User Tools
сервис_dns
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
сервис_dns [2020/08/26 06:53] val [Настройка сервера зоны обратного преобразования X.168.192.IN-ADDR.ARPA] |
сервис_dns [2020/11/12 10:01] val [Настройка мастер сервера зоны corpX.un] |
||
|---|---|---|---|
| Line 122: | Line 122: | ||
| ==== Настройка сервера перенаправляющего запросы на DNS cервер провайдера ==== | ==== Настройка сервера перенаправляющего запросы на DNS cервер провайдера ==== | ||
| - | === FreeBSD === | + | === Debian/Ubuntu === |
| <code> | <code> | ||
| - | server# cat named.conf | + | root@server:~# cat /etc/bind/named.conf.options |
| </code><code> | </code><code> | ||
| - | options { | ||
| ... | ... | ||
| forwarders { | forwarders { | ||
| Line 132: | Line 131: | ||
| }; | }; | ||
| ... | ... | ||
| - | }; | + | // dnssec-validation auto; |
| ... | ... | ||
| + | }; | ||
| </code><code> | </code><code> | ||
| - | [server:~] # named-checkconf | + | root@server:~# named-checkconf |
| - | [server:~] # service named restart | + | root@server:~# service bind9 restart |
| </code> | </code> | ||
| - | === Debian/Ubuntu === | + | === FreeBSD === |
| <code> | <code> | ||
| - | root@server:~# cat /etc/bind/named.conf.options | + | server# cat named.conf |
| </code><code> | </code><code> | ||
| + | options { | ||
| ... | ... | ||
| forwarders { | forwarders { | ||
| Line 149: | Line 150: | ||
| }; | }; | ||
| ... | ... | ||
| - | // dnssec-validation auto; | + | }; |
| ... | ... | ||
| - | }; | ||
| </code><code> | </code><code> | ||
| - | root@server:~# named-checkconf | + | [server:~] # named-checkconf |
| - | root@server:~# service bind9 restart | + | [server:~] # service named restart |
| </code> | </code> | ||
| - | |||
| ==== Настройка мастер сервера зоны corpX.un ==== | ==== Настройка мастер сервера зоны corpX.un ==== | ||
| - | |||
| - | === FreeBSD === | ||
| - | <code> | ||
| - | [server:~] # cd /usr/local/etc/namedb/master/ | ||
| - | </code> | ||
| === Debian/Ubuntu === | === Debian/Ubuntu === | ||
| <code> | <code> | ||
| - | root@server:~# cd /etc/bind/ | + | server# cat /etc/bind/corpX.un |
| - | </code> | + | |
| - | + | ||
| - | === FreeBSD/Debian/Ubuntu === | + | |
| - | <code> | + | |
| - | server# cat corpX.un | + | |
| </code><code> | </code><code> | ||
| $TTL 3h | $TTL 3h | ||
| Line 191: | Line 180: | ||
| ;www CNAME server | ;www CNAME server | ||
| ;user1 CNAME server | ;user1 CNAME server | ||
| - | ;smtp CNAME server | + | ;mail CNAME server |
| - | ;imap CNAME server | + | |
| - | ;pop3 CNAME server | + | |
| - | ;ntp CNAME gate | + | ;ntp CNAME gate |
| + | |||
| + | ;proxy A 172.16.1.X | ||
| ;_sip._udp SRV 0 0 5060 server | ;_sip._udp SRV 0 0 5060 server | ||
| + | |||
| ;_xmpp-client._tcp SRV 0 0 5222 server | ;_xmpp-client._tcp SRV 0 0 5222 server | ||
| ;_kerberos._udp SRV 01 00 88 server | ;_kerberos._udp SRV 01 00 88 server | ||
| ;_kerberos._tcp SRV 01 00 88 server | ;_kerberos._tcp SRV 01 00 88 server | ||
| - | ;_kpasswd._udp SRV 01 00 464 server | ||
| - | ;_kerberos-adm._tcp SRV 01 00 749 server | ||
| ;_kerberos TXT CORPX.UN | ;_kerberos TXT CORPX.UN | ||
| </code><code> | </code><code> | ||
| - | server# named-checkzone corpX.un corpX.un | + | server# named-checkzone corpX.un /etc/bind/corpX.un |
