datum + Version
14400 - Refresh Zeit
3600 - Wiederholungszeit beim Nichterreichen.
3600000 - Maximale Gültikeit beim Nichterreichen.
86400 - Negativer Cache
IN - Internet Name
NS - Namerver Record
A - A Record

restart bind

systemctl restart bind9

Checken ob alles ok ist

Logging

journalctl -fu named

-- Journal begins at Sat 2022-12-03 10:01:44 CET. --
Feb 25 09:42:24 debian named[584]: configuring command channel from '/etc/bind/rndc.key'
Feb 25 09:42:24 debian named[584]: command channel listening on ::1#953
Feb 25 09:42:24 debian named[584]: managed-keys-zone: loaded serial 3
Feb 25 09:42:24 debian named[584]: zone 0.in-addr.arpa/IN: loaded serial 1
Feb 25 09:42:24 debian named[584]: zone 127.in-addr.arpa/IN: loaded serial 1
Feb 25 09:42:24 debian named[584]: zone 255.in-addr.arpa/IN: loaded serial 1
Feb 25 09:42:24 debian named[584]: zone localhost/IN: loaded serial 2
Feb 25 09:42:24 debian named[584]: zone vulkan.int/IN: loaded serial 2022090204
Feb 25 09:42:24 debian named[584]: all zones loaded
Feb 25 09:42:24 debian named[584]: running

Zonentransfer

dig -t axfr @127.0.0.1 vulkan.int

; <<>> DiG 9.16.37-Debian <<>> -t axfr @127.0.0.1 vulkan.int
; (1 server found)
;; global options: +cmd
vulkan.int.		300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
vulkan.int.		300	IN	NS	ns1.vulkan.int.
ns1.vulkan.int.		300	IN	A	192.168.34.1
vulkan.int.		300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 25 10:04:15 CET 2023
;; XFR size: 4 records (messages 1, bytes 189)

Reverse Zone

add to /etc/bind/named.conf.local

zone "34.168.192.in-addr.arpa" {
          type master;
          file "34.168.192.in-addr.arpa";
};

zone file

vi /var/cache/bind/34.168.192.in-addr.arpa

$TTL 300
@   IN SOA  ns1.vulkan.int. technik.xinux.de. (
    2022090204 14400 3600 3600000 86400)
    IN NS   ns1.vulkan.int.
1   IN PTR  ns1.vulkan.int.

restart bind

systemctl restart bind9

Tests

Logging

journalctl -fu named

-- Journal begins at Sat 2022-12-03 10:01:44 CET. --
Feb 25 09:51:55 debian named[748]: zone 0.in-addr.arpa/IN: loaded serial 1
Feb 25 09:51:55 debian named[748]: zone 127.in-addr.arpa/IN: loaded serial 1
Feb 25 09:51:55 debian named[748]: zone localhost/IN: loaded serial 2
Feb 25 09:51:55 debian named[748]: zone 255.in-addr.arpa/IN: loaded serial 1
Feb 25 09:51:55 debian named[748]: zone 34.168.192.in-addr.arpa/IN: loaded serial 2022090204
Feb 25 09:51:55 debian named[748]: zone vulkan.int/IN: loaded serial 2022090204
Feb 25 09:51:55 debian named[748]: all zones loaded
Feb 25 09:51:55 debian named[748]: running

Zonentransfer

dig -t axfr @127.0.0.1 34.168.192.in-addr.arpa

; <<>> DiG 9.16.37-Debian <<>> -t axfr @127.0.0.1 34.168.192.in-addr.arpa
; (1 server found)
;; global options: +cmd
34.168.192.in-addr.arpa. 300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
34.168.192.in-addr.arpa. 300	IN	NS	ns1.vulkan.int.
1.34.168.192.in-addr.arpa. 300	IN	PTR	ns1.vulkan.int.
34.168.192.in-addr.arpa. 300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 25 10:05:37 CET 2023
;; XFR size: 4 records (messages 1, bytes 212)

dig

A-Record

dig @127.0.0.1 -t a ns1.vulkan.int

SOA-Record

dig @127.0.0.1 -t soa vulkan.int

AXFR-Record

dig @127.0.0.1 -t axfr vulkan.int

nslookup

A-Record

nslookup

> server 127.0.0.1
 Default server: 127.0.0.1
 Address: 127.0.0.1#53
> unaris.vulkan.int
> xinux.de

SOA-Record

nslookup

> server 127.0.0.1
 Default server: 127.0.0.1
 Address: 127.0.0.1#53
> unaris.vulkan.int
> set type=soa
> xinux.de

