bind のインストール
Debian
LS-AVL/A
メール関係が落ち着いたので、続いて DNS
bind9 のインストール
bind9 をインストールする
root@av:~# apt-get install bind9
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
python2.6-minimal mime-support libgsasl7 libmailutils2 python2.6 libexpat1
guile-1.8-libs libpython2.6 file libntlm0 libltdl7 libmagic1
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
bind9utils geoip-database libbind9-60 libdns69 libgeoip1 libisc62 libisccc60
libisccfg62 liblwres60 libxml2 sgml-base xml-core
Suggested packages:
dnsutils bind9-doc resolvconf ufw geoip-bin sgml-base-doc debhelper
The following NEW packages will be installed:
bind9 bind9utils geoip-database libbind9-60 libdns69 libgeoip1 libisc62
libisccc60 libisccfg62 liblwres60 libxml2 sgml-base xml-core
0 upgraded, 13 newly installed, 0 to remove and 0 not upgraded.
Need to get 5285 kB of archives.
After this operation, 11.8 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ftp.jp.debian.org/debian/ squeeze/main libgeoip1 armel 1.4.7~beta6+dfsg-1 [134 kB]
Get:2 http://security.debian.org/ squeeze/updates/main libxml2 armel 2.7.8.dfsg-2+squeeze3 [818 kB]
Get:3 http://ftp.jp.debian.org/debian/ squeeze/main libisc62 armel 1:9.7.3.dfsg-1~squeeze4 [163 kB]
Get:4 http://ftp.jp.debian.org/debian/ squeeze/main libdns69 armel 1:9.7.3.dfsg-1~squeeze4 [662 kB]
Get:5 http://ftp.jp.debian.org/debian/ squeeze/main libisccc60 armel 1:9.7.3.dfsg-1~squeeze4 [30.9 kB]
Get:6 http://ftp.jp.debian.org/debian/ squeeze/main libisccfg62 armel 1:9.7.3.dfsg-1~squeeze4 [50.0 kB]
Get:7 http://ftp.jp.debian.org/debian/ squeeze/main libbind9-60 armel 1:9.7.3.dfsg-1~squeeze4 [37.4 kB]
Get:8 http://ftp.jp.debian.org/debian/ squeeze/main liblwres60 armel 1:9.7.3.dfsg-1~squeeze4 [47.5 kB]
Get:9 http://ftp.jp.debian.org/debian/ squeeze/main bind9utils armel 1:9.7.3.dfsg-1~squeeze4 [119 kB]
Get:10 http://ftp.jp.debian.org/debian/ squeeze/main bind9 armel 1:9.7.3.dfsg-1~squeeze4 [342 kB]
Get:11 http://ftp.jp.debian.org/debian/ squeeze/main geoip-database all 1.4.7~beta6+dfsg-1 [2846 kB]
Get:12 http://ftp.jp.debian.org/debian/ squeeze/main sgml-base all 1.26+nmu1 [11.9 kB]
Get:13 http://ftp.jp.debian.org/debian/ squeeze/main xml-core all 0.13 [23.4 kB]
Fetched 5285 kB in 5s (981 kB/s)
Preconfiguring packages ...
Selecting previously deselected package libgeoip1.
(Reading database ... 17611 files and directories currently installed.)
Unpacking libgeoip1 (from .../libgeoip1_1.4.7~beta6+dfsg-1_armel.deb) ...
Selecting previously deselected package libxml2.
Unpacking libxml2 (from .../libxml2_2.7.8.dfsg-2+squeeze3_armel.deb) ...
Selecting previously deselected package libisc62.
Unpacking libisc62 (from .../libisc62_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package libdns69.
Unpacking libdns69 (from .../libdns69_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package libisccc60.
Unpacking libisccc60 (from .../libisccc60_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package libisccfg62.
Unpacking libisccfg62 (from .../libisccfg62_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package libbind9-60.
Unpacking libbind9-60 (from .../libbind9-60_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package liblwres60.
Unpacking liblwres60 (from .../liblwres60_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package bind9utils.
Unpacking bind9utils (from .../bind9utils_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package bind9.
Unpacking bind9 (from .../bind9_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package geoip-database.
Unpacking geoip-database (from .../geoip-database_1.4.7~beta6+dfsg-1_all.deb) ...
