Difference between revisions of "Raspbian: install DNS server"
Onnowpurbo (talk | contribs) (Created page with "==Instalasi== sudo apt-get install dnsutils bind9 ==Pranala Menarik== * Internet Offline") |
Onnowpurbo (talk | contribs) |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | Kadangkala, kita membutuhkan DNS Server lokal agar para user/siswa yang mengakses server Raspberry Pi tidak perlu mengetik IP address akan tetapi menggunakan nama mesin. Di Linux, termasuk di Raspberry Pi, salah satu DNS server lokal yang sering digunakan adalah BIND. | |
− | + | Instalasi BIND cukup mudah menggunakan perintah berikut, | |
+ | sudo su | ||
+ | apt update | ||
+ | apt install bind9 bind9utils bind9-doc | ||
+ | |||
+ | Jika kita hanya menginginkan BIND hanya beroperasi untuk IPv4, kita butuh menambahkan switch (-4) sebagai berikut | ||
+ | |||
+ | vi /etc/default/bind9 | ||
+ | |||
+ | Tambahkan (-4) | ||
+ | |||
+ | OPTIONS="-4 -u bind" | ||
+ | |||
+ | Untuk menambahkan domain lokal ke konfigurasi local BIND, kita dapat menggunakan perintah berikut, | ||
+ | |||
+ | sudo vi /etc/bind/named.conf.local | ||
+ | |||
+ | Di file ini kita bisa tambahkan forward dan reverse zone (asumsi subnet 192.168.1.0/24) dari sebuah domain, contoh | ||
+ | |||
+ | zone "itts.ac.id" { | ||
+ | type master; | ||
+ | file "/etc/bind/zones/db.itts.ac.id"; # zone file path | ||
+ | allow-transfer { 10.128.20.12; }; # ns2 private IP address - secondary | ||
+ | }; | ||
+ | |||
+ | zone "4.168.192.in-addr.arpa" { | ||
+ | type master; | ||
+ | file "/etc/bind/zones/db.192.168"; # 192.168.0.0/16 subnet | ||
+ | allow-transfer { 10.128.20.12; }; # ns2 private IP address - secondary | ||
+ | }; | ||
+ | |||
+ | Untuk membuat Forward Zone File kita dapat membuat dan mengedit, | ||
+ | |||
+ | sudo mkdir /etc/bind/zones | ||
+ | cd /etc/bind/zones | ||
+ | sudo cp ../db.local ./db.itts.ac.id | ||
+ | sudo vi /etc/bind/zones/db.itts.ac.id | ||
+ | |||
+ | Isi awalnya kira-kira | ||
+ | |||
+ | $TTL 604800 | ||
+ | @ IN SOA localhost. root.localhost. ( | ||
+ | 2 ; Serial | ||
+ | 604800 ; Refresh | ||
+ | 86400 ; Retry | ||
+ | 2419200 ; Expire | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | ; | ||
+ | @ IN NS localhost. ; delete this line | ||
+ | @ IN A 127.0.0.1 ; delete this line | ||
+ | @ IN AAAA ::1 ; delete this line | ||
+ | |||
+ | File tersebut kemudian kita ubah menjadi, misalnya, | ||
+ | |||
+ | $TTL 604800 | ||
+ | @ IN SOA ns1.itts.ac.id. admin.itts.ac.id. ( | ||
+ | 3 ; Serial | ||
+ | 604800 ; Refresh | ||
+ | 86400 ; Retry | ||
+ | 2419200 ; Expire | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | ; | ||
+ | ; name servers - NS records | ||
+ | IN NS ns1.itts.ac.id. | ||
+ | IN NS ns2.itts.ac.id. | ||
+ | |||
+ | ; name servers - A records | ||
+ | ns1.itts.ac.id. IN A 192.168.0.1 | ||
+ | ns2.itts.ac.id. IN A 192.168.4.10 | ||
+ | |||
+ | ; 192.168.0.0/16 - A records | ||
+ | www.itts.ac.id. IN A 192.168.0.1 | ||
+ | www.itts.ac.id. IN A 192.168.4.10 | ||
+ | itts.ac.id. IN A 192.168.0.1 | ||
+ | itts.ac.id. IN A 192.168.4.10 | ||
+ | |||
+ | Untuk membuat Reverse Zone File dapat dilakukan dengan mudah melalui perintah berikut, | ||
+ | |||
+ | cd /etc/bind/zones | ||
+ | sudo cp ../db.127 ./db.192.168 | ||
+ | sudo vi /etc/bind/zones/db.192.168 | ||
+ | |||
+ | Awalnya akan berisi kira-kira | ||
+ | |||
+ | $TTL 604800 | ||
+ | @ IN SOA localhost. root.localhost. ( | ||
+ | 1 ; Serial | ||
+ | 604800 ; Refresh | ||
+ | 86400 ; Retry | ||
+ | 2419200 ; Expire | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | ; | ||
+ | @ IN NS localhost. ; delete this line | ||
+ | 1.0.0 IN PTR localhost. ; delete this line | ||
+ | |||
+ | Ubah menjadi kira-kira, | ||
+ | |||
+ | $TTL 604800 | ||
+ | @ IN SOA itts.ac.id. admin.itts.ac.id. ( | ||
+ | 3 ; Serial | ||
+ | 604800 ; Refresh | ||
+ | 86400 ; Retry | ||
+ | 2419200 ; Expire | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | ; name servers | ||
+ | IN NS ns1.itts.ac.id. | ||
+ | IN NS ns2.itts.ac.id. | ||
+ | |||
+ | ; PTR Records | ||
+ | 1.0 IN PTR ns1.itts.ac.id. ; 192.168.0.1 | ||
+ | 10.4 IN PTR ns2.itts.ac.id. ; 192.168.4.10 | ||
+ | 1.0 IN PTR www.itts.ac.id. ; 192.168.0.1 | ||
+ | 10.4 IN PTR www.itts.ac.id. ; 192.168.4.10 | ||
+ | 1.0 IN PTR itts.ac.id. ; 192.168.0.1 | ||
+ | 10.4 IN PTR itts.ac.id. ; 192.168.4.10 | ||
+ | |||
+ | Setelah BIND di setup dan konfigurasi, langkah selanjutnya adalah mencek konfigurasi tersebut untuk menghindari kesalahan terutama | ||
+ | |||
+ | sudo named-checkconf | ||
+ | |||
+ | Cek zone tertentu | ||
+ | |||
+ | sudo named-checkzone itts.ac.id db.itts.ac.id | ||
+ | sudo named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.192.168 | ||
+ | |||
+ | Pastikan tidak ada error, keluar | ||
+ | |||
+ | OK | ||
+ | |||
+ | Untuk merestart BIND, dapat dilakukan menggunakan perintah | ||
+ | |||
+ | sudo service bind9 restart | ||
+ | sudo systemctl start bind9 | ||
Latest revision as of 10:04, 1 December 2021
Kadangkala, kita membutuhkan DNS Server lokal agar para user/siswa yang mengakses server Raspberry Pi tidak perlu mengetik IP address akan tetapi menggunakan nama mesin. Di Linux, termasuk di Raspberry Pi, salah satu DNS server lokal yang sering digunakan adalah BIND.
Instalasi BIND cukup mudah menggunakan perintah berikut,
sudo su apt update apt install bind9 bind9utils bind9-doc
Jika kita hanya menginginkan BIND hanya beroperasi untuk IPv4, kita butuh menambahkan switch (-4) sebagai berikut
vi /etc/default/bind9
Tambahkan (-4)
OPTIONS="-4 -u bind"
Untuk menambahkan domain lokal ke konfigurasi local BIND, kita dapat menggunakan perintah berikut,
sudo vi /etc/bind/named.conf.local
Di file ini kita bisa tambahkan forward dan reverse zone (asumsi subnet 192.168.1.0/24) dari sebuah domain, contoh
zone "itts.ac.id" { type master; file "/etc/bind/zones/db.itts.ac.id"; # zone file path allow-transfer { 10.128.20.12; }; # ns2 private IP address - secondary };
zone "4.168.192.in-addr.arpa" { type master; file "/etc/bind/zones/db.192.168"; # 192.168.0.0/16 subnet allow-transfer { 10.128.20.12; }; # ns2 private IP address - secondary };
Untuk membuat Forward Zone File kita dapat membuat dan mengedit,
sudo mkdir /etc/bind/zones cd /etc/bind/zones sudo cp ../db.local ./db.itts.ac.id sudo vi /etc/bind/zones/db.itts.ac.id
Isi awalnya kira-kira
$TTL 604800 @ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. ; delete this line @ IN A 127.0.0.1 ; delete this line @ IN AAAA ::1 ; delete this line
File tersebut kemudian kita ubah menjadi, misalnya,
$TTL 604800 @ IN SOA ns1.itts.ac.id. admin.itts.ac.id. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; ; name servers - NS records IN NS ns1.itts.ac.id. IN NS ns2.itts.ac.id. ; name servers - A records ns1.itts.ac.id. IN A 192.168.0.1 ns2.itts.ac.id. IN A 192.168.4.10 ; 192.168.0.0/16 - A records www.itts.ac.id. IN A 192.168.0.1 www.itts.ac.id. IN A 192.168.4.10 itts.ac.id. IN A 192.168.0.1 itts.ac.id. IN A 192.168.4.10
Untuk membuat Reverse Zone File dapat dilakukan dengan mudah melalui perintah berikut,
cd /etc/bind/zones sudo cp ../db.127 ./db.192.168 sudo vi /etc/bind/zones/db.192.168
Awalnya akan berisi kira-kira
$TTL 604800 @ IN SOA localhost. root.localhost. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. ; delete this line 1.0.0 IN PTR localhost. ; delete this line
Ubah menjadi kira-kira,
$TTL 604800 @ IN SOA itts.ac.id. admin.itts.ac.id. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; name servers IN NS ns1.itts.ac.id. IN NS ns2.itts.ac.id. ; PTR Records 1.0 IN PTR ns1.itts.ac.id. ; 192.168.0.1 10.4 IN PTR ns2.itts.ac.id. ; 192.168.4.10 1.0 IN PTR www.itts.ac.id. ; 192.168.0.1 10.4 IN PTR www.itts.ac.id. ; 192.168.4.10 1.0 IN PTR itts.ac.id. ; 192.168.0.1 10.4 IN PTR itts.ac.id. ; 192.168.4.10
Setelah BIND di setup dan konfigurasi, langkah selanjutnya adalah mencek konfigurasi tersebut untuk menghindari kesalahan terutama
sudo named-checkconf
Cek zone tertentu
sudo named-checkzone itts.ac.id db.itts.ac.id sudo named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.192.168
Pastikan tidak ada error, keluar
OK
Untuk merestart BIND, dapat dilakukan menggunakan perintah
sudo service bind9 restart sudo systemctl start bind9