Raspberrypi.dns: Unterschied zwischen den Versionen

Aus OrgaMon Wiki
Zur Navigation springen Zur Suche springen
 
(6 dazwischenliegende Versionen von einem anderen Benutzer werden nicht angezeigt)
Zeile 17: Zeile 17:
* Lokale DNS Anfragen soll der eigene Server beantworten
* Lokale DNS Anfragen soll der eigene Server beantworten


  # Generated by resolvconf
  #  
# Ich bin Nameserver
#
nameserver 127.0.0.1
  domain lummerland
  domain lummerland
  #nameserver 192.168.115.25
  search lummerland
nameserver 127.0.0.1
 
* Ev. die Datei durch attrib +i resolv.conf vor überschreiben schützen


== /etc/bind/named.conf.options ==  
== /etc/bind/named.conf.options ==  
Zeile 111: Zeile 115:
  server        IN A    192.168.115.1
  server        IN A    192.168.115.1
  *.server      IN A    192.168.115.1
  *.server      IN A    192.168.115.1
raib2        IN A    192.168.115.2
*.raib2      IN A    192.168.115.2
raib2m        IN A    192.168.115.102
vpnvm        IN A    192.168.115.3
hp377dw      IN A    192.168.115.4
berlin        IN A    192.168.115.5
netgeare2db0a IN A    192.168.115.6
netgear1F2542 IN A    192.168.115.7
wii          IN A    192.168.115.8
madrid        IN A    192.168.115.9
sparta        IN A    192.168.115.10
lmbuero      IN A    192.168.115.11
lmprivat      IN A    192.168.115.12
nemo          IN A    192.168.115.13
karlsruhe    IN A    192.168.115.14
bruchsal      IN A    192.168.115.15
webshop.khao  IN A    192.168.115.16
khao          IN A    192.168.115.16
*.khao        IN A    192.168.115.16
mr3020        IN A    192.168.115.17
dresden      IN A    192.168.115.19
power        IN A    192.168.115.20
switch        IN A    192.168.115.21
rtn66u        IN A    192.168.115.22
*.raib23      IN A    192.168.115.23
raib23        IN A    192.168.115.23
raib23m      IN A    192.168.115.123
raib24        IN A    192.168.115.24
*.raib25      IN A    192.168.115.25
raib25        IN A    192.168.115.25
WR1043N      IN A    192.168.115.26
raib27        IN A    192.168.115.27
raib28        IN A    192.168.115.28
raib30        IN A    192.168.115.30
raib31        IN A    192.168.115.31
raib32        IN A    192.168.115.32
raib33        IN A    192.168.115.33
raib34        IN A    192.168.115.34
kern          IN A    192.168.115.35
frankfurt    IN A    192.168.115.36
meeresgrund  IN A    192.168.115.37
rom          IN A    192.168.115.38
*.rom        IN A    192.168.115.38
pi2x00        IN A    192.168.115.39
*.pi2x00      IN A    192.168.115.39
pi2x01        IN A    192.168.115.40
*.pi2x01      IN A    192.168.115.40
pi3x03        IN A    192.168.115.41
*.pi3x03      IN A    192.168.115.41
raib42        IN A    192.168.115.42
*.raib42      IN A    192.168.115.42
pi3x04        IN A    192.168.115.43
*.pi3x04      IN A    192.168.115.43
pi3x01        IN A    192.168.115.44
pi2x02        IN A    192.168.115.45
pi3x00        IN A    192.168.115.46
eumex620a    IN A    192.168.115.50
eumex620b    IN A    192.168.115.51
raib73        IN A    192.168.115.73
raib86        IN A    192.168.115.86
raib90        IN A    192.168.115.90
raib91        IN A    192.168.115.91
raib92        IN A    192.168.115.92
  fritzbox7490  IN A    192.168.115.95
  fritzbox7490  IN A    192.168.115.95
  repeater      IN A    192.168.115.114
  repeater      IN A    192.168.115.114
Zeile 182: Zeile 123:


  $TTL 2D
  $TTL 2D
  @  IN SOA  raib91.lummerland. root.lummerland. (
  @  IN SOA  pins.lummerland. root.lummerland. (
             2016020313 ; serial
             2016020313 ; serial
             2D        ; refresh
             2D        ; refresh
Zeile 189: Zeile 130:
             1W  )  ; minimum
             1W  )  ; minimum
   
   
  115.168.192.in-addr.arpa.   IN NS   localhost.
  @   IN NS     pins.lummerland.
  1  IN PTR    server.lummerland.
  1  IN PTR    server.lummerland.
2  IN PTR    raib2.lummerland.
3  IN PTR    vpnvm.lummerland.
4  IN PTR    hp377dw.lummerland.
5  IN PTR    berlin.lummerland.
6  IN PTR    netgeare2db0a.lummerland.
7  IN PTR    netgear1F2542.lummerland.
8  IN PTR    wii.lummerland.
9  IN PTR    madrid.lummerland.
10  IN PTR    sparta.lummerland.
11  IN PTR    lmbuero.lummerland.
12  IN PTR    lmprivat.lummerland.
13  IN PTR    nemo.lummerland.
14  IN PTR    karlsruhe.lummerland.
15  IN PTR    bruchsal.lummerland.
16  IN PTR    khao.lummerland.
17  IN PTR    mr3020.lummerland.
19  IN PTR    dresden.lummerland.
20  IN PTR    power.lummerland.
21  IN PTR    switch.lummerland.
22  IN PTR    rtn66u.lummerland.
23  IN PTR    raib23.lummerland.
24  IN PTR    raib24.lummerland.
25  IN PTR    raib25.lummerland.
26  IN PTR    WR1043N.lummerland.
27  IN PTR    raib27.lummerland.
28  IN PTR    raib28.lummerland.
30  IN PTR    raib30.lummerland.
31  IN PTR    raib31.lummerland.
33  IN PTR    raib33.lummerland.
34  IN PTR    raib34.lummerland.
35  IN PTR    kern.lummerland.
36  IN PTR    frankfurt.lummerland.
37  IN PTR    meeresgrund.lummerland.
38  IN PTR    rom.lummerland.
39  IN PTR    pi2x00.lummerland.
40  IN PTR    pi2x01.lummerland.
41  IN PTR    pi3x03.lummerland.
42  IN PTR    raib42.lummerland.
43  IN PTR    pi3x04.lummerland.
44  IN PTR    pi3x01.lummerland.
45  IN PTR    pi2x02.lummerland.
46  IN PTR    pi3x00.lummerland.
50  IN PTR    eumex620a.lummerland.
51  IN PTR    eumex620b.lummerland.
86  IN PTR    raib86.lummerland.
90  IN PTR    raib90.lummerland.
91  IN PTR    raib91.lummerland.
95  IN PTR    fritzbox7490.lummerland.
100 IN PTR    prag.lummerland.
102 IN PTR    raib2m.lummerland.
  114 IN PTR    repeater.lummerland.
  114 IN PTR    repeater.lummerland.
  115 IN PTR    gateway.lummerland.
  115 IN PTR    gateway.lummerland.
  116 IN PTR    router.lummerland.
  116 IN PTR    router.lummerland.
123 IN PTR    raib23m.lummerland.
  ;
  ;
  ; 200 bis 249 ist reserviert fuer freies DHCP
  ; 200 bis 249 ist reserviert fuer freies DHCP
Zeile 276: Zeile 166:
  resolvconf -l
  resolvconf -l


apt install dnsutils
  dig @pi3x00 orgamon.org
  dig @pi3x00 orgamon.org

Aktuelle Version vom 14. Juni 2023, 11:17 Uhr

apt install bind9-doc bind9 dnsutils

Hostname dieses Nameservers

  • In den Dateien verwende ich pins als Hostname für diesen Nameserver

Uhrzeit-Problem

  • Der Rapsberry Pi hat keine Hardware-Uhr, das ist bei bind9 problematisch, da DNS-Server im Internet befragt werden und dazu zeitabhängige Schlüssel verwendet werden
  • Ist die Uhrzeit hierbei falsch (zum Beispiel nach einem 3 stündigen Stromausfall) wird sich also der lokale DNS Server weigern Antworten aus dem Internet zu akzeptieren, der Dienst fällt dann für das lokale Netz aus
  • Somit sollte man per ntp !!!OHNE NAMENSAUFLÖSUNG!!! einen Zeitserver kontaktieren und erst mal die Uhr stellen, dann kann man den bind9 starten
  • ... die muss noch erledigt werden

