Bind9 kompakt: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 1: Zeile 1:
=if systemd-resolved is running disable it=
+
= '''systemd-resolved''' abschalten =
*systemctl disable  systemd-resolved
 
*systemctl stop systemd-resolved
 
=install=
 
*apt-get install bind9
 
=set resolv.conf=
 
*rm /etc/resolv.conf
 
*echo nameserver 127.0.0.1 > /etc/resolv.conf
 
=test=
 
*host -t a www.xinux.de
 
  
=forward zone=
+
* systemctl disable systemd-resolved
==config==
+
* systemctl stop systemd-resolved
add to /etc/bind/named.conf.local
+
 
<pre>
+
= Installation =
zone "vulkan.int" {
+
 
      type master;
+
* apt-get install bind9
      file "vulkan.int";
+
 
};
+
= ''/etc/resolv.conf'' setzen =
</pre>
+
 
 +
* rm /etc/resolv.conf
 +
* echo nameserver 127.0.0.1 &gt; /etc/resolv.conf
 +
 
 +
= Test =
 +
 
 +
* host -t a www.xinux.de
 +
 
 +
= forward zone =
 +
 
 +
== lokale Konfiguration ==
 +
 
 +
* zu ''/etc/bind/named.conf.local'' hinzufügen
 +
 
 +
zone "vulkan.int" {
 +
type master;
 +
file "vulkan.int";
 +
};
 
;Erklärung
 
;Erklärung
:zone - Name der Zone
 
:type - Type der Zone - master - slave
 
:file - Name der Datei wo die Informationen zu finden sind
 
  
==zonefile==  
+
* zone - Name der Zone
*vi /var/cache/bind/vulkan.int
+
* type - Type der Zone - master - slave
<pre>
+
* file - Name der Datei wo die Informationen zu finden sind
$TTL 300
+
 
vulkan.int.  IN SOA  unaris.vulkan.int. technik.xinux.de. (
+
== Zonendatei ==
                  2011090204 14400 3600 3600000 86400
+
 
                              )
+
* vi /var/cache/bind/vulkan.int
              IN NS      unaris.vulkan.int.
+
 
unaris         IN A      192.168.25.4
+
</pre>
+
$TTL 300
;Erklärung
+
vulkan.int.  IN SOA  unaris.vulkan.int. technik.xinux.de. (
:$TTL 300 - 300 Sekunden wird der Namenseintrag im lokalen Cache gehalten.
+
                        2011090204 ;
:vulkan.int - Name der Domain
+
                        14400   ;
:SOA - Start of Authority - Wer ist Zuständig
+
                        3600   ;
:unaris.vulkan.int. - Primärer Nameserver
+
                        3600000 ;
:technik.xinux.de. - Mailadresse - @ wird durch . ersetzt
+
                        86400   ;
:2011090204 - Seriennummer
+
                    )
:14400 - Refresh Zeit
+
        IN NS      unaris.vulkan.int.
:3600 - Wiederholungszeit beim Nichterreichen.
+
unaris     IN A      192.168.25.4
:3600000 - Maximale Gültikeit beim Nichterreichen.
+
:86400 - Negativer Cache
+
;Erklärung :$TTL 300 - 300 Sekunden wird der Namenseintrag im lokalen Cache gehalten. :vulkan.int - Name der Domain :SOA - Start of Authority - Wer ist Zuständig :unaris.vulkan.int. - Primärer Nameserver :technik.xinux.de. - Mailadresse - @ wird durch . ersetzt :2011090204 - Seriennummer, Datum + Version :14400 - Refresh Zeit :3600 - Wiederholungszeit beim Nichterreichen. :3600000 - Maximale Gültikeit beim Nichterreichen. :86400 - Negativer Cache :IN - Internet Name :NS - Namerver Record :A - A Record
:IN - Internet Name
+
 
:NS - Namerver Record
+
== restart bind ==
:A - A Record
+
 
 +
systemctl restart bind9 ## test
 +
 +
+host -t a unaris.vulkan.int 127.0.0.1
 +
Using domain server:
 +
Name: 127.0.0.1
 +
Addrallow-transfer { 192.168.249.121 };ess: 127.0.0.1#53
 +
Aliases:
 +
 +
unaris.vulkan.int has address 192.168.25.4
 +
 +
 
