Configuration d’un serveur DNS : bind 9
par
popularité : 2%
Configuration d'un serveur DNS: bind 9
tester sous linux.
Création d'un utilisateur named qui aura comme HOME la
valeur de Directory dans le fichier /etc/named.conf donc ici
/var/named.
Attention il faut que /var/named
appartienne à named ...
structure du domaine: admin-sys.com
domaine racine |
sous domaine avec délégation |
sous domaine avec délégation |
serveur master |
serveur slave |
client |
admin-sys.com |
|
|
m.admin-sys.com |
s.admin-sys.com |
c.admin-sys.com |
|
bastia.admin-sys.com |
|
m.bastia.admin-sys.com |
s.bastia.admin-sys.com |
c.bastia.admin-sys.com |
|
papeete.admin-sys.com |
|
m.papeete.admin-sys.com |
s.papeete.admin-sys.com |
c.papeete.admin-sys.com |
|
|
plage.papeete.admin-sys.com |
m.plage.papeete.admin-sys.com |
|
c.plage.papeete.admin-sys.com |
A. Configuration du serveur de domaine:
1. serveur Master
fichier /etc/named.conf
Options {# réperoire pour les fichiers de data Directory "/var/named"; allow-transfer {10.0.0.20;}; #adresse du serveur slave }; zone "." { type hint; file "zone.root";# info sur la racine dns }; zone "0.0.127.in-addr.arpa."{# reverse for local loopback type master; file "zone.127.0.0"; }; zone "10.in-addr.arpa."{# reverse domain name type master; file "zone.10"; #rev dns file allow-transfer {10.0.0.20;}; }; zone "admin-sys.com"{# hosts in admin-sys.com type master; file "zone.admin-sys.com"; allow-transfer {10.0.0.20;}; }; |
fichier /etc/resolv.conf
search admin-sys.com nameserver 127.0.0.1 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Dans le répertoire /var/named/
fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé.
fichier /var/named/zone.127.0.0
@ IN SOA m.admin-sys.com root.m.admin-sys.com( 2002102200 ; serial 10800 ; refresh rate 1800 ; retry 604800 ; expire 86400 ) ; ttl IN NS m.admin-sys.com. 1 IN PTR localhost. |
fichier /var/named/zone.admin-sys.com
@ IN SOA m.admin-sys.com root.m.admin-sys.com( 2002102200 ; serial number 10800 ; refresh rate 1800 ; retry 604800 ; expire 86400 ) ; ttl IN NS m.admin-sys.com. IN NS s.admin-sys.com. ; delegate le sous domaine papeete papeete.admin-sys.com. IN NS m.papeete.admin-sys.com. m.papeete.admin-sys.com. IN A 10.10.0.10 ; delegate le sous domaine bastia bastia.admin-sys.com. IN NS m.bastia.admin-sys.com. m.bastia.admin-sys.com. IN A 10.20.0.10 m IN A 10.0.0.10 s IN A 10.0.0.20 c IN A 10.0.0.30 localhost IN A 127.0.0.1 |
fichier /var/named/zone.10
@ IN SOA m.admin-sys.com root.m.admin-sys.com( 2002102200 ; serial 10800 ; refresh rate 1800 ; retry 604800 ; expire 86400 ) ; ttl IN NS m.admin-sys.com. IN NS s.admin-sys.com. 10.0.0 IN PTR m.admin-sys.com. 20.0.0 IN PTR s.admin-sys.com. 30.0.0 IN PTR c.admin-sys.com. #délégation 0.10.10-in-addr.arpa. IN NS m.papeete.admin-sys.com. 0.20.10-in-addr.arpa. IN NS m.bastia.admin-sys.com. |
2. serveur Slave:
fichier /etc/named.conf:
Options {# home directory for local zone files Directory "/var/named"; }; zone "." { type hint; file "zone.root"; # zone file containing the cache hints }; zone "0.0.127.in-addr.arpa." {# reverse for local loopback type master; file "zone.127.0.0"; }; zone "10.in-addr.arpa." { type slave; file "zone.10"; # domain reverse data masters {10.0.0.10;}; # the master's IP address }; zone "admin-sys.com" { type slave; file "zone.admin-sys.com"; # domain hostname data masters {10.0.0.10;}; # the master's IP adress }; |
fichier /etc/resolv.conf
search admin-sys.com nameserver 10.0.0.20 nameserver 10.0.0.10 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Le répertoire /var/named/
le fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé. Si vous souhaitez aller sur le Web il faudra un serveur proxy.
fichier /var/named/zone.127.0.0
@ IN SOA s.admin-sys.com root.s.admin-sys.com( 2002102200 ; serial 10800 ; refresh rate 1800 ; retry 604800 ; expire 86400 ) ; ttl IN NS s.admin-sys.com. 1 IN PTR localhost. |
Les fichiers zone.10 et zone.admin-sys.com seront copiés dans ce répertoire lors de la synchronisation.
