Contents
CentOS8の内向きDNS設定
基本的にはCentOS7と同じでOK。
※以下<localdomain>は実際に割り当てるローカルドメイン名。またIPアドレスは192.168.1.0/24のクラスCとする。
dnf install bind bind-chroot bind-utils /usr/libexec/setup-named-chroot.sh /var/named/chroot on vi /etc/named.conf
#以下変更 #listen-on port 53 { 127.0.0.1; }; #listen-on-v6 port 53 { ::1; }; listen-on port 53 { any; }; allow-query { localhost; localnets; }; forwarders { 8.8.8.8; 8.8.4.4; }; dnssec-validation no; #以下追加 zone "<localdomain>" { type master; file "<localdomain>.lan"; allow-update { localhost; localnets; }; }; zone "1.168.192.in-addr.arpa" { type master; file "1.168.192.in-addr.arpa.db"; allow-update { localhost; localnets; }; };
vi /var/named/<localdomain>.lan
$TTL 86400 @ IN SOA <localdomain>. root.<localdomain>. ( 2019102400 ; serial 3608 ; refresh (1 hour) 900 ; retry (15 minuts) 604800 ; expire (1 week) 86400 ; negative (1 day) ) IN NS <localdomain>. IN MX 101 <localdomain>. @ IN A 192.168.1.101 client1 IN A 192.168.1.10 client2 IN A 192.168.1.20 * IN A 192.168.1.30 www IN CNAME <localdomain>.
vi 1.168.192.in-addr.arpa.db
$TTL 86400 @ IN SOA <localdomain>. root.<localdomain>. ( 2019102400 ; serial 3608 ; refresh (1 hour) 900 ; retry (15 minutes) 3600000 ; expire (1 week) 86400 ; negative (1 day) ) IN NS <localdomain>. 10 IN PTR client1.<localdomain>. 20 IN PTR client2.<localdomain>.
構文チェック
named-checkzone <localdomain> /var/named/<localdomain>.lan named-checkzone 1.168.192.in-addr.arpa /var/named/1.168.192.in-addr.arpa.db
起動設定
chown -R named.named /var/named systemctl start named-chroot systemctl enable named-chroot
firewallが有効な場合
同じくCentOS7と同じでOK。
firewall-cmd --add-service=dns --permanent firewall-cmd --reload firewall-cmd --list-all-zones