Selecting previously deselected package sgml-base.
Unpacking sgml-base (from .../sgml-base_1.26+nmu1_all.deb) ...
Selecting previously deselected package xml-core.
Unpacking xml-core (from .../archives/xml-core_0.13_all.deb) ...
Processing triggers for man-db ...
!Setting up libgeoip1 (1.4.7~beta6+dfsg-1) ...
Setting up libxml2 (2.7.8.dfsg-2+squeeze3) ...
Setting up libisc62 (1:9.7.3.dfsg-1~squeeze4) ...
Setting up libdns69 (1:9.7.3.dfsg-1~squeeze4) ...
Setting up libisccc60 (1:9.7.3.dfsg-1~squeeze4) ...
Setting up libisccfg62 (1:9.7.3.dfsg-1~squeeze4) ...
Setting up libbind9-60 (1:9.7.3.dfsg-1~squeeze4) ...
Setting up liblwres60 (1:9.7.3.dfsg-1~squeeze4) ...
Setting up bind9utils (1:9.7.3.dfsg-1~squeeze4) ...
Setting up bind9 (1:9.7.3.dfsg-1~squeeze4) ...
Adding group `bind' (GID 111) ...
Done.
Adding system user `bind' (UID 107) ...
Adding new user `bind' (UID 107) with group `bind' ...
Not creating home directory `/var/cache/bind'.
wrote key file "/etc/bind/rndc.key"
#
Starting domain name service...: bind9.
Setting up geoip-database (1.4.7~beta6+dfsg-1) ...
Setting up sgml-base (1.26+nmu1) ...
Setting up xml-core (0.13) ...
!root@av:~#
DNS の設定
root@av:~# cd /etc/bind
root@av:/etc/bind# ls
bind.keys db.empty named.conf.default-zones zones.rfc1918
db.0 db.local named.conf.local
db.127 db.root named.conf.options
db.255 named.conf rndc.key
root@av:/etc/bind# mv named.conf.local{,.orig}
root@av:/etc/bind# cp named.conf.local{.orig,}
root@av:/etc/bind# vi named.conf.local
:
:
root@av:/etc/bind# cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
view "in" {
match-clients {
127.0.0.0/8;
192.168.1.0/24;
192.168.2.0/24;
};
recursion yes;
zone "yamasita.jp" {
type master;
file "/etc/bind/yamasita.jp-in-zone";
allow-transfer { 192.168.1.0/24; 192.168.2.0/24; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/1.168.192-rev";
allow-transfer { 192.168.1.0/24; 192.168.2.0/24; };
};
zone "2.168.192.in-addr.arpa" {
type master;
file "/etc/bind/2.168.192-rev";
allow-transfer { 192.168.1.0/24; 192.168.2.0/24; };
};
zone "fletsnet.com" {
type forward;
forward only;
forwarders {
192.168.1.1;
};
};
zone "flets" {
type forward;
forward only;
forwarders {
192.168.1.1;
};
};
zone "194.210.220.in-addr.arpa" {
type forward;
forward only;
forwarders {
192.168.1.1;
};
};
};
view "out" {
match-clients { any; };
recursion no;
zone "yamasita.jp" {
type master;
file "/etc/bind/yamasita.jp-out-zone";
};
};
root@av:/etc/bind#
こんなところか??
ファイル名は、以前から使っているもの。
それぞれのファイルを置く。
named の再起動
root@av:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service...: bind9 waiting for pid 24974 to die.
Starting domain name service...: bind9 failed!
