dns, named, bind / CentOS 6.5

버전
CentOS 6.5

그밖에 작업환경
Virtualbox v4.3.26
with vagrant

참고한 링크
https://www.digitalocean.com/community/tutorials/how-to-install-the-bind-dns-server-on-centos-6
https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-14-04
https://www.howtoforge.com/bind-installation-on-centos
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-namedconf.html

설치

# yum install -y bind bind-utils

설정

# vi /etc/named.conf

//dns서버 ip는 192.168.30.10 네트워크 대역은 192.168.30.x
//사설 대역에서만 사용하기 위한 준비
acl restaurant {
        10.0.2.0/24; //virtualbox nat network
        192.168.30.0/24; //virtualbox host-only network
};

options {
        listen-on port 53 { IP_OF_NAMED; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { restaurant; };
        recursion yes;
        allow-recursion { restaurant; };
        allow-transfer { none; };
        //먼저 forward dns에 쿼리를 하고 확인이 안되면 사용하겠다는 옵션
        forwarders {
                10.0.2.3; //virtualbox nat default dns
                8.8.8.8;
                8.8.4.4;
        };

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

//domain 내에 ip 설정 파일
zone "MY_DOMAIN" IN {
        type master;
        file "MY_DOMAIN.zone";
        allow-update { none; };
        allow-transfer { none; };
};

//ip-domain recursion에 사용할 파일 설정
zone "30.168.192.in-addr.arpa" IN {
        type master;
        file "30.168.192.re";
        allow-update { none; };
        allow-transfer { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

/var/named/MY_DOMAIN.zone

$TTL 86400
@   IN  SOA     ns1.MY_DOMAIN. root.MY_DOMAIN. (
        2015040101  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
; Specify our two nameservers
                IN      NS              ns1.MY_DOMAIN.
                IN      NS              ns1.MY_DOMAIN.
; Resolve nameserver hostnames to IP, replace with your two droplet IP addresses.
ns1             IN      A               192.168.30.10
ns2             IN      A               192.168.30.10

; Define hostname -> IP pairs which you wish to resolve
@               IN      A               192.168.30.10
www             IN      A               192.168.30.10
chef-server     IN      A               192.168.30.10
workstation     IN      A               192.168.30.20
node01          IN      A               192.168.30.21
node02          IN      A               192.168.30.22

/var/named/30.168.192.re

$TTL    86400
@       IN      SOA     MY_DOMAIN. root.MY_DOMAIN. (
                     2015040101         ; Serial
                             1H         ; Refresh
                             1M         ; Retry
                             1W         ; Expire
                             1D )       ; Negative Cache TTL
;
@       IN      NS      ns1.MY_DOMAIN.
; PTR Records
10      IN      PTR     chef-server.MY_DOMAIN.
20      IN      PTR     workstation.MY_DOMAIN.
21      IN      PTR     node01.MY_DOMAIN.
22      IN      PTR     node02.MY_DOMAIN.
23      IN      PTR     node03.MY_DOMAIN.

확인

# yum install -y bind-utils
$ dig -x 192.168.30.10
$ dig chef-server