Nota sendiri buat bind kat centos.
Another resource = Pisang Raja Udang @ pru ( tempat refer macam google; p/s terima kasih kerana selalu susah dengan aku :D )
Build DNS server which resolves domain name or IP address. Install bind and caching-nameserver for it. And it’s also neccessary to configure router so that TCP and UDP packets to 53 can pass through.
[root@ns ~]# yum -y install bind caching-nameserver
Here is an example to configure BIND with named.conf.
This example is done with grobal IP address [172.16.0.80/29], Private IP address [192.168.0.0/24], Domain name [syiron.org.kg]. However, Please use your own IPs and domain name when you set config on your server. ( Actually, [172.16.0.80/29] is for private IP address, though. )
example named.conf
options {
directory “/var/named”;/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
allow-query { localhost; 192.168.0.0/24; };
// query range
allow-transfer { localhost; 192.168.0.0/24; };
// transfer range
allow-recursion { localhost; 192.168.0.0/24; };
// recursion range
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
// here is the section for internal informations
view “internal” {
match-clients {
localhost;
192.168.0.0/24;
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “syiron.org.kg” IN { // for common resolving
type master;
file “syiron.org.kg.lan“;
allow-update { none; };
};
zone “0.168.192.in-addr.arpa” IN { // for reverse resolving *note
type master;
file “0.168.192.db“;
allow-update { none; };
};
zone “localdomain” IN {
type master;
file “localdomain.zone”;
allow-update { none; };
};
zone “localhost” IN {
type master;
file “localhost.zone”;
allow-update { none; };
};
zone “0.0.127.in-addr.arpa” IN {
type master;
file “named.local”;
allow-update { none; };
};
zone “255.in-addr.arpa” IN {
type master;
file “named.broadcast”;
allow-update { none; };
};
zone “0.in-addr.arpa” IN {
type master;
file “named.zero”;
allow-update { none; };
};
};
// here is the section for external informations
view “external” {
match-clients {
any;
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “syiron.org.kg” IN { // for common resolvin
type master;
file “syiron.org.kg.wan“;
allow-update { none; };
};
zone “80.0.16.172.in-addr.arpa” IN {
// for reverse resolving *note
type master;
file “80.0.16.172.db“;
allow-update { none; };
};
};
include “/etc/rndc.key”;
example syiron.org.kg.lan
$TTL 86400
@ IN SOA ns.syiron.org.kg. root.syiron.org.kg. (
2007041501 ;Serial
3600 ;Refresh 1800 ;Retry
604800 ;Expire 86400 ;Minimum TTL
)
IN NS ns.syiron.org.kg. ; DNS server
IN A 192.168.0.17 ; IP address of DNS server
IN MX 10 ns ;mail exchangershare dengan ns server box
ns IN A 192.168.0.17 ; IP address of ns LAN
#####################################################
example syiron.org.kg.wan
$TTL 86400
@ IN SOA ns.syiron.org.kg. root.syiron.org.kg. ( 2007041501 ;Serial 3600 ;Refresh
1800 ;Retry 604800 ;Expire
86400 ;Minimum TTL
)
IN NS ns.syiron.org.kg. ; DNS server
IN A 172.16.0.82 ; IP address of DNS server WAN
IN MX 10 ns ;mail exchanger
ns IN A 172.16.0.82 ; IP address of ns
#################################################
reverse ip address internal 0.168.192.db
$TTL 86400
@ IN SOA ns.syiron.org.kg. root.syiron.org.kg. (
2007041501 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
IN NS ns.syiron.org.kg. ; DNS server
IN PTR syiron.org.kg. ; domain name
IN A 255.255.255.0 ;range of this domain
17 IN PTR ns.syiron.org.kg. ; IP address
########################################################
reverse external zone 80.0.16.172.db
$TTL 86400
@ IN SOA ns.syiron.org.kg. root.syiron.org.kg. (
2007041501 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
IN NS ns.syiron.org.kg. ;DNS server IN PTR syiron.org.kg. ;domain name
IN A 255.255.255.248 ;range of this domain
82 IN PTR ns.syiron.org.kg. ;IP address
######################################################
begitulah seterusnya mengikut kesesuaian
untuk dhcp zone;
$GENERATE 7-12 dhcp$ A 192.168.0.$
untuk dhcp reverse
$GENERATE 7-12 $ PTR dhcp$.syiron.org.kg.
untuk reverse config bleh add macam ni saja;
$ORIGIN 1.168.192.in-addr.arpa.
terakhir sekali install bind-chroot
[root@ns ~]# yum -y install bind-chroot
[root@ns ~]# /etc/rc.d/init.d/named start // start
[root@ns ~]# chkconfig named on // set autostart
#####################################################
November 3, 2007 at 9:25 pm |
nice tutorial. bravo
January 5, 2008 at 8:28 pm |
tutorial untuk diri sendiri saja. senang aku nak buat refer kemudian hari kelak.
November 5, 2008 at 2:46 pm |
thanks for the info
January 9, 2009 at 1:23 pm |
wah..nih syiron member abg ady ker??
(^__^)
April 3, 2009 at 12:08 pm |
hey…thanks for a great tutorial..
ive followed all the steps sated on your blog but unfortunately… i got some errors on starting the dns server…
hmm…where am i suppose to put my zone files?
the current location of my zone files is
“/var/named/chroot/var/named/data”
is it correct? thanks in advance….