linuxedconfdns

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Prochaine révision		 Révision précédente
linuxedconfdns [2013/01/26 10:12] – créée madkolinuxedconfdns [2013/01/26 10:29] (Version actuelle) – [Tests DNS] madko
Ligne 1: Ligne 1:
 ====== Configuration DNS ====== ====== Configuration DNS ======
  
-Configuration du service DNS.+Configuration du service DNS sur RHEL/CentOS 6.
  
 ===== Installation ===== ===== Installation =====
Ligne 10: Ligne 10:
   * bind-libs   * bind-libs
   * bind-chroot   * bind-chroot
 +
 +===== Configuration =====
 +
 +Les fichiers de configuration avec bind chrooté se trouvent dans ///var/named/chroot/etc//.
 +
 +===== Fichier de configuration named.conf =====
 +
 +Il s'agit du fichier principal de configuration, le premier à être lu.
 +
 +<file>
 +//
 +// named.conf
 +//
 +// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
 +// server as a caching only nameserver (as a localhost DNS resolver only).
 +//
 +// See /usr/share/doc/bind*/sample/ for example named configuration files.
 +//
 +
 +options {
 +  listen-on port 53 { 91.121.61.20; };
 +// listen-on-v6 port 53 { ::1; };
 + directory "/var/named";
 + dump-file "/var/named/data/cache_dump.db";
 +        statistics-file "/var/named/data/named_stats.txt";
 +        memstatistics-file "/var/named/data/named_mem_stats.txt";
 +// allow-query     { any; };
 +// recursion yes;
 +
 + allow-recursion { mes_dns; 127.0.0.1; 94.23.42.209; };
 + allow-notify { mes_dns; };
 + version none;
 +
 + dnssec-enable yes;
 + dnssec-validation yes;
 + dnssec-lookaside auto;
 +
 + /* Path to ISC DLV key */
 + bindkeys-file "/etc/named.iscdlv.key";
 +};
 +
 +logging {
 +        channel default_debug {
 +                file "data/named.run";
 +                severity dynamic;
 +        };
 +};
 +
 +zone "." IN {
 + type hint;
 + file "named.ca";
 +};
 +
 +include "/etc/named.rfc1912.zones";
 +</file>
 +
 +===== Fichier de configuration des zones =====
 +
 +<file>
 +// named.rfc1912.zones:
 +//
 +// Provided by Red Hat caching-nameserver package 
 +//
 +// ISC BIND named zone configuration for zones recommended by
 +// RFC 1912 section 4.1 : localhost TLDs and address zones
 +// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
 +// (c)2007 R W Franks
 +// 
 +// See /usr/share/doc/bind*/sample/ for example named configuration files.
 +//
 +
 +zone "localhost.localdomain" IN {
 +  type master;
 + file "named.localhost";
 + allow-update { none; };
 +};
 +
 +zone "localhost" IN {
 + type master;
 + file "named.localhost";
 + allow-update { none; };
 +};
 +
 +zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
 + type master;
 + file "named.loopback";
 + allow-update { none; };
 +};
 +
 +zone "1.0.0.127.in-addr.arpa" IN {
 + type master;
 + file "named.loopback";
 + allow-update { none; };
 +};
 +
 +zone "0.in-addr.arpa" IN {
 + type master;
 + file "named.empty";
 + allow-update { none; };
 +};
 +
 +acl dns_secondaires {
 +        89.80.161.232;
 +        87.89.143.135;
 +        217.70.177.40;
 +       94.23.42.209;
 +};
 +
 +acl dns_bookmyname {
 + 88.191.249.0/24;
 +};
 +
 +acl mes_dns {
 +        89.80.161.232;
 +};
 +
 +zone "linuxed.net" IN {
 + type master;
 + file "masters/linuxed.net.zone";
 + allow-update { none; };
 + allow-transfer { dns_secondaires; };
 +};
 +
 +zone "ouam.fr" IN {
 +        type master;
 +        file "masters/ouam.fr.zone";
 +       allow-update { none; };
 +        allow-transfer { dns_secondaires; };
 +};
 +
 +zone "zoneperso.com" IN {
 + type master;
 + file "masters/zoneperso.com.zone";
 + allow-update { none; };
 + allow-transfer { dns_secondaires; };
 +};
 +
 +zone "chezsib.fr" IN {
 + type slave;
 + file "slaves/chezsib.fr.zone";
 + masters { 82.234.6.243; };
 +};
 +
 +//zone "sibanac.net" IN {
 +//        type slave;
 +//        file "slaves/sibanac.net.zone";
 +//        masters { 82.234.6.243; };
 +//};
 +
 +zone "coubronne.com" IN {
 +        type master;
 +        file "masters/coubronne.com.zone";
 +        allow-transfer { dns_secondaires; };
 +};
 +
 +zone "applitunes.com" IN {
 + type master;
 + file "masters/applitunes.com.zone";
 + allow-transfer { dns_secondaires; };
 +};
 +
 +zone "conflict-crew.com" IN {
 + type master;
 + file "masters/conflict-crew.com.zone";
 + allow-transfer { dns_secondaires; };
 +};
 +
 +zone "mobeez.net" IN {
 + type master;
 + file "masters/mobeez.net.zone";
 + allow-transfer { dns_secondaires; };
 +};
 +
 +zone "mobeez.fr" IN {
 +        type master;
 +        file "masters/mobeez.fr.zone";
 +        allow-transfer { dns_secondaires; };
 +};
 +
 +zone "easytravian.com" IN {
 + type master;
 +        file "masters/easytravian.com.zone";
 +        allow-transfer { dns_secondaires; };
 +};
 +
 +zone "entoutesaison.fr" IN {
 +        type master;
 +        file "masters/entoutesaison.fr.zone";
 + allow-update { none; };
 +        allow-transfer { dns_secondaires; dns_bookmyname; };
 +};
 +
 +zone "linuxed.42" IN {
 + type master;
 + file "masters/linuxed.42.zone";
 + allow-update { none; };
 + allow-transfer { dns_secondaires; };
 +};
 +</file>
 +
 +====== Tests DNS ======
 +
 +Pour tester une résolution:
 +  dig @ip_serveur nom_a_resoudre
 +  
 +Avec plus d'information:
 +  dig @ip_serveur nom_a_resoudre +trace
 +  
 +Ou pour un champ spécifique:
 +  dig @ip_serveur zone NS
 +  dig @ip_serveur zone MX
  • linuxedconfdns.1359195138.txt.gz
  • Dernière modification : 2013/01/26 10:12
  • de madko