 +
= reverse zone =
  
==restart bind==
+
== config file ==
systemctl restart bind9
 
==test==
 
<pre>
 
*host -t a unaris.vulkan.int 127.0.0.1
 
Using domain server:
 
Name: 127.0.0.1
 
Addrallow-transfer { 192.168.249.121 };ess: 127.0.0.1#53
 
Aliases:
 
  
unaris.vulkan.int has address 192.168.25.4
 
</pre>
 
=reverse zone=
 
==config file==
 
 
add to /etc/bind/named.conf.local
 
add to /etc/bind/named.conf.local
<pre>
+
zone "25.168.192.in-addr.arpa" {
+
zone "25.168.192.in-addr.arpa" {
      type master;
+
          type master;
      file "25.168.192.in-addr.arpa";
+
          file "25.168.192.in-addr.arpa";
};
+
};
</pre>
+
  
==zone file==
+
== zone file ==
*vi /var/cache/bind/25.168.192.in-addr.arpa
 
<pre>
 
$TTL 300
 
@        IN SOA  unaris.vulkan.int. technik.xinux.de. (
 
            2011090204 14400 3600 3600000 86400)
 
          IN NS      unaris.vulkan.int.
 
4        IN PTR          unaris.vulkan.int.
 
</pre>
 
  
=restart bind=
+
+vi /var/cache/bind/25.168.192.in-addr.arpa
*systemctl restart bind9
+
 +
$TTL 300
 +
@        IN SOA  unaris.vulkan.int. technik.xinux.de. (
 +
                2011090204 14400 3600 3600000 86400)
 +
              IN NS      unaris.vulkan.int.
 +
4        IN PTR          unaris.vulkan.int.
 +
  
==tests==
+
= restart bind =
*host -t ptr  192.168.25.4 127.0.0.1
 
<pre>
 
Using domain server:
 
Name: 127.0.0.1
 
Address: 127.0.0.1#53
 
Aliases:
 
  
4.25.168.192.in-addr.arpa domain name pointer unaris.vulkan.int.
+
+systemctl restart bind9
</pre>
 
  
=Eintragen der Forward Nameserver=
+
== tests ==
*cat /etc/bind/named.conf.options
 
<pre>
 
options {
 
        directory "/var/cache/bind";
 
        forwarders {
 
                10.80.0.2;
 
                10.80.0.3;
 
        };
 
        ....
 
        .... 
 
        };
 
</pre>
 
=Generate=
 
<pre>
 
$TTL 300
 
@  IN SOA  dozent.it150.int. technik.xinux.de. (
 
                  2022092001 14400 3600 3600000 86400
 
                              )
 
              IN NS      dozent.it150.int.
 
dozent.it150        IN A      192.168.2.200
 
; DHCP - Range 192.168.2.0/24
 
$GENERATE 101-112 firewall.it$ A 192.168.2.$
 
$GENERATE 101-112 server.it$ A 10.0.$.21
 
$GENERATE 101-112 desktop.it$ A 192.168.$.11
 
  
$GENERATE 150-150 firewall.it$ A 192.168.2.$
+
+host -t ptr 192.168.25.4 127.0.0.1
$GENERATE 150-150 server.it$ A 10.0.$.21
+
$GENERATE 150-150 desktop.it$ A 192.168.$.11
+
Using domain server:
</pre>
+
Name: 127.0.0.1
 +
Address: 127.0.0.1#53
 +
Aliases:
 +
 +
4.25.168.192.in-addr.arpa domain name pointer unaris.vulkan.int.
 +
 +
 
 +
= Eintragen der Forward Nameserver =
 +
 
 +
+cat /etc/bind/named.conf.options
 +
 +
options {
 +
            directory "/var/cache/bind";
 +
            forwarders {
 +
                    10.80.0.2;
 +
                    10.80.0.3;
 +
            };
 +
            ....
 +
            .... 
 +
            };
 +
 +
 
 +
= Generate =
 +
 
 +
 +
$TTL 300
 +
@  IN SOA  dozent.it150.int. technik.xinux.de. (
 +
                      2022092001 14400 3600 3600000 86400
 +
                                  )
 +
                  IN NS      dozent.it150.int.
 +
dozent.it150        IN A      192.168.2.200
 +
; DHCP - Range 192.168.2.0/24
 +
$GENERATE 101-112 firewall.it$ A 192.168.2.$
 +
$GENERATE 101-112 server.it$ A 10.0.$.21
 +
$GENERATE 101-112 desktop.it$ A 192.168.$.11
 +
 +
$GENERATE 150-150 firewall.it$ A 192.168.2.$
 +
$GENERATE 150-150 server.it$ A 10.0.$.21
 +
$GENERATE 150-150 desktop.it$ A 192.168.$.11
 +
 
