「Bindの設定」の版間の差分
提供: sha.ngri.la
細 |
|||
| (同じ利用者による、間の5版が非表示) | |||
| 1行目: | 1行目: | ||
| + | ==bindの起動== | ||
| + | <code>/etc/init.d/named start</code> | ||
*[http://www.atmarkit.co.jp/flinux/index/indexfiles/bind9index.html 連載記事 「実用 BIND 9で作るDNSサーバ」] | *[http://www.atmarkit.co.jp/flinux/index/indexfiles/bind9index.html 連載記事 「実用 BIND 9で作るDNSサーバ」] | ||
| + | *[http://akab.blog.so-net.ne.jp/2012-07-17 BIND の エラー 「no current owner name」:あかぶ:So-netブログ] | ||
| + | ==named.confの設定== | ||
| + | オリジナル | ||
| + | <pre> | ||
| + | options { | ||
| + | listen-on port 53 { 127.0.0.1; }; | ||
| + | listen-on-v6 port 53 { ::1; }; | ||
| + | directory "/var/named"; | ||
| + | dump-file "/var/named/data/cache_dump.db"; | ||
| + | statistics-file "/var/named/data/named_stats.txt"; | ||
| + | memstatistics-file "/var/named/data/named_mem_stats.txt"; | ||
| + | allow-query { localhost; }; | ||
| + | recursion yes; | ||
| + | |||
| + | dnssec-enable yes; | ||
| + | dnssec-validation yes; | ||
| + | dnssec-lookaside auto; | ||
| + | |||
| + | /* Path to ISC DLV key */ | ||
| + | bindkeys-file "/etc/named.iscdlv.key"; | ||
| + | |||
| + | managed-keys-directory "/var/named/dynamic"; | ||
| + | }; | ||
| + | |||
| + | logging { | ||
| + | channel default_debug { | ||
| + | file "data/named.run"; | ||
| + | severity dynamic; | ||
| + | }; | ||
| + | }; | ||
| + | |||
| + | zone "." IN { | ||
| + | type hint; | ||
| + | file "named.ca"; | ||
| + | }; | ||
| + | |||
| + | include "/etc/named.rfc1912.zones"; | ||
| + | include "/etc/named.root.key"; | ||
| + | </pre> | ||
| + | 編集後 | ||
| + | <pre> | ||
| + | options { | ||
| + | listen-on port 53 { | ||
| + | 127.0.0.1; | ||
| + | ***.***.***.***; /* サーバのIPアドレス */ | ||
| + | }; | ||
| + | listen-on-v6 port 53 { ::1; }; | ||
| + | directory "/var/named"; | ||
| + | dump-file "/var/named/data/cache_dump.db"; | ||
| + | statistics-file "/var/named/data/named_stats.txt"; | ||
| + | memstatistics-file "/var/named/data/named_mem_stats.txt"; | ||
| + | allow-query { any; }; /* localhost; を any; に変更 */ | ||
| + | recursion yes; | ||
| + | |||
| + | allow-recursion { localhost; }; /* 追加 */ | ||
| + | allow-query-cache { localhost; }; /* 追加 */ | ||
| + | |||
| + | dnssec-enable yes; | ||
| + | dnssec-validation yes; | ||
| + | dnssec-lookaside auto; | ||
| + | |||
| + | /* Path to ISC DLV key */ | ||
| + | bindkeys-file "/etc/named.iscdlv.key"; | ||
| + | |||
| + | managed-keys-directory "/var/named/dynamic"; | ||
| + | |||
| + | }; | ||
| + | |||
| + | logging { | ||
| + | channel default_debug { | ||
| + | file "data/named.run"; | ||
| + | severity dynamic; | ||
| + | }; | ||
| + | }; | ||
| + | |||
| + | |||
| + | zone "." IN { | ||
| + | type hint; | ||
| + | file "named.ca"; | ||
| + | }; | ||
| + | |||
| + | include "/etc/named.rfc1912.zones"; | ||
| + | include "/etc/named.root.key"; | ||
| + | |||
| + | /* zone の記載を追加 */ | ||
| + | |||
| + | zone "*****.net" { | ||
| + | type master; | ||
| + | file "pbukuma.net.zone"; | ||
| + | allow-update { none; }; | ||
| + | }; | ||
| + | |||
| + | zone "***.***.***.***.in-addr.arpa" { | ||
| + | type master; | ||
| + | file "pbukuma.net.rev"; | ||
| + | allow-update { none; }; | ||
| + | }; | ||
| + | </pre> | ||
| + | |||
| + | [https://www.nic.ad.jp/ja/dns/openresolver/ オープンリゾルバ(Open Resolver)に対する注意喚起 - JPNIC] | ||
[[Category:bind]] | [[Category:bind]] | ||
[[Category:サーバ]] | [[Category:サーバ]] | ||
2014年10月27日 (月) 05:52時点における最新版
bindの起動
/etc/init.d/named start
named.confの設定
オリジナル
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
編集後
options {
listen-on port 53 {
127.0.0.1;
***.***.***.***; /* サーバのIPアドレス */
};
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; /* localhost; を any; に変更 */
recursion yes;
allow-recursion { localhost; }; /* 追加 */
allow-query-cache { localhost; }; /* 追加 */
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
/* zone の記載を追加 */
zone "*****.net" {
type master;
file "pbukuma.net.zone";
allow-update { none; };
};
zone "***.***.***.***.in-addr.arpa" {
type master;
file "pbukuma.net.rev";
allow-update { none; };
};