Skip to content

Latest commit

 

History

History
370 lines (367 loc) · 8.18 KB

dns.md

File metadata and controls

370 lines (367 loc) · 8.18 KB
<title> Configurer un serveur DNS Bind - Ubuntu </title> <style type="text/css"> body,table tr{background-color:#fff}table tr td,table tr th{border:1px solid #ccc;text-align:left;padding:6px 13px;margin:0}pre code,table,table tr{padding:0}hr,pre code{background:0 0}body{font:16px Helvetica,Arial,sans-serif;line-height:1.4;color:#333;word-wrap:break-word;padding:10px 15px}strong,table tr th{font-weight:700}h1{font-size:2em;margin:.67em 0;text-align:center}h2{font-size:1.75em}h3{font-size:1.5em}h4{font-size:1.25em}h1,h2,h3,h4,h5,h6{font-weight:700;position:relative;margin-top:15px;margin-bottom:15px;line-height:1.1}h1,h2{border-bottom:1px solid #eee}hr{height:0;margin:15px 0;overflow:hidden;border:0;border-bottom:1px solid #ddd}a{color:#4183C4}a.absent{color:#c00}ol,ul{padding-left:15px;margin-left:5px}ol{list-style-type:lower-roman}table tr{border-top:1px solid #ccc;margin:0}table tr:nth-child(2n){background-color:#aaa}table tr td :first-child,table tr th :first-child{margin-top:0}table tr td:last-child,table tr th :last-child{margin-bottom:0}img{max-width:100%}blockquote{padding:0 15px;border-left:4px solid #ccc}code,tt{margin:0 2px;padding:0 5px;white-space:nowrap;border:1px solid #eaeaea;background-color:#f8f8f8;border-radius:3px}pre code{margin:0;white-space:pre;border:none}.highlight pre,pre{background-color:#f8f8f8;border:1px solid #ccc;font-size:13px;line-height:19px;overflow:auto;padding:6px 10px;border-radius:3px} </style>

Installer bind9 sous Ubuntu Server 16.04

apt-get install bind9 bind9utils bind9-doc

Éditer le fichier « options » (attention : acl internal ip publique si message 'GOT Recursion not available')
vi /etc/bind/named.conf.options

//Autoriser les IP locales à accéder au service DNS
acl internal { 127.0.0.0/24; ip publique; 192.168.100.0/24; };
options {
directory “/var/cache/bind”;

//recursion yes;
allow-recursion { internal; };
allow-query { internal; };

//Si le serveur doit interroger un DNS externe, renseigner la ou les IP ici :
forwarders {
80.67.169.12;
80.67.169.40;
};

auth-nxdomain no; # conform to RFC1035

};

Relancer le service
systemctl restart bind9

Éditer le fichier principal de configuration :
vi /etc/bind/named.conf

include “/etc/bind/named.conf.options”;
include “/etc/bind/named.conf.local”;
include “/etc/bind/named.conf.default-zones”;

Éditer le fichier local de configuration :
vi /etc/bind/named.conf.local

zone “zone.domaine.fr” {
type master;
file “/etc/bind/host.zone.domaine.fr”;
allow-query { any; };

};
zone “100.168.192.in-addr.arpa” {
type master;
file “/etc/bind/rev.zone.domaine.fr”;
allow-query { any; };
};

Éditer les fichiers de zones (host et rev) :
Attention au “Serial”
- Fichier hosts
vi /etc/bind/host.zone.domaine.fr

$TTL 86400
@ IN SOA node1.zone.domaine.fr. root.node1.zone.domaine.fr. (
2016120308 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS node1.zone.domaine.fr.

; On commence ici

node1 IN A 192.168.100.1
node2 IN A 192.168.100.2
node3 IN A 192.168.100.3

; C’est fini !

- Fichier rev
vi /etc/bind/rev.zone.domaine.fr

$TTL 86400
@ IN SOA node1.zone.domaine.fr. root.node1.zone.domaine.fr. (

2016120308 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS node1.zone.domaine.fr.
node1 IN A 192.168.100.1
; On commence ici

1 IN PTR node1.zone.domaine.fr.
2 IN PTR node2.zone.domaine.fr.
3 IN PTR node3.zone.domaine.fr.

; C’est fini !

Donner les droits au dossier de configuration de Bind9 :
chmod -R 755 /etc/bind
chown -R bind:bind /etc/bind

Vérifier la configuration :
named-checkconf /etc/bind/named.conf
named-checkconf /etc/bind/named.conf.local
named-checkzone zone.domaine.fr /etc/bind/host.zone.domaine.fr
Doit renvoyer

zone zone.domaine.fr/IN: loaded serial 2016120308
OK

named-checkzone zone.domaine.fr /etc/bind/rev.zone.domaine.fr
Doit renvoyer

zone zone.domaine.fr/IN: loaded serial 2016120308
OK

Configurer les interfaces réseau
vi /etc/network/interfaces

# The secondary network interface
auto enp8s0f1
iface enp8s0f1 inet static
address 192.168.100.1
netmask 255.255.255.0
network 192.168.100.0
broadcast 192.168.100.255
gateway 192.168.100.1
# dns-* options are implemented by the resolvconf package, if installed
dns-search zone.domaine.fr
dns-nameservers 192.168.100.1

#The primary network interface
#Ici notre attribution IP de l’interface réseau « externe » se fait via le serveur DHCP du service.
auto enp8s0f0
iface enp8s0f0 inet dhcp

Relancer le service :
systemctl restart bind9

Vérifier le fichier /etc/resolv.conf

search zone.domaine.fr domaine.fr
nameserver 192.168.100.1

Verifier que le serveur DNS fonctionne : 

    nslookup node2  
    nslookup node3  
    nslookup 192.168.100.3  
    nslookup 192.168.100.2
<script src="http://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.1/highlight.min.js"> </script> <script> hljs.initHighlightingOnLoad(); </script> <script src="https://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML" type="text/javascript"> </script> <script type="text/javascript"> MathJax.Hub.Config({"showProcessingMessages" : false,"messageStyle" : "none","tex2jax": { inlineMath: [ [ "$", "$" ] ] }}); </script>