Setup Suse 10.2 Server/DNS
Setting up bind
server:~ # smart install bind
This should install 2 packages, bind and bind-chrootenv.
Now edit /etc/named.conf and change the following settings:
options {
listen-on port 53 { 192.168.0.2; 127.0.0.1; }
listen-on-v6 { none; }
allow-query { any; }
};
include "/etc/named.d/logging.conf";
include "/etc/named.d/example.org.conf";
Now a bit of security for our DNS:
server:~ # dnssec-keygen > /etc/rndc.conf
Copy the outcommented part of `/etc/rndc.conf` into `/etc/named.conf`
Now create `/etc/named.d/example.org.conf` with the following content:
zone "example.org" {
type master;
file "personal/example.org.db";
allow-transfer { none; }:
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "reverse/192.168.0.0";
allow-query { any; };
allow-transfer { none; };
};
and `/etc/named.d/logging.conf`:
logging {
channel default_file { file "/var/log/named/default.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel general_file { file "/var/log/named/general.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel database_file { file "/var/log/named/database.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel security_file { file "/var/log/named/security.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel config_file { file "/var/log/named/config.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel resolver_file { file "/var/log/named/resolver.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel xfer-in_file { file "/var/log/named/xfer-in.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel xfer-out_file { file "/var/log/named/xfer-out.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel notify_file { file "/var/log/named/notify.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel client_file { file "/var/log/named/client.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel unmatched_file { file "/var/log/named/unmatched.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel queries_file { file "/var/log/named/queries.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel network_file { file "/var/log/named/network.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel update_file { file "/var/log/named/update.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel dispatch_file { file "/var/log/named/dispatch.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel dnssec_file { file "/var/log/named/dnssec.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel lame-servers_file { file "/var/log/named/lame-servers.log" versions 3 size 5m; severity dynamic; print-time yes; };
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};
PS: Thanks to the Gentoo Wiki for this :)
But logging will not work yet, we have to create the files and folders:
server:~ # mkdir /var/lib/named/var/log/named/
server:~ # touch /var/lib/named/var/log/named/client.log
server:~ # touch /var/lib/named/var/log/named/config.log
server:~ # touch /var/lib/named/var/log/named/database.log
server:~ # touch /var/lib/named/var/log/named/default.log
server:~ # touch /var/lib/named/var/log/named/dispatch.log
server:~ # touch /var/lib/named/var/log/named/dnssec.log
server:~ # touch /var/lib/named/var/log/named/general.log
server:~ # touch /var/lib/named/var/log/named/lame-servers.log
server:~ # touch /var/lib/named/var/log/named/network.log
server:~ # touch /var/lib/named/var/log/named/notify.log
server:~ # touch /var/lib/named/var/log/named/queries.log
server:~ # touch /var/lib/named/var/log/named/resolver.log
server:~ # touch /var/lib/named/var/log/named/security.log
server:~ # touch /var/lib/named/var/log/named/unmatched.log
server:~ # touch /var/lib/named/var/log/named/update.log
server:~ # touch /var/lib/named/var/log/named/xfer-in.log
server:~ # touch /var/lib/named/var/log/named/xfer-out.log
server:~ # chown -R named:named /var/lib/named/var/log/named/
Next start bind with `rcnamed start`. If any errors come up, you most probably forgot an `;` somewhere.
But... nobody knows, what adresses we have yet?
Now edit `/var/lib/named/personal/example.org.db`
$TTL 86400
@ IN SOA ns.example.org. your.email.example.org. (
2007020901 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum
example.org. IN NS ns.example.org.
ns.example.org. IN A 192.168.0.2
example.org. IN A 192.168.0.2
mail.example.org. IN A 192.168.0.2
example.org. IN MX 10 mail.example.org.
and `/var/lib/named/reverse/192.168.0.0`:
$TTL 86400
@ IN SOA example.org. (
2007020901 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum
IN NS example.org.
2 IN PTR example.org.
2 IN PTR server.example.org.
If you change and restart the name server, do not forget to increase the serial by 1!
Now we will test, if it actually works:
server:~ # rcnamed start
server:~ # nslookup example.org
Server: 192.168.0.2
Address: 192.168.0.2#53
Name: example.org
Address: 192.168.0.2
server:~ # host example.org
example.org has address 192.168.0.2
example.org mail is handled by 10 mail.example.org
2 komentar:
halo bos,,,,
bos cara edit tag html di blog gimana ya???>>.
perlu diperbanyak kayanya artikel2 tentang blog biar ane lebih banyak tau bos...thank,s banget artikel sebelumnya bermanfaat juga tuh, he he he ,,,
Posting Komentar