From 033eb4c934671fb17b7437a55dd92ba9817dfa4c Mon Sep 17 00:00:00 2001 From: tiyn Date: Sat, 24 Sep 2022 03:53:11 +0200 Subject: [PATCH] bind: added bind guides --- wiki/bind.md | 120 +++++++++++++++++++++++++++++ wiki/dns.md | 7 +- wiki/docker-images/ventz_-_bind.md | 12 +-- 3 files changed, 131 insertions(+), 8 deletions(-) create mode 100644 wiki/bind.md diff --git a/wiki/bind.md b/wiki/bind.md new file mode 100644 index 0000000..2dadf25 --- /dev/null +++ b/wiki/bind.md @@ -0,0 +1,120 @@ +# Bind + +[Bind](https://www.isc.org/bind/) is an open-source software suite for +interacting with the [DNS](./dns.md). + +## Server + +A server can be setup via docker with the +[ventz image](./docker-images/ventz_-_bind.md). + +## Setup a local DNS server with forwarding + +After setting up the server. +Look into the file `/etc/bind/named.conf.options`. +Change it to something like the following lines. +Note that `192.168.178.0/24` is the subnet that is used mainly in this example. +Only queries from within it will be handled. +The forwarders `8.8.8.8` and `8.8.4.4` can be changed according to the specific +needs. + +```txt +acl "trusted" { + 192.168.178.0/24; + localhost; + localnets; +}; + +options { + directory "/var/cache/bind"; + listen-on-v6 { any; }; + recursion yes; # enables resursive queries + allow-query { trusted; }; # allows recursive queries from "trusted" clients + allow-transfer { none; }; # disable zone transfers by default + + forwarders { + 8.8.8.8; + 8.8.4.4; + }; + forward only; + + dnssec-enable yes; + dnssec-validation yes; + + auth-nxdomain no; +}; +``` + +## Creating local domains + +This section explains how to add local domains for local systems. +It is explicitly compatible with the +[previous section](#setup-a-local-dns-server-with-forwarding). +Locate the `named.conf.local` file in the `/etc/bind` directory. +Add the forward zone first. +Substitute `` and `` to your wishes. + +