BIND
BIND (Berkeley Internet Name Domain ou, como chamado previamente, Berkeley Internet Name Daemon) é o servidor para o protocolo DNS mais utilizado na Internet, especialmente em sistemas do tipo Unix,
INICIANDO A INSTALAÇÃO DO BIND
Instale o Pacote bind9
# apt-get install bind9
Após ter instalado o pacote do BIND é hora de configurar um domínio (meudominio.com.br)
O primeiro deles é o /etc/named.conf, caso esse arquivo já exista, faça um backup dele e crie um novo com o conteúdo abaixo.
__________________________________________________
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
transfer-format many-answers;
};
controls {
inet * port 953 allow { 127.0.0.1; }; // Para usar o rndc apenas em localhost
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "caching-example/named.ca";
};
zone "localhost" IN {
type master;
file "caching-example/localhost.zone";
allow-update { none; };
};
zone "meudominio.com.br" IN {
type master;
file "meudominio.com.br.domain";
allow-update { none; };
};
__________________________________________________
Agora vamos criar o /var/named/caching-example/named.ca. necessario a criação dos diretorios named e caching-example e tambem o arquivo named.ca
__________________________________________________
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC registration services
; under anonymous FTP as
; file domain/named.root
; on server FTP.RS.INTERNIC.NET
; -OR- under Gopher at RS.INTERNIC.NET
; under menu InterNIC Registration Services (NSI)
; submenu InterNIC Registration Archives
; file named.root
;
; last update: Aug 22, 1997
; related version of root zone: 1997082200
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; temporarily housed at NSI (InterNIC)
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; temporarily housed at ISI (IANA)
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
__________________________________________________
Agora vamos criar o /var/named/caching-example/localhost.zone
__________________________________________________
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
__________________________________________________
Vamos criar o arquivo referente ao seu domínio /var/named/meudominio.com.br.domain:
__________________________________________________
$TTL 86400
; Authoritative data for meudominio.com.br
;
@ IN SOA localhost. root.meudominio.com.br. (
2004102897 ; Serial (yymmddxx)
10800 ; Refresh 3 hours
3600 ; Retry 1 hour
36000 ; Expire 10 hours
86400 ) ; Minimum 24 hours
IN NS ns1.meudominio.com.br.
IN NS ns2.meudominio.com.br.
;
;Recebimento de mensagens de mail
;
meudominio.com.br. IN MX 0 mx
meudominio.com.br. IN MX 10 mx
;
; Hosts
;
localhost IN A 127.0.0.1
IN HINFO INTEL/110 LINUX
www IN A 192.168.0.17 ; o ip da sua maquina
ns1 IN A 192.168.0.17 ; o ip da sua maquina
ns2 IN A 192.168.0.17 ; o ip da sua maquina
maquina-1 IN A 192.168.0.18 ; ip qualquer da rede
maquina-2 IN A 192.168.0.19 ; ip qualquer da rede
__________________________________________________
Iniciando o Bind
Caso você não tenha o arquivo /etc/rc.d/rc.bind crie-o com o seguinte conteúdo:
#!/bin/sh
# Start/stop/restart the BIND name server daemon (named).
# Start bind. In the past it was more secure to run BIND
# as a non-root user (for example, with '-u daemon'), but
# the modern version of BIND knows how uses to use the
# kernel's capability mechanism to drop all root privileges
# except the ability to bind() to a privileged port and set
# process resource limits, so -u should not be needed. If
# you wish to use it anyway, chown the /var/run/named
# directory to the non-root user.
#
# You might also consider running BIND in a "chroot jail",
# a discussion of which may be found in
# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO.
bind_start() {
if [ -x /usr/sbin/named ]; then
echo "Starting BIND: /usr/sbin/named"
/usr/sbin/named
fi
}
# Stop bind:
bind_stop() {
killall named
}
# Restart bind:
bind_restart() {
bind_stop
sleep 1
bind_start
}
case "$1" in
'start')
bind_start
;;
'stop')
bind_stop
;;
'restart')
;;
*)
echo "usage $0 start|stop|restart"
esac
Depois de salvo o arquivo com o conteúdo acima e dê permissão ao arquivo:
# chmod +x /etc/rc.d/rc.bind
Para iniciar o BIND basta digitar o seguinte comando:
# /etc/rc.d/rc.bind start
INICIANDO O BIND AUTOMATICAMENTE
Coloque a linha abaixo dentro do /etc/rc.d/rc.local:
/etc/rc.d/rc.bind start
Ou se preferir instale o pacote rcconf
# apt-get install rcconf
Digite no prompt de comando rcconf
# rcconf
Ira abrir a tela abaixo só marcar o serviço que ira iniciar
CONFIGURANDO SEU SERVIDOR
Após tudo feito vamos colocar o nosso servidor para usar o seu próprio DNS para navegar.
Edite o arquivo /etc/resolv.conf e coloque o seguinte conteúdo:
search meudominio.com.br
nameserver 192.168.0.17
OBS: altere o 192.168.0.17 para o seu IP.
TESTANDO O SEU SERVIDOR DNS
Depois de tudo pronto e configurado vamos testar.
Vamos efetuar um Ping no site do Google
Se a resposta for parecida com essa é por que esta funcionando perfeitamente
root@web:~# ping www.google.com.br
PING www.google.com.br (216.58.202.3) 56(84) bytes of data.
64 bytes from gru06s26-in-f3.1e100.net (216.58.202.3): icmp_seq=1 ttl=52 time=15.3 ms
64 bytes from gru06s26-in-f3.1e100.net (216.58.202.3): icmp_seq=2 ttl=52 time=11.6 ms
64 bytes from gru06s26-in-f3.1e100.net (216.58.202.3): icmp_seq=3 ttl=52 time=8.33 ms
^C
