Bind9 kompakt Einstieg: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Tests) |
|||
| (11 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 18: | Zeile 18: | ||
* '''host -t a www.xinux.de''' | * '''host -t a www.xinux.de''' | ||
| + | |||
| + | =dnssec-validation abschalten= | ||
| + | *vi /etc/bind/named.conf.options | ||
| + | dnssec-validation no; | ||
| + | |||
= forward zone = | = forward zone = | ||
| Zeile 36: | Zeile 41: | ||
== Zonendatei == | == Zonendatei == | ||
| − | + | ;Forward Zone | |
* vi /var/cache/bind/vulkan.int | * vi /var/cache/bind/vulkan.int | ||
| + | <pre> | ||
| + | $TTL 300 | ||
| + | @ IN SOA ns1 technik.xinux.de. ( | ||
| + | 2022090204 14400 3600 3600000 86400) | ||
| + | IN NS ns1 | ||
| + | ns1 IN A 192.168.34.1 | ||
| + | </pre> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
;Erklärung | ;Erklärung | ||
| Zeile 54: | Zeile 56: | ||
* vulkan.int - Name der Domain | * vulkan.int - Name der Domain | ||
* SOA - Start of Authority - Wer ist Zuständig | * SOA - Start of Authority - Wer ist Zuständig | ||
| − | * | + | * ns1.vulkan.int. - Primärer Nameserver |
* technik.xinux.de. - Mailadresse - @ wird durch . ersetzt | * technik.xinux.de. - Mailadresse - @ wird durch . ersetzt | ||
| − | * | + | * 2022090204 - Seriennummer, Datum + Version |
* 14400 - Refresh Zeit | * 14400 - Refresh Zeit | ||
* 3600 - Wiederholungszeit beim Nichterreichen. | * 3600 - Wiederholungszeit beim Nichterreichen. | ||
| Zeile 91: | Zeile 93: | ||
; (1 server found) | ; (1 server found) | ||
;; global options: +cmd | ;; global options: +cmd | ||
| − | vulkan.int. 300 IN SOA | + | vulkan.int. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 |
| − | vulkan.int. 300 IN NS | + | vulkan.int. 300 IN NS ns1.vulkan.int. |
| − | + | ns1.vulkan.int. 300 IN A 192.168.34.1 | |
| − | vulkan.int. 300 IN SOA | + | vulkan.int. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 |
| − | ;; Query time: | + | ;; Query time: 0 msec |
;; SERVER: 127.0.0.1#53(127.0.0.1) | ;; SERVER: 127.0.0.1#53(127.0.0.1) | ||
| − | ;; WHEN: Sat Feb 25 | + | ;; WHEN: Sat Feb 25 10:04:15 CET 2023 |
| − | ;; XFR size: 4 records (messages 1, bytes | + | ;; XFR size: 4 records (messages 1, bytes 189) |
| + | |||
</pre> | </pre> | ||
| Zeile 113: | Zeile 116: | ||
* '''vi /var/cache/bind/34.168.192.in-addr.arpa''' | * '''vi /var/cache/bind/34.168.192.in-addr.arpa''' | ||
| − | + | <pre> | |
| − | + | $TTL 300 | |
| − | + | @ IN SOA ns1.vulkan.int. technik.xinux.de. ( | |
| − | + | 2022090204 14400 3600 3600000 86400) | |
| − | + | IN NS ns1.vulkan.int. | |
| − | + | 1 IN PTR ns1.vulkan.int. | |
| + | </pre> | ||
= restart bind = | = restart bind = | ||
| Zeile 146: | Zeile 150: | ||
; (1 server found) | ; (1 server found) | ||
;; global options: +cmd | ;; global options: +cmd | ||
| − | 34.168.192.in-addr.arpa. 300 IN SOA | + | 34.168.192.in-addr.arpa. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 |
| − | 34.168.192.in-addr.arpa. 300 IN NS | + | 34.168.192.in-addr.arpa. 300 IN NS ns1.vulkan.int. |
| − | + | 1.34.168.192.in-addr.arpa. 300 IN PTR ns1.vulkan.int. | |
