Difference between revisions of "DNS: Bind9"

Revision as of 12:38, 5 December 2018

SetUp Client

Windows

Edit your network adapter preferences/TCP-IP > DNS use as Primary DNS: 22.0.0.1 Use as Secondary DNS: 20.1.40.23

Ubuntu

Add the following line to: /etc/resolvconf/resolv.conf.d/base

nameserver 20.1.40.23

Server Configuration

IP: 20.1.40.23
User: brujula
Authorized keys: ['xe50582@rt', 'xe51125@redteam', 'xe55246@rra.lan', 'nicolas@nicolas-laptop', 'Jose@LAPTOP-FDM6SC5N']
Configuration file: /etc/bind/named.conf.local

zone "rra.lan" {
  type master;
  file "db.rra.lan";
};

zone "40.1.20.in-addr.arpa" {
  type master;
  file "db.20.1.40";
};

Add name resolution

nano /var/cache/bind/db.rra.lan

It will look something like:

$TTL 3600
@       IN      SOA     dns.rra.lan.        root.rra.lan. (
                    1    ; Serial
                    6H   ; refresco (6 horas)
                    1H   ; reintentos (1 hora)
                    2W   ; expira (2 semanas)
                    3H   ; mínimo (3 horas)
);

@       IN      NS      dns.rra.lan.
@       IN      MX      10 dns.rra.lan.

dns             IN      A       20.1.40.23
vcenter         IN      A       20.1.40.51
esx             IN      A       20.1.40.35
nsx             IN      A       20.1.40.13
git             IN      A       20.1.40.104
wiki            IN      A       20.1.40.11

Add line:

subdomain           IN       A      20.1.40.XXX

Reverse resolution

nano /var/cache/bind/db.20.1.40

It will look something like:

@ IN      SOA     dns.rra.lan.        root.rra.lan. (
        1      ; serie
        6H     ; refresco (6 horas)
        1H     ; reintentos (1 hora)
        2W     ; expire (2 semanas)
        3H     ; mínimo (3 horas)
);

@       IN      NS      dns.
23      IN      PTR     dns.rra.lan.
51      IN      PTR     vcenter.rra.lan.
35      IN      PTR     esx.rra.lan.
13      IN      PTR     nsx.rra.lan.
104     IN      PTR     git.rra.lan.
11      IN      PTR     wiki.rra.lan.

Allow remote access

Edit /etc/bind/named.conf.options
Add

acl allowed {
    127.0.0.1;
    15.17.170.165;
    15.17.162.231;
};

Modify

...
allow-query {
    allowed;
};
...
allow-recursion {
    allowed;
};
...

Forwarding

Edit /etc/bind/named.conf.default-zones
Add

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/usr/share/dns/root.hints";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

zone "igrupobbva" {
    type forward;
    forward only;
    forwarders {
        22.0.0.1;
    };
};

zone "grupobbva.com" {
    type forward;
    forward only;
    forwarders {
        8.8.8.8;
    };
};

zone "interno.grupobbva.com" {
    type forward;
    forward only;
    forwarders {
        22.0.0.1;
    };
};

zone "ad.bbva.com" {
    type forward;
    forward only;
    forwarders {
        22.0.0.1;
    };
};

zone "rra.lan" {
    type forward;
    forward only;
    forwarders {
        10.0.232.30;
    };
};