Cara install dan konfigurasi BIND DNS server CentOS

By | September 24, 2018
0 Comment

Panduan install dan konfigurasi BIND DNS server di Linux CentOS bagi membangun branded nameserver atau vanity nameserver, yaitu name server dengan nama domain yang diinginkan, misalnya ns1.domain-sendiri.com ns2.domain-sendiri.com. Bagi Ubuntu silahkan ikuti panduan cara membuat private nameserver dengan BIND di Ubuntu/Debian.

BIND kalau di CentOS dikenal dengan named, named hanya alias dari BIND, kalau di Ubuntu/Debian namanya BIND9. BIND dan DNS secara rinci deskripsinya dapat kamu lihat di halaman download BIND. Oke mari kita mulai.

Instalasi BIND di CentOS

Eksekusi command berikut bagi memulai instalasi BIND

sudo yum install bind bind-utils -y

Mengatur konfigurasi BIND DNS server

Buka dan modifikasi file konfigurasi named

nano /etc/named.conf

Silahkan dicocokan dengan domain dan IP server kamu

options {
listen-on port 53 { 127.0.0.1; 192.10.10.1;}; #ip ns1
directory       /var/named;
dump-file       /var/named/data/cache_dump.db;
statistics-file /var/named/data/named_stats.txt;
memstatistics-file /var/named/data/named_mem_stats.txt;
allow-query     { localhost; any; }; #tambahkan bagi slave 192.10.0.2; sekiranya ada
forwarders{ 8.8.8.8; 8.8.4.4; };
version Onde onde idnetter; # Menyamarkan versi BIND

recursion yes;

dnssec-enable yes;
dnssec-validation yes;

/* Path to ISC DLV key */
bindkeys-file /etc/named.iscdlv.key;

managed-keys-directory /var/named/dynamic;

pid-file /run/named/named.pid;
session-keyfile /run/named/session.key;
};

logging {
channel default_debug {
file data/named.run;
severity dynamic;
};
};

zone . IN {
type hint;
file named.ca;
};

zone idnetter.com {
type master;
file /var/named/db.idnetter.com;
allow-transfer { 192.10.10.1; }; # catatan: ini IP slave (ns2), sekiranya ada
};

include /etc/named.rfc1912.zones;
include /etc/named.root.key;

Merancang file DNS zone

Merancang berkas DNS zone bagi domain idnetter.com

nano /var/named/db.idnetter.com

Copy konfigurasi DNS record bagi domain idnetter.com berikut, sesuaikan

$TTL 604800
@INSOAns1.idnetter.com.admin.idnetter.com. (
3; Serial
604800; Refresh
86400; Retry
2419200; Expire
604800); Negative Cache TTL
;
; name servers - NS records
@14400INNSns1.idnetter.com.
@14400INNSns2.idnetter.com.
 
; name servers - A records
@14400INA192.168.10.1
ns114400INA192.168.10.1
ns214400INA192.168.10.1
mail14400INA192.168.10.1
 
; CNAME
www14400INCNAMEidnetter.com.
 
; MX records - sangat tak ada 2 mx (mail.idnetter.com. backup - install mail server di server backup)
@14400INMX10idnetter.com.
@14400INMX20mail.idnetter.com.
 
; TXT value - SPF
@14400INTXTv=spf1 a mx ip4:192.168.10.1  all
 
; DMARC1
_dmarc  14400INTXTv=DMARC1; p=none

Mengubah hak akses zone files

chown -R root:named /var/named/db.idnetter.com

Restart BIND

systemctl restart named

Berikutnya daftarkan nameserver ns1.domain-sendiri.com dan ns2.domain-sendiri.com di panel domain.


Sumber https://idnetter.com