loyum
10/12/2012, 23h52
Ok, merci pour tout
sous_domaine.domaine.fr IN A 12.34.56.78
zone belcraft.fr/IN: loaded serial 2012121001 zone localhost/IN: loaded serial 2 zone 127.in-addr.arpa/IN: loaded serial 1 zone 0.in-addr.arpa/IN: loaded serial 1 zone 255.in-addr.arpa/IN: loaded serial 1
IN A 5.39.88.184
belcraft.fr. IN A 5.39.88.184
$ttl 3H belcraft.fr. IN SOA ks3275597.kimsufi.com. teo.ctmen.ch. ( 2009051501 ;serial (version) 3600 ;refresh period 900 ;retry refresh this often 604800 ;expiration period 3600 ;minimum TTL ) belcraft.fr. IN NS ks3275597.kimsufi.com. belcraft.fr. IN NS ns.kimsufi.com. IN A 5.39.88.184 mail IN A 5.39.88.184 svn IN A 5.39.88.184 www IN CNAME belcraft.fr. belcraft.fr. IN MX 10 mail.belcraft.fr.
options { directory "/var/cache/bind"; forwarders { 213.186.33.99; }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; listen-on { any; }; allow-recursion { 127.0.0.1; 5.39.88.184; }; allow-transfer { 213.186.33.199; }; };
// prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; };
zone "belcraft.fr" { type master; file "/etc/bind/belcraft.fr.host"; // 213.186.33.199 = ns.kimsufi.com allow-transfer { 213.186.33.199; }; };
zone belcraft.fr/IN: loaded serial 2009051501 zone localhost/IN: loaded serial 2 zone 127.in-addr.arpa/IN: loaded serial 1 zone 0.in-addr.arpa/IN: loaded serial 1 zone 255.in-addr.arpa/IN: loaded serial 1
Ensuite passons à la configuration d’une zone. Editons le fichier /etc/bind/named.conf.local afin d’y renseigner nos zones.
zone "belcraft.fr" { type master; file "/etc/bind/blecraft.fr.host"; // 213.186.33.199 = ns.kimsufi.com allow-transfer { 213.186.33.199; }; };
craft IN A 5.39.88.184
named-checkconf -z
$ttl 3H belcraft.fr. IN SOA ks3275597.kimsufi.com. XXX.XXXXX.XX. ( 2009051501 ;serial (version) 3600 ;refresh period 900 ;retry refresh this often 604800 ;expiration period 3600 ;minimum TTL ) mon-site.tld. IN NS ks3275597.kimsufi.com. mon-site.tld. IN NS ns.kimsufi.com. IN A 123.234.1.2 mail IN A 5.39.88.184 svn IN A 5.39.88.184 www IN CNAME belcraft.fr. belcraft.fr. IN MX 10 craft.belcraft.fr.
root@ks3275597:~# named-checkconf -z zone localhost/IN: loaded serial 2 zone 127.in-addr.arpa/IN: loaded serial 1 zone 0.in-addr.arpa/IN: loaded serial 1 zone 255.in-addr.arpa/IN: loaded serial 1
# dig @5.39.88.184 soa belcraft.fr ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 8189 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
named-checkconf -z
tcp 0 0 5.39.88.184:53 0.0.0.0:* LISTEN 3241/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3241/named tcp6 0 0 ::1:53 :::* LISTEN 3241/named
include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones";
options { directory "/var/cache/bind";dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 //listen-on { 127.0.0.1; }; listen-on-v6 { ::1; }; allow-recursion { 127.0.0.1; }; };
netstat -tanpu | grep LISTEN | grep ":53"
# telnet 5.39.88.184 53 Trying 5.39.88.184... telnet: Unable to connect to remote host: Connection refused
listen-on { 127.0.0.1; }