Ovako ovaj kratak tekst ili howto
ce vam objasniti kako da zamenite postojeci BIND 8,X za verziju 9.2.X na FReeBSD-u
5.2 i 5.2.1 ,a za 5.3 vec dolazi sa verzijom 9.3.0.
Kako da kreirate zone i kako da napravite Slave server.Naravno ovde je rec o DNS-u.Ovaj tejkst sam objavuio pre nekog vremena ali ne zelim da se iszgubi,p asamim tim ga prebacujem u dokumentaciji.
Pa da pocnem.
Pre samog pocetka instalacije bilo cega uci u direktorijum /etc i editovati
make.conf
#vi /etc/make.conf
Dodati liniju
PORT_REPLACES_BASE_BIND9=YES
To vam omogucava da zamenite named system sa novim named koji je compilovan.
Kada smo zapamtili i modifikovali
fajl make.conf prelazimo u
#cd /usr/ports/dns/bind9
naravno ovde podrazumevam da je instalirani ports i cvsup.
Kada smo usli u direktorijum bind9
#make fetch && make extract && make configure && make
build && make install && make post-install && make clean
Proces instalacije pocinje.Ili
za one koje mrze da mnogo kucaju.
# make install post-install clean
Naravno i sa ovom komandom proces
instalacije pocinje.I ako ne prijavi ni jedan error onda je proces instalacije
zavrsen.Sto nebi trebao da prijavi ni jedan error.
Dok pisem ovo u susednoj zgradi
panika ,pozar izbio dosla 20 kaimona i automobila,cirkus pravi .
Da nastavim jednom kada je Bind
9 instaliran samo drvo fajlova bi trebalo ovako da izleda .
/etc/namedb i u njemu da se nalaze sledeci fajlovi
named.conf
named.root
rndc.conf.simple
Nalazi se jos jedna scripta za automatsko kreiranje zona ,ali ja je uvek automatski
obrisem jer mi je mnogo mnogo lakse da kreiram rucno.
Pa da pocnem fajl za samo konfiguraciju i najvazniji fajl je named.conf
on bi trebao ovako da izgleda tj da vi sami napravite da izgleda ovako
Pocetak fajla
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
statistics-file "/var/log/named/named.stats";
version "M$-DNS!";
};
######################
ovde sam stavio version M$-DNS jer svako ko vrsi upit za verziju DNS-a dobija
M$-DNS mada je rec o bindu 9.2.x,mad asmo mogli da stavimo moj_dns.
######################
logging {
channel logchan {
file "/var/log/named/log.msgs" versions 3 size 10K;##kreirajte direktorijum
/var/log/named#####
severity dynamic;
syslog deamon;
severity info;
print-time yes;
print-category yes;
};
category default { logchan; };
category queries { logchan;};
category config{ logchan;};
category xfer-in { logchan;};
category notify { logchan;};
};
Sada su nam potrebne tri zone
zone "." {
type hint ;
file " /etc/namedb/named.root";
};
zone "0.0.127.in-addr.arpa" {
type master;
file " /etc/namedb/localhost.rev";
};
zone "localhost" {
type master;
file " /etc/namedb/localhost";
};
Okey kada smo modifikovali fajl
named .conf onda bi trebali i da ga zapamtimo .
Kreiramo jedan fajl localhost.rev
u /etc/namedb/ koji izgleda ovako
$TTL 3600 ; 1 day
@ IN SOA ns1.example.com. webmaster.example.com. (
20040612 ; serial
3600 ; refresh (6 hours)
900 ; retry (1 hour)
3600000 ; expire (5 weeks 6 days 16 hours)
3600 ; minimum (1 day)
)
IN NS ns1.example.com.
1 IN PTR localhost.
Pa kreiramo jedan localhost u
/etc/namedb
$TTL 3600 ; 1 day
@ IN SOA ns1.example.com. webmaster.example.com. (
20040612 ; serial
3600 ; refresh (6 hours)
900 ; retry (1 hour)
3600000 ; expire (5 weeks 6 days 16 hours)
3600 ; minimum (1 day)
)
IN NS ns1.example.com.
IN A localhost.
I na kraju ne trebamo modifikovati
named.root koji se nalazi u /etc/named jer je vec po defaultu,ali ako vam je
potrebno da vidite kako igleda.
;
; $FreeBSD: src/etc/namedb/named.root,v 1.10 2002/11/06 09:21:39 dougb Exp $
;
; This file holds the information
on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.root
; on server FTP.INTERNIC.NET
;
; last update: Nov 5, 2002
; related version of root zone: 2002110501
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by IANA
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
Okey prelazimo na postavljanje RNDC
Rndc vam sluzi da da mozete da odrzavate bind sa druge masine.
#rndc-confgen -b 512 > /etc/namedb/rndc.conf
Posle ove komande kreirace vam
se jedan fajl u /etc/namedb/rndc.conf
Koprajte ovo
key "rndc-key" {
algorithm hmac-md5;
secret "jln0zvtG+ybNDW+bJGnsIn9vhaqT37JZfm1ENBfRqABBb66KJMsbucgkP2PwW4zB9RS+AjqoySqI3hJT3A9Ruw==";
};
Options
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
I prenesite u /etc/namedb/named.conf ispod opcije options a iznad opcije controls.
Sada mozete izvrsiti jedan test
posle podizanje bind-a.(koje se podize komandom named)
ns1# rndc status
number of zones: ***(ovde maskiram da ne vidite koliko zona imam na serveru)
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
server is up and running
ns1#
Ako zelite da vrsite kontrolu
sa neke daleke masine dodaj te u named.conf ovo isred key.
controls {
inet x.x.x.x allow port 953{ y.y.y.y; } keys {"rndc-key"; };
};
Paljenje dns-a
/usr/sbin/named -c /etc/namedb/named.conf
ILi samo komandom
named
Kontrola
tail -f /var/log/messages
To je sto se tice DNS-a.
