Nameserver Workshop: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
|||
| Zeile 149: | Zeile 149: | ||
erdogan.janix.lan. A 192.168.244.144 | erdogan.janix.lan. A 192.168.244.144 | ||
</pre> | </pre> | ||
| + | |||
| + | [[Datei:workshop.dia]] | ||
| + | |||
=Forwarding DNS= | =Forwarding DNS= | ||
*/etc/bind/named.conf.options | */etc/bind/named.conf.options | ||
Version vom 5. April 2017, 09:20 Uhr
Toplevel Nameserver
Worf und Nagus
Worf
Konfiguration
- /etc/bind/named.conf.local
zone "lan" {
type master;
file "lan";
};
- /var/cache/bind/lan
$TTL 60 ; 5 minutes
@ SOA worf.xinux.lan. technik.xinux.de. (
2017040301 ; serial
14400 ; refresh (4 hours)
3600 ; retry (1 hour)
3600000 ; expire (5 weeks 6 days 16 hours)
86400 ; minimum (1 day)
)
NS worf.xinux.lan.
NS nagus.xinux.lan.
worf.xinux.lan. A 192.168.255.250
nagus.xinux.lan. A 192.168.255.251
Restart
- systemctl restart bind9
Test
- dig @127.0.0.1 -t soa lan
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @127.0.0.1 -t soa lan ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53306 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;lan. IN SOA ;; ANSWER SECTION: lan. 60 IN SOA worf.xinux.lan. technik.xinux.de. 2017040301 14400 3600 3600000 86400 ;; AUTHORITY SECTION: lan. 60 IN NS worf.xinux.lan. lan. 60 IN NS nagus.xinux.lan. ;; ADDITIONAL SECTION: worf.xinux.lan. 300 IN A 192.168.255.250 nagus.xinux.lan. 300 IN A 192.168.255.251 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Apr 04 11:41:31 CEST 2017 ;; MSG SIZE rcvd: 161
Nagus
- /etc/bind/named.conf.local
zone "lan" {
type slave;
file "lan";
masters { 192.168.255.250; };
};
Restart
- systemctl restart bind9
Test
- dig @192.168.255.251 -t ns lan
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @192.168.255.251 -t ns lan ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37493 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;lan. IN NS ;; ANSWER SECTION: lan. 60 IN NS nagus.xinux.lan. lan. 60 IN NS worf.xinux.lan. ;; ADDITIONAL SECTION: worf.xinux.lan. 300 IN A 192.168.255.250 nagus.xinux.lan. 300 IN A 192.168.255.251 ;; Query time: 0 msec ;; SERVER: 192.168.255.251#53(192.168.255.251) ;; WHEN: Tue Apr 04 11:44:51 CEST 2017 ;; MSG SIZE rcvd: 109
Second Level Domains
janix.lan und aaronix.lan
Für jede Domain müssen Lanix 2 Nameserver mit zugeöriger IP mitgeteilt werden.
janix.lan
Namerver
- erdogan.janix.lan. A 192.168.244.144
- benis.aaronix.lan. A 192.168.246.121
aaronix.lan
Namerver
- erdogan.janix.lan. A 192.168.244.144
- benis.aaronix.lan. A 192.168.246.121
Eintrag im Toplevel DNS in der lan Zone
aaronix.lan. NS erdogan.janix.lan. aaronix.lan. NS benis.aaronix.lan. erdogan.janix.lan. A 192.168.244.144 benis.aaronix.lan. A 192.168.246.121
Einträge auf erdogang.janix.lan
- /etc/bind/named.conf.local
zone "janix.lan" {
type master;
file "janix.lan";
};
zone "aaronix.lan" {
type slave;
file "aaronix.lan";
masters { 192.168.246.121; };
};
- /var/cache/bind/janix.lan
$TTL 60 ; 5 minutes
@ SOA erdogan.janix.lan. technik.xinux.de. (
2017040401 ; serial
14400 ; refresh (4 hours)
3600 ; retry (1 hour)
3600000 ; expire (5 weeks 6 days 16 hours)
86400 ; minimum (1 day)
)
NS erdogan.janix.lan.
NS benis.aaronix.lan.
erdogan.janix.lan. A 192.168.244.144
Forwarding DNS
- /etc/bind/named.conf.options
acl goodclients {
192.168.0.0/16;
localhost;
localnets;
};
options {
directory "/var/cache/bind";
allow-query { goodclients; };
recursion yes;
forwarders {
192.168.255.250;
192.168.255.251;
};
dnssec-validation no;
dnssec-enable no;
auth-nxdomain no;
listen-on-v6 { none; };
};