root@av:/etc/bind#
ふげー。
root@av:/etc/bind# less /var/log/daemon.log
:
:
Feb 29 23:43:35 av named[25404]: starting BIND 9.7.3 -u bind
Feb 29 23:43:35 av named[25404]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=' 'CPPFLAGS='
Feb 29 23:43:35 av named[25404]: adjusted limit on open files from 1024 to 1048576
Feb 29 23:43:35 av named[25404]: found 1 CPU, using 1 worker thread
Feb 29 23:43:35 av named[25404]: using up to 4096 sockets
Feb 29 23:43:35 av named[25404]: loading configuration from '/etc/bind/named.conf'
Feb 29 23:43:35 av named[25404]: /etc/bind/named.conf.default-zones:2: when using 'view' statements, all zones must be in views
Feb 29 23:43:35 av named[25404]: loading configuration: failure
Feb 29 23:43:35 av named[25404]: exiting (due to fatal error)
view 使うんなら、全部の zone を view に入れろってか。。。
view 外で定義している zone は、、、
root@av:/etc/bind# cat named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
root@av:/etc/bind# cat named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
root@av:/etc/bind#
不本意だが、named.conf.local 以外にも手を入れるか、、、
root@av:/etc/bind# mv named.conf{,.orig}
root@av:/etc/bind# cp named.conf{.orig,}
root@av:/etc/bind# vi named.conf
:
:
root@av:/etc/bind# diff -c named.conf.orig named.conf
*** named.conf.orig Thu Nov 17 05:31:43 2011
--- named.conf Wed Feb 29 23:49:28 2012
***************
*** 8,11 ****
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
! include "/etc/bind/named.conf.default-zones";
--- 8,11 ----
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
! // include "/etc/bind/named.conf.default-zones";
root@av:/etc/bind# vi named.conf.local
:
:
root@av:/etc/bind# cat !$
cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
view "in" {
match-clients {
127.0.0.0/8;
192.168.1.0/24;
192.168.2.0/24;
};
recursion yes;
include "/etc/bind/named.conf.default-zones";
zone "yamasita.jp" {
type master;
file "/etc/bind/yamasita.jp-in-zone";
allow-transfer { 192.168.1.0/24; 192.168.2.0/24; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/1.168.192-rev";
allow-transfer { 192.168.1.0/24; 192.168.2.0/24; };
};
zone "2.168.192.in-addr.arpa" {
type master;
file "/etc/bind/2.168.192-rev";
allow-transfer { 192.168.1.0/24; 192.168.2.0/24; };
};
zone "fletsnet.com" {
type forward;
forward only;
forwarders {
192.168.1.1;
};
};
zone "flets" {
type forward;
forward only;
forwarders {
192.168.1.1;
};
};
zone "194.210.220.in-addr.arpa" {
type forward;
forward only;
forwarders {
192.168.1.1;
};
};
};
view "out" {
match-clients { any; };
recursion no;
zone "yamasita.jp" {
type master;
file "/etc/bind/yamasita.jp-out-zone";
};
};
root@av:/etc/bind#
named の起動
今度こそ。
root@av:/etc/bind# /etc/init.d/bind9 start
Starting domain name service...: bind9.
root@av:/etc/bind#
GJ!
dig のインストール
root@av:/etc/bind# apt-get install dnsutils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
python2.6-minimal mime-support libgsasl7 libmailutils2 python2.6 libexpat1
guile-1.8-libs libpython2.6 file libntlm0 libltdl7 libmagic1
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
bind9-host
Suggested packages:
rblcheck
The following NEW packages will be installed:
bind9-host dnsutils
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 227 kB of archives.
After this operation, 557 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ftp.jp.debian.org/debian/ squeeze/main bind9-host armel 1:9.7.3.dfsg-1~squeeze4 [68.7 kB]
Get:2 http://ftp.jp.debian.org/debian/ squeeze/main dnsutils armel 1:9.7.3.dfsg-1~squeeze4 [158 kB]
Fetched 227 kB in 0s (373 kB/s)
Selecting previously deselected package bind9-host.
(Reading database ... 17819 files and directories currently installed.)
Unpacking bind9-host (from .../bind9-host_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Selecting previously deselected package dnsutils.
Unpacking dnsutils (from .../dnsutils_1%3a9.7.3.dfsg-1~squeeze4_armel.deb) ...
Processing triggers for man-db ...
Setting up bind9-host (1:9.7.3.dfsg-1~squeeze4) ...
Setting up dnsutils (1:9.7.3.dfsg-1~squeeze4) ...
!root@av:/etc/bind#
確認
root@av:/etc/bind# dig www.yamasita.jp
:
:
root@av:/etc/bind# dig sil.yamasita.jp
:
:
root@av:/etc/bind# dig -x 192.168.1.2
:
:
root@av:/etc/bind# dig -x 192.168.2.39
:
:
OK
Copyright (C) 2003-2012 Yasunari Yamashita. All Rights Reserved.
yasunari @ yamasita.jp 山下康成@京都府向日市
