[DNS]部署局域网DNS服务器

This is a step by step tutorial on how to install and configure DNS server for your LAN using bind9. The DNS server will provide caching and name resolution as well as reverse name resolution for your local network. In this tutorial, we will use the domain "debian.lan" and this will be the domain of your local network. The domain "debian.lan" is not accessible from the internet; its private ip address is "192.168.4.1".

1. Installing bind9 and dns utilities

Firstly, we need to confirm whether bind9 and dnsutils are installed on our system. Let’s install the bind9 package and dns utilities from Debian repository.

$ apt-get install bind9 dnsutils

2. Configure your Linux system

Add nameserve to /etc/resolve.conf.

Edit your /etc/resolvconf/resolve.conf.d/base (red part is added)

192.168.4.1

202.103.24.68

8.8.8.8

This is where Linux looks to find out how it should perform DNS lookups.

3. Lets create a zone

The zone files (or database files) are the heart of your BIND system. This is where all the information is stored on what hostname goes with what ip address.
Before we create a zone file, let’s edit first the
local configuration file/etc/bind/named.conf.local.

// Do any local configuration here

// Consider adding the 1918 zones here,
if they are not used in your

// organization

//include
"/etc/bind/zones.rfc1918";

zone "debian.lan" {

type master;

file "db.debian.lan";

};

zone "4.168.192.in-addr.arpa" {

type master;

file "db.192.168.4";

};

Let’s start creating a
zone file in /var/cache/bind/ directory. Create
a file called db.debian.lan

$ vi /var/cache/bind/db.debian.lan

And add the following entry

$TTL 604800

@ IN SOA main.debian.lan. admin.debian.lan.
(

2008080101 ;serial

04800 ;refresh

86400 ;retry

2419200 ;expire

604800 ;negative cache TTL

)

@
IN NS main.debian.lan.

@
IN A 192.168.4.1

@
IN MX 10
main.debian.lan.

main
IN A 192.168.4.1

www
IN CNAME main

ubuntu
IN A
192.168.4.2

Let’s create the reverse DNS
zone file called db.192.168.100

$ vi
/var/cache/bind/db.192.168.4

And the following entry.

$TTL 604800

@ IN SOA main.debian.lan. admin.debian.lan.
(

2008080101 ;serial

604800 ;refresh

86400 ;retry

2419200 ;expire

604800 ;negative cache TTL

)

@
IN NS main.debian.lan.

@
IN A 192.168.4.1

1
IN PTR main.debian.lan.

2
IN PTR ubuntu.debian.lan.

The
zone files are created, you can check your
zone file configurations using these utilities:

$ named-checkzone main.debian.lan /var/cache/bind/db.debian.lan
$ named-checkconf
/etc/bind/named.conf.local

Let’s edit the file /etc/bind/named.conf.options

$
vi /etc/bind/named.conf.options

Uncomment the line forwarders and add your ISP's DNS
server. (We have no ISP, so ignore)

forwarders {

202.78.97.41;

202.78.97.3;

};

Let’s restart our DNS server, and
test using the tool dig.

$ /etc/init.d/bind9 restart
$ dig debian.lan

You should see the following message

; <<>> DiG 9.3.4
<<>> debian.lan

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode:
QUERY, status: NOERROR, id: 54950

;; flags: qr aa rd ra; QUERY: 1, ANSWER:
1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;debian.lan. IN A

;; ANSWER SECTION:

debian.lan. 64800 IN
A 192.168.4.1

;; AUTHORITY SECTION:

debian.lan. 64800 IN
NS main.debian.lan.

;; ADDITIONAL SECTION:

main.debian.lan. 64800 IN
A 192.168.4.1

;; Query time: 1 msec

;; SERVER: 192.168.4.1#53(192.168.4.1)

;; WHEN: Tue Aug 5 09:33:40 2008

;; MSG SIZE rcvd: 79

Test your reverse DNS

$ dig -x debian.lan

If
you see this message, you have successfully installed the DNS
server.

; <<>> DiG 9.3.4
<<>> -x debian.lan

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode:
QUERY, status: NXDOMAIN, id: 42510

;; flags: qr rd ra; QUERY: 1, ANSWER: 0,
AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;lan.debian.in-addr.arpa. IN
PTR

;; AUTHORITY SECTION:

in-addr.arpa. 10800 IN SOA A.ROOT-SERVERS.NET.
dns-ops.ARIN.NET. 2008080416 1800 900 691200 10800

;; Query time: 952 msec

;; SERVER: 192.168.4.1#53(192.168.4.1)

;; WHEN: Tue Aug 5 09:34:25 2008

;; MSG SIZE rcvd: 108

You can also check your
DNS nslookup and host command.

nslookup debian.lan
nslookup 192.168.4.1
host debian.lan
host 192.168.4.1

4.
Update bind9.service and bind9-resolvconf.service

To boots up local DNS automatically at
startup, we need below steps.

Before, bind9.service is
dependent on network.target, and bind9-resolvconf.service
is dependent on bind9.service. However, if Wifi-ublox is not ready, bind9
service finished, then bind9 will not work. So we need to set bind9.service
be dependent on the service which boots up Wifi-ublox as below.

After /etc/init.d/bind9
restart is executed, /etc/systemd/system/multi-user.target/bind9.service
will generate a soft link to /lib/systemd/system/bind9.service. bind9-resolvconf.service
is under /lib/systemd/system/.

At last, we need to enable bind9 service at startup.

$
systemctl enable bind9

Bind9.service

[Unit]

Description=BIND Domain Name Server

Documentation=man:named(8)

After=nio-autoexecB1.service

[Service]

ExecStart=/usr/sbin/named -f -u bind

ExecReload=/usr/sbin/rndc reload

ExecStop=/usr/sbin/rndc stop

[Install]

WantedBy=multi-user.target

bind9-resolvconf.service

[Unit]

Description=local BIND via resolvconf

Documentation=man:named(8) man:resolvconf(8)

Requires=bind9.service

After=bind9.service

ConditionFileIsExecutable=/sbin/resolvconf

[Service]

ExecStart=/bin/sh -c 'echo nameserver
127.0.0.1 | /sbin/resolvconf -a lo.named'

ExecStop=/sbin/resolvconf -d lo.named

[Install]

WantedBy=bind9.service

5.
Configure Client Device in Lan Network

All computers in the LAN are
going to use 192.168.4.1 as a nameserver, this can be set manually by setting
statically:

$
vi /etc/resolvconf/resolv.conf.d/base

Then put this information, add this at
the top of file.

192.168.4.1

Source
Reference:
http://www.cahilig.net/2008/07/05/how-setup-lan-dns-server-using-bind9-under-debian-etch-and-ubuntu-804