| − | 34.168.192.in-addr.arpa. 300 IN SOA | + | 34.168.192.in-addr.arpa. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 |
;; Query time: 0 msec | ;; Query time: 0 msec | ||
;; SERVER: 127.0.0.1#53(127.0.0.1) | ;; SERVER: 127.0.0.1#53(127.0.0.1) | ||
| − | ;; WHEN: Sat Feb 25 | + | ;; WHEN: Sat Feb 25 10:05:37 CET 2023 |
| − | ;; XFR size: 4 records (messages 1, bytes | + | ;; XFR size: 4 records (messages 1, bytes 212) |
</pre> | </pre> | ||
==dig== | ==dig== | ||
===A-Record=== | ===A-Record=== | ||
| − | *dig @ | + | *dig @127.0.0.1 -t a ns1.vulkan.int |
| + | |||
===SOA-Record=== | ===SOA-Record=== | ||
| − | *dig @ | + | *dig @127.0.0.1 -t soa vulkan.int |
===AXFR-Record=== | ===AXFR-Record=== | ||
| − | *dig @ | + | *dig @127.0.0.1 -t axfr vulkan.int |
| + | |||
==nslookup== | ==nslookup== | ||
===A-Record=== | ===A-Record=== | ||
*nslookup | *nslookup | ||
| − | > server | + | > server 127.0.0.1 |
| − | Default server: | + | Default server: 127.0.0.1 |
| − | Address: | + | Address: 127.0.0.1#53 |
> unaris.vulkan.int | > unaris.vulkan.int | ||
> xinux.de | > xinux.de | ||
===SOA-Record=== | ===SOA-Record=== | ||
*nslookup | *nslookup | ||
| − | > server | + | > server 127.0.0.1 |
| − | Default server: | + | Default server: 127.0.0.1 |
| − | Address: | + | Address: 127.0.0.1#53 |
> unaris.vulkan.int | > unaris.vulkan.int | ||
> set type=soa | > set type=soa | ||
| Zeile 181: | Zeile 187: | ||
===AXFR-Record=== | ===AXFR-Record=== | ||
*nslookup | *nslookup | ||
| − | > server | + | > server 127.0.0.1 |
| − | Default server: | + | Default server: 127.0.0.1 |
| − | Address: | + | Address: 127.0.0.1#53 |
> unaris.vulkan.int | > unaris.vulkan.int | ||
> set type=axfr | > set type=axfr | ||
Aktuelle Version vom 27. Februar 2023, 08:29 Uhr
systemd-resolved wenn er läuft abschalten
- systemctl disable systemd-resolved
- systemctl stop systemd-resolved
Installation
- apt-get install bind9
/etc/resolv.conf setzen
- rm /etc/resolv.conf
- echo nameserver 127.0.0.1 > /etc/resolv.conf
- echo search vulkan.int >> /etc/resolv.conf
Test
- host -t a www.xinux.de
dnssec-validation abschalten
- vi /etc/bind/named.conf.options
dnssec-validation no;
forward zone
lokale Konfiguration
- auf ns1.vulkan.int
- zu /etc/bind/named.conf.local hinzufügen
zone "vulkan.int" {
type master;
file "vulkan.int";
};
- Erklärung
- zone - Name der Zone
- type - Type der Zone - master - slave
- file - Name der Datei wo die Informationen zu finden sind
Zonendatei
- Forward Zone
- vi /var/cache/bind/vulkan.int
$TTL 300
@ IN SOA ns1 technik.xinux.de. (
2022090204 14400 3600 3600000 86400)
IN NS ns1
ns1 IN A 192.168.34.1
- Erklärung
- $TTL 300 - 300 Sekunden wird der Namenseintrag im lokalen Cache gehalten.
- vulkan.int - Name der Domain
- SOA - Start of Authority - Wer ist Zuständig
- ns1.vulkan.int. - Primärer Nameserver
- technik.xinux.de. - Mailadresse - @ wird durch . ersetzt
- 2022090204 - Seriennummer, Datum + Version
- 14400 - Refresh Zeit
- 3600 - Wiederholungszeit beim Nichterreichen.
- 3600000 - Maximale Gültikeit beim Nichterreichen.
