Subscribe via feed.

BIND howto – dns chrooteado – screencast

Posted by kwame on October 18, 2010 – 4:47 am

En este screencast explico cómo configurar un servidor de DNS con chroot utilizando BIND.

Aquí el screencast

Los comandos de instalación y archivos de configuración son los siguientes:

 [root@fw1 etc]# pwd
/var/named/chroot/etc
[root@fw1 etc]# cat rndc.key
key "rndckey" {
	algorithm	hmac-md5;
	secret		"7XfgQAcE3XihN09Gg276lpYMY7UTT93rOuaUkJsmSM7tlr8YesZox3xLRVu3";
};
[root@fw1 etc]# ls
localtime
named.caching-nameserver.conf
named.caching-nameserver.conf.2010-03-08_18-43-32.221354000
named.conf
named.rfc1912.zones
rndc.key
rndc.key-new
[root@fw1 etc]# cat named.conf
options {
   directory "/var/named";
   dump-file "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
 // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
 inet 127.0.0.1 allow { localhost; } keys { rndckey; };
 inet 192.168.1.130 allow { 192.168.1.130; } keys { rndckey; };
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
   allow-update { none; };
};

zone "homelinux.org" IN {
   type master;
   file "/var/named/data/homelinux.org.zone";
   allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
   type master;
   file "/var/named/data/1.168.192.zone";
   allow-update { none; };
};

include "/etc/rndc.key";
[root@fw1 etc]#
[root@fw1 chroot]# cd var/named/
[root@fw1 named]# ls
data              localhost.zone   named.ca         named.local  slaves
localdomain.zone  named.broadcast  named.ip6.local  named.zero
[root@fw1 named]# cd data/
[root@fw1 data]# ls
1.168.192.zone  homelinux.org.zone
[root@fw1 data]# cat 1.168.192.zone
$TTL	86400
@	IN SOA	homelinux.org.	fw1.homelinux.org. (
100
1H
1M
1W
1D)

@	IN NS 	fw1.homelinux.org.
130	IN PTR 	fw1.homelinux.org.
150	IN PTR 	backup.homelinux.org.
151	IN PTR 	tatooine.homelinux.org.
152	IN PTR 	ewook.homelinux.org.
[root@fw1 data]# cat homelinux.org.zone
$TTL	86400
@	IN SOA	homelinux.org. fw1.homelinux.org. (
100
1H
1M
1W
1D)

@		IN NS	fw1.homelinux.org.
@ 		IN A 	192.168.1.130

fw1		IN A	192.168.1.130
backup		IN A	192.168.1.150
tatooine	IN A	192.168.1.151
ewook		IN A	192.168.1.152
chewacca	IN A	192.168.1.153

[root@fw1 data]# pwd
/var/named/chroot/var/named/data
[root@fw1 data]#
<div>

This post is under “geek stuff, linux, networking, sysadmin” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.