====== DNS Slave Debian 7 ======
==== Pacotes necessários ====
root@ns2:~# apt-get install bind9 dnsutils
==== Configuração de zona ====
root@ns2:~# cat /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "exemplo.org" {
type slave;
file "db.exemplo";
masters { 192.0.2.200; };
};
zone "2.0.192.in-addr.arpa" {
type slave;
file "db.2.0.192";
masters { 192.0.2.200; };
};
==== Checando a configuração ====
root@ns2:~# named-checkconf
root@ns2:~# named-checkconf -p
options {
directory "/var/cache/bind";
listen-on-v6 {
"any";
};
auth-nxdomain no;
dnssec-validation auto;
};
zone "exemplo.org" {
type slave;
file "db.exemplo";
masters {
192.0.2.200 ;
};
};
zone "2.0.192.in-addr.arpa" {
type slave;
file "db.2.0.192";
masters {
192.0.2.200 ;
};
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
==== Testando a transferência de zona ====
root@ns2:~# echo "nameserver 127.0.0.1" > /etc/resolv.conf
root@ns2:~# chattr +i /etc/resolv.conf
root@ns2:~# service bind9 restart
root@ns2:~# dig exemplo.org axfr
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> exemplo.org axfr
;; global options: +cmd
exemplo.org. 86400 IN SOA ns1.exemplo.org. root.exemplo.org. 2016060101 28800 3600 259200 10800
exemplo.org. 86400 IN MX 10 mail.exemplo.org.
exemplo.org. 86400 IN NS ns1.exemplo.org.
exemplo.org. 86400 IN A 192.0.2.100
ftp.exemplo.org. 86400 IN CNAME intranet.exemplo.org.
imap.exemplo.org. 86400 IN CNAME mail.exemplo.org.
intranet.exemplo.org. 86400 IN A 192.0.2.100
mail.exemplo.org. 86400 IN A 192.0.2.240
ns1.exemplo.org. 86400 IN A 192.0.2.200
pop.exemplo.org. 86400 IN CNAME mail.exemplo.org.
smtp.exemplo.org. 86400 IN CNAME mail.exemplo.org.
webmail.exemplo.org. 86400 IN CNAME intranet.exemplo.org.
exemplo.org. 86400 IN SOA ns1.exemplo.org. root.exemplo.org. 2016060101 28800 3600 259200 10800
;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jul 7 15:50:36 2016
;; XFR size: 13 records (messages 1, bytes 314)
==== Informando o master que pode fazer a tranferência de zona ====
**No [[ns1_debian_7|master]]:**
root@ns1:~# cat /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "exemplo.org" {
type master;
file "db.exemplo";
allow-transfer { 198.51.100.210; };
notify yes;
also-notify { 198.51.100.210; };
};
zone "2.0.192.in-addr.arpa" {
type master;
file "db.2.0.192";
allow-transfer { 198.51.100.210; };
notify yes;
also-notify { 198.51.100.210; };
};
zone "100.51.198.in-addr.arpa" {
type master;
file "db.100.51.198";
allow-transfer { 198.51.100.210; };
notify yes;
also-notify { 198.51.100.210; };
};
root@ns1:~# cat /var/cache/bind/db.exemplo
$TTL 86400
@ IN SOA ns1.exemplo.org. root.exemplo.org. (
2016060102; serial
8h ; refresh
1h ; retry
3d ; expire
3h ) ; negative caching ttl
;
@ IN A 192.0.2.100
@ IN NS ns1.exemplo.org.
@ IN NS ns2.exemplo.org.
@ IN MX 10 mail.exemplo.org.
;
ns1 IN A 192.0.2.200
ns2 IN A 198.51.100.210
intranet IN A 192.0.2.100
webmail IN CNAME intranet
ftp IN CNAME intranet
mail IN A 192.0.2.240
smtp IN CNAME mail
pop IN CNAME mail
imap IN CNAME mail
root@ns1:~# cat /var/cache/bind/db.2.0.192
$TTL 86400
@ IN SOA ns1.exemplo.org. root.exemplo.org. (
2016060102; serial
8h ; refresh
1h ; retry
3d ; expire
3h ); negative caching ttl
;
@ IN NS ns1.exemplo.org.
@ IN NS ns2.exemplo.org.
;
200 IN PTR ns1.exemplo.org
240 IN PTR mail.exemplo.org
root@ns1:~# cat /var/cache/bind/db.100.51.198
$TTL 86400
@ IN SOA ns1.exemplo.org. root.exemplo.org. (
2016060101; serial
8h ; refresh
1h ; retry
3d ; expire
3h ); negative caching ttl
;
@ IN NS ns1.exemplo.org.
@ IN NS ns2.exemplo.org.
;
210 IN PTR ns2.exemplo.org
root@ns1:~# named-checkconf
root@ns1:~# service bind9 restart
[ ok ] Stopping domain name service...: bind9.
[ ok ] Starting domain name service...: bind9.
root@ns1:~# tail /var/log/syslog | grep transfer
Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#43468: transfer of 'exemplo.org/IN': AXFR-style IXFR started
Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#43468: transfer of 'exemplo.org/IN': AXFR-style IXFR ended
Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#37901: transfer of '2.0.192.in-addr.arpa/IN': AXFR-style IXFR started
Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#37901: transfer of '2.0.192.in-addr.arpa/IN': AXFR-style IXFR ended
**No Slave:**
root@ns2:~# cat /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "exemplo.org" {
type slave;
file "db.exemplo";
masters { 192.0.2.200; };
};
zone "2.0.192.in-addr.arpa" {
type slave;
file "db.2.0.192";
masters { 192.0.2.200; };
};
zone "100.51.198.in-addr.arpa" {
type slave;
file "db.100.51.198";
masters { 192.0.2.200; };
};
root@ns2:~# service bind9 restart
[ ok ] Stopping domain name service...: bind9.
[ ok ] Starting domain name service...: bind9.
root@ns2:~# tail /var/log/syslog | grep transfer
Jul 7 16:18:23 ns2 named[2967]: transfer of '100.51.198.in-addr.arpa/IN' from 192.0.2.200#53: connected using 198.51.100.210#38176
Jul 7 16:18:23 ns2 named[2967]: zone 100.51.198.in-addr.arpa/IN: transferred serial 2016060102
Jul 7 16:18:23 ns2 named[2967]: transfer of '100.51.198.in-addr.arpa/IN' from 192.0.2.200#53: Transfer completed: 1 messages, 5 records, 199 bytes, 0.002 secs (99500 bytes/sec)
root@ns2:~# cat /var/cache/bind/db.exemplo
$ORIGIN .
$TTL 86400 ; 1 day
exemplo.org IN SOA ns1.exemplo.org. root.exemplo.org. (
2016060102 ; serial
28800 ; refresh (8 hours)
3600 ; retry (1 hour)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS ns1.exemplo.org.
NS ns2.exemplo.org.
A 192.0.2.100
MX 10 mail.exemplo.org.
$ORIGIN exemplo.org.
ftp CNAME intranet
imap CNAME mail
intranet A 192.0.2.100
mail A 192.0.2.240
ns1 A 192.0.2.200
ns2 A 198.51.100.210
pop CNAME mail
smtp CNAME mail
webmail CNAME intranet
root@ns2:~# cat /var/cache/bind/db.2.0.192
$ORIGIN .
$TTL 86400 ; 1 day
2.0.192.in-addr.arpa IN SOA ns1.exemplo.org. root.exemplo.org. (
2016060102 ; serial
28800 ; refresh (8 hours)
3600 ; retry (1 hour)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS ns1.exemplo.org.
NS ns2.exemplo.org.
$ORIGIN 2.0.192.in-addr.arpa.
200 PTR ns1.exemplo.org
240 PTR mail.exemplo.org
root@ns2:~# cat /var/cache/bind/db.100.51.198
$ORIGIN .
$TTL 86400 ; 1 day
100.51.198.in-addr.arpa IN SOA ns1.exemplo.org. root.exemplo.org. (
2016060102 ; serial
28800 ; refresh (8 hours)
3600 ; retry (1 hour)
259200 ; expire (3 days)
10800 ; minimum (3 hours)
)
NS ns1.exemplo.org.
NS ns2.exemplo.org.
$ORIGIN 100.51.198.in-addr.arpa.
210 PTR ns2.exemplo.org