/etc/resolv.conf

  • Lokale DNS Anfragen soll der eigene Server beantworten
# 
# Ich bin Nameserver
#
nameserver 127.0.0.1
domain lummerland
search lummerland
  • Ev. die Datei durch attrib +i resolv.conf vor überschreiben schützen

/etc/bind/named.conf.options

options {
       directory "/var/cache/bind";

       // If there is a firewall between you and nameservers you want
       // to talk to, you may need to fix the firewall to allow multiple
       // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

       // If your ISP provided one or more IP addresses for stable 
       // nameservers, you probably want to use them as forwarders.  
       // Uncomment the following block, and insert the addresses replacing 
       // the all-0's placeholder.

       forwarders {
               1.1.1.1; 
       };

       notify no;

       //========================================================================
       // If BIND logs error messages about the root key being expired,
       // you will need to update your keys.  See https://www.isc.org/bind-keys
       //========================================================================
       dnssec-validation auto;

       auth-nxdomain no;    # conform to RFC1035
       listen-on-v6 { any; };
};

/etc/bind/named.conf.local

//
// Do any local configuration here
//

zone "lummerland" in { 
 type master; 
 file "/etc/bind/db.lummerland"; 
};

zone "115.168.192.in-addr.arpa" in {
 type master;
 file "/etc/bind/db.115.168.192";
};

zone "orgamon.org." {
 type master;
 file "/etc/bind/db.orgamon.org";
};

zone "orgamon.de." {
 type master;
 file "/etc/bind/db.orgamon.de";
}; 

zone "orgamon.net." {
 type master;
 file "/etc/bind/db.orgamon.net";
};

zone "orgamon.eu." {
 type master;
 file "/etc/bind/db.orgamon.eu";
};



// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";


/etc/bind/db.lummerland

$TTL 2D
@  IN SOA  pins.lummerland.   root.lummerland. (
          2016020313 ; serial
          2D         ; refresh
          4H         ; retry
          6W         ; expiry
          1W  )     ; minimum

@             IN NS   pins.lummerland.

localhost     IN A    127.0.0.1
server        IN A    192.168.115.1
*.server      IN A    192.168.115.1
fritzbox7490  IN A    192.168.115.95
repeater      IN A    192.168.115.114
gateway       IN A    192.168.115.115
router        IN A    192.168.115.116

/etc/bind/db.115.168.192

$TTL 2D
@   IN SOA  pins.lummerland. root.lummerland. (
           2016020313 ; serial
           2D        ; refresh
           4H       ; retry
           6W       ; expire
           1W  )   ; minimum

@   IN NS     pins.lummerland.
1   IN PTR    server.lummerland.
114 IN PTR    repeater.lummerland.
115 IN PTR    gateway.lummerland.
116 IN PTR    router.lummerland.
;
; 200 bis 249 ist reserviert fuer freies DHCP
;

/etc/bind/db.orgamon.org

$TTL    604800
@       IN      SOA     localhost. root.localhost. (
                              5         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      localhost.
orgamon.org.    IN     A       192.168.115.25
*.orgamon.org.  IN     A       192.168.115.25
@       IN      MX     10  mx.orgamon.eu.

/etc/bind/db.orgamon.de

/etc/bind/db.orgamon.eu

/etc/bind/db.orgamon.net

Rechte

chmod 644 db.*
systemctl start bind9

Test

resolvconf -l
apt install dnsutils
dig @pi3x00 orgamon.org