| - | </code> | + | |
| - | + | ||
| - | === FreeBSD === | + | |
| - | <code> | + | |
| - | server# cat /usr/local/etc/namedb/named.conf | + | |
| - | </code><code> | + | |
| - | ... | + | |
| - | zone "corpX.un" { | + | |
| - | type master; | + | |
| - | file "/usr/local/etc/namedb/master/corpX.un"; | + | |
| - | }; | + | |
| - | </code><code> | + | |
| - | [server:~] # named-checkconf -z | + | |
| - | + | ||
| - | [server:~] # service named restart | + | |
| </code> | </code> | ||
| Line 236: | Line 209: | ||
| root@server:~# named-checkconf -z | root@server:~# named-checkconf -z | ||
| - | root@server:~# service bind9 restart | + | root@server:~# rndc reload |
| </code> | </code> | ||
| - | === Проверки FreeBSD/Debian/Ubuntu === | + | === Проверки Debian/Ubuntu === |
| <code> | <code> | ||
| server# nslookup -q=A server.corpX.un | server# nslookup -q=A server.corpX.un | ||
| Line 248: | Line 221: | ||
| === Настройка списка авторитетных серверов на мастер сервере === | === Настройка списка авторитетных серверов на мастер сервере === | ||
| - | == FreeBSD == | ||
| <code> | <code> | ||
| - | [server:~] # cd /usr/local/etc/namedb/master/ | + | server# cat /etc/bind/corpX.un |
| - | </code> | + | |
| - | + | ||
| - | == Debian/Ubuntu == | + | |
| - | <code> | + | |
| - | root@server:~# cd /etc/bind/ | + | |
| - | </code> | + | |
| - | + | ||
| - | == FreeBSD/Debian/Ubuntu == | + | |
| - | <code> | + | |
| - | server# cat corpX.un | + | |
| </code><code> | </code><code> | ||
| $TTL 3h | $TTL 3h | ||
| Line 270: | Line 232: | ||
| ... | ... | ||
| </code><code> | </code><code> | ||
| - | server# named-checkzone corpX.un corpX.un | + | server# named-checkzone corpX.un /etc/bind/corpX.un |
| server# rndc reload | server# rndc reload | ||
| Line 277: | Line 239: | ||
| === Настройка вторичного сервера === | === Настройка вторичного сервера === | ||
| - | == FreeBSD/Debian/Ubuntu == | ||
| <code> | <code> | ||
| server# nslookup -q=AXFR compX.un ns.isp.un | server# nslookup -q=AXFR compX.un ns.isp.un | ||
| </code> | </code> | ||
| - | == FreeBSD == | ||
| - | <code> | ||
| - | server# cat /usr/local/etc/namedb/named.conf | ||
| - | </code><code> | ||
| - | ... | ||
| - | zone "compX.un" { | ||
| - | type slave; | ||
| - | file "/usr/local/etc/namedb/slave/compX.un"; | ||
| - | masters { | ||
| - | 172.16.1.254; | ||
| - | }; | ||
| - | }; | ||
| - | </code><code> | ||
| - | [server:~] # named-checkconf | ||
| - | |||
| - | [server:~] # service named reload | ||
| - | |||
| - | [server:~] # ls /usr/local/etc/namedb/slave/ | ||
| - | </code> | ||
| - | |||
| - | == Debian/Ubuntu == | ||
| <code> | <code> | ||
| root@server:~# cat /etc/bind/named.conf.local | root@server:~# cat /etc/bind/named.conf.local | ||
| Line 315: | Line 255: | ||
| }; | }; | ||
| </code><code> | </code><code> | ||
| - | root@server:~# named-checkconf | + | root@server:~# named-checkconf -z |
| root@server:~# rndc reload | root@server:~# rndc reload | ||
| Line 407: | Line 347: | ||
| Создание файла зоны corpX.un для внутренних и внешних пользователей | Создание файла зоны corpX.un для внутренних и внешних пользователей | ||
| - | === FreeBSD === | + | === Debian/Ubuntu === |
| - | <code> | + | |
| - | [server:~] # cd /usr/local/etc/namedb/master/ | + | |
| - | </code> | + | |
