Saturday, 4 April 2015

Install DNS DI Debian Bagian 1

Posted By: Rufaidah-network - 10:44

Share

& Comment
Instalasi DNS DI Debian
root@rufaidah:~# aptitude -y install bind9 bind9utils dnsutils

Terus kita mengedit named.confNya

root@rufaidah:~# vi /etc/bind/named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
# make it comment
# include "/etc/bind/named.conf.default-zones";
# add
include "/etc/bind/named.conf.internal-zones";
include "/etc/bind/named.conf.external-zones";
root@rufaidah:~# vi /etc/bind/named.conf.internal-zones   # create new
# define for internal section
view "internal" {
        match-clients {
                localhost;
                10.20.0.0/24;
        };
# set zone for internal
        zone "server.world" {
                type master;
                file "/etc/bind/server.world.lan";
                allow-update { none; };
        };
# set zone for internal *note
        zone "0.0.10.in-addr.arpa" {
                type master;
                file "/etc/bind/0.20.10.db";
                allow-update { none; };
        };
        include "/etc/bind/named.conf.default-zones";
};

root@rufaidah:~# vi /etc/bind/named.conf.external-zones   # create new
# define for external section
view "external" {
# define for external section
        match-clients { any; };
# allo any query
        allow-query { any; };
# prohibit recursion
        recursion no;
# set zone for external
        zone "server.world" {
                type master;
                file "/etc/bind/server.world.wan";
                allow-update { none; };
        };
# set zone for external *note
        zone "80.0.16.172.in-addr.arpa" {
                type master;
                file "/etc/bind/80.0.16.172.db";
                allow-update { none; };
        };
};

# *note : For How to write for reverse resolving, Write network address reversely like below 10.20.0.0/24 For the case of 10.20.0.0/24
network address ⇒ 10.20.0.0
network range ⇒ 10.20.0.0 - 10.20.0.255
how to write ⇒ 0.20.10.in-addr.arpa

For the case of 172.16.0.80/29
network address ⇒ 172.16.0.80
network range ⇒ 172.16.0.80 - 172.16.0.87
how to write ⇒ 80.0.16.172.in-addr.arpa





root@rufaidah:~# vi /etc/bind/named.conf.options

options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
//       0.0.0.0;
// };
# query range you permit
allow-query { localhost; 10.20.0.0/24; };
# the range to transfer zone files
allow-transfer { localhost; 10.20.0.0/24; };
# recursion range you allow
allow-recursion { localhost; 10.20.0.0/24; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
# make it comment if not use IPV6
# listen-on-v6 { any; };
};

About Rufaidah-network

Techism is an online Publication that complies Bizarre, Odd, Strange, Out of box facts about the stuff going around in the world which you may find hard to believe and understand. The Main Purpose of this site is to bring reality with a taste of entertainment

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)

Copyright © Pembelajaran IT ™ is a registered trademark.

Designed by Templateism. Hosted on Blogger Platform.