Versi: Ubuntu II/JJ, BIND9, DHCP3
Install BIND9 & DHCP
Install Bind9: sudo aptitude install bind9
Install DHCP3: sudo aptitude install dhcp3-server
Jangan lupa:
sudo sensible-editor /etc/default/dhcp3-server
###---> mudy: tentukan interface dimana dhcp server bekerja
INTERFACES="eth0"
###---||
Buat kunci
sudo rndc-confgen -r /dev/urandom -k ns1.localdomain.com -s 10.0.0.3 > rndc.conf
sudo rndc-confgen -r /dev/urandom -k ns2.localdomain.com -s 10.0.0.4 >> rndc.conf
edit rndc.conf:
Hapus options { ... }; dibawah ns2.localdomain.com
Pindahkan key "ns2.localdomain.com" { ... }; kebawah key "ns1.localdomain.com" { ... };
Dibawah options { ... }; tambahkan:
server ns2.localdomain.com { key ns2.localdomain.com; };
buat file rndc.key dari rndc.conf:
hapus bagian options, sisakan bagian key
Konfigurasi named.conf
sudo sensible-editor /etc/bind/named.conf
tambahi:
###---> mudy: named ddns setting
include "/etc/bind/rndc.key";
controls { inet 10.0.0.3 port 953 allow {10.0.0.3; } keys { "ns1.localdomain.com" };
};
###---||
Konfigurasi dhcp.conf
sudo sensible-editor /etc/dhcp3/dhcp.conf
tambahi:
###---> mudy: dhcp ddns setting
ddns-update-style interim;
include "/etc/bind/rndc.key";
zone domain.com. { primary 10.0.0.3; key ns1.localdomain.com; }
zone reverse.in-addr.arpa. { primary 10.0.0.3; key ns1.localdomain.com; }
ddns-domainname "localdomain.com";
###---||
Konfigurasi named.conf.local
sudo sensible-editor /etc/bind/named.conf.local
###---> mudy: logging
logging {
channel bind { file "/var/log/bind/bind.log"; severity dynamic;
print-category yes; print-severity yes; print-time yes;};
channel update { file "/var/log/bind/update.log"; severity debug 3;
print-category yes; print-severity yes; print-time yes;};
channel security { file "/var/log/bind/security.log"; severity info;
print-category yes; print-severity yes; print-time yes;};
category lame-servers {null;}; category edns-disabled {null;};
category default { bind; }; category update { update; }; category security { security; };};
###---||
###---> mudy: definisi zona master localdomain.com
acl "localnetwork" { 10.0.0.0/24; };
zone "localdomain.com" {
type master;
file "/etc/bind/ddns/localdomain.com";
allow-update { key "ns1.localdomain.com"; };
allow-query { localnetwork; };
notify no; };
zone "0.0.10.in-addr.arpa" {
type master;
file "/etc/bind/ddns/10.0.0.reverse";
allow-update { key "ns1.localdomain.com"; };
allow-query { localnetwork; };
notify no; };
###---||
sudo sensible-editor /etc/bind/named.conf.options:
options {
directory "/var/cache/bind";
# beri forwarders ke OpenDNS jika perlu
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
### akhir forwarders
version "Server DNS lokal";
auth-nxdomain no;
listen-on { 10.0.0.3; };
allow-transfer { 10.0.0.4; };
};
Konfigurasi apparmor
sudo sensible-editor /etc/apparmor.d/usr.sbin.named
tambahi:
###---> mudy: bisa tulis dir ddns & log bind
/etc/bind/ddns/** rw,
/etc/bind/ddns/ rw,
/var/log/bind/** w,
/var/log/bind/ w,
###---||
Buat file log
sudo touch /var/log/bind/bind.log
sudo touch /var/log/bind/update.log
sudo touch /var/log/bind/security.log
Buat file ddns map
sudo touch /etc/bind/ddns/localdomain.com
sudo sensible-editor /var/bind/ddns/localdomain.com
;;;---> mudy: definisi localdomain.com
localdomain.com IN SOA ns1.localdomain.com. root.ns1.localdomain.com. (
20090515 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
432000 ; expire (5 days)
86400 ; minimum (1 day)
)
NS ns1.localdomain.com.
NS ns2.localdomain.com.