| - | + | ||
| - | === Ubuntu === | + | |
| - | <code> | + | |
| - | root@server:~# cd /etc/bind/ | + | |
| - | </code> | + | |
| - | + | ||
| - | === FreeBSD/Ubuntu === | + | |
| <code> | <code> | ||
| - | server# cat corpX.un | + | server# cat /etc/bind/corpX.un |
| </code><code> | </code><code> | ||
| $TTL 3h | $TTL 3h | ||
| Line 427: | Line 357: | ||
| MX 1 server | MX 1 server | ||
| + | | ||
| + | A 192.168.X.10 | ||
| ns A 192.168.X.10 | ns A 192.168.X.10 | ||
| Line 433: | Line 365: | ||
| ... | ... | ||
| </code><code> | </code><code> | ||
| - | server# cat corpX.un.out | + | server# cat /etc/bind/corpX.un.out |
| </code><code> | </code><code> | ||
| $TTL 3h | $TTL 3h | ||
| Line 442: | Line 374: | ||
| MX 1 server | MX 1 server | ||
| - | + | ||
| + | A 172.16.1.X | ||
| + | | ||
| ns A 172.16.1.X | ns A 172.16.1.X | ||
| server A 172.16.1.X | server A 172.16.1.X | ||
| Line 451: | Line 385: | ||
| Настройка сервера | Настройка сервера | ||
| - | === FreeBSD === | ||
| - | <code> | ||
| - | server# named.conf | ||
| - | </code><code> | ||
| - | options { | ||
| - | ... | ||
| - | }; | ||
| - | view "inside" { | ||
| - | match-clients { | ||
| - | 192.168.X/24; | ||
| - | 127/8; | ||
| - | }; | ||
| - | zone "corpX.un" { | ||
| - | type master; | ||
| - | file "/usr/local/etc/namedb/master/corpX.un"; | ||
| - | }; | ||
| - | zone "X.168.192.IN-ADDR.ARPA" { | + | === Debian/Ubuntu === |
| - | type master; | + | |
| - | file "/usr/local/etc/namedb/master/corpX.rev"; | + | |
| - | }; | + | |
| - | }; | + | |
| - | view "outside" { | + | |
| - | zone "corpX.un" { | + | |
| - | type master; | + | |
| - | file "/usr/local/etc/namedb/master/corpX.un.out"; | + | |
| - | }; | + | |
| - | }; | + | |
| - | </code><code> | + | |
| - | [server:~] # service named reload | + | |
| - | </code> | + | |
| - | + | ||
| - | === Ubuntu === | + | |
| <code> | <code> | ||
| - | root@server:~# cat /etc/bind/named.conf.local | + | root@server:~# less /etc/bind/named.conf.local |
| </code><code> | </code><code> | ||
| zone "corpX.un" { | zone "corpX.un" { | ||
| Line 571: | Line 474: | ||
| ==== Ограничение доступа к DNS серверу ==== | ==== Ограничение доступа к DNS серверу ==== | ||
| - | === Ubuntu === | + | === Debian/Ubuntu === |
| <code> | <code> | ||
| # cat /etc/bind/named.conf.options | # cat /etc/bind/named.conf.options | ||
| - | + | </code><code> | |
| - | # cat /etc/bind/named.conf.local | + | |
| - | </code> | + | |
| - | + | ||
| - | === FreeBSD === | + | |
| - | <code> | + | |
| - | # cat named.conf | + | |
| - | </code> | + | |
| - | + | ||
| - | === Ubuntu/FreeBSD === | + | |
| - | <code> | + | |
| options { | options { | ||
| ... | ... | ||
| Line 590: | Line 483: | ||
| ... | ... | ||
| }; | }; | ||
| - | ... | + | </code><code> |
| + | # cat /etc/bind/named.conf.local | ||
| + | </code><code> | ||
| zone "corpX.un" { | zone "corpX.un" { | ||
| ... | ... | ||
| Line 596: | Line 491: | ||
| ... | ... | ||
| }; | }; | ||
| - | ... | + | </code><code> |
| + | gate.isp.un$ nslookup -q=AXFR corpX.un 192.168.X.10 | ||
| </code> | </code> | ||
| + | |||
| ==== Мониторинг DNS сервера ==== | ==== Мониторинг DNS сервера ==== | ||
сервис_dns.txt · Last modified: 2023/10/28 16:07 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
