1.
1 2 3 4 5 6 7 8 | # apt-get update Hit:1 http://kr.archive.ubuntu.com/ubuntu xenial InRelease Hit:2 http://kr.archive.ubuntu.com/ubuntu xenial-updates InRelease Hit:3 http://kr.archive.ubuntu.com/ubuntu xenial-backports InRelease Get:4 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB] Fetched 107 kB in 1s (72.4 kB/s) Reading package lists... Done | cs |
2.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 | # apt-get install bind9 Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: bind9utils libirs141 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib python python-minimal python2.7 python2.7-minimal Suggested packages: bind9-doc python-doc python-tk python2.7-doc binutils binfmt-support The following NEW packages will be installed: bind9 bind9utils libirs141 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib python python-minimal python2.7 python2.7-minimal 0 upgraded, 10 newly installed, 0 to remove and 0 not upgraded. Need to get 4,467 kB of archives. After this operation, 19.5 MB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpython2.7-minimal amd64 2.7.12-1ubuntu0~16.04.3 [340 kB] Get:2 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python2.7-minimal amd64 2.7.12-1ubuntu0~16.04.3 [1,261 kB] Get:3 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python-minimal amd64 2.7.12-1~16.04 [28.1 kB] Get:4 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpython2.7-stdlib amd64 2.7.12-1ubuntu0~16.04.3 [1,880 kB] Get:5 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python2.7 amd64 2.7.12-1ubuntu0~16.04.3 [224 kB] Get:6 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpython-stdlib amd64 2.7.12-1~16.04 [7,768 B] Get:7 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python amd64 2.7.12-1~16.04 [137 kB] Get:8 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libirs141 amd64 1:9.10.3.dfsg.P4-8ubuntu1.10 [18.0 kB] Get:9 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 bind9utils amd64 1:9.10.3.dfsg.P4-8ubuntu1.10 [201 kB] Get:10 http://kr.archive.ubuntu.com/ubuntu xenial-updates/main amd64 bind9 amd64 1:9.10.3.dfsg.P4-8ubuntu1.10 [372 kB] Fetched 4,467 kB in 1s (4,282 kB/s) Preconfiguring packages ... Selecting previously unselected package libpython2.7-minimal:amd64. (Reading database ... 92627 files and directories currently installed.) Preparing to unpack .../libpython2.7-minimal_2.7.12-1ubuntu0~16.04.3_amd64.deb ... Unpacking libpython2.7-minimal:amd64 (2.7.12-1ubuntu0~16.04.3) ... Selecting previously unselected package python2.7-minimal. Preparing to unpack .../python2.7-minimal_2.7.12-1ubuntu0~16.04.3_amd64.deb ... Unpacking python2.7-minimal (2.7.12-1ubuntu0~16.04.3) ... Selecting previously unselected package python-minimal. Preparing to unpack .../python-minimal_2.7.12-1~16.04_amd64.deb ... Unpacking python-minimal (2.7.12-1~16.04) ... Selecting previously unselected package libpython2.7-stdlib:amd64. Preparing to unpack .../libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.3_amd64.deb ... Unpacking libpython2.7-stdlib:amd64 (2.7.12-1ubuntu0~16.04.3) ... Selecting previously unselected package python2.7. Preparing to unpack .../python2.7_2.7.12-1ubuntu0~16.04.3_amd64.deb ... Unpacking python2.7 (2.7.12-1ubuntu0~16.04.3) ... Selecting previously unselected package libpython-stdlib:amd64. Preparing to unpack .../libpython-stdlib_2.7.12-1~16.04_amd64.deb ... Unpacking libpython-stdlib:amd64 (2.7.12-1~16.04) ... Processing triggers for man-db (2.7.5-1) ... Processing triggers for mime-support (3.59ubuntu1) ... Setting up libpython2.7-minimal:amd64 (2.7.12-1ubuntu0~16.04.3) ... Setting up python2.7-minimal (2.7.12-1ubuntu0~16.04.3) ... Linking and byte-compiling packages for runtime python2.7... Setting up python-minimal (2.7.12-1~16.04) ... Selecting previously unselected package python. (Reading database ... 