- 86400 - Negativer Cache
- IN - Internet Name
- NS - Namerver Record
- A - A Record
restart bind
- systemctl restart bind9
Checken ob alles ok ist
- Logging
- journalctl -fu named
-- Journal begins at Sat 2022-12-03 10:01:44 CET. -- Feb 25 09:42:24 debian named[584]: configuring command channel from '/etc/bind/rndc.key' Feb 25 09:42:24 debian named[584]: command channel listening on ::1#953 Feb 25 09:42:24 debian named[584]: managed-keys-zone: loaded serial 3 Feb 25 09:42:24 debian named[584]: zone 0.in-addr.arpa/IN: loaded serial 1 Feb 25 09:42:24 debian named[584]: zone 127.in-addr.arpa/IN: loaded serial 1 Feb 25 09:42:24 debian named[584]: zone 255.in-addr.arpa/IN: loaded serial 1 Feb 25 09:42:24 debian named[584]: zone localhost/IN: loaded serial 2 Feb 25 09:42:24 debian named[584]: zone vulkan.int/IN: loaded serial 2022090204 Feb 25 09:42:24 debian named[584]: all zones loaded Feb 25 09:42:24 debian named[584]: running
- Zonentransfer
- dig -t axfr @127.0.0.1 vulkan.int
; <<>> DiG 9.16.37-Debian <<>> -t axfr @127.0.0.1 vulkan.int ; (1 server found) ;; global options: +cmd vulkan.int. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 vulkan.int. 300 IN NS ns1.vulkan.int. ns1.vulkan.int. 300 IN A 192.168.34.1 vulkan.int. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Feb 25 10:04:15 CET 2023 ;; XFR size: 4 records (messages 1, bytes 189)
Reverse Zone
add to /etc/bind/named.conf.local
zone "34.168.192.in-addr.arpa" {
type master;
file "34.168.192.in-addr.arpa";
};
zone file
- vi /var/cache/bind/34.168.192.in-addr.arpa
$TTL 300
@ IN SOA ns1.vulkan.int. technik.xinux.de. (
2022090204 14400 3600 3600000 86400)
IN NS ns1.vulkan.int.
1 IN PTR ns1.vulkan.int.
restart bind
- systemctl restart bind9
Tests
- Logging
- journalctl -fu named
-- Journal begins at Sat 2022-12-03 10:01:44 CET. -- Feb 25 09:51:55 debian named[748]: zone 0.in-addr.arpa/IN: loaded serial 1 Feb 25 09:51:55 debian named[748]: zone 127.in-addr.arpa/IN: loaded serial 1 Feb 25 09:51:55 debian named[748]: zone localhost/IN: loaded serial 2 Feb 25 09:51:55 debian named[748]: zone 255.in-addr.arpa/IN: loaded serial 1 Feb 25 09:51:55 debian named[748]: zone 34.168.192.in-addr.arpa/IN: loaded serial 2022090204 Feb 25 09:51:55 debian named[748]: zone vulkan.int/IN: loaded serial 2022090204 Feb 25 09:51:55 debian named[748]: all zones loaded Feb 25 09:51:55 debian named[748]: running
- Zonentransfer
- dig -t axfr @127.0.0.1 34.168.192.in-addr.arpa
; <<>> DiG 9.16.37-Debian <<>> -t axfr @127.0.0.1 34.168.192.in-addr.arpa ; (1 server found) ;; global options: +cmd 34.168.192.in-addr.arpa. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 34.168.192.in-addr.arpa. 300 IN NS ns1.vulkan.int. 1.34.168.192.in-addr.arpa. 300 IN PTR ns1.vulkan.int. 34.168.192.in-addr.arpa. 300 IN SOA ns1.vulkan.int. technik.xinux.de. 2022090204 14400 3600 3600000 86400 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Feb 25 10:05:37 CET 2023 ;; XFR size: 4 records (messages 1, bytes 212)
dig
A-Record
- dig @127.0.0.1 -t a ns1.vulkan.int
SOA-Record
- dig @127.0.0.1 -t soa vulkan.int
AXFR-Record
- dig @127.0.0.1 -t axfr vulkan.int
nslookup
A-Record
- nslookup
> server 127.0.0.1 Default server: 127.0.0.1 Address: 127.0.0.1#53 > unaris.vulkan.int > xinux.de
SOA-Record
- nslookup
> server 127.0.0.1 Default server: 127.0.0.1 Address: 127.0.0.1#53 > unaris.vulkan.int > set type=soa > xinux.de
AXFR-Record
- nslookup
> server 127.0.0.1 Default server: 127.0.0.1 Address: 127.0.0.1#53 > unaris.vulkan.int > set type=axfr > xinux.de