;Ergebnis
 
;Ergebnis
<pre>
+
desktop.it101.int. 300 IN A 192.168.101.11
+
desktop.it101.int. 300 IN A   192.168.101.11
firewall.it101.int. 300 IN A 192.168.2.101
+
firewall.it101.int. 300 IN A   192.168.2.101
server.it101.int. 300 IN A 10.0.101.21
+
server.it101.int.   300 IN A   10.0.101.21
desktop.it102.int. 300 IN A 192.168.102.11
+
desktop.it102.int. 300 IN A   192.168.102.11
firewall.it102.int. 300 IN A 192.168.2.102
+
firewall.it102.int. 300 IN A   192.168.2.102
server.it102.int. 300 IN A 10.0.102.21
+
server.it102.int.   300 IN A   10.0.102.21
desktop.it103.int. 300 IN A 192.168.103.11
+
desktop.it103.int. 300 IN A   192.168.103.11
firewall.it103.int. 300 IN A 192.168.2.103
+
firewall.it103.int. 300 IN A   192.168.2.103
server.it103.int. 300 IN A 10.0.103.21
+
server.it103.int.   300 IN A   10.0.103.21
desktop.it104.int. 300 IN A 192.168.104.11
+
desktop.it104.int. 300 IN A   192.168.104.11
firewall.it104.int. 300 IN A 192.168.2.104
+
firewall.it104.int. 300 IN A   192.168.2.104
server.it104.int. 300 IN A 10.0.104.21
+
server.it104.int.   300 IN A   10.0.104.21
desktop.it105.int. 300 IN A 192.168.105.11
+
desktop.it105.int. 300 IN A   192.168.105.11
firewall.it105.int. 300 IN A 192.168.2.105
+
firewall.it105.int. 300 IN A   192.168.2.105
server.it105.int. 300 IN A 10.0.105.21
+
server.it105.int.   300 IN A   10.0.105.21
desktop.it106.int. 300 IN A 192.168.106.11
+
desktop.it106.int. 300 IN A   192.168.106.11
firewall.it106.int. 300 IN A 192.168.2.106
+
firewall.it106.int. 300 IN A   192.168.2.106
server.it106.int. 300 IN A 10.0.106.21
+
server.it106.int.   300 IN A   10.0.106.21
desktop.it107.int. 300 IN A 192.168.107.11
+
desktop.it107.int. 300 IN A   192.168.107.11
firewall.it107.int. 300 IN A 192.168.2.107
+
firewall.it107.int. 300 IN A   192.168.2.107
server.it107.int. 300 IN A 10.0.107.21
+
server.it107.int.   300 IN A   10.0.107.21
desktop.it108.int. 300 IN A 192.168.108.11
+
desktop.it108.int. 300 IN A   192.168.108.11
...
+
...
...
+
...
</pre>
+
 +
 
 +
= Links =
  
=Links=
+
+https://wolfgang.dautermann.at/vortraege/CLT2010-Bind9.pdf
*https://wolfgang.dautermann.at/vortraege/CLT2010-Bind9.pdf
 

Version vom 20. Februar 2023, 15:59 Uhr

systemd-resolved abschalten

  • systemctl disable systemd-resolved
  • systemctl stop systemd-resolved

Installation

  • apt-get install bind9

/etc/resolv.conf setzen

  • rm /etc/resolv.conf
  • echo nameserver 127.0.0.1 > /etc/resolv.conf

Test

  • host -t a www.xinux.de

forward zone

lokale Konfiguration

  • zu /etc/bind/named.conf.local hinzufügen
zone "vulkan.int" {
type master;
file "vulkan.int";
};
Erklärung
  • zone - Name der Zone
  • type - Type der Zone - master - slave
  • file - Name der Datei wo die Informationen zu finden sind

