Created
November 16, 2022 18:17
-
-
Save derunix/56db288da8cd95abe0e86c2b888eb646 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apt update && apt install bind9 | |
| hostnamectl set-hostname dns-master | |
| cd /var/lib/bind/ | |
| vim /etc/bind/named.conf.local | |
| vim /var/lib/bind/db.DOMAIN.NAME | |
| vim /etc/bind/named.conf.options | |
| systemctl restart bind9.service | |
| ##################################################### | |
| /etc/bind/named.conf.options | |
| ##################################################### | |
| options { | |
| directory "/var/cache/bind"; | |
| // If there is a firewall between you and nameservers you want | |
| // to talk to, you may need to fix the firewall to allow multiple | |
| // ports to talk. See http://www.kb.cert.org/vuls/id/800113 | |
| // If your ISP provided one or more IP addresses for stable | |
| // nameservers, you probably want to use them as forwarders. | |
| // Uncomment the following block, and insert the addresses replacing | |
| // the all-0's placeholder. | |
| forwarders { | |
| 1.0.0.0; | |
| }; | |
| //======================================================================== | |
| // If BIND logs error messages about the root key being expired, | |
| // you will need to update your keys. See https://www.isc.org/bind-keys | |
| //======================================================================== | |
| dnssec-validation no; | |
| listen-on-v6 { any; }; | |
| }; | |
| ##################################################### | |
| ##################################################### | |
| ##################################################### | |
| /var/lib/bind/db.DOMAIN.NAME | |
| ##################################################### | |
| $TTL 3600 | |
| @ IN SOA dns-master.DOMAIN.NAME. root.DOMAIN.NAME. ( | |
| 200701058 ; Serial | |
| 3600 ; Refresh [1h] | |
| 600 ; Retry [10m] | |
| 86400 ; Expire [1d] | |
| 600 ) ; Negative Cache TTL [1h] | |
| ; | |
| @ IN NS dns-master.DOMAIN.NAME. | |
| dns-master IN A 45.80.69.243 | |
| @ IN A 45.80.69.191 | |
| root | |
| ##################################################### | |
| 45.80.69.243 ip dns-master; 45.80.69.191 ip web good | |
| ##################################################### | |
| ##################################################### | |
| /etc/bind/named.conf.local | |
| ##################################################### | |
| // | |
| // Do any local configuration here | |
| // | |
| // Consider adding the 1918 zones here, if they are not used in your | |
| // organization | |
| //include "/etc/bind/zones.rfc1918"; | |
| zone "DOMAIN.NAME" { | |
| type master; | |
| file "/var/lib/bind/db.DOMAIN.NAME"; | |
| //forwarders {}; | |
| // If we do not comment the ''forwarders'' "empty" clients of the local subnet in my case don't have access to the upstream DNS ? | |
| //allow-update { key ns-example-com_rndc-key; }; | |
| allow-update { key rndc-key; }; | |
| //confusion between the file name to import (ns-example-com_rndc-key) and the key label (rndc-key) ? | |
| }; | |
| ##################################################### | |
| ##################################################### | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apt update && apt install bind9 | |
| hostnamectl set-hostname dns-master | |
| cd /var/lib/bind/ | |
| vim /etc/bind/named.conf.options | |
| systemctl restart bind9.service | |
| ##################################################### | |
| /etc/bind/named.conf.options | |
| ##################################################### | |
| acl "allowed" { | |
| 0.0.0.0/0; | |
| }; | |
| options { | |
| directory "/var/cache/bind"; | |
| recursion yes; | |
| allow-query { allowed; }; | |
| forwarders { | |
| 45.80.69.245; | |
| }; | |
| forward only; | |
| dnssec-validation no; | |
| auth-nxdomain no; # conform to RFC1035 | |
| listen-on-v6 { any; }; | |
| }; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| На всех клиентах /etc/resolv.conf | |
| (ip dns1) | |
| nameserver 45.80.69.230 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apt install nginx | |
| vim /etc/nginx/sites-enabled/default | |
| cd /var/www/html/ | |
| vim index.nginx-debian.html | |
| systemctl restart nginx.service | |
| vim index.nginx-debian.html | |
| hostnamectl set-hostname web-good |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apt install nginx | |
| vim /etc/nginx/sites-enabled/default | |
| cd /var/www/html/ | |
| vim index.nginx-debian.html | |
| systemctl restart nginx.service | |
| vim index.nginx-debian.html | |
| hostnamectl set-hostname web-bad |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment