dns
If you can't read please download the document
DESCRIPTION
embuat DNS (Domain Name Server) server untuk intranetTRANSCRIPT
Membuat DNS Server Dengan BIND di CentosPosted on November 20th, 2008 by kusprayitna
Kalau waktu sebelumnya sudah pernah melakukan instalasi DNS server untuk diintegrasikan dengan CPanel, maka kali ini akan dibuat DNS server untuk intranet dengan menggunakan centos. Instalasi server centos masih seperti dahulu memakai DVD installer dari download di cpanel.Tahapanyang dilakukan yaitu :
1. Install BIND
# yum install bind caching-nameserver
2. Konfigurasi BIND File konfigurasi adalah /etc/named.conf, akan tetapi file ini belum ada, yang ada adalah /etc/named.caching-nameserver.conf. Untuk itu file tersebut dijadikan dasar membuat file named.conf.Isi defaultnya yaitu :
// // named.caching-nameserver.conf // // Provided by Red Hat caching-nameserver package to configure the // ISC BIND named(8) DNS server as a caching only nameserver // (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // // DO NOT EDIT THIS FILE - use system-config-bind or an editor // to create named.conf - edits to this file will be lost on // caching-nameserver package upgrade. // options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port // randomization // query-source port 53; // query-source-v6 port 53;
allow-query { localhost; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { localhost; }; match-destinations { localhost; }; recursion yes; include "/etc/named.rfc1912.zones"; };
3. Edit konfigurasi default agar : a. DNS server dapat di query dari IP server 192.168.200.200 tidak hanya localhost b. IPV6 dimatikan c. Default port tetap 53 d. Dapat membedakan intranet dan internet e. Yang dimaksud LAN intranet yaitu LAn dengan network 192.168.200.0/24 dan 192.168.100.0/24 f. buat zone untuk uii.ac.id
// // named.caching-nameserver.conf // // Provided by Red Hat caching-nameserver package to configure the // ISC BIND named(8) DNS server as a caching only nameserver // (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // // DO NOT EDIT THIS FILE - use system-config-bind or an editor // to create named.conf - edits to this file will be lost on // caching-nameserver package upgrade. // options { listen-on port 53 { 127.0.0.1;192.168.200.200; }; # listen-on-v6 port 53 { ::1; }; directory /var/named; dump-file /var/named/data/cache_dump.db; statistics-file /var/named/data/named_stats.txt; memstatistics-file /var/named/data/named_mem_stats.txt;
// Those options should be used carefully because they disable port // randomization // query-source port 53; // query-source-v6 port 53;
allow-query { any; }; }; logging { channel default_debug { file data/named.run; severity dynamic; }; };
#view localhost_resolver { # match-clients { localhost; }; # match-destinations { localhost; }; # recursion yes; # include /etc/named.rfc1912.zones; #};
// Bagian intranet view internal { match-clients { localhost; 192.168.200.0/24; 192.168.100.0/24; }; match-destinations { localhost; 192.168.200.0/24; 192.168.100.0/24; }; recursion yes; zone . IN { type hint; file /var/named/named.ca; };
zone uii.ac.id { type master; file /etc/named/uii.ac.id.lan; }; };
// bagian internet
view external { match-clients { any; }; recursion no; zone . IN { type hint; file /var/named/named.ca; };
zone uii.ac.id { type master; file /etc/named/uii.ac.id.wan; }; }; include /etc/rndc.key;
4. Membuat Zone Pada contoh konfigurasi diatas sudah ditambahkan zone uii.ac.id, dimana untuk intranet dan internet dibedakan menjadi 2 buah file , yaitu /etc/named/uii.ac.id.lan dan untuk internet yaitu /etc/named/uii.ac.id.wan
Isi file uii.ac.id.lan yaitu :
$TTL 86400 @ IN SOA localhost. prayitna.yahoo.com( 2008111914 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) uii.ac.id. 86400 IN NS localhost. uii.ac.id. 86400 IN A 192.168.200.1 uii.ac.id. 14400 IN MX 10 mail.uii.ac.id. www 14400 IN CNAME uii.ac.id. unisys 14400 IN CNAME uii.ac.id. itsupport 14400 IN A 192.168.200.2 klasiber 14400 IN A 192.168.200.3
Isi file uii.ac.id.wan yaitu :
$TTL 86400 @ IN SOA svr1.uii.ac.id. prayitna.yahoo.com( 2008111914 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) uii.ac.id. 86400 IN NS svr1.uii.ac.id. uii.ac.id. 86400 IN A 202.162.37.69 uii.ac.id. 14400 IN MX 10 mail.uii.ac.id. www 14400 IN A 202.162.37.164 unisys 14400 IN A 202.162.37.69
5. Start DNS server
# service named start
6. Buat otomatis start saat booting
# chkconfig level 235 named on
7. Setup DNS client di komputer clientuntuk linux :
# vi /etc/resorlv.conf nameserver 192.168.200.200
untuk windows: tanbahkan property DNS server di network konfigurasi 8. Ujicoba dengan ping www.uii.ac.id