Sada sto se tice realnosti
zelim da instaliram 1o1.com ns1.1o1.com
Prvo pocinjem da modifikujem resolv.conf
# cd /etc/
# cat resolv.conf
search 1o1.cm 1o1.com
nameserver 127.0.0.1
Idem dalje.
Editujem fajl/etc/namedb/named.conf
options {
directory "/etc/namedb";
};
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.in-addr.arpa"
{
type master;
file "named.local";
};
zone "1o1.com" {
notify no;
type master;
file "named.forward";
};
zone "102.168.192.in-addr.arpa"
{
notify no;
type master;
file "named.102.168.192";
};
Pravim fajl named.local u /etc/namedb/
@ IN SOA localhost. root.localhost. (
2004061200 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
Pravim fajl named.forward u /etc/namedb/
@ IN SOA ns1.1o1.com. webmaster.1o1.com. (
20040612000 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
1W ; expire, seconds
1D ) ; minimum, seconds
NS ns1 ; Inet Address of name
server
MX 10 mail ; Primary Mail Exchanger
ns1 A 127.0.0.1
ns1 A 192.168.102.3
linuxhost A 192.168.102.3
mail A 192.168.102.3
www A 192.168.102.3
Pravim jedan fajl named.102.168.192
u /etc/namedb/
@ IN SOA ns1.1o1.com. hostmaster.1o1.com. (
2004061200 ; Serial, todays date + todays serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D) ; Minimum TTL
NS ns1.1o1.com.
3 PTR ns1.1o1.com.
3 PTR ns1.1o1.com.
3 PTR mail.1o1.com.
3 PTR www.1o1.com.
Proveravam named.root
;
; $FreeBSD: src/etc/namedb/named.root,v 1.10 2002/11/06 09:21:39 dougb Exp $
;
; This file holds the information
on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.root
; on server FTP.INTERNIC.NET
;
; last update: Nov 5, 2002
; related version of root zone: 2002110501
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by IANA
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
Testiranje
#nslookup www.1o1.com
Server: localhost
Address: 127.0.0.1
Name: www.1o1.com
Address: 192.168.102.3
Sve radi kako treba .....naravno
kada kreiram zone .....Named server ne radi ......
ns1# killall named
ns1# named
ns1# tail -f /var/log/messages
Jun 12 12:39:59 ns3 named[549]: command channel listening on 127.0.0.1#953
Jun 12 16:48:24 ns1 named[549]: stopping command channel on 127.0.0.1#953
Jun 12 16:48:24 ns1 named[549]: exiting
Jun 12 16:48:26 ns1 named[1316]: starting BIND 9.X.X(krijem verziju)
Jun 12 16:48:26 ns1 named[1316]: command channel listening on 127.0.0.1#953
ctrl+c
da prekinem tail -f .
Pošalji privatnu poruku
E sada zelim sve to ali na drugoj
masini znaci slave .
Mnogo je prosto taj proces najvise volim,Kopirati fajl named.conf i gde pise master
zameniti sa slave. znaci master ide ovako
options {
directory "/etc/namedb";
};
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.in-addr.arpa"
{
type master;
file "named.local";
};
zone "1o1.com" {
notify no;
type master;
file "named.forward";
};
zone "102.168.192.in-addr.arpa"
{
notify no;
type master;
file "named.102.168.192";
};
a slave ide ovako
Citat:
options {
directory "/etc/namedb";
};
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.in-addr.arpa"
{
type master;
file "named.local";
};
zone "1o1.com" {
notify no;
type slave;
masters {IP_ADRESA NS1;};
file "named.forward";
};
zone "102.168.192.in-addr.arpa"
{
notify no;
type slave;
masters {IP_ADRESA NS1;};
file "named.102.168.192";
};
Kreirati jedan named.local u /etc/namedb naravno ovde je rec o DNS-U 2
Startovati named i on ce sam rekuperirati zone od NS1.
Sav proces je nekih minut dva posla za dns2 ,naravno ako je instaliran bind9.
E sada zelim da ubacim Bihsoccer.com
domen na dns1 i dns2.
Editujem named.conf na dns1.
zadam jednan zapis pri kraju fajla.
zone "bihsoccer.com" {
notify no;
type master;
file "named.bihsoccer.com";
};
Napravim jednu zonu ovakvu u /etc/namedb/ tj jedan fajl kojiimenujemo named.bihsoccer.com
i koji sadrzi ovo.
@ IN SOA ns1.1o1.com. hostmaster.1o1.com. (
2004061200 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
1W ; expire, seconds
1D ) ; minimum, seconds
NS ns1.1o1.com. ; Inet Address
of name server
MX 10 mail.1o1.com. ; Primary Mail Exchanger
@ A 192.168.102.146
www A 192.168.102.146
Zapamtim sve restartujem named i sve radi kako treba....
Sada sta da uradim sa sa DNS2 ,kako kod njega ....ma on je najlaksi ...
editujem fajl etc/namedb/named.conf
zadam ovo rucno
zone "bihsoccer.com" {
notify no;
type slave;
masters {IP_ADRESA NS1;};
file "named.bihsoccer.com";
};
Pobrisem,Lepo kazem POBRISEM SVE
POSOTOJECE zone na DNS2 naravno ostavima samo named.local.
Restartujem named i on lepo pokupi sve zone od DNS1....
Nadam se da ovo nisam pisao u
prazno i nadam se da ce ovo nekome pomoci ,Sada radio sam dosta dugo na MS_DNS
ali bind je bind i nikada nemogu da zamislim podiznje jednog DNS- servera na
M$ .
|
Glavna 