93373 files and directories currently installed.) Preparing to unpack .../python_2.7.12-1~16.04_amd64.deb ... Unpacking python (2.7.12-1~16.04) ... Selecting previously unselected package libirs141:amd64. Preparing to unpack .../libirs141_1%3a9.10.3.dfsg.P4-8ubuntu1.10_amd64.deb ... Unpacking libirs141:amd64 (1:9.10.3.dfsg.P4-8ubuntu1.10) ... Selecting previously unselected package bind9utils. Preparing to unpack .../bind9utils_1%3a9.10.3.dfsg.P4-8ubuntu1.10_amd64.deb ... Unpacking bind9utils (1:9.10.3.dfsg.P4-8ubuntu1.10) ... Selecting previously unselected package bind9. Preparing to unpack .../bind9_1%3a9.10.3.dfsg.P4-8ubuntu1.10_amd64.deb ... Unpacking bind9 (1:9.10.3.dfsg.P4-8ubuntu1.10) ... Processing triggers for man-db (2.7.5-1) ... Processing triggers for libc-bin (2.23-0ubuntu10) ... Processing triggers for ufw (0.35-0ubuntu2) ... Processing triggers for systemd (229-4ubuntu21.2) ... Processing triggers for ureadahead (0.100.0-19) ... Setting up libpython2.7-stdlib:amd64 (2.7.12-1ubuntu0~16.04.3) ... Setting up python2.7 (2.7.12-1ubuntu0~16.04.3) ... Setting up libpython-stdlib:amd64 (2.7.12-1~16.04) ... Setting up python (2.7.12-1~16.04) ... Setting up libirs141:amd64 (1:9.10.3.dfsg.P4-8ubuntu1.10) ... Setting up bind9utils (1:9.10.3.dfsg.P4-8ubuntu1.10) ... Setting up bind9 (1:9.10.3.dfsg.P4-8ubuntu1.10) ... Adding group `bind' (GID 117) ... Done. Adding system user `bind' (UID 111) ... Adding new user `bind' (UID 111) with group `bind' ... Not creating home directory `/var/cache/bind'. wrote key file "/etc/bind/rndc.key" # Processing triggers for libc-bin (2.23-0ubuntu10) ... Processing triggers for systemd (229-4ubuntu21.2) ... Processing triggers for ureadahead (0.100.0-19) ... Processing triggers for ufw (0.35-0ubuntu2) ... | cs |
3.
1 2 | # service bind9 start | cs |
4.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | # service bind9 status ● bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Drop-In: /run/systemd/generator/bind9.service.d └─50-insserv.conf-$named.conf Active: active (running) since Mon 2018-06-04 10:45:05 KST; 27s ago Docs: man:named(8) Main PID: 4135 (named) Tasks: 5 Memory: 14.3M CPU: 45ms CGroup: /system.slice/bind9.service └─4135 /usr/sbin/named -f -u bind Jun 04 10:45:05 ubuntu01 named[4135]: zone 255.in-addr.arpa/IN: loaded serial 1 Jun 04 10:45:05 ubuntu01 named[4135]: zone localhost/IN: loaded serial 2 Jun 04 10:45:05 ubuntu01 named[4135]: all zones loaded Jun 04 10:45:05 ubuntu01 named[4135]: running Jun 04 10:45:05 ubuntu01 named[4135]: network unreachable resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53 Jun 04 10:45:05 ubuntu01 named[4135]: network unreachable resolving './NS/IN': 2001:503:ba3e::2:30#53 Jun 04 10:45:05 ubuntu01 named[4135]: network unreachable resolving 'E.ROOT-SERVERS.NET/AAAA/IN': 2001:500:2d::d#53 Jun 04 10:45:05 ubuntu01 named[4135]: network unreachable resolving './DNSKEY/IN': 2001:500:2d::d#53 Jun 04 10:45:05 ubuntu01 named[4135]: network unreachable resolving './NS/IN': 2001:500:2d::d#53 Jun 04 10:45:05 ubuntu01 named[4135]: network unreachable resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:500:2d::d#53 | cs |
5.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | # host google.co.kr 127.0.0.1 Using domain server: Name: 127.0.0.1 Address: 127.0.0.1#53 Aliases: google.co.kr has address 172.217.26.3 google.co.kr has IPv6 address 2404:6800:4004:809::2003 google.co.kr mail is handled by 50 alt4.aspmx.l.google.com. google.co.kr mail is handled by 40 alt3.aspmx.l.google.com. google.co.kr mail is handled by 30 alt2.aspmx.l.google.com. google.co.kr mail is handled by 10 aspmx.l.google.com. google.co.kr mail is handled by 20 alt1.aspmx.l.google.com. | cs |
6.
