Minggu, 10 Mei 2009

Membuat DNS pada CentOS 5.2

Wah mungkin tutorial ini sudah banyak yang buat ya, tapi gak segampang itu loh buat dns , aku aja meskipun dah sering buat tapi gak tau aku baru bisa jinakin centOS 5.2 ini. berikut cara - cara pembuatan DNS pada centOS.
1. Install dulu Bind nya dengan cara
$yum install bind
prosesnya otomatis tunggu ae
2. lalu buka file /var/named/chroot/etc/rndc.key
key "rndckey" {
algorithm hmac-md5;
secret "V2Luixh4mHHgDIIkj5PGrqzUd0mm780fxmUpYDQ7KtmZGlus6YH2CE7CUF7d";
};
lalu copy isi file yang berwarna merah diatas . * setiap komputer beda 2
3.lalu ubah isi dari /var/named/chroot/etc/named.conf
key rndckey {
algorithm hmac-md5;
secret "V2Luixh4mHHgDIIkj5PGrqzUd0mm780fxmUpYDQ7KtmZGlus6YH2CE7CUF7d";
};
// we assume our server has the IP 10.10.10.20 serving the 10.10.10.0/24 subnet
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { rndckey; rndc-key; };
};
options{
directory "var/named";
pid-file "/var/run/named/named.pid";
recursion yes;

allow-recursion {
127.0.0.1;
10.10.10.0/24;
};
//these are the opendns servers (optional)
forwarders{
202.134.1.10;
202.155.0.10;
202.155.0.10;
202.34.118.10;
202.134.118.12;
};
listen-on {
127.0.0.1;
10.10.10.20;
};
/*
* If your nameservers is behind firewall you might need to uncomment the query-source
* directive below.
*/
query-source port 53;

// for security people can't try to guess what version you're running
version "REFUSED";

allow-query {
127.0.0.1;
10.10.10.0/24;
};
};

server 10.10.10.20 {
keys { rndckey; };
};

zone "trunojoyo.net" IN {
type hint;
file "named.ca";
};

zone "trunojoyo.net" IN {
type master;
file "data/trunojoyo.net.zone";
allow-update { none; };

};
key rndc-key {
algorithm hmac-md5;
secret "e7bpMqkrVilvalPXU/CY0g==";
};
trusted-keys {
};
jangan pastekan , copyan rndc key tadi , lalu rubah IP dan juga zone (diatas trunojoyo.net) sesuai dengan keinginanmu
4. lalu buat file sesuai dengan nama zone mu tadi di /var/named/data/trunojoyo.net.zone (* nama zone dapat diganti sesuai konfig di named.conf)
#vi /var/named/chroot/var/named/data/trunojoyo.net.zone
$TTL 38400
trunojoyo.net. IN SOA ns.trunojoyo.net admin.trunojoyo.net (
2008090335 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400) ; Minimum TTL 1 day

trunojoyo.net. IN NS ns.trunojoyo.net.
trunojoyo.net. IN MX 1 mx.trunojoyo.net.
trunojoyo.net. IN MX 5 mx2.trunojoyo.net.
ns.trunojoyo.net. IN A 10.10.10.20
cacti.trunojoyo.net. IN A 10.10.10.20
desktop.trunojoyo.net. IN A 10.10.10.20
mail.trunojoyo.net. IN CNAME mx.trunojoyo.net.
mx.trunojoyo.net. IN A 10.10.10.20
mx2.trunojoyo.net. IN A 10.10.10.20

Don’t forget the “.” it is very important.
5. lalu setting /etc/resolv
isikan sesuai dengan ip atau nama dns kamu
nameserver 10.10.10.20
6. start dns kamu
$/etc/init.d/named start
7 lalu cek dengan perintah dig
dig trunojoyo.net maka akan keluar hasil :
; <<>> DiG 9.3.4-P1 <<>> trunojoyo.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38525
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13

;; QUESTION SECTION:
;trunojoyo.net. IN A

;; ANSWER SECTION:
trunojoyo.net. 300 IN A 119.235.18.14

;; AUTHORITY SECTION:
net. 4635 IN NS C.GTLD-SERVERS.net.
net. 4635 IN NS D.GTLD-SERVERS.net.
net. 4635 IN NS E.GTLD-SERVERS.net.
net. 4635 IN NS F.GTLD-SERVERS.net.
net. 4635 IN NS G.GTLD-SERVERS.net.
net. 4635 IN NS H.GTLD-SERVERS.net.
net. 4635 IN NS I.GTLD-SERVERS.net.
net. 4635 IN NS J.GTLD-SERVERS.net.
net. 4635 IN NS K.GTLD-SERVERS.net.
net. 4635 IN NS L.GTLD-SERVERS.net.
net. 4635 IN NS M.GTLD-SERVERS.net.
net. 4635 IN NS A.GTLD-SERVERS.net.
net. 4635 IN NS B.GTLD-SERVERS.net.

;; ADDITIONAL SECTION:
A.GTLD-SERVERS.net. 71806 IN A 192.5.6.30
A.GTLD-SERVERS.net. 71806 IN AAAA 2001:503:a83e::2:30
B.GTLD-SERVERS.net. 71806 IN A 192.33.14.30
B.GTLD-SERVERS.net. 71806 IN AAAA 2001:503:231d::2:30
C.GTLD-SERVERS.net. 56781 IN A 192.26.92.30
D.GTLD-SERVERS.net. 56781 IN A 192.31.80.30
E.GTLD-SERVERS.net. 56781 IN A 192.12.94.30
F.GTLD-SERVERS.net. 56781 IN A 192.35.51.30
G.GTLD-SERVERS.net. 56781 IN A 192.42.93.30
H.GTLD-SERVERS.net. 56781 IN A 192.54.112.30
I.GTLD-SERVERS.net. 56781 IN A 192.43.172.30
J.GTLD-SERVERS.net. 56781 IN A 192.48.79.30
K.GTLD-SERVERS.net. 56781 IN A 192.52.178.30

;; Query time: 822 msec
;; SERVER: 203.34.118.12#53(203.34.118.12)
;; WHEN: Sun May 10 11:33:58 2009
;; MSG SIZE rcvd: 500

Tidak ada komentar: