「Fitpc2i/bind9」の版間の差分
提供: fukudat.net
< Fitpc2i
ナビゲーションに移動検索に移動
(ページの作成:「== インストール == <pre> $ sudo apt-get install bind9 </pre> == 設定 == /etc/bind ディレクトリに移動。 <pre> $ cd /etc/bind $ ls -l total 52 -rw-r--r--...」) |
(→設定) |
||
| 23行目: | 23行目: | ||
-rw-r----- 1 bind bind 77 Aug 31 02:36 rndc.key | -rw-r----- 1 bind bind 77 Aug 31 02:36 rndc.key | ||
-rw-r--r-- 1 root root 1317 Jan 16 2018 zones.rfc1918 | -rw-r--r-- 1 root root 1317 Jan 16 2018 zones.rfc1918 | ||
| + | </pre> | ||
| + | |||
| + | /etc/bind/named.conf.options を編集. | ||
| + | <pre> | ||
| + | options { | ||
| + | directory "/var/cache/bind"; | ||
| + | |||
| + | // If there is a firewall between you and nameservers you want | ||
| + | // to talk to, you may need to fix the firewall to allow multiple | ||
| + | // ports to talk. See http://www.kb.cert.org/vuls/id/800113 | ||
| + | |||
| + | // If your ISP provided one or more IP addresses for stable | ||
| + | // nameservers, you probably want to use them as forwarders. | ||
| + | // Uncomment the following block, and insert the addresses replacing | ||
| + | // the all-0's placeholder. | ||
| + | |||
| + | forwarders { | ||
| + | 192.168.0.1; | ||
| + | }; | ||
| + | |||
| + | auth-nxdomain no; # conform to RFC1035 | ||
| + | listen-on-v6 { any; }; | ||
| + | }; | ||
| + | </pre> | ||
| + | ただし,192.168.0.1はブロードバンドルータ. | ||
| + | |||
| + | /etc/bind/named.conf.local を編集. | ||
| + | <pre> | ||
| + | // | ||
| + | // Do any local configuration here | ||
| + | // | ||
| + | |||
| + | // Consider adding the 1918 zones here, if they are not used in your | ||
| + | // organization | ||
| + | //include "/etc/bind/zones.rfc1918"; | ||
| + | |||
| + | zone "fukudat.com" { | ||
| + | type master; | ||
| + | file "/etc/bind/db.fukudat.com"; | ||
| + | allow-update { | ||
| + | 192.168.0.0/24; | ||
| + | 127.0.0.1; | ||
| + | }; | ||
| + | }; | ||
| + | |||
| + | zone "0.168.192.in-addr.arpa" { | ||
| + | type master; | ||
| + | file "/etc/bind/db.0.168.192"; | ||
| + | allow-update { | ||
| + | 192.168.0.0/24; | ||
| + | 127.0.0.1; | ||
| + | }; | ||
| + | }; | ||
| + | </pre> | ||
| + | |||
| + | /etc/bind/named.conf.xxx を編集.(xxxはVPNでつながっているプライベートドメイン) | ||
| + | <pre> | ||
| + | zone "xxx.com" { | ||
| + | type forward; | ||
| + | forwarders { 9.0.4.1; 9.0.5.1; }; | ||
| + | }; | ||
| + | |||
| + | zone "9.in-addr.arpa" { | ||
| + | type forward; | ||
| + | forwarders { 9.0.4.1; 9.0.5.1; }; | ||
| + | }; | ||
| + | </pre> | ||
| + | VPNのネームサーバー(上記では9.0.4.1, 9.0.5.1)へのルーティングがあることを確認.なければ永続的な静的ルーティングを参照して作成. | ||
| + | |||
| + | 最後にサービスをリスタート. | ||
| + | <pre> | ||
| + | # /etc/init.d/bind9 restart | ||
</pre> | </pre> | ||
2018年8月31日 (金) 03:00時点における版
インストール
$ sudo apt-get install bind9
設定
/etc/bind ディレクトリに移動。
$ cd /etc/bind $ ls -l total 52 -rw-r--r-- 1 root root 3954 Jan 16 2018 bind.keys -rw-r--r-- 1 root root 237 Jan 16 2018 db.0 -rw-r--r-- 1 root root 271 Jan 16 2018 db.127 -rw-r--r-- 1 root root 237 Jan 16 2018 db.255 -rw-r--r-- 1 root root 353 Jan 16 2018 db.empty -rw-r--r-- 1 root root 270 Jan 16 2018 db.local -rw-r--r-- 1 root root 3171 Jan 16 2018 db.root -rw-r--r-- 1 root bind 463 Jan 16 2018 named.conf -rw-r--r-- 1 root bind 490 Jan 16 2018 named.conf.default-zones -rw-r--r-- 1 root bind 165 Jan 16 2018 named.conf.local -rw-r--r-- 1 root bind 890 Aug 31 02:36 named.conf.options -rw-r----- 1 bind bind 77 Aug 31 02:36 rndc.key -rw-r--r-- 1 root root 1317 Jan 16 2018 zones.rfc1918
/etc/bind/named.conf.options を編集.
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
192.168.0.1;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
ただし,192.168.0.1はブロードバンドルータ.
/etc/bind/named.conf.local を編集.
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "fukudat.com" {
type master;
file "/etc/bind/db.fukudat.com";
allow-update {
192.168.0.0/24;
127.0.0.1;
};
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.0.168.192";
allow-update {
192.168.0.0/24;
127.0.0.1;
};
};
/etc/bind/named.conf.xxx を編集.(xxxはVPNでつながっているプライベートドメイン)
zone "xxx.com" {
type forward;
forwarders { 9.0.4.1; 9.0.5.1; };
};
zone "9.in-addr.arpa" {
type forward;
forwarders { 9.0.4.1; 9.0.5.1; };
};
VPNのネームサーバー(上記では9.0.4.1, 9.0.5.1)へのルーティングがあることを確認.なければ永続的な静的ルーティングを参照して作成.
最後にサービスをリスタート.
# /etc/init.d/bind9 restart
