Difference between revisions of "DNS"
| Line 50: | Line 50: | ||
; name servers - NS records | ; name servers - NS records | ||
IN NS ns1.contohdns.com. | IN NS ns1.contohdns.com. | ||
| − | + | ; | |
; name servers - A records | ; name servers - A records | ||
ns1.contohdns.com. IN A 192.168.1.103 | ns1.contohdns.com. IN A 192.168.1.103 | ||
| − | + | ; | |
; 192.168.1.0/16 - A records | ; 192.168.1.0/16 - A records | ||
www.contohdns.com. IN A 192.168.1.103 | www.contohdns.com. IN A 192.168.1.103 | ||
Latest revision as of 15:01, 24 May 2022
The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System has been an essential component of the functionality of the Internet since 1985.
The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet resources by designating authoritative name servers for each domain. Network administrators may delegate authority over sub-domains of their allocated name space to other name servers. This mechanism provides distributed and fault-tolerant service and was designed to avoid a single large central database.
The Domain Name System also specifies the technical functionality of the database service that is at its core. It defines the DNS protocol, a detailed specification of the data structures and data communication exchanges used in the DNS, as part of the Internet Protocol Suite.
The Internet maintains two principal namespaces, the domain name hierarchy[1] and the Internet Protocol (IP) address spaces.[2] The Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces. Internet name servers and a communication protocol implement the Domain Name System.[3] A DNS name server is a server that stores the DNS records for a domain; a DNS name server responds with answers to queries against its database.
The most common types of records stored in the DNS database are for Start of Authority (SOA), IP addresses (A and AAAA), SMTP mail exchangers (MX), name servers (NS), pointers for reverse DNS lookups (PTR), and domain name aliases (CNAME). Although not intended to be a general purpose database, DNS has been expanded over time to store records for other types of data for either automatic lookups, such as DNSSEC records, or for human queries such as responsible person (RP) records. As a general purpose database, the DNS has also been used in combating unsolicited email (spam) by storing a real-time blackhole list (RBL). The DNS database is traditionally stored in a structured text file, the zone file, but other database systems are common.
Contents
Instalasi
BIND (Berkeley Internet Name Domain) adalah implementasi dari protokol DNS. Cara instalasi
sudo apt install bind9 bind9utils bind9-doc
Konfigurasi file lokal
sudo vi /etc/bind/named.conf.local
Di file ini kita bisa tambahkan forward dan revese zone (asumsi subnet 192.168.1.0/24) dari sebuah domain, contoh
zone "server.kampus.ac.id" {
type master;
file "/etc/bind/zones/db.kampus.ac.id"; # zone file path
allow-transfer { 10.128.20.12; }; # ns2 private IP address - secondary
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.192.168.1"; # 192.168.1.0/24 subnet
allow-transfer { 10.128.20.12; }; # ns2 private IP address - secondary
};
Buat forward zone file
sudo mkdir /etc/bind/zones cd /etc/bind/zones sudo cp ../db.local ./db.kampus.ac.id sudo vi /etc/bind/zones/db.kampus.ac.id
Ubah menjadi
$TTL 604800
@ IN SOA localhost. root.localhost. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers - NS records
IN NS ns1.contohdns.com.
;
; name servers - A records
ns1.contohdns.com. IN A 192.168.1.103
;
; 192.168.1.0/16 - A records
www.contohdns.com. IN A 192.168.1.103
contohdns.com. IN A 192.168.1.103
; Email
contohdns.com IN MX 10 contohdns.com
Buat reverse zone file
cd /etc/bind/zones sudo cp ../db.127 ./db.192.168 sudo vi /etc/bind/zones/db.192.168
Ubah menjadi
$TTL 604800
@ IN SOA localhost. root.localhost. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; name servers
IN NS ns1.contohdns.com.
IN NS ns2.contohdns.com.
; PTR Records 10.1 IN PTR ns1.contohdns.com. ; 192.168.1.103 10.1 IN PTR www.contohdns.com. ; 192.168.1.103 10.1 IN PTR contohdns.com. ; 192.168.1.103
Cek konfigurasi
sudo named-checkconf
Cek zone tertentu
sudo named-checkzone kampus.ac.id db.kampus.ac.id sudo named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.192.168
Lakukan restart jika sudah OK
sudo service bind9 restart sudo systemctl start bind9
