DNS Server

Konfigurasi DNS Server di FreeBSD

Iwan Setiawan

eone@student.eepis-its.edu

http://student.eepis-its.edu/~eone/

DNS (Domain Name System) adalah server yang bertugas memetakan hostname ke IP dan

juga sebaliknya dari IP ke hostname. Secara default pada FreeBSD telah terinstall DNS server

BIND9 (Berkeley Internet Name Domain).

mulai konfigurasi BIND9

dalam contoh ini konfigurasi ethernet yang dipakai :

# ifconfig lnc0

lnc0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500

inet 192.168.0.100 netmask 0xffffff00 broadcast

192.168.0.255

inet6 fe80::20c:29ff:fe2d:d138%lnc0 prefixlen 64 scopeid 0×1

ether 00:0c:29:2d:d1:38

aktifkan BIND9 saat booting dengan menambah konfigurasi named_enable=”YES” pada file

/etc/rc.conf

$ su

paswoord:

# vi /etc/rc.conf

/etc/rc.conf

sshd_enable=”YES”

named_enable=”YES”

ifconfig_lnc0=”inet 192.168.0.100 netmask 255.255.255.0″

hostname=”iwan.eone.org”

konfigurasi name.conf tambahkan zona baru

# cd /etc/namedb/

# cp named.conf named.conf.old

# vi named.conf

/etc/namedb/named.conf

options {

directory “/etc/namedb”;

pid-file “/var/run/named/pid”;

dump-file “/var/dump/named_dump.db”;

statistics-file “/var/stats/named.stats”;

// listen-on { 127.0.0.1; };

// listen-on-v6 { ::1; };

/*

Tutorial ilmukomputer

Copyright © 2006 eone@student.eepis-its.edu

2

forwarders {

127.0.0.1;

};

*/

};

zone “.” {

type hint;

file “named.root”;

};

zone “0.0.127.IN-ADDR.ARPA” {

type master;

file “master/localhost.rev”;

};

// RFC 3152

zone

“1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6

.ARPA”

{

type master;

file “master/localhost-v6.rev”;

};

// RFC 1886 — deprecated

zone

“1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6

.INT” {

type master;

file “master/localhost-v6.rev”;

};

zone “eone.org” {

type master;

file “master/eone.zone”;

};

zone “168.192.in-addr.arpa” {

type master;

file “master/eone.rev”;

};

bangkitkan file localhost.rev dengan menjalankan make-localhost. Kemudian buat file

eone.rev

# sh make-localhost

# cd master

# cp localhost.rev eone.rev

# vi eone.rev

edit eone.rev , Serial disesuaikan waktu sekarang misal jam 23:30 tgl 11-09-2006 ->

0609112330

Tutorial ilmukomputer

Copyright © 2006 eone@student.eepis-its.edu

3

/etc/namedb/master/eone.rev

$TTL 3600

@ IN SOA eone.org. root.eone.org. (

0609112330 ; Serial

3600 ; Refresh

900 ; Retry

3600000 ; Expire

3600 ) ; Minimum

IN NS eone.org.

100.0 IN PTR ns.

Buat file eone.zone

# cp eone.rev eone.zone

# vi eone.zone

/etc/namedb/master/eone.zone

$TTL 3600

@ IN SOA eone.org. root.eone.org. (

0609112330 ; Serial

3600 ; Refresh

900 ; Retry

3600000 ; Expire

3600 ) ; Minimum

IN NS ns.eone.org.

IN MX 10 mail.eone.org.

ns IN A 192.168.0.100

mail IN CNAME ns

bangkitkan rndc.conf

# rndc-confgen > rndc.conf

/etc/namedb/rndc.conf

key “rndc-key” {

algorithm hmac-md5;

secret “l2wc2DlvXJk/ZtB0N1P3wg==”;

};

options {

default-key “rndc-key”;

default-server 127.0.0.1;

default-port 953;

};

# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as

needed:

# key “rndc-key” {

# algorithm hmac-md5;

# secret “l2wc2DlvXJk/ZtB0N1P3wg==”;

# };

Tutorial ilmukomputer

Copyright © 2006 eone@student.eepis-its.edu

4

#

# controls {

# inet 127.0.0.1 port 953

# allow { 127.0.0.1; } keys { “rndc-key”; };

# };

# End of named.conf

dalam rndc.conf terdapat konfigurasi untuk file named.conf yang tidak diaktifkan (#

comment) tambahkan pada named.conf

# cat rndc.conf >> named.conf

# vi named.conf

/etc/namedb/named.conf

options {

directory “/etc/namedb”;

pid-file “/var/run/named/pid”;

dump-file “/var/dump/named_dump.db”;

statistics-file “/var/stats/named.stats”;

// listen-on { 127.0.0.1; };

// listen-on-v6 { ::1; };

/*

forwarders {

127.0.0.1;

};

*/

};

zone “.” {

type hint;

file “named.root”;

};

zone “0.0.127.IN-ADDR.ARPA” {

type master;

file “master/localhost.rev”;

};

// RFC 3152

zone

“1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6

.ARPA” {

type master;

file “master/localhost-v6.rev”;

};

// RFC 1886 — deprecated

zone

“1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6

.INT” {

type master;

Tutorial ilmukomputer

Copyright © 2006 eone@student.eepis-its.edu

5

file “master/localhost-v6.rev”;

};

zone “eone.org” {

type master;

file “master/eone.zone”;

};

zone “168.192.in-addr.arpa” {

type master;

file “master/eone.rev”;

};

key “rndc-key” {

algorithm hmac-md5;

secret “l2wc2DlvXJk/ZtB0N1P3wg==”;

};

controls {

inet 127.0.0.1 port 953

allow { 127.0.0.1; } keys { “rndc-key”; };

};

# End of named.conf

konfigurasi selesai saatnya menjalankan DNS

# /etc/rc.d/named start

Strating named

Ujicoba, jika output sama dengan dibawah ini maka DNS berhasil.

# nslookup

> ns

Server: 192.168.0.100

Address: 192.168.0.100#53

Name: ns.eone.org

Address: 192.168.0.100

> 192.168.0.100

Server: 192.168.0.100

Address: 192.168.0.100#53

100.0.168.192.in-addr.arpa name = ns.

> mail

Server: 192.168.0.100

Address: 192.168.0.100#53

mail.eone.org canonical name = ns.eone.org.

Name: ns.eone.org

Address: 192.168.0.100

> exit