B. Configuration du serveur de sous-domaine:
1. serveur Master: pour bastia
fichier /etc/named.conf
options { directory "/var/named" ; allow-transfer { 10.0.20.20 ;}; }; zone "." in { type hint; file "zone.root"; }; zone "0.0.127.in-addr.arpa." in { type master; file "zone.127.0.0"; }; zone "bastia.admin-sys.com." in { type master; file "domaine.bastia.admin-sys.com"; allow-transfer { 10.20.0.20; }; }; zone "0.20.10.in-addr.arpa." in { type master; file "zone.10.20.0"; allow-transfer { 10.20.0.20; }; }; |
fichier /etc/resolv.conf
search bastia.admin-sys.com nameserver 10.20.0.10 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Dans le répertoire /var/named/
fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé.
fichier /var/named/zone.127.0.0
@ IN SOA m.bastia.admin-sys.com root.m.bastia.admin-sys.com ( 2002102300 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.bastia.admin-sys.com. 1 IN PTR localhost. |
fichier /var/named/domaine.bastia.admin-sys.com
@ IN SOA m.bastia.admin-sys.com root.m.bastia.admin-sys.com ( 2002102301 ; serial number AAAAMMJJNN 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.bastia.admin-sys.com IN NS s.bastia.admin-sys.com m.bastia.admin-sys.com. IN A 10.20.0.10 s.bastia.admin-sys.com. IN A 10.20.0.20 c.bastia.admin-sys.com. IN A 10.20.0.30 |
fichier /var/named/zone.10.20.0
@ IN SOA m.bastia.admin-sys.com root.m.bastia.admin-sys.com ( 2002102301 ; serial number AAAAMMJJNN 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.bastia.admin-sys.com. IN NS s.bastia.admin-sys.com. 10 IN PTR m.bastia.admin-sys.com. 20 IN PTR s.bastia.admin-sys.com. 30 IN PTR c.bastia.admin-sys.com. |
2. serveur Slave du sous-domaine: bastia
fichier /etc/named.conf:
options { directory "/var/named"; }; zone "." in { type hint; file "zone.root"; }; zone "0.0.127.in-addr.arpa." in { type master; file "zone.127.0.0"; }; zone "0.20.10.in-addr.arpa." in { type slave; file "zone.10.20"; masters { 10.20.0.10 ;} ; }; zone "bastia.admin-sys.com." in { type slave; file "domaine.bastia.admin-sys.com"; masters { 10.20.0.10 ; }; }; |
fichier /etc/resolv.conf
search bastia.admin-sys.com nameserver 10.20.0.20 nameserver 10.20.0.10 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Le répertoire /etc/named/
le fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé.
fichier /var/named/zone.127.0.0
@ IN SOA s.bastia.admin-sys.com root.s.bastia.admin-sys.com( 2002102200 ; serial 10800 ; refresh rate 1800 ; retry 604800 ; expire 86400 ) ; ttl IN NS s.bastia.admin-sys.com. 1 IN PTR localhost. |
Les fichiers zone.10.20.0 et domaine.bastia.admin-sys.com seront copiés dans ce répertoire lors de la synchronisation.
3. serveur Master pour le sous-domaine: papeete
fichier /etc/named.conf
options { directory "/var/named" ; }; zone "." in { type hint; file "zone.root"; }; zone "0.0.127.in-addr.arpa." in { type master; file "zone.127.0.0"; }; zone "papeete.admin-sys.com." in { type master; file "domaine.papeete.admin-sys.com"; allow-update { 10.10.0.20; }; notify yes; allow-transfer { 10.10.0.20; }; }; zone "10.10.in-addr.arpa." in { type master; file "zone.10.10"; notify yes; allow-update { 10.10.0.20; }; }; |
fichier /etc/resolv.conf
search papeete.admin-sys.com nameserver 10.10.0.10 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Dans le répertoire /var/named/
fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé.
