BINDの設定
named.conf
マスターサーバ
options {
directory "/var/named";
pid-file "/var/named/named.pid";
version "";
};
;view機能での"local-net"に含まれるアドレスを定義する
acl "local-net"{
192.168.1.118;
192.168.1.119;
};
;ゾーン転送許可範囲を制限するため、nameserverを定義
acl "nsservers"{
192.168.1.104;
};
view "local" {
match-clients{
local-net;
};
zone "."{
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "data/db.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "data/db.rev";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "data/send.rev";
allow-transfer{nsservers;};
};
;subドメインの権限委譲のためstub定義を使う
;mastersのサーバを参照する
zone "sub.send.test" {
type stub;
file "data/sub.send.zone";
masters{192.168.1.129;};
};
zone "send.test" {
type master;
file "data/send.zone";
allow-transfer{nsservers;};
};
;"local-net"内では"recv.test"ドメインは"recv.zone.local"を参照する
zone "recv.test" {
type master;
file "data/recv.zone.local";
allow-transfer{nsservers;};
};
};
view "global" {
match-clients{
any;
};
zone "."{
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "data/db.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "data/db.rev";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "data/send.rev";
allow-transfer{nsservers;};
};
zone "sub.send.test" {
type stub;
file "data/sub.send.zone";
masters{192.168.1.129;};
};
zone "send.test" {
type master;
file "data/send.zone";
allow-transfer{nsservers;};
};
;"local-net"以外に対しては"recv.zone.global"の情報を返す
zone "recv.test" {
type master;
file "data/recv.zone.global";
allow-transfer{nsservers;};
};
};
スレーブサーバ
options {
directory "/var/named";
pid-file "/var/named/named.pid";
version "";
};
acl "local-net"{
192.168.1.118;
192.168.1.119;
};
;スレーブ側でもゾーン転送許可範囲を制限すること
acl "nsservers"{
};
view "local" {
match-clients{
local-net;
};
zone "."{
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "data/db.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "data/db.rev";
};
;"slave"で定義する。参照先は"masters"で定義する
zone "1.168.192.in-addr.arpa" {
type slave;
file "data/send.rev";
masters{192.168.1.38;};
allow-transfer{nsservers;};
};
zone "sub.send.test" {
type stub;
file "data/sub.send.zone";
masters{192.168.1.129;};
};
zone "send.test" {
type slave;
file "data/send.zone";
masters{192.168.1.38;};
allow-transfer{nsservers;};
};
zone "recv.test" {
type slave;
file "data/recv.zone.local";
masters{192.168.1.38;};
allow-transfer{nsservers;};
};
};
view "global" {
match-clients{
any;
};
zone "."{
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "data/db.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "data/db.rev";
};
zone "1.168.192.in-addr.arpa" {
type slave;
file "data/send.rev";
masters{192.168.1.38;};
allow-transfer{nsservers;};
};
zone "sub.send.test" {
type stub;
file "data/sub.send.zone";
masters{192.168.1.129;};
};
zone "send.test" {
type slave;
file "data/send.zone";
masters{192.168.1.38;};
allow-transfer{nsservers;};
};
zone "recv.test" {
type slave;
file "data/recv.zone.global";
masters{192.168.1.38;};
allow-transfer{nsservers;};
};
};
send.zone
※検証中のためSOAレコードの値は非常に小さくしています。
$ORIGIN send.test.
$TTL 864
@ IN SOA ncomp.send.test. root.send.test. (
2007102301 ; Serial
288 ; Refresh
144 ; Retry
36000 ; Expire
864 ) ; Minimum
;
IN NS ns01.send.test.
IN NS ncomp.send.test.
;
;MXを定義。3つめのパラメータの値が小さい方が優先順位が高い
IN MX 10 smail.send.test.
IN MX 20 smail2.send.test.
ns01 IN A 192.168.1.104
ncomp01 IN A 192.168.1.38
smail IN A 192.168.1.108
smail2 IN A 192.168.1.109
rmail IN A 192.168.1.128
;
;sub.send.testドメインの管理を以下のnsに委譲する
;named.confでstubの設定を入れている場合は不要
sub IN NS rmail2.sub.send.test.
rmail2.sub IN A 192.168.1.129
send.rev
※検証中のためSOAレコードの値は非常に小さくしています。
$ORIGIN 1.168.192.in-addr.arpa.
$TTL 864
@ IN SOA ncomp.send.test. root.send.test. (
2007102303 ; Serial
288 ; Refresh
144 ; Retry
36000 ; Expire
864 ) ; Minimum
;
IN NS ns01.send.test.
IN NS ncomp.send.test.
;129-132.1.168.192.in-addr.arpa.の管理をrmail2.sub.send.testに委譲
129-132 IN NS rmail2.sub.send.test.
;
38 IN PTR ncomp01.send.test.
104 IN PTR ns01.send.test.
108 IN PTR smail.send.test.
109 IN PTR smail2.send.test.
128 IN PTR rmail.send.test.
;129以降は129-132.1.168.192.in-addr.arpa.(rmail2.sub.send.test.)を参照させる
129 IN CNAME 129.129-132.1.168.192.in-addr.arpa.
130 IN CNAME 130.129-132.1.168.192.in-addr.arpa.
131 IN CNAME 131.129-132.1.168.192.in-addr.arpa.
132 IN CNAME 132.129-132.1.168.192.in-addr.arpa.
Forwarderの設定
options内に以下の定義を追加する
options {
forwarders {上位DNSサーバのアドレス;};
};
zone転送の確認
※nslookupコマンドでls -dをサポートしていない場合(solaris10等)digコマンドで行う
#dig @"nameserverのアドレス" "確認したいドメイン" axfr
version情報の取得
$ nslookup
> set q=txt
> set class=chaos
> version.bind
Server: 192.168.1.104
Address: 192.168.1.104#53
version.bind text = "9.2.4"
最終更新:2008年06月03日 17:14
