IPv6 學習筆記 002 – 安裝支援 IPv6 的 DNS
簡述
使 DNS Server 支援 IPv6 的查詢
環境
- Cent OS 5.8
- BIND 9.3.6
使用機器
TWNIC 提供的 IPv6 線上實作伺服器,此線上系統可供你在線上練習架設 DNS 伺服器。
步驟記錄
1. 步驟與指令
yum -y install bind system-config-bind bind-chroot cp /usr/share/system-config-bind/profiles/default/named.conf /var/named/chroot/etc/ cp /usr/share/system-config-bind/profiles/default/named/*.* /var/named/chroot/var/named/ cp /usr/share/doc/bind-9.3.6/sample/var/named/named.root /var/named/chroot/var/named/ #先啟動試試看,安裝成功的話,應該都可以順利啟動 /etc/init.d/named start /etc/init.d/named stop /etc/init.d/named start # 編輯各個設定檔案,檔案內容請參考後面,這裡不列出 joe /var/named/chroot/etc/named.conf joe /var/named/chroot/var/named/name.cent01.ipv6lab.tw joe /var/named/chroot/var/named/named.80.201.210 joe /var/named/chroot/var/named/named.0.0.0.0.1.a.0.4.0.0.0.0.4.0.4.2 /etc/init.d/named restart tail -n 30 /var/log/messages | grep named ## 檢查啟動訊息,方便除錯 # 編輯防火牆 joe /etc/sysconfig/iptables joe /etc/sysconfig/ip6tables # 重啟防火牆 /etc/init.d/ip6tables restart /etc/init.d/iptables restart
2. 主要設定檔:
- joe /var/named/chroot/etc/named.conf
options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; listen-on port 53 { any; }; listen-on-v6 port 53 { any; }; allow-query { any; }; allow-transfer { none; }; version "Ohama"; }; zone "." IN { type hint; file "named.root"; }; zone "cent01.ipv6lab.tw" IN { type master; file "name.cent01.ipv6lab.tw"; allow-update { none; }; }; zone "80.201.210.in-addr.arpa." IN { type master; file "named.80.201.210"; allow-update { none; }; }; zone "0.0.0.0.1.a.0.4.0.0.0.0.4.0.4.2.ip6.arpa." IN { type master; file "named.0.0.0.0.1.a.0.4.0.0.0.0.4.0.4.2"; allow-update { none; }; }; include "/etc/rndc.key";
3. 正解設定檔
- joe /var/named/chroot/var/named/name.cent01.ipv6lab.tw
$TTL 86400 @ IN SOA @ administrator.cent01a.ipv6lab.tw. ( 2013122803 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum @ IN NS ns1.cent01.ipv6lab.tw. ns1 IN A 210.201.80.1 ns1 IN AAAA 2404:0:40a1:0:215:5dff:fe50:f37b mail IN A 210.201.80.1 mail IN AAAA 2404:0:40a1:0:215:5dff:fe50:f37b
4. IPv4反解設定檔
- joe /var/named/chroot/var/named/named.80.201.210
$TTL 86400 @ IN SOA @ administrator.cent01a.ipv6lab.tw. ( 2013122803 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum @ IN NS ns1.cent01.ipv6lab.tw. 1 IN PTR ns1.cent01.ipv6lab.tw. 1 IN PTR mail.cent01.ipv6lab.tw.
5. IPv6 反解設定檔
- joe /var/named/chroot/var/named/named.0.0.0.0.1.a.0.4.0.0.0.0.4.0.4.2
$TTL 86400 @ IN SOA @ administrator.cent01a.ipv6lab.tw. ( 2013122803 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum @ IN NS ns1.cent01.ipv6lab.tw. b.7.3.f.0.5.e.f.f.f.d.5.5.1.2.0 IN PTR ns1.cent01.ipv6lab.tw. b.7.3.f.0.5.e.f.f.f.d.5.5.1.2.0 IN PTR mail.cent01.ipv6lab.tw.
6. 防火牆設定
- joe /etc/sysconfig/iptables
- joe /etc/sysconfig/ip6tables
-A RH-Firewall-1-INPUT -p TCP -i eth0 --dport 53 -j ACCEPT -A RH-Firewall-1-INPUT -p UDP -i eth0 --dport 53 -j ACCEPT -A RH-Firewall-1-INPUT -p TCP -i eth0 --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -p TCP -i eth0 --dport 110 -j ACCEPT -A RH-Firewall-1-INPUT -p TCP -i eth0 --dport 25 -j ACCEPT
7. 檢查
[root@happyMach]# nslookup > server ns1.cent01.ipv6lab.tw Default server: ns1.cent01.ipv6lab.tw Address: 2404:0:40a1:0:215:5dff:fe50:f37b#53 Default server: ns1.cent01.ipv6lab.tw Address: 210.201.80.1#53 > set type=ptr > 2404:0:40a1:0:215:5dff:fe50:f37b Server: ns1.cent01.ipv6lab.tw Address: 2404:0:40a1:0:215:5dff:fe50:f37b#53 b.7.3.f.0.5.e.f.f.f.d.5.5.1.2.0.0.0.0.0.1.a.0.4.0.0.0.0.4.0.4.2.ip6.arpa name = mail.cent01.ipv6lab.tw. b.7.3.f.0.5.e.f.f.f.d.5.5.1.2.0.0.0.0.0.1.a.0.4.0.0.0.0.4.0.4.2.ip6.arpa name = ns1.cent01.ipv6lab.tw.
Leave a Reply