Zonendatei

  • vi /var/cache/bind/vulkan.int


$TTL 300
vulkan.int.   IN SOA  unaris.vulkan.int. technik.xinux.de. (
                        2011090204  ;
                        14400   ;
                        3600    ;
                        3600000 ;
                        86400   ;
                    )
        IN NS      unaris.vulkan.int.
unaris      IN A       192.168.25.4
Erklärung
$TTL 300 - 300 Sekunden wird der Namenseintrag im lokalen Cache gehalten. :vulkan.int - Name der Domain :SOA - Start of Authority - Wer ist Zuständig :unaris.vulkan.int. - Primärer Nameserver :technik.xinux.de. - Mailadresse - @ wird durch . ersetzt :2011090204 - Seriennummer, Datum + Version :14400 - Refresh Zeit :3600 - Wiederholungszeit beim Nichterreichen. :3600000 - Maximale Gültikeit beim Nichterreichen. :86400 - Negativer Cache :IN - Internet Name :NS - Namerver Record :A - A Record

restart bind

systemctl restart bind9 ## test 

+host -t a unaris.vulkan.int 127.0.0.1
Using domain server:
Name: 127.0.0.1
Addrallow-transfer { 192.168.249.121 };ess: 127.0.0.1#53
Aliases: 

unaris.vulkan.int has address 192.168.25.4

reverse zone

config file

add to /etc/bind/named.conf.local 

zone "25.168.192.in-addr.arpa" {
          type master;
          file "25.168.192.in-addr.arpa";
};

zone file

+vi /var/cache/bind/25.168.192.in-addr.arpa 

$TTL 300
@         IN SOA  unaris.vulkan.int. technik.xinux.de. (
                2011090204 14400 3600 3600000 86400)
             IN NS      unaris.vulkan.int.
4         IN PTR          unaris.vulkan.int.

restart bind

+systemctl restart bind9

tests

+host -t ptr 192.168.25.4 127.0.0.1 

Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases: 

4.25.168.192.in-addr.arpa domain name pointer unaris.vulkan.int.

Eintragen der Forward Nameserver

+cat /etc/bind/named.conf.options 

options {
           directory "/var/cache/bind";
           forwarders {
                   10.80.0.2;
                   10.80.0.3;
            };
           ....
           ....  
           };

Generate

$TTL 300
@   IN SOA  dozent.it150.int. technik.xinux.de. (
                     2022092001 14400 3600 3600000 86400
                                  )
                  IN NS      dozent.it150.int.
dozent.it150         IN A       192.168.2.200
; DHCP - Range 192.168.2.0/24
$GENERATE 101-112 firewall.it$ A 192.168.2.$
$GENERATE 101-112 server.it$ A 10.0.$.21
$GENERATE 101-112 desktop.it$ A 192.168.$.11

$GENERATE 150-150 firewall.it$ A 192.168.2.$
$GENERATE 150-150 server.it$ A 10.0.$.21
$GENERATE 150-150 desktop.it$ A 192.168.$.11
Ergebnis
desktop.it101.int.  300 IN  A   192.168.101.11
firewall.it101.int. 300 IN  A   192.168.2.101
server.it101.int.   300 IN  A   10.0.101.21
desktop.it102.int.  300 IN  A   192.168.102.11
firewall.it102.int. 300 IN  A   192.168.2.102
server.it102.int.   300 IN  A   10.0.102.21
desktop.it103.int.  300 IN  A   192.168.103.11
firewall.it103.int. 300 IN  A   192.168.2.103
server.it103.int.   300 IN  A   10.0.103.21
desktop.it104.int.  300 IN  A   192.168.104.11
firewall.it104.int. 300 IN  A   192.168.2.104
server.it104.int.   300 IN  A   10.0.104.21
desktop.it105.int.  300 IN  A   192.168.105.11
firewall.it105.int. 300 IN  A   192.168.2.105
server.it105.int.   300 IN  A   10.0.105.21
desktop.it106.int.  300 IN  A   192.168.106.11
firewall.it106.int. 300 IN  A   192.168.2.106
server.it106.int.   300 IN  A   10.0.106.21
desktop.it107.int.  300 IN  A   192.168.107.11
firewall.it107.int. 300 IN  A   192.168.2.107
server.it107.int.   300 IN  A   10.0.107.21
desktop.it108.int.  300 IN  A   192.168.108.11
...
...

Links

+https://wolfgang.dautermann.at/vortraege/CLT2010-Bind9.pdf

Abgerufen von „http://wiki.ixheim.de/index.php?title=Bind9_kompakt&oldid=41999