FreeBSD
Установка и настройка сервера DNS на основе BIND
- Подробности
- Категория: FreeBSD
- Опубликовано 10.06.2013 16:56
- Автор: 1111
- Просмотров: 677
Устанавливаем
cd /usr/ports/dns/bind98
make install clean
Выбираем Replace_base Replace base BIND with this version
если при установке выдает ошибку
make : don't know how to make /usr/ports/dns/bind98/work/.build_done.bind98._usr_local. Stop
*** Error code 2
Запускаем make install clean снова.
Изменяем
ee /etc/namedb/named.conf
options {
// Relative to the chroot directory, if any
directory"/etc/namedb";
pid-file"/var/run/named/pid";
dump-file"/var/dump/named_dump.db";
statistics-file"/var/stats/named.stats";
version"Null and void";
#recursion no;
recursive-clients 2500;
zone-statistics yes;
allow-query { any; };
// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
//listen-onport 53 { 1.1.1.1;
// any;};
// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
};
// Access Lists
acl "mydomain" {
127.0.0.1/32;
192.168.0.0/19;
};
// Our network clients
view "internal" {
match-clients {
127.0.0.1/32;
192.168.0.0/19;
};
allow-recursion {
127.0.0.1/32;
192.168.0.0/19;
} ;
zone "mydomain.ru" {
type master;
file "master/internal/mydomain.ru";
};
zone "mydomain1.ru" {
type master;
file "master/internal/mydomain1.ru";
};
// reverse zones
zone "0.0.127.in-addr.arpa" {
type master;
file "master/reverse/0.0.127.in-addr.arpa";
};
};
// For DNS users from the Internet
view "external" {
match-clients { any; };
match-destinations { 127.0.0.0/24; };
recursion no;
zone "mydomain.ru" {
type master;
file "master/external/mydomain.ru";
allow-transfer { none; };
};
// reverse zone
zone "0.0.127.in-addr.arpa" {
type master;
file "master/reverse/0.0.127.in-addr.arpa";
};
};
Редактируем
ee /etc/namedb/master/internal/mydomain.ru
$TTL3600
@INSOAns-local.mydomain.ru. admin.mydomain.ru. (
2011030202; Serial
3h; Refresh
1h; Retry
1w; Expire
1h ); Minimum
; name servers for mydomain.ru
;
IN NSns-local.mydomain.ru.
IN MX 0 smtp.mydomain.ru.
; mydomain.ru itself
;
IN A192.168.3.13
localhostIN A127.0.0.1
; name servers
;
nsIN A192.168.3.1
ns-localIN A192.168.3.1
ns1IN CNAMEns-local
ns2IN CNAMEns-local
;
smtpIN A192.168.3.1
mailIN CNAMEsmtp
popIN CNAMEsmtp
imapIN CNAMEsmtp
; WWW
;
wwwIN A192.168.3.10
ee /etc/namedb/master/internal/mydomain1.ru
$TTL 3600
@ IN SOA ns-local.mydomain.ru. admin.mydomain.ru. (
2008120301 ; Serial
3h ; Refresh
1h ; Retry
1w ; Expire
1h ) ; Minimum
; mydomain1.ru itself
;
IN A192.168.3.33
; name servers for mydomain1.ru
;
IN NS ns-local.mydomain.ru.
;IN MX0smtp.mydomain.ru.
wwwIN A192.168.3.30
Редактируем
ee /etc/namedb/master/external/mydomain.ru
$TTL 3600
@ IN SOA ns1.mydomain.ru. admin.mydomain.ru. (
2011030202 ; Serial
3h ; Refresh
1h ; Retry
1w ; Expire
1h ) ; Minimum
; name servers for vfcom.ru
;
IN NS ns1.mydomain.ru.
IN NSns2.mydomain.ru.
IN MX0smtp.mydomain.ru.
; mydomain.ru itself
;
IN A 10.0.0.17
localhost IN A 127.0.0.1
; name servers
;
ns1IN A10.0.0.18
ns2 IN A 10.0.0.19
; mail server
;
smtpIN A10.0.0.20
mailIN CNAMEsmtp
popIN CNAMEsmtp
; records for ftp/www
;
www IN A10.0.0.21
; forum
;
forumIN A10.0.0.22
Редактируем
ee /etc/namedb/master/external/mydomain1.ru
$TTL 3600
@ IN SOA ns1.mydomain.ru. admin.mydomain.ru. (
2008120301 ; Serial
3h ; Refresh
1h ; Retry
1w ; Expire
1h ) ; Minimum
@IN A10.0.0.100
;
; name servers for vfcom.ru
;
IN NS ns1.mydomain.ru.
IN NSns2.mydomain.ru.
;IN MX0smtp.mydomain1.ru.
wwwIN A10.0.0.101
Добавляем в
ee /etc/rc.conf
named_enable="YES"
named_program="/usr/sbin/named"
named_flags="-u bind -c /etc/namedb/named.conf"
Добавляем ведение логов
ee /etc/syslog.conf
внизу добавляем строчки
*.* /var/log/named.log
создадим данный файл
touch /var/log/named.log
ee /etc/mtree/BIND.chroot.dist
меняем
/set type=dir uname=root gname=wheel mode=0755
на
/set type=dir uname=bind gname=wheel mode=0755