Найти в Дзене
Вот и Linux за окном
19 подписчиков

0031.Конфигурационные файлы к статье #0030.

3 мин
Приветствую вас, Уважаемые Читатели! Привожу значимые конфы хостов обсуждаемых в предыдущей статье #0030. Ну вдруг кому-то будет интересно) Для начала приведу схему сети. Ну и наконец сами файлы deb-lan3-bind-prim /etc/bind/named.conf.options options { directory "/var/cache/bind"; listen-on port 53 {127.0.0.1;192.168.3.100;}; allow-query {any;}; allow-recursion {any;}; allow-transfer {any;}; //forward first; //forwarders {192.168.100.1;}; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //======================================================================== // If BIND logs error messages about th

Приветствую вас, Уважаемые Читатели!

Привожу значимые конфы хостов обсуждаемых в предыдущей статье #0030.

Ну вдруг кому-то будет интересно)

Для начала приведу схему сети.

Ну и наконец сами файлы

deb-lan3-bind-prim

/etc/bind/named.conf.options

options {

directory "/var/cache/bind";

listen-on port 53 {127.0.0.1;192.168.3.100;};

allow-query {any;};

allow-recursion {any;};

allow-transfer {any;};

//forward first;

//forwarders {192.168.100.1;};

// If there is a firewall between you and nameservers you want

// to talk to, you may need to fix the firewall to allow multiple

// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable

// nameservers, you probably want to use them as forwarders.

// Uncomment the following block, and insert the addresses replacing

// the all-0's placeholder.

// forwarders {

// 0.0.0.0;

// };

//========================================================================

// If BIND logs error messages about the root key being expired,

// you will need to update your keys. See https://www.isc.org/bind-keys

//========================================================================

dnssec-validation no;

listen-on-v6 { none; };

};

/etc/bind/named.conf.local

//

// Do any local configuration here

//

// Consider adding the 1918 zones here, if they are not used in your

// organization

//include "/etc/bind/zones.rfc1918";

zone "loc"

{

type master;

file "/var/lib/bind/db.loc";

};

zone "168.192.in-addr.arpa"

{

type master;

file "/var/lib/bind/db.168.192.in-addr.arpa";

};

//zone "lan4.loc"

//{

//type slave;

//file "/var/lib/bind/db.slave.lan4.loc";

//masters {192.168.4.100;};

//};

/var/lib/bind/db.loc

$ORIGIN loc.

$TTL 86400

@ IN SOA deb-lan3-bind-prim.loc. root.deb-lan3-bind.prim.loc (

2025120401;

600;

600;

86400;

600);

@ IN NS deb-lan3-bind-prim.loc.

@ IN A 192.168.3.100

deb-lan3-bind-prim IN A 192.168.3.100

deb-lan3-out-router IN A 192.168.3.1

deb-lan3-lan2-router IN A 192.168.3.102

deb-lan3-lan1-router IN A 192.168.3.101

deb-lan3-lan4-router IN A 192.168.3.104

deb-lan1-host101 IN A 192.168.1.101

deb-lan2-host101 IN A 192.168.2.101

$ORIGIN lan4.loc.

@ IN NS deb-lan4-bind-prim

;lan4.loc. IN NS deb-lan3-bind-prim.loc.

deb-lan4-bind-prim IN A 192.168.4.100

/var/lib/bind/db.168.192.in-addr.arpa

$TTL 86400

168.192.in-addr.arpa. IN SOA deb-lan3-bind-prim.loc. root.deb-lan3-bind-prim.loc. (

2025112901;

600;

600;

86400;

600);

168.192.in-addr.arpa. IN NS deb-lan3-bind-prim.loc.

168.192.in-addr.arpa. IN A 192.168.3.100

1.3 IN PTR deb-lan3-out-router.loc.

101.3 IN PTR deb-lan3-lan1-router.loc.

102.3 IN PTR deb-lan3-lan2-router.loc.

104.3 IN PTR deb-lan3-lan4-router.loc.

101.2 IN PTR deb-lan2-host101.loc.

101.1 IN PTR deb-lan1-host101.loc.

deb-lan4-bind-prim

/etc/bind/named.conf.options

options {

directory "/var/cache/bind";

listen-on port 53 {127.0.0.1;192.168.4.100;};

allow-query {any;};

allow-recursion {any;};

allow-transfer {any;};

forwarders {192.168.3.100;};

// If there is a firewall between you and nameservers you want

// to talk to, you may need to fix the firewall to allow multiple

// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable

// nameservers, you probably want to use them as forwarders.

// Uncomment the following block, and insert the addresses replacing

// the all-0's placeholder.

// forwarders {

// 0.0.0.0;

// };

//========================================================================

// If BIND logs error messages about the root key being expired,

// you will need to update your keys. See https://www.isc.org/bind-keys

//========================================================================

dnssec-validation no;

listen-on-v6 { none; };

};

/etc/bind/named.conf.local

//

// Do any local configuration here

//

// Consider adding the 1918 zones here, if they are not used in your

// organization

//include "/etc/bind/zones.rfc1918";

zone "lan4.loc."

{

type master;

file "/var/lib/bind/db.lan4";

allow-transfer {192.168.3.100;};

};

/var/lib/bind/db.lan4

$ORIGIN lan4.loc.

$TTL 86400

@ IN SOA deb-lan4-bind-prim.lan4.loc. root.deb-lan4-bind-prim.lan4.loc.(

2025120302;

600;

600;

86400;

600);

@ IN NS deb-lan4-bind-prim.lan4.loc.

@ IN A 192.168.4.100

deb-lan4-bind-prim IN A 192.168.4.100

win-lan4-host101 IN A 192.168.4.101

Благодарю всех Уважаемых Читателей, дочитавших до этого места.

Желаю всем удачи в начинаниях и продолжениях, до новых встреч!!!)

-2

PS

Статья не является учебным пособием, и представляет личный опыт автора.

Статья может содержать ошибки и не точности.

Приведённые данные необходимо проверять самостоятельно.

Картинка для превью статьи сгенерирована сетью Шедеврум, возможно с небольшими моими правками.