AXFR-Record

nslookup

> server 127.0.0.1
 Default server: 127.0.0.1
 Address: 127.0.0.1#53
> unaris.vulkan.int
> set type=axfr
> xinux.de

Links

https://wolfgang.dautermann.at/vortraege/CLT2010-Bind9.pdf

@@ Zeile 18: / Zeile 18: @@
 * '''host -t a www.xinux.de'''
+=dnssec-validation abschalten=
+*vi /etc/bind/named.conf.options
+   dnssec-validation no;
 = forward zone =
 == lokale Konfiguration ==
+; auf ns1.vulkan.int
 * zu ''/etc/bind/named.conf.local'' hinzufügen
@@ Zeile 36: / Zeile 41: @@
 == Zonendatei ==
+;Forward Zone
 * vi /var/cache/bind/vulkan.int
+<pre>
+$TTL 300
+@ IN SOA  ns1 technik.xinux.de. (
+                        2022090204 14400 3600 3600000 86400)
+        IN NS      ns1
+ns1      IN A       192.168.34.1
+</pre>
- $TTL 300
- vulkan.int. IN SOA  unaris.vulkan.int. technik.xinux.de. (
-                         2011090204  ;
-   ;
-    ;
-                         3600000 ;
-   ;
-                     )
-         IN NS      unaris.vulkan.int.
- unaris      IN A       192.168.25.4
 ;Erklärung
@@ Zeile 54: / Zeile 56: @@
 * vulkan.int - Name der Domain
 * SOA - Start of Authority - Wer ist Zuständig
-* unaris.vulkan.int. - Primärer Nameserver
+* ns1.vulkan.int. - Primärer Nameserver
 * technik.xinux.de. - Mailadresse - @ wird durch . ersetzt
-* 2011090204 - Seriennummer, Datum + Version
+* 2022090204 - Seriennummer, Datum + Version
 * 14400 - Refresh Zeit
 * 3600 - Wiederholungszeit beim Nichterreichen.
@@ Zeile 69: / Zeile 71: @@
 * '''systemctl restart bind9'''
+==Checken ob alles ok ist==
+;Logging
+*journalctl -fu named
+<pre>
+-- Journal begins at Sat 2022-12-03 10:01:44 CET. --
+Feb 25 09:42:24 debian named[584]: configuring command channel from '/etc/bind/rndc.key'
+Feb 25 09:42:24 debian named[584]: command channel listening on ::1#953
+Feb 25 09:42:24 debian named[584]: managed-keys-zone: loaded serial 3
+Feb 25 09:42:24 debian named[584]: zone 0.in-addr.arpa/IN: loaded serial 1
+Feb 25 09:42:24 debian named[584]: zone 127.in-addr.arpa/IN: loaded serial 1
+Feb 25 09:42:24 debian named[584]: zone 255.in-addr.arpa/IN: loaded serial 1
+Feb 25 09:42:24 debian named[584]: zone localhost/IN: loaded serial 2
+Feb 25 09:42:24 debian named[584]: zone vulkan.int/IN: loaded serial 2022090204
+Feb 25 09:42:24 debian named[584]: all zones loaded
+Feb 25 09:42:24 debian named[584]: running
+</pre>
+;Zonentransfer
+*dig -t axfr @127.0.0.1 vulkan.int
+<pre>
+; <<>> DiG 9.16.37-Debian <<>> -t axfr @127.0.0.1 vulkan.int
+; (1 server found)
+;; global options: +cmd
+vulkan.int.		300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
+vulkan.int.		300	IN	NS	ns1.vulkan.int.
+ns1.vulkan.int.		300	IN	A	192.168.34.1
+vulkan.int.		300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
+;; Query time: 0 msec
+;; SERVER: 127.0.0.1#53(127.0.0.1)
+;; WHEN: Sat Feb 25 10:04:15 CET 2023
+;; XFR size: 4 records (messages 1, bytes 189)
+</pre>
-== config file ==
+==Reverse Zone==
 add to /etc/bind/named.conf.local
-  zone "25.168.192.in-addr.arpa" {
+  zone "34.168.192.in-addr.arpa" {
             type master;
-            file "25.168.192.in-addr.arpa";
+            file "34.168.192.in-addr.arpa";
   };
 == zone file ==
-* '''vi /var/cache/bind/25.168.192.in-addr.arpa'''
