====== Финальная настройка DNS сервера ======
===== Настройка сервиса =====
==== Debian/Ubuntu ====
root@server:~# apt install bind9
root@server:~# cat /etc/bind/named.conf
options {
directory "/var/cache/bind";
allow-recursion { any; };
forwarders {
172.16.1.254;
};
empty-zones-enable no;
};
view "inside" {
match-clients {
// 192.168.X/24;
// 127/8;
0/0;
};
zone "corpX.un" {
type master;
file "/etc/bind/corpX.un";
};
};
view "outside" {
zone "corpX.un" {
type master;
file "/etc/bind/corpX.un.out";
};
};
==== Настройка зоны corpX.un ====
server# cat /etc/bind/corpX.un
$TTL 3h
@ SOA ns root.ns 1 1d 12h 1w 3h
NS ns
;ns A 192.168.X.10
;gate A 192.168.X.1
;server A 192.168.X.10
;ftp CNAME server
;www CNAME server
;nfs CNAME server
;mail CNAME server
;ntp CNAME gate
;router A 192.168.X.1
;switch A 192.168.X.3
;ns A 192.168.X.1
;ns A 192.168.X.2
;node1 A 192.168.X.1
;node2 A 192.168.X.2
;gate A 192.168.X.254
;_sip._udp SRV 0 0 5060 server
;_xmpp-client._tcp SRV 0 0 5222 server
;_kerberos._udp SRV 01 00 88 server
;_kerberos._tcp SRV 01 00 88 server
;_kerberos TXT CORPX.UN
server# cat corpX.un.out
$TTL 3h
@ SOA ns root.ns 1 1d 12h 1w 3h
NS ns
ns A 172.16.1.X
;gate A 172.16.1.X
;server A 172.16.1.X
;ftp CNAME server
;www CNAME server
;mail CNAME server
;_sip._udp SRV 00 00 6050 server
===== Тестирование сервиса =====
server# named-checkconf -z
===== Запуск сервиса =====
==== FreeBSD ====
[server:~] # cat /etc/rc.conf
...
named_enable="YES"
[server:~] # service named start
==== Debian/Ubuntu ====
root@server:~# service bind9 restart
debian11# service named restart
===== Настройки DNS клиентов =====
# cat /etc/resolv.conf
search corpX.un
nameserver 192.168.X.10
===== Проверки на ВСЕХ системах =====
# host ns
# host ya.ru
===== Дополнительные материалы =====
==== Настройки DNS сервера домена un ====
ns.isp.un# cat named.conf
...
zone "un" {
type master;
file "un";
};
...
zone "corp1.un" IN {type forward;forwarders {192.168.1.10;};};
...
zone "corp12.un" IN {type forward;forwarders {192.168.12.10;};};
//zone "corp1.un" IN {type forward;forwarders {172.16.1.1;};};
...
//zone "corp12.un" IN {type forward;forwarders {172.16.1.12;};};
...
gate.isp.un# cat un
...
ns1 A 192.168.1.10
...
ns12 A 192.168.12.10
;ns1 A 172.16.1.1
...
;ns12 A 172.16.1.12
...
corp1 NS ns1
...
corp12 NS ns12
...
==== FreeBSD ====
[server:~] # pkg install bind99
[server:~] # cat /usr/local/etc/namedb/named.conf
options {
directory "/usr/local/etc/namedb/working";
pid-file "/var/run/named/pid";
allow-recursion { any; };
forwarders {
172.16.1.254;
};
};
view "inside" {
match-clients {
// 192.168.X/24;
// 127/8;
0/0;
};
zone "corpX.un" {
type master;
file "/usr/local/etc/namedb/master/corpX.un";
};
};
view "outside" {
zone "corpX.un" {
type master;
file "/usr/local/etc/namedb/master/corpX.un.out";
};
};