sudo gedit /etc/bind/named.conf.options options { directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want // to talk to, you might need to uncomment the query-source // directive below. Previous versions of BIND always asked // questions using port 53, but BIND 8.1 and later use an unprivileged // port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder.
forwarders { 201.6.0.112; 201.6.0.108; };
auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; };
// By default, name servers should only perform recursive domain // lookups for their direct clients. If recursion is left open // to the entire Internet, your name server could be used to // perform distributed denial of service attacks against other // innocent computers. For more information on DDoS recursion: // http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
allow-recursion { localnets; };
// If you have DNS clients on other subnets outside of your // server's "localnets", you can explicitly add their networks // without opening up your server to the Internet at large: // allow-recursion { localnets; 192.168.0.0/24; };
// If your name server is only listening on 127.0.0.1, consider: // allow-recursion { 127.0.0.1; };
// por cual IP escucha BIND listen-on { 127.0.0.1; 192.168.1.10; }; // de que hosts permitira transferencias de zonas allow-transfer { 192.168.1.1; }; // de que hosts permitira consultas BIND max-cache-size 20M;
};sudo gedit /etc/resolv.conf search virtua.com.br casa.lan nameserver 192.168.1.10 nameserver 201.6.0.112 nameserver 201.6.0.108
Reinicie o servidor de DNS: sudo /etc/init.d/bind9 restart
sudo gedit /etc/bind/named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization // include "/etc/bind/zones.rfc1918";
sudo gedit /etc/bind/named.conf// This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; };
// be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912
zone "localhost" { type master; file "/etc/bind/db.local"; };
zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; };
zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; };
zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; };
zone "casa.lan" IN { type master; file "/etc/bind/zones/casa.lan.db"; };
zone "1.168.192.in-addr.arpa" { type master; file "/etc/bind/zones/rev.1.168.192.in-addr.arpa"; };
// zone "com" { type delegation-only; }; // zone "net" { type delegation-only; };
// From the release notes: // Because many of our users are uncomfortable receiving undelegated answers // from root or top level domains, other than a few for whom that behaviour // has been trusted and expected for quite some length of time, we have now // introduced the "root-delegations-only" feature which applies delegation-only // logic to all top level domains, and to the root domain. An exception list // should be specified, including "MUSEUM" and "DE", and any other top level // domains from whom undelegated responses are expected and trusted. // root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
Criaremos os arquivos necessários: sudo mkdir /etc/bind/zones sudo chown -R root.bind /etc/bind/zones sudo chmod 770 /etc/bind/zones
sudo gedit /etc/bind/zones/casa.lan.db ; ; Zone file for linux.bogus ; ; The full zone file ; $TTL 3D @ IN SOA bug.casa.lan. hostmaster.casa.lan. ( 199802154 ; serial, todays date + todays serial # 8H ; refresh, seconds 2H ; retry, seconds 4W ; expire, seconds 1D ) ; minimum, seconds ; TXT "Servidor Bug do dominio casa.lan" NS bug ; Inet Address of name server MX 10 bug ; Primary Mail Exchanger ; NS ns.friend.bogus. ; MX 20 mail.friend.bogus. ; Secondary Mail Exchanger
localhost A 127.0.0.1
gateway A 192.168.1.1 TXT "Roteador Linksys WRT54GC"
bug A 192.168.1.10 MX 10 bug ; MX 20 mail.friend.bogus. www CNAME bug pop3 CNAME bug smtp CNAME bug imap CNAME bug mail CNAME bug ftp CNAME bug ns CNAME bug dns CNAME bug voip CNAME bug ldap CNAME bug ldap-master CNAME bug
ant A 192.168.1.11 MX 10 bug ; MX 20 mail.friend.bogus. TXT "Computador Ant"
spider A 192.168.1.12 MX 10 bug ; MX 20 mail.friend.bogus. TXT "Computador Spider"
phone A 192.168.1.120 TXT "Gateway VoIP Linksys SPA3201"
modem A 192.168.100.1 TXT "Modem Net Virtual/Fone Motorola SBV5121"
sudo gedit /etc/bind/zones/rev.1.168.192.in-addr.arpa$TTL 3D @ IN SOA bug.casa.lan. hostmaster.casa.lan. ( 199802154 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS bug.casa.lan.
1 PTR gateway.casa.lan. 10 PTR bug.casa.lan. 11 PTR ant.casa.lan. 12 PTR spider.casa.lan. 120 PTR phone.casa.lan.E depois reiniciaremos o BIND sudo /etc/init.d/bind9 restart
sudo apt-get install bind9
sudo gedit /etc/bind/named.conf.options
forwarders { 8.8.8.8; 8.8.4.4; 208.67.222.222; 208.67.220.220; 156.154.70.1; 156.154.71.1; 198.153.192.1; 198.153.194.1; }; allow-recursion { localnets; 172.16.0.0/24; 127.0.0.1; };
listen-on { 127.0.0.1; 172.16.0.1; };
sudo gedit /etc/dhcp/dhclient.conf
prepend domain-name-servers 172.16.0.1, 8.8.8.8, 127.0.0.1, 172.16.0.23;
|
|