Diferencia entre revisiones de «Instalar Servidor DNS (Bind9)»

De enunpimpam
Saltar a: navegación, buscar
Línea 148: Línea 148:
 
;; SERVER: 127.0.0.53#53(127.0.0.53)
 
;; SERVER: 127.0.0.53#53(127.0.0.53)
 
;; WHEN: dom may 10 17:30:22 UTC 2020
 
;; WHEN: dom may 10 17:30:22 UTC 2020
 +
;; MSG SIZE  rcvd: 54</syntaxhighlight>
 +
 +
 +
-----
 +
dig -x 10.10.20.129
 +
 +
<syntaxhighlight>
 +
; <<>> DiG 9.16.1-Ubuntu <<>> -x 10.10.20.129
 +
;; global options: +cmd
 +
;; Got answer:
 +
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52575
 +
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
 +
 +
;; OPT PSEUDOSECTION:
 +
; EDNS: version: 0, flags:; udp: 65494
 +
;; QUESTION SECTION:
 +
;129.20.10.10.in-addr.arpa. IN PTR
 +
 +
;; Query time: 3 msec
 +
;; SERVER: 127.0.0.53#53(127.0.0.53)
 +
;; WHEN: dom may 10 17:33:46 UTC 2020
 
;; MSG SIZE  rcvd: 54</syntaxhighlight>
 
;; MSG SIZE  rcvd: 54</syntaxhighlight>

Revisión del 17:34 10 may 2020


Ubuntu 20.04 = 10.10.20.10 Nombre del domimio = vm.enunpimpam.com Red = 10.10.20.0/24

Instalar Bind 9

apt-get install bind9 bind9utils bind9-doc dnsutils

Configurar Bind9

/etc/bind/named.conf.options

nano /etc/bind/named.conf.options
options {
        directory "/var/cache/bind";
        auth-nxdomain no;    # conform to RFC1035
     // listen-on-v6 { any; };
        listen-on port 53 { localhost; 10.10.20.0/24; };
        allow-query { localhost; 10.10.20.0/24; };
        forwarders { 8.8.8.8; };
        recursion yes;
        };

/etc/bind/named.conf.local

nano /etc/bind/named.conf.local
zone    "vm.enunpimpam.com"   {
        type master;
        file    "/etc/bind/forward.vm.enunpimpam.com";
 };

zone   "20.10.10.in-addr.arpa"        {
       type master;
       file    "/etc/bind/reverse.vm.enunpimpam.com";
 };

Zona directa

cp db.local forward.vm.enunpimpam.com
nano forward.vm.enunpimpam.com
;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     primary.vm.enunpimpam.com. root.primary.vm.enunpimpam.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;Name Server Information
@       IN      NS      primary.vm.enunpimpam.com.

;IP address of Your Domain Name Server(DNS)
primary IN       A      10.10.20.10

;Mail Server MX (Mail exchanger) Record
vm.enunpimpam.com. IN  MX  10  mail.vm.enunpimpam.com.

;A Record for Host names
capi    IN       A       10.10.20.128
thor    IN       A       10.10.20.129
mail    IN       A       10.10.20.130

;CNAME Record
ftp     IN      CNAME   capi.vm.enunpimpam.com.
El PUNTO después de cada dominio

Zona Inversa

cp db.127 reverse.vm.enunpimpam.com
nano reverse.vm.enunpimpam.com
;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     vm.enunpimpam.com. root.vm.enunpimpam.com. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;Your Name Server Info
@       IN      NS      primary.vm.enunpimpam.com.
primary IN      A       10.10.20.10

;Reverse Lookup for Your DNS Server
10      IN      PTR     primary.vm.enunpimpam.com.

;PTR Record IP address to HostName
128      IN      PTR     capi.vm.enunpimpam.com.
129      IN      PTR     thor.vm.enunpimpam.com.
130      IN      PTR     mail.vm.enunpimpam.com.
El PUNTO después de cada dominio

Comprobación

systemctl restart bind9
ufw allow 43
Rules updated
Rules updated (v6)
root@svm:/etc/bind#

comprobacion de la configuracion

named-checkconf named.conf.local
named-checkzone vm.enunpimpam.com forward.vm.enunpimpam.com
zone vm.enunpimpam.com/IN: loaded serial 2
OK


named-checkzone vm.enunpimpam.com reverse.vm.enunpimpam.com
zone vm.enunpimpam.com/IN: loaded serial 1
OK

Testeando servidor DNS

nano /etc/resolv.conf
nameserver 10.10.20.10
options edns0
search vm.enunpimpam.com
 dig primary.vm.enunpimpam.com
; <<>> DiG 9.16.1-Ubuntu <<>> primary.vm.enunpimpam.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34464
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;primary.vm.enunpimpam.com.	IN	A

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: dom may 10 17:30:22 UTC 2020
;; MSG SIZE  rcvd: 54



dig -x 10.10.20.129
; <<>> DiG 9.16.1-Ubuntu <<>> -x 10.10.20.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52575
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;129.20.10.10.in-addr.arpa.	IN	PTR

;; Query time: 3 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: dom may 10 17:33:46 UTC 2020
;; MSG SIZE  rcvd: 54