fichier /var/named/zone.127.0.0
@ IN SOA m.papeete.admin-sys.com root.m.papeete.admin-sys.com ( 2002102200 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.papeete.admin-sys.com. 1 IN PTR localhost. |
fichier /var/named/domaine.papeete.admin-sys.com
@ IN SOA m.papeete.admin-sys.com root.m.papeete.admin-sys.com ( 2002102219 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.papeete.admin-sys.com. IN NS s.papeete.admin-sys.com. m.papeete.admin-sys.com. IN A 10.10.0.10 s.papeete.admin-sys.com. IN A 10.10.0.20 c.papeete.admin-sys.com. IN A 10.10.0.30 o.papeete.admin-sys.com. IN A 10.10.0.40 plage.papeete.admin-sys.com. IN NS m.plage.papeete.admin-sys.com. m.plage.papeete.admin-sys.com. IN A 10.10.2.10 |
fichier /var/named/zone.10.10.0
@ IN SOA m.papeete.admin-sys.com root.m.papeete.admin-sys.com ( 2002102201 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.papeete.admin-sys.com. IN NS s.papeete.admin-sys.com. 2-in-addr.arpa. IN NS m.plage.papeete.admin-sys.com. 10.0 IN PTR m.papeete.admin-sys.com. 20.0 IN PTR s.papeete.admin-sys.com. 30.0 IN PTR c.papeete.admin-sys.com. |
4. serveur Slave du sous-domaine: papeete
fichier /etc/named.conf:
options { directory "/var/named"; }; zone "." in { type hint; file "zone.root"; }; zone "0.0.127.in-addr.arpa." in { type master; file "zone.127.0.0"; }; zone "0.10.10.in-addr.arpa." in { type slave; file "zone.10.10"; masters { 10.10.0.10 ;} ; }; zone "papeete.admin-sys.com." in { type slave; file "domaine.papeete.admin-sys.com"; masters { 10.10.0.10 ; }; }; |
fichier /etc/resolv.conf
search papeete.admin-sys.com nameserver 10.10.0.10 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Le répertoire /etc/named/
le fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé.
fichier /var/named/zone.127.0.0
@ IN SOA s.papeete.admin-sys.com root.s.papeete.admin-sys.com ( 2002102200 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS s.papeete.admin-sys.com. 1 IN PTR localhost. |
Les fichiers zone.10.10.0 et domaine.papeete.admin-sys.com seront copiés dans ce répertoire lors de la synchronisation.
5. serveur Master pour le sous-domaine: plage.papeete
fichier /etc/named.conf
options{ directory "/var/named"; }; zone "." in { type hint ; file "zone.root" ; }; zone "plage.papeete.admin-sys.com" in { type master ; file "domaine.plage.papeete.admin-sys.com" ; }; zone "2.10.10.in-addr.arpa" in { #inverser l @ IP type master ; file "zone.10.10.2" ; }; zone "0.0.127.in-add.arpa" in { type master ; file "zone.127.0.0" ; }; |
fichier /etc/resolv.conf
nameserver 10.10.2.10 |
fichier /etc/nsswitch.conf
# # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis ... #hosts: db files nisplus nis dns hosts: files dns #hosts: dns files ... |
Dans le répertoire /var/named/
fichier /var/named/zone.root
. 99999999 NS m.admin-sys.com. m.admin-sys.com. IN A 10.0.0.10 |
Car ce serveur est la racine du réseau privé.
fichier /var/named/zone.127.0.0
@ IN SOA m.plage.papeete.admin-sys.com root.m.plage.papeete.admin-sys.com ( 2002102200 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.plage.papeete.admin-sys.com. 1 IN PTR localhost. |
fichier /var/named/domaine.plage.papeete.admin-sys.com
@ IN SOA m.plage.papeete.admin-sys.com. root.m.plage.papeete.admin-sys.com. ( 1 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) ; ; serveur du domaine ; IN NS m.plage.papeete.admin-sys.com. m.plage.papeete.admin-sys.com. IN A 10.10.2.10 c.plage.papeete.admin-sys.com. IN A 10.10.2.30 |
fichier /var/named/zone.10.10.2
@ IN SOA m.plage.papeete.admin-sys.com root.m.plage.papeete.admin-sys.com ( 2002102200 ; serial number 10800 ; refresh (3hrs) 3600 ; retry (1hr) 432000 ; expire (5days) 86400 ) ; ttl (1day) IN NS m.plage.papeete.admin-sys.com. 10 IN PTR m.plage.papeete.admin-sys.com. 30 IN PTR c.plage.papeete.admin-sys.com. |
Commentaires Forum fermé