+* '''vi /var/cache/bind/34.168.192.in-addr.arpa'''
+<pre>
- $TTL 300
+$TTL 300
- @   IN SOA  unaris.vulkan.int. technik.xinux.de. (
+@   IN SOA  ns1.vulkan.int. technik.xinux.de. (
-     2011090204 14400 3600 3600000 86400)
+    2022090204 14400 3600 3600000 86400)
-     IN NS   unaris.vulkan.int.
+    IN NS   ns1.vulkan.int.
-  IN PTR  unaris.vulkan.int.
+  IN PTR  ns1.vulkan.int.
+</pre>
 = restart bind =
@@ Zeile 95: / Zeile 129: @@
 =Tests=
+;Logging
+*journalctl -fu named
+<pre>
+-- Journal begins at Sat 2022-12-03 10:01:44 CET. --
+Feb 25 09:51:55 debian named[748]: zone 0.in-addr.arpa/IN: loaded serial 1
+Feb 25 09:51:55 debian named[748]: zone 127.in-addr.arpa/IN: loaded serial 1
+Feb 25 09:51:55 debian named[748]: zone localhost/IN: loaded serial 2
+Feb 25 09:51:55 debian named[748]: zone 255.in-addr.arpa/IN: loaded serial 1
+Feb 25 09:51:55 debian named[748]: zone 34.168.192.in-addr.arpa/IN: loaded serial 2022090204
+Feb 25 09:51:55 debian named[748]: zone vulkan.int/IN: loaded serial 2022090204
+Feb 25 09:51:55 debian named[748]: all zones loaded
+Feb 25 09:51:55 debian named[748]: running
+</pre>
+;Zonentransfer
+*dig -t axfr @127.0.0.1 34.168.192.in-addr.arpa
+<pre>
+; <<>> DiG 9.16.37-Debian <<>> -t axfr @127.0.0.1 34.168.192.in-addr.arpa
+; (1 server found)
+;; global options: +cmd
+.168.192.in-addr.arpa. 300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
+.168.192.in-addr.arpa. 300	IN	NS	ns1.vulkan.int.
+.34.168.192.in-addr.arpa. 300	IN	PTR	ns1.vulkan.int.
+.168.192.in-addr.arpa. 300	IN	SOA	ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400
+;; Query time: 0 msec
+;; SERVER: 127.0.0.1#53(127.0.0.1)
+;; WHEN: Sat Feb 25 10:05:37 CET 2023
+;; XFR size: 4 records (messages 1, bytes 212)
+</pre>
 ==dig==
 ===A-Record===
-*dig @192.168.25.4 -t a unaris.vulkan.int
+*dig @127.0.0.1 -t a ns1.vulkan.int
 ===SOA-Record===
-*dig @192.168.25.4 -t soa vulkan.int
+*dig @127.0.0.1  -t soa vulkan.int
 ===AXFR-Record===
-*dig @192.168.25.4 -t axfr vulkan.int
+*dig @127.0.0.1  -t axfr vulkan.int
 ==nslookup==
 ===A-Record===
 *nslookup
-  > server 192.168.25.4
+  > server 127.0.0.1
-   Default server: 192.168.25.4
+   Default server: 127.0.0.1
-   Address: 192.168.25.4#53
+   Address: 127.0.0.1#53
   > unaris.vulkan.int
   > xinux.de
 ===SOA-Record===
 *nslookup
-  > server 192.168.25.4
+  > server 127.0.0.1
-   Default server: 192.168.25.4
+   Default server: 127.0.0.1
-   Address: 192.168.25.4#53
+   Address: 127.0.0.1#53
   > unaris.vulkan.int
   > set type=soa
@@ Zeile 120: / Zeile 187: @@
 ===AXFR-Record===
 *nslookup
-  > server 192.168.25.4
+  > server 127.0.0.1
-   Default server: 192.168.25.4
+   Default server: 127.0.0.1
-   Address: 192.168.25.4#53
+   Address: 127.0.0.1#53
   > unaris.vulkan.int
   > set type=axfr

Bind9 kompakt Einstieg: Unterschied zwischen den Versionen

Aktuelle Version vom 27. Februar 2023, 08:29 Uhr

Inhaltsverzeichnis

systemd-resolved wenn er läuft abschalten

Installation

/etc/resolv.conf setzen

Test

dnssec-validation abschalten

forward zone

lokale Konfiguration

Zonendatei

restart bind

Checken ob alles ok ist

Reverse Zone

zone file

restart bind

Tests

dig

A-Record

SOA-Record

AXFR-Record

nslookup

A-Record

SOA-Record

AXFR-Record

Links

Navigationsmenü

Suche