1 2 | # vi /etc/bind/named.conf.options | cs |
7.
: default
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; | cs |
: edit
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; recursion yes; allow-transfer { none; }; forwarders { 8.8.8.8; 8.8.4.4; }; forward only; allow-query { any; }; }; | cs |
8.
1 2 | # vi /etc/bind/named.conf.local | cs |
9.
: default
1 2 3 4 5 6 7 8 | // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; | cs |
: edit
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "ubuntu01.local" { type master; file "/etc/bind/forward.ubuntu01.local"; }; zone "0.168.192.in-addr.arpa" { type master; file "/etc/bind/reverse.ubuntu01.local"; }; | cs |
10.
1 2 | # cp /etc/bind/db.local /etc/bind/forward.ubuntu01.local | cs |
11.
1 2 | # vi /etc/bind/forward.ubuntu01.local | cs |
12.
: default
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | ; ; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. @ IN A 127.0.0.1 @ IN AAAA ::1 | cs |
13.
1 2 | # cp /etc/bind/db.local /etc/bind/reverse.ubuntu01.local | cs |
14.
: default
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | ; ; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. @ IN A 127.0.0.1 @ IN AAAA ::1 | cs |
15.
1 2 | # systemctl restart bind9 | cs |
16.
1 2 3 4 | # systemctl enable bind9 Synchronizing state of bind9.service with SysV init with /lib/systemd/systemd-sysv-install... Executing /lib/systemd/systemd-sysv-install enable bind9 | cs |
17.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | # systemctl status bind9 ● bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Drop-In: /run/systemd/generator/bind9.service.d └─50-insserv.conf-$named.conf Active: active (running) since Mon 2018-06-04 11:22:51 KST; 26s ago Docs: man:named(8) Main PID: 4287 (named) CGroup: /system.slice/bind9.service └─4287 /usr/sbin/named -f -u bind Jun 04 11:22:51 ubuntu01 named[4287]: managed-keys-zone: journal file is out of date: removing journal file Jun 04 11:22:51 ubuntu01 named[4287]: managed-keys-zone: loaded serial 2 Jun 04 11:22:51 ubuntu01 named[4287]: zone 0.in-addr.arpa/IN: loaded serial 1 Jun 04 11:22:51 ubuntu01 named[4287]: zone 127.in-addr.arpa/IN: loaded serial 1 Jun 04 11:22:51 ubuntu01 named[4287]: zone 0.168.192.in-addr.arpa/IN: loaded serial 2 Jun 04 11:22:51 ubuntu01 named[4287]: zone ubuntu01.local/IN: loaded serial 2 Jun 04 11:22:51 ubuntu01 named[4287]: zone localhost/IN: loaded serial 2 Jun 04 11:22:51 ubuntu01 named[4287]: zone 255.in-addr.arpa/IN: loaded serial 1 Jun 04 11:22:51 ubuntu01 named[4287]: all zones loaded Jun 04 11:22:51 ubuntu01 named[4287]: running | cs |
18.
1 2 3 4 | # ufw allow 53 Rules updated Rules updated (v6) | cs |
19.
1 2 | # named-checkconf /etc/bind/named.conf.local | cs |
20.
1 2 3 4 | # named-checkzone ubuntu01.local /etc/bind/forward.ubuntu01.local zone ubuntu01.local/IN: loaded serial 2 OK | cs |
21.
1 2 3 4 | # named-checkzone ubuntu01.local /etc/bind/reverse.ubuntu01.local zone ubuntu01.local/IN: loaded serial 2 OK | cs |
22. Test