wikiv3:ns2_debian_7
Table of Contents
DNS Slave Debian 7
Pacotes necessários
root@ns2:~# apt-get install bind9 dnsutils
Configuração de zona
root@ns2:~# cat /etc/bind/named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "exemplo.org" { type slave; file "db.exemplo"; masters { 192.0.2.200; }; }; zone "2.0.192.in-addr.arpa" { type slave; file "db.2.0.192"; masters { 192.0.2.200; }; };
Checando a configuração
root@ns2:~# named-checkconf root@ns2:~# named-checkconf -p options { directory "/var/cache/bind"; listen-on-v6 { "any"; }; auth-nxdomain no; dnssec-validation auto; }; zone "exemplo.org" { type slave; file "db.exemplo"; masters { 192.0.2.200 ; }; }; zone "2.0.192.in-addr.arpa" { type slave; file "db.2.0.192"; masters { 192.0.2.200 ; }; }; zone "." { type hint; file "/etc/bind/db.root"; }; zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; };
Testando a transferência de zona
root@ns2:~# echo "nameserver 127.0.0.1" > /etc/resolv.conf root@ns2:~# chattr +i /etc/resolv.conf
root@ns2:~# service bind9 restart
root@ns2:~# dig exemplo.org axfr ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> exemplo.org axfr ;; global options: +cmd exemplo.org. 86400 IN SOA ns1.exemplo.org. root.exemplo.org. 2016060101 28800 3600 259200 10800 exemplo.org. 86400 IN MX 10 mail.exemplo.org. exemplo.org. 86400 IN NS ns1.exemplo.org. exemplo.org. 86400 IN A 192.0.2.100 ftp.exemplo.org. 86400 IN CNAME intranet.exemplo.org. imap.exemplo.org. 86400 IN CNAME mail.exemplo.org. intranet.exemplo.org. 86400 IN A 192.0.2.100 mail.exemplo.org. 86400 IN A 192.0.2.240 ns1.exemplo.org. 86400 IN A 192.0.2.200 pop.exemplo.org. 86400 IN CNAME mail.exemplo.org. smtp.exemplo.org. 86400 IN CNAME mail.exemplo.org. webmail.exemplo.org. 86400 IN CNAME intranet.exemplo.org. exemplo.org. 86400 IN SOA ns1.exemplo.org. root.exemplo.org. 2016060101 28800 3600 259200 10800 ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Jul 7 15:50:36 2016 ;; XFR size: 13 records (messages 1, bytes 314)
Informando o master que pode fazer a tranferência de zona
No master:
root@ns1:~# cat /etc/bind/named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "exemplo.org" { type master; file "db.exemplo"; allow-transfer { 198.51.100.210; }; notify yes; also-notify { 198.51.100.210; }; }; zone "2.0.192.in-addr.arpa" { type master; file "db.2.0.192"; allow-transfer { 198.51.100.210; }; notify yes; also-notify { 198.51.100.210; }; }; zone "100.51.198.in-addr.arpa" { type master; file "db.100.51.198"; allow-transfer { 198.51.100.210; }; notify yes; also-notify { 198.51.100.210; }; };
root@ns1:~# cat /var/cache/bind/db.exemplo $TTL 86400 @ IN SOA ns1.exemplo.org. root.exemplo.org. ( 2016060102; serial 8h ; refresh 1h ; retry 3d ; expire 3h ) ; negative caching ttl ; @ IN A 192.0.2.100 @ IN NS ns1.exemplo.org. @ IN NS ns2.exemplo.org. @ IN MX 10 mail.exemplo.org. ; ns1 IN A 192.0.2.200 ns2 IN A 198.51.100.210 intranet IN A 192.0.2.100 webmail IN CNAME intranet ftp IN CNAME intranet mail IN A 192.0.2.240 smtp IN CNAME mail pop IN CNAME mail imap IN CNAME mail
root@ns1:~# cat /var/cache/bind/db.2.0.192 $TTL 86400 @ IN SOA ns1.exemplo.org. root.exemplo.org. ( 2016060102; serial 8h ; refresh 1h ; retry 3d ; expire 3h ); negative caching ttl ; @ IN NS ns1.exemplo.org. @ IN NS ns2.exemplo.org. ; 200 IN PTR ns1.exemplo.org 240 IN PTR mail.exemplo.org
root@ns1:~# cat /var/cache/bind/db.100.51.198 $TTL 86400 @ IN SOA ns1.exemplo.org. root.exemplo.org. ( 2016060101; serial 8h ; refresh 1h ; retry 3d ; expire 3h ); negative caching ttl ; @ IN NS ns1.exemplo.org. @ IN NS ns2.exemplo.org. ; 210 IN PTR ns2.exemplo.org
root@ns1:~# named-checkconf
root@ns1:~# service bind9 restart [ ok ] Stopping domain name service...: bind9. [ ok ] Starting domain name service...: bind9.
