Configuration du service DNS sur RHEL/CentOS 6.
Les paquets suivants sont à installer:
Les fichiers de configuration avec bind chrooté se trouvent dans /var/named/chroot/etc.
Il s'agit du fichier principal de configuration, le premier à être lu.
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 91.121.61.20; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query { any; };
// recursion yes;
allow-recursion { mes_dns; 127.0.0.1; 94.23.42.209; };
allow-notify { mes_dns; };
version none;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
acl dns_secondaires {
89.80.161.232;
87.89.143.135;
217.70.177.40;
94.23.42.209;
};
acl dns_bookmyname {
88.191.249.0/24;
};
acl mes_dns {
89.80.161.232;
};
zone "linuxed.net" IN {
type master;
file "masters/linuxed.net.zone";
allow-update { none; };
allow-transfer { dns_secondaires; };
};
zone "ouam.fr" IN {
type master;
file "masters/ouam.fr.zone";
allow-update { none; };
allow-transfer { dns_secondaires; };
};
zone "zoneperso.com" IN {
type master;
file "masters/zoneperso.com.zone";
allow-update { none; };
allow-transfer { dns_secondaires; };
};
zone "chezsib.fr" IN {
type slave;
file "slaves/chezsib.fr.zone";
masters { 82.234.6.243; };
};
//zone "sibanac.net" IN {
// type slave;
// file "slaves/sibanac.net.zone";
// masters { 82.234.6.243; };
//};
zone "coubronne.com" IN {
type master;
file "masters/coubronne.com.zone";
allow-transfer { dns_secondaires; };
};
zone "applitunes.com" IN {
type master;
file "masters/applitunes.com.zone";
allow-transfer { dns_secondaires; };
};
zone "conflict-crew.com" IN {
type master;
file "masters/conflict-crew.com.zone";
allow-transfer { dns_secondaires; };
};
zone "mobeez.net" IN {
type master;
file "masters/mobeez.net.zone";
allow-transfer { dns_secondaires; };
};
zone "mobeez.fr" IN {
type master;
file "masters/mobeez.fr.zone";
allow-transfer { dns_secondaires; };
};
zone "easytravian.com" IN {
type master;
file "masters/easytravian.com.zone";
allow-transfer { dns_secondaires; };
};
zone "entoutesaison.fr" IN {
type master;
file "masters/entoutesaison.fr.zone";
allow-update { none; };
allow-transfer { dns_secondaires; dns_bookmyname; };
};
zone "linuxed.42" IN {
type master;
file "masters/linuxed.42.zone";
allow-update { none; };
allow-transfer { dns_secondaires; };
};
Pour tester une résolution:
dig @ip_serveur nom_a_resoudre
Avec plus d'information:
dig @ip_serveur nom_a_resoudre +trace
Ou pour un champ spécifique:
dig @ip_serveur zone NS dig @ip_serveur zone MX