發佈於 作者: t850008

ArchLinux – 架設 DNS Server

參考網站:
Linux Pi的奇幻旅程(28)-DNS – iT邦幫忙::IT知識分享社群
BIND – ArchWiki
How to setup a DNS server master / slave with BIND
How to install and set-up Slave Named (BIND) DNS server in ArchLinux | Stavrovski.Net

安裝 bind 及 dnsutils 套件
# pacman -S bind dnsutils

備份設定檔
# cp /etc/named.conf /etc/named.conf.$(date +%F)[@more@]
修改設定檔 /etc/named.conf
# vim /etc/named.conf
//
// /etc/named.conf
//

options {
        directory “/var/named”;
        pid-file “/run/named/named.pid”;
        auth-nxdomain yes;
        datasize default;
// Uncomment these to enable IPv6 connections support
// IPv4 will still work:
//      listen-on-v6 { any; };
// Add this for no IPv4:
//      listen-on { none; };

        // Default security settings.
        allow-recursion { 127.0.0.1; };
        allow-transfer { none; };
        allow-update { none; };
    version none;
    hostname none;
    server-id none;
};

zone “localhost” IN {
        type master;
        file “localhost.zone”;
        allow-transfer { any; };
};

zone “0.0.127.in-addr.arpa” IN {
        type master;
        file “127.0.0.zone”;
        allow-transfer { any; };
};

zone “.” IN {
        type hint;
        file “root.hint”;
};

zone “test.ilc.edu.tw” IN {
          type master;
          file “test.ilc.edu.tw.zone”;
          allow-update { none; };
};

zone “1.168.192.in-addr.arpa” IN {
          type master;
          file “1.168.192.zone”;
          allow-update { none; };
};

//zone “example.org” IN {
//      type slave;
//      file “example.zone”;
//      masters {
//              192.168.1.100;
//      };
//      allow-query { any; };
//      allow-transfer { any; };
//};

logging {
        channel xfer-log {
                file “/var/log/named.log”;
                print-category yes;
                print-severity yes;
                print-time yes;
                severity info;
        };
        category xfer-in { xfer-log; };
        category xfer-out { xfer-log; };
        category notify { xfer-log; };
};

# 設定權限
# chown -R root:named /var/named

建立 log 檔
# touch /var/log/named.log

更改檔案擁有者及群組
# chown named:named /var/log/named.log

啟動 DNS Server
# systemctl start named

設定開機時啟動 DNS Server
# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

DNS Server 192.168.1.106
# cat /etc/resolv.conf
nameserver 192.168.1.106

測試
# host free.test.ilc.edu.tw
free.test.ilc.edu.tw has address 192.168.1.6

# host 192.168.1.6
6.1.168.192.in-addr.arpa domain name pointer free.test.ilc.edu.tw.

防火牆上的設定
# iptables -A INPUT -p udp -m state –state NEW -m udp –dport 53 -j ACCEPT