Bind9

Installation §

vmls3:

sudo apt update
sudo apt -y install bind9 dnsutils

Konfiguration §

Konfigurationsdateien:

/etc/bind/named.conf.options: global DNS options
/etc/bind/named.conf.local: for your zones
/etc/bind/named.conf.default-zones: default zones such as localhost, its reverse, and the root hints
/usr/share/dns/root.hints: root nameservers

Abfragen für lokale Netze erlauben §

vmls3: /etc/bind/named.conf.options:

...
acl smartlearn-networks {
    192.168.210.0/24;
    192.168.220.0/24;
};
...
options {
    ...
    allow-recursion { smartlearn-networks; };
    allow-query { smartlearn-networks; };
    allow-query-cache { smartlearn-networks; };
    ...
}
...

Zonendefinition §

vmls3: /etc/bind/named.conf.local:

...
zone "smartlearn.lan" IN {
    type master;
    file "/etc/bind/db.lan.smartlearn";
    allow-update {
        none;
    };
};

zone "smartlearn.dmz" IN {
    type master;
    file "/etc/bind/db.dmz.smartlearn";
    allow-update {
        none;
    };
};

zone "210.168.192.in-addr.arpa" IN {
    type master;
    file "/etc/bind/db.168.210";
    allow-update {
        none;
    };
};

zone "220.168.192.in-addr.arpa" IN {
    type master;
    file "/etc/bind/db.168.220";
    allow-update {
        none;
    };
};
...

Forwardzonen §

vmls3: /etc/bind/db.dmz.smartlearn:

$TTL 600
@   IN  SOA ns.smartlearn.dmz.  root.smartlearn.dmz. (
    2023030101  ;Serial
    1H      ;Refresh
    1H      ;Retry
    1D      ;Expire
    1D)     ;Negative Cache TTL

@       IN  NS  ns.smartlearn.dmz.
 
vmlf1   IN  A   192.168.220.1
vmls3   IN  A   192.168.220.13
ns      IN  A   192.168.220.13

vmls3: /etc/bind/db.lan.smartlearn:

$TTL 600
  
@   IN  SOA ns.smartlearn.dmz.  root.smartlearn.lan. (
    2023030101  ;Serial
    1H      ;Refresh
    1H      ;Retry
    1D      ;Expire
    1D)     ;Negative Cache TTL

@   IN  NS  ns.smartlearn.dmz.
  
vmlf1   IN  A   192.168.210.1
vmwp1   IN  A   192.168.210.11
vmlp1   IN  A   192.168.210.31
vmls4   IN  A   192.168.210.64
vmls5   IN  A   192.168.210.65

Reversezonen §

vmls3: /etc/bind/db.168.220:

$TTL 600
  
@   IN  SOA ns.smartlearn.dmz.  root.smartlearn.dmz. (
    2023030101  ;Serial
    1H      ;Refresh
    1H      ;Retry
    1D      ;Expire
    1D)     ;Negative Cache TTL
  
@   IN  NS  ns.smartlearn.dmz.
  
1   IN  PTR vmlf1.smartlearn.dmz.
13  IN  PTR vmls3.smartlearn.dmz.

vmls3: /etc/bind/db.168.210:

$TTL 600
  
@   IN  SOA ns.smartlearn.dmz.  root.smartlearn.lan. (
    2023030101  ;Serial
    1H      ;Refresh
    1H      ;Retry
    1D      ;Expire
    1D)     ;Negative Cache TTL
  
@   IN  NS  ns.smartlearn.dmz.
  
1   IN  PTR vmlf1.smartlearn.lan.
11  IN  PTR vmwp1.smartlearn.lan.
31  IN  PTR vmlp1.smearlearn.lan.
64  IN  PTR vmls4.smartlearn.lan.
65  IN  PTR vmls5.smartlearn.lan.

DNS-Serverund Suchzonenkonfiguration §

vmwp1, vmlp1, vmls4, vmls5: /etc/systemd/resolved.conf:

...
[Resolve]
...
DNS=192.168.220.13
...
Domains=smartlearn.lan smartlearn.dmz
...

sudo systemctl restart systemd-resolved

Forwarder §

vmls3: /etc/bind/named.conf.options:

...
options {
    ...
    forwarders {
        1.1.1.1;
        1.0.0.1;
    };
    ...
}
...

Funktionalitätstest §

tail /var/log/syslog
journalctl -f -u named
named-checkconf
named-checkzone <zone> <zonefile>
systemd-resolved -status
cat /etc/resolv.conf
dig @<dnsserver> <fqdn> <record type>

nslookup
set type=NS

Record Types §

SOA §

@ IN SOA <dnsserver>   <mail (admin.example.com.)> (<Serial> <Refresh> <Retry> <Expire> <Negative Cache TTL>)

NS §

@ IN NS <dnsserver>

A §

<name> IN A <ip address>

MX §

<name> IN MX <priority> <mailserver>

CNAME §

<name> IN CNAME <>