ubuntu 14.04 DNS Server 설치
네임서버운영을 위한 방화벽 오픈 TCP/UDP 53번 포트을 OPEN해야합니다.
1.hosts 수정
|
1 2 3 4 5 6 7 8 |
root@ns:/etc/bind/zones# cat /etc/hosts 127.0.0.1 localhost 192.168.0.200 ns.mynotes.kr ns # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters |
2.resolv.conf 수정
|
1 2 3 4 5 6 7 |
root@ns:/etc/bind/zones# cat /etc/resolvconf/resolv.conf.d/head # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 192.168.0.200 search mynotes.kr resolvconf -u |
3.bind9 설치 및 네임서버 설정화일을 위한 디렉토리 생성
|
1 2 3 |
apt-get update apt-get install bind9 bind9utils bind9-doc mkdir -p /etc/bind/zones |
4.네임서버 설정화일을 위한 관련 화일 COPY
|
1 2 3 |
cp /etc/bind/named.conf.local /etc/bind/zones/named.conf.local cp /etc/bind/named.conf.local /etc/bind/zones/named.conf.mynotes.kr cp /etc/bind/db.local /etc/bind/zones/db.mynotes.kr cp /etc/bind/cat db.0 /etc/bind/zones/db.0.168.192 |
5.bind9의 설정 파일
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
OPTIONS 매개 변수를 포함 하는 -4 i p v 4만 동작 하도록 설정 root@ns:/etc/bind/zones# cat /etc/default/bind9 PTIONS="-u bind -4" include "/etc/bind/zones/named.conf.mynotes.kr"; 하단에 추가 root@ns:/etc/bind/zones# cat /etc/bind/named.conf // This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; include "/etc/bind/zones/named.conf.mynotes.kr"; |
6.bind9의 options 환경설정
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
root@ns:/etc/bind# cat named.conf.options options { directory "/var/cache/bind"; version "unknown"; allow-transfer { none; }; recursion no; listen-on { 192.168.0.200; }; forwarders { 8.8.8.8; 8.8.4.4; }; dnssec-enable yes; dnssec-validation yes; auth-nxdomain no; # conform to RFC1035 }; logging { category default { default_syslog; default_debug; }; category unmatched { default_syslog; default_debug; }; category lame-servers { default_syslog; default_debug; }; category network { default_syslog; default_debug; }; category notify { default_syslog; default_debug; }; }; |
7./etc/bind/zones/named.conf.mynotes.kr 수정
|
1 2 3 4 5 6 7 8 9 |
zone "mynotes.kr" { type master; file "/etc/bind/zones/db.mynotes.kr"; }; zone "0.168.192.in-addr.arpa" { type master; file "/etc/bind/zones/db.0.168.192"; }; |
8./etc/bind/zones/db.mynotes.kr 수정
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
; ; BIND data file for local loopback interface ; $TTL 10M @ IN SOA mynotes.kr. root.mynotes.kr. ( 2015010901 ; Serial 1D ; Refresh 1H ; Retry 1W ; Expire 3H ) ; Negative Cache TTL ; Name Server @ IN NS ns.mynotes.kr. ns IN A 192.168.0.200 ; name server ;MX recode ; Alias www IN A 192.168.0.100 ; web server @ IN A 192.168.0.100 ; web server |
9./etc/bind/zones/db.0.168.192 수정
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
; ; BIND reverse data file for broadcast zone ; $TTL 10M @ IN SOA mynotes.kr. root.mynotes.kr. ( 2016010900 ; Serial 1D ; Refresh 1H ; Retry 1W ; Expire 3H ) ; Negative Cache TTL ; name servers - NS records @ IN NS ns.mynotes.kr. ; PTR Records 200 IN PTR ns.mynotes.kr. ; 192.168.0.100 IN PTR www.mynotes.kr. ; |
10.bing9 재시작
|
1 |
service bind9 restart |
11.log 확인
|
1 2 3 4 5 6 7 8 9 10 11 |
tail -f /var/log/syslog Jan 11 10:55:24 ns named[1775]: zone 0.in-addr.arpa/IN: loaded serial 1 Jan 11 10:55:24 ns named[1775]: zone 0.168.192.in-addr.arpa/IN: loaded serial 2016010900 Jan 11 10:55:24 ns named[1775]: zone 127.in-addr.arpa/IN: loaded serial 1 Jan 11 10:55:24 ns named[1775]: zone 255.in-addr.arpa/IN: loaded serial 1 Jan 11 10:55:24 ns named[1775]: zone localhost/IN: loaded serial 2 Jan 11 10:55:24 ns named[1775]: zone mynotes.kr/IN: loaded serial 2015010901 Jan 11 10:55:24 ns named[1775]: all zones loaded Jan 11 10:55:24 ns named[1775]: running Jan 11 10:55:24 ns named[1775]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 2016010900) Jan 11 10:55:24 ns named[1775]: zone mynotes.kr/IN: sending notifies (serial 2015010901) |
12.nslookup 확인
|
1 2 3 4 5 6 7 8 |
nslookup mynotes.kr ;; Got recursion not available from 192.168.0.200, trying next server Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: mynotes.kr Address: 192.168.0.200 |
13.DNS 확인 사이트
http://dnsviz.net/