root@ns1:~# tail /var/log/syslog | grep transfer Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#43468: transfer of 'exemplo.org/IN': AXFR-style IXFR started Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#43468: transfer of 'exemplo.org/IN': AXFR-style IXFR ended Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#37901: transfer of '2.0.192.in-addr.arpa/IN': AXFR-style IXFR started Jul 7 16:13:47 ns1 named[3223]: client 198.51.100.210#37901: transfer of '2.0.192.in-addr.arpa/IN': AXFR-style IXFR ended
No Slave:
root@ns2:~# cat /etc/bind/named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "exemplo.org" { type slave; file "db.exemplo"; masters { 192.0.2.200; }; }; zone "2.0.192.in-addr.arpa" { type slave; file "db.2.0.192"; masters { 192.0.2.200; }; }; zone "100.51.198.in-addr.arpa" { type slave; file "db.100.51.198"; masters { 192.0.2.200; }; };
root@ns2:~# service bind9 restart [ ok ] Stopping domain name service...: bind9. [ ok ] Starting domain name service...: bind9.
root@ns2:~# tail /var/log/syslog | grep transfer Jul 7 16:18:23 ns2 named[2967]: transfer of '100.51.198.in-addr.arpa/IN' from 192.0.2.200#53: connected using 198.51.100.210#38176 Jul 7 16:18:23 ns2 named[2967]: zone 100.51.198.in-addr.arpa/IN: transferred serial 2016060102 Jul 7 16:18:23 ns2 named[2967]: transfer of '100.51.198.in-addr.arpa/IN' from 192.0.2.200#53: Transfer completed: 1 messages, 5 records, 199 bytes, 0.002 secs (99500 bytes/sec)
root@ns2:~# cat /var/cache/bind/db.exemplo $ORIGIN . $TTL 86400 ; 1 day exemplo.org IN SOA ns1.exemplo.org. root.exemplo.org. ( 2016060102 ; serial 28800 ; refresh (8 hours) 3600 ; retry (1 hour) 259200 ; expire (3 days) 10800 ; minimum (3 hours) ) NS ns1.exemplo.org. NS ns2.exemplo.org. A 192.0.2.100 MX 10 mail.exemplo.org. $ORIGIN exemplo.org. ftp CNAME intranet imap CNAME mail intranet A 192.0.2.100 mail A 192.0.2.240 ns1 A 192.0.2.200 ns2 A 198.51.100.210 pop CNAME mail smtp CNAME mail webmail CNAME intranet
root@ns2:~# cat /var/cache/bind/db.2.0.192 $ORIGIN . $TTL 86400 ; 1 day 2.0.192.in-addr.arpa IN SOA ns1.exemplo.org. root.exemplo.org. ( 2016060102 ; serial 28800 ; refresh (8 hours) 3600 ; retry (1 hour) 259200 ; expire (3 days) 10800 ; minimum (3 hours) ) NS ns1.exemplo.org. NS ns2.exemplo.org. $ORIGIN 2.0.192.in-addr.arpa. 200 PTR ns1.exemplo.org 240 PTR mail.exemplo.org
root@ns2:~# cat /var/cache/bind/db.100.51.198 $ORIGIN . $TTL 86400 ; 1 day 100.51.198.in-addr.arpa IN SOA ns1.exemplo.org. root.exemplo.org. ( 2016060102 ; serial 28800 ; refresh (8 hours) 3600 ; retry (1 hour) 259200 ; expire (3 days) 10800 ; minimum (3 hours) ) NS ns1.exemplo.org. NS ns2.exemplo.org. $ORIGIN 100.51.198.in-addr.arpa. 210 PTR ns2.exemplo.org
wikiv3/ns2_debian_7.txt · Last modified: by 127.0.0.1