ns1 A 10.0.0.3
ns2 A 10.0.0.4
;;;---||
Buat file ddns reverse map
touch /var/bind/ddns/10.0.0.reverse
nano /var/bind/ddns/10.0.0.reverse
;;;---> mudy: definisi reverse localdomain.com
0.0.10.in-addr.arpa IN SOA ns1.localdomain.com. root.ns1.localdomain.com. (
2009051501;
86400;
1800;
604800;
86400;
)
NS ns1.localdomain.com
NS ns2.localdomain.com
3 PTR ns1.localdomain.com
4 PTR ns2.localdomain.com
;;;---||
Atur hak akses file dan direktori
sudo mkdir -m 644 /var/log/bind
sudo mkdir -m 644 /etc/bind/ddns
sudo chown -R root:bind /var/log/bind
sudo chown -R root:bind /etc/bind/ddns
sudo chmod -R 644 /etc/bind/ddns
sudo chmod -R 644 /var/log/bind
Restart apparmor, bind9 & dhcp3-server
sudo restart apparmor
sudo restart bind9
sudo restart dhcp3-server
Install BIND9 & DHCP
Install Bind9: sudo aptitude install bind9
Install DHCP3: sudo aptitude install dhcp3-server
Jangan lupa:
sudo sensible-editor /etc/default/dhcp3-server
###---> mudy: tentukan interface dimana dhcp server bekerja
INTERFACES="eth0"
###---||
Buat kunci
sudo rndc-confgen -r /dev/urandom -k ns1.localdomain.com -s 10.0.0.3 > rndc.conf
sudo rndc-confgen -r /dev/urandom -k ns2.localdomain.com -s 10.0.0.4 >> rndc.conf
edit rndc.conf:
Hapus options { ... }; dibawah ns2.localdomain.com
Pindahkan key "ns2.localdomain.com" { ... }; kebawah key "ns1.localdomain.com" { ... };
Dibawah options { ... }; tambahkan:
server ns2.localdomain.com { key ns2.localdomain.com; };
buat file rndc.key dari rndc.conf:
hapus bagian options, sisakan bagian key
Konfigurasi named.conf
sudo sensible-editor /etc/bind/named.conf
tambahi:
###---> mudy: named ddns setting
include "/etc/bind/rndc.key";
controls { inet 10.0.0.3 port 953 allow {10.0.0.3; } keys { "ns1.localdomain.com" };
};
###---||
Konfigurasi dhcp.conf
sudo sensible-editor /etc/dhcp3/dhcp.conf
tambahi:
###---> mudy: dhcp ddns setting
ddns-update-style interim;
include "/etc/bind/rndc.key";
zone domain.com. { primary 10.0.0.3; key ns1.localdomain.com; }
zone reverse.in-addr.arpa. { primary 10.0.0.3; key ns1.localdomain.com; }
ddns-domainname "localdomain.com";
###---||
Konfigurasi named.conf.local
sudo sensible-editor /etc/bind/named.conf.local
###---> mudy: logging
logging {
channel bind { file "/var/log/bind/bind.log"; severity dynamic;
print-category yes; print-severity yes; print-time yes;};
channel update { file "/var/log/bind/update.log"; severity debug 3;
print-category yes; print-severity yes; print-time yes;};
channel security { file "/var/log/bind/security.log"; severity info;
print-category yes; print-severity yes; print-time yes;};
category lame-servers {null;}; category edns-disabled {null;};
category default { bind; }; category update { update; }; category security { security; };};
###---||
###---> mudy: definisi zona master localdomain.com
acl "localnetwork" { 10.0.0.0/24; };
zone "localdomain.com" {
type master;
file "/etc/bind/ddns/localdomain.com";
allow-update { key "ns1.localdomain.com"; };
allow-query { localnetwork; };
notify no; };
zone "0.0.10.in-addr.arpa" {
type master;
file "/etc/bind/ddns/10.0.0.reverse";
allow-update { key "ns1.localdomain.com"; };
allow-query { localnetwork; };
notify no; };
###---||
sudo sensible-editor /etc/bind/named.conf.options:
options {
directory "/var/cache/bind";
# beri forwarders ke OpenDNS jika perlu
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
### akhir forwarders
version "Server DNS lokal";
auth-nxdomain no;
listen-on { 10.0.0.3; };
allow-transfer { 10.0.0.4; };
};
Konfigurasi apparmor
sudo sensible-editor /etc/apparmor.d/usr.sbin.named
tambahi:
###---> mudy: bisa tulis dir ddns & log bind
/etc/bind/ddns/** rw,
/etc/bind/ddns/ rw,
/var/log/bind/** w,
/var/log/bind/ w,
###---||
Buat file log
sudo touch /var/log/bind/bind.log
sudo touch /var/log/bind/update.log
sudo touch /var/log/bind/security.log
Buat file ddns map
sudo touch /etc/bind/ddns/localdomain.com
sudo sensible-editor /var/bind/ddns/localdomain.com
;;;---> mudy: definisi localdomain.com
localdomain.com IN SOA ns1.localdomain.com. root.ns1.localdomain.com. (
20090515 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
432000 ; expire (5 days)
86400 ; minimum (1 day)
)
NS ns1.localdomain.com.
NS ns2.localdomain.com.
ns1 A 10.0.0.3
ns2 A 10.0.0.4
;;;---||
Buat file ddns reverse map
touch /var/bind/ddns/10.0.0.reverse
nano /var/bind/ddns/10.0.0.reverse
;;;---> mudy: definisi reverse localdomain.com
0.0.10.in-addr.arpa IN SOA ns1.localdomain.com. root.ns1.localdomain.com. (
2009051501;
86400;
1800;
604800;
86400;
)
NS ns1.localdomain.com
NS ns2.localdomain.com
3 PTR ns1.localdomain.com
4 PTR ns2.localdomain.com
;;;---||
Atur hak akses file dan direktori
sudo mkdir -m 644 /var/log/bind
sudo mkdir -m 644 /etc/bind/ddns
sudo chown -R root:bind /var/log/bind
sudo chown -R root:bind /etc/bind/ddns
sudo chmod -R 644 /etc/bind/ddns
sudo chmod -R 644 /var/log/bind
Restart apparmor, bind9 & dhcp3-server
sudo restart apparmor
sudo restart bind9
sudo restart dhcp3-server
Tidak ada komentar:
Posting Komentar