Membuat DNS Server Dengan BIND di Centos

on Friday, December 26, 2008

Kalau waktu sebelumnya sudah pernah melakukan instalasi DNS server untuk diintegrasikan dengan CPanel, maka kali ini akan dibuat DNS server untuk intranet dengan menggunakan centos. Instalasi server centos masih seperti dahulu memakai DVD installer dari download di cpanel.
Tahapanyang dilakukan yaitu :

  1. Install BIND

    # yum install bind  caching-nameserver
  2. Konfigurasi BIND
    File konfigurasi adalah “/etc/named.conf”, akan tetapi file ini belum ada, yang ada adalah “/etc/named.caching-nameserver.conf”. Untuk itu file tersebut dijadikan dasar membuat file named.conf.Isi defaultnya yaitu :
    //
    // named.caching-nameserver.conf
    //
    // Provided by Red Hat caching-nameserver package to configure the
    // ISC BIND named(8) DNS server as a caching only nameserver
    // (as a localhost DNS resolver only).
    //
    // See /usr/share/doc/bind*/sample/ for example named configuration files.
    //
    // DO NOT EDIT THIS FILE - use system-config-bind or an editor
    // to create named.conf - edits to this file will be lost on
    // caching-nameserver package upgrade.
    //
    options {
            listen-on port 53 { 127.0.0.1; };
            listen-on-v6 port 53 { ::1; };
            directory       "/var/named";
            dump-file       "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            memstatistics-file "/var/named/data/named_mem_stats.txt";
    
            // Those options should be used carefully because they disable port
            // randomization
            // query-source    port 53;
            // query-source-v6 port 53;
    
            allow-query     { localhost; };
    };
    logging {
            channel default_debug {
                    file "data/named.run";
                    severity dynamic;
            };
    };
    view localhost_resolver {
            match-clients      { localhost; };
            match-destinations { localhost; };
            recursion yes;
            include "/etc/named.rfc1912.zones";
    };
  3. Edit konfigurasi default agar :
    a. DNS server dapat di query dari IP server 192.168.200.200 tidak hanya localhost
    b. IPV6 dimatikan
    c. Default port tetap 53
    d. Dapat membedakan intranet dan internet
    e. Yang dimaksud LAN intranet yaitu LAn dengan network 192.168.200.0/24 dan 192.168.100.0/24
    f. buat zone untuk uii.ac.id
    //
    // named.caching-nameserver.conf
    //
    // Provided by Red Hat caching-nameserver package to configure the
    // ISC BIND named(8) DNS server as a caching only nameserver
    // (as a localhost DNS resolver only).
    //
    // See /usr/share/doc/bind*/sample/ for example named configuration files.
    //
    // DO NOT EDIT THIS FILE - use system-config-bind or an editor
    // to create named.conf - edits to this file will be lost on
    // caching-nameserver package upgrade.
    //
    options {
            listen-on port 53 { 127.0.0.1;192.168.200.200; };
    #       listen-on-v6 port 53 { ::1; };
            directory       “/var/named”;
            dump-file       “/var/named/data/cache_dump.db”;
            statistics-file “/var/named/data/named_stats.txt”;
            memstatistics-file “/var/named/data/named_mem_stats.txt”;
    
            // Those options should be used carefully because they disable port
            // randomization
            // query-source    port 53;
            // query-source-v6 port 53;
    
            allow-query     { any; };
    };
    logging {
            channel default_debug {
                    file “data/named.run”;
                    severity dynamic;
            };
    };
    
    #view localhost_resolver {
    #       match-clients      { localhost; };
    #       match-destinations { localhost; };
    #       recursion yes;
    #       include “/etc/named.rfc1912.zones”;
    #};
    
    // Bagian intranet
    view “internal” {
            match-clients {
                    localhost;
                    192.168.200.0/24;
                    192.168.100.0/24;
            };
            match-destinations {
                    localhost;
                    192.168.200.0/24;
                    192.168.100.0/24;
            };
            recursion yes;
            zone “.” IN {
                    type hint;
                    file “/var/named/named.ca”;
            };
    
            zone “uii.ac.id” {
                    type master;
                    file “/etc/named/uii.ac.id.lan”;
            };
    };
    
    // bagian internet
    
    view “external” {
            match-clients {
                    any;
            };
            recursion no;
            zone “.” IN {
                    type hint;
                    file “/var/named/named.ca”;
            };
    
            zone “uii.ac.id” {
                    type master;
                    file “/etc/named/uii.ac.id.wan”;
            };
    };
    include “/etc/rndc.key”;
  4. Membuat Zone
    Pada contoh konfigurasi diatas sudah ditambahkan zone uii.ac.id, dimana untuk intranet dan internet dibedakan menjadi 2 buah file , yaitu “/etc/named/uii.ac.id.lan” dan untuk internet yaitu “/etc/named/uii.ac.id.wan”
    Isi file uii.ac.id.lan yaitu :
    $TTL    86400
    @       IN      SOA             localhost. prayitna.yahoo.com(
                    2008111914      ;Serial
                    3600            ;Refresh
                    1800            ;Retry
                    604800          ;Expire
                    86400           ;Minimum TTL
    )
    uii.ac.id.      86400           IN      NS      localhost.
    uii.ac.id.      86400           IN      A       192.168.200.1
    uii.ac.id.      14400           IN      MX 10   mail.uii.ac.id.
    www             14400           IN      CNAME   uii.ac.id.
    unisys          14400           IN      CNAME   uii.ac.id.
    itsupport       14400           IN      A       192.168.200.2
    klasiber        14400           IN      A       192.168.200.3
    Isi file uii.ac.id.wan yaitu :
    $TTL    86400
    @       IN      SOA     svr1.uii.ac.id. prayitna.yahoo.com(
                    2008111914      ;Serial
                    3600            ;Refresh
                    1800            ;Retry
                    604800          ;Expire
                    86400           ;Minimum TTL
    )
    uii.ac.id.      86400           IN      NS      svr1.uii.ac.id.
    uii.ac.id.      86400           IN      A       202.162.37.69
    uii.ac.id.      14400           IN      MX 10   mail.uii.ac.id.
    www             14400           IN      A       202.162.37.164
    unisys          14400           IN      A       202.162.37.69
  5. Start DNS server

    # service named start
  6. Buat otomatis start saat booting

    # chkconfig –level 235 named on
  7. Setup DNS client di komputer clientuntuk linux :

    # vi /etc/resorlv.conf
    nameserver 192.168.200.200
    untuk windows:
    tanbahkan property DNS server di network konfigurasi
  8. Ujicoba dengan ping www.uii.ac.id
Semoga bermanfaat