Nimeserveri seadistamine BIND9 näitel: Difference between revisions
From ICO wiki
Jump to navigationJump to search
| Line 46: | Line 46: | ||
nano /etc/bind/named.conf.options | nano /etc/bind/named.conf.options | ||
</pre> | </pre> | ||
Kommentaar tuleb eemaldada forwarders eest ja sinna sulgude vahele kirjutada ISP DNS server. | |||
Muudetud fail peaks välja nägema järgmine: | Muudetud fail peaks välja nägema järgmine: | ||
<pre> | <pre> | ||
options { | |||
directory "/var/cache/bind"; | |||
// If there is a firewall between you and nameservers you want | |||
// to talk to, you may need to fix the firewall to allow multiple | |||
// ports to talk. See http://www.kb.cert.org/vuls/id/800113 | |||
// If your ISP provided one or more IP addresses for stable | |||
// nameservers, you probably want to use them as forwarders. | |||
// Uncomment the following block, and insert the addresses replacing | |||
// the all-0's placeholder. | |||
forwarders { | |||
192.168.145.2; | |||
}; | |||
auth-nxdomain no; # conform to RFC1035 | |||
listen-on-v6 { any; }; | |||
}; | |||
</pre> | </pre> | ||
| Line 57: | Line 76: | ||
nano /etc/bind/named.conf.local | nano /etc/bind/named.conf.local | ||
</pre> | </pre> | ||
Sellesse faili tuleb | Sellesse faili tuleb lisada järgmised tsoonid: | ||
<pre> | <pre> | ||
zone "145.168.192.in-addr.arpa" IN { | |||
type master; | |||
file "/etc/bind/db.145.168.192.in-addr.arpa"; | |||
}; | |||
zone "too.ee" IN { | |||
type master; | |||
file "/etc/bind/db.too.ee"; | |||
}; | |||
zone "koht.ee" IN { | |||
type master; | |||
file "/etc/bind/db.koht.ee"; | |||
}; | |||
zone "arendus.koht.ee" IN { | |||
type master; | |||
file "/etc/bind/db.arendus.koht.ee"; | |||
}; | |||
</pre> | </pre> | ||
Revision as of 16:16, 16 November 2009
Autorid
- Tuuli Zahvatkin
- Nils Tammann
Viimase muutmise aeg
Sissejuhatus
Eeldused
- Peab olema installeeritud Ubuntu server 9.10
- Masinal kuhu konfigureeritakse DNS peab olema staatiline IP-aadress. Meie näite puhul on selleks:
IP aadress: 192.168.145.128 Võrgumask: 255.255.255.0 Vaikelüüs: 192.168.145.2 ISP DNS: 192.168.145.2
- Tulemüüris peab olema avatud tcp/udp port 53
Nõuded
- Konfigureerida kaks domeeni ja üks alamdomeen.
- Reverse peaks toimima.
- Domeeni teenindava meiliserveri mx kirjed ja spf kirjed peavad olema nimeserveri domeenides.
- Ilma www-ta aadressis peab saama veebisaidile ligi.
- Nimeserveri varundamine/taastamine.
- BIND serveri turvavead.
Installeerimine
BIND9 installeerimiseks sisestada järgmine käsk:
sudo -i apt-get install bind9
Seadistamine
Minna juurkasutajaks:
sudo -i
Algul tuleb muuta faili /etc/bind/named.conf.options
nano /etc/bind/named.conf.options
Kommentaar tuleb eemaldada forwarders eest ja sinna sulgude vahele kirjutada ISP DNS server. Muudetud fail peaks välja nägema järgmine:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
192.168.145.2;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
Peale seda tuleb muuta /etc/bind/named.conf.local
nano /etc/bind/named.conf.local
Sellesse faili tuleb lisada järgmised tsoonid:
zone "145.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/db.145.168.192.in-addr.arpa";
};
zone "too.ee" IN {
type master;
file "/etc/bind/db.too.ee";
};
zone "koht.ee" IN {
type master;
file "/etc/bind/db.koht.ee";
};
zone "arendus.koht.ee" IN {
type master;
file "/etc/bind/db.arendus.koht.ee";
};
Eelnevalt loodud tsoonid viitavad failidele, mis neid tsoone kirjeldavad. Selleks et neid faile luua, võtame aluseks olemasoleva localhost tsooni faili ja kopeerime seda.
cp /etc/bind/db.127 /etc/bind/db.145.168.192.in-addr.arpa cp /etc/bind/db.local /etc/bind/db.too.ee cp /etc/bind/db.local /etc/bind/db.koht.ee cp /etc/bind/db.local /etc/bind/db.arendus.koht.ee
