Июн 282011
 


Статья пока что в тестовом варианте, нету свободного времени ее доделать.
Подымаем свой DNS сервер bind9 на системе FreeBSD.
Развертывать днс сервер/зоны лучше на двух серверах.

# cd /usr/ports/dns/bind98 && make install clean
?????????????????????????????????????????????????????????????????
?                 Options for bind98-base 9.8.0.2
? ????????????????????????????????????????????????????????????????
? [X] SSL             Building without OpenSSL removes DNSSEC
? [X] LINKS           Create conf file symlinks in /usr
? [X] XML             Support for xml statistics output
? [ ] IDN             Add IDN support to dig, host, etc.
? [X] REPLACE_BASE    Replace base BIND with this version
? [ ] LARGE_FILE      64-bit file support
? [ ] SIGCHASE        dig/host/nslookup will do DNSSEC validation
? [ ] IPV6            IPv6 Support (autodetected by default)
? [X] THREADS         Compile with thread support
? [ ] DLZ_POSTGRESQL  DLZ Postgres driver
? [ ] DLZ_MYSQL       DLZ MySQL driver (single-threaded BIND)
? [ ] DLZ_BDB         DLZ BDB driver
? [ ] DLZ_LDAP        DLZ LDAP driver
? [ ] DLZ_FILESYSTEM  DLZ filesystem driver
? [ ] DLZ_STUB        DLZ stub driver
??????????????????????????????????????????????????????????????????

Добавляем автозапуск /etc/rc.conf:

named_enable=»YES»

Редактируем конфигурационный файл.

# nano /etc/namedb/named.conf
options {
     directory "/var/named";
     allow-query { any; };
     version "No info";
     listen-on { 15.2.1.1; 127.0.0.1; };
     allow-recursion { none; };
     allow-transfer { 15.2.2.1; };
};

zone "." IN {
     type hint;
     file "caching-example/named.root";
};

zone "localhost" IN {
     type master;
     file "caching-example/localhost.zone";
     allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
     type master;
     file "caching-example/named.local";
     allow-update { none; };
};

zone "1.1.2.15.in-addr.arpa" {
   type master;
   file "/etc/namedb/db.15.2.1.1";
}; 

zone "likeunix.ru" IN {
     type master;
     file "caching-example/likeunix.conf";
     notify yes;
};

zone "likeunix.local" IN {
     type master;
     file "caching-example/likeunix-local.conf";
     notify yes;
};

Это мы настроили master, теперь перейдем к настройке slave.

# nano /etc/namedb/named.conf
options {
     directory "/var/named";
     allow-query { any; };
     version "No info";
     listen-on { 192.168.2.100; 127.0.0.1; };
     allow-recursion { none; };
};

zone "." IN {
     type hint;
     file "caching-example/named.root";
};

zone "localhost" IN {
     type master;
     file "caching-example/localhost.zone";
     allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
     type master;
     file "caching-example/named.local";
     allow-update { none; };
};

zone "1.1.2.15.in-addr.arpa" {
   type master;
   file "/etc/namedb/db.15.2.1.1";
}; 

zone "likeunix.ru" IN {
     type slave;
     file "caching-example/likeunix-slave.conf";
     masters { 15.2.1.1; };
};

zone "likeunix.local" IN {
     type slave;
     file "caching-example/likeunix-local-slave.conf";
     masters { 15.2.1.1; };
};

Файл обратной зоны.

# nano /etc/namedb/db.15.2.1.1
$ORIGIN .
$TTL 3600 ; 60 min
1.1.2.15.in-addr.arpa IN SOA likeunix.ru. root.likeunix.ru. (
                       2011071801 ; serial
                       1800 ; refresh (60 min)
                       900 ; retry (15 minutes)
                       604800 ; expire (1 week)
                       86400 ) ; minimum (1 day)

NS likeunix.ru.

$ORIGIN 1.1.2.15.in-addr.arpa.
5 IN PTR likeunix.ru.

Обратная зона для localhost

$TTL    3600

@  IN      SOA     likeunix.ru. root.likeunix.ru.  (
                   20060204        ; Serial
                   3600            ; Refresh
                   900             ; Retry
                   3600000         ; Expire
                   3600 )          ; Minimum
@  IN      NS      ns1.likeunix.ru.
1  IN      PTR     localhost.

Теперь создадим файл для каждого из доменов.

# touch /etc/namedb/likeunix.ru
$ORIGIN .
$TTL 1800      ; 30 minutes
likeunix.ru    IN SOA ns1.likeunix.ru. (
       201203083 ; serial
       1800   ; refresh (30 minutes)
       900   ; retry (15 minutes)
       604800   ; expire (1 week)
       86400   ; minimum (1 day)
       )
       NS ns1.likeunxi.ru.
       NS ns2.likeunix.ru.
       A 15.2.1.1
       MX 10 mailer.likeunix.ru.
       MX 20 old.mail.likeunix.ru.
$ORIGIN likeunix.ru.
*     A 15.2.1.1
mail      A 15.2.1.1
ns1     A 15.2.1.1
ns2     A 15.2.1.1
www     A 15.2.1.1
like._domainkey.likeunix.ru IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSI.......DAQAB" ;
likeunix.ru IN TXT v=spf1 ip4:15.2.1.1 ~all

Также прописываем для других зон.
Вот в принципе и усе.

 Leave a Reply

(required)

(required)

38 Запросов к базе. 0,432 Генерации страницы, 36MB Использование памяти.
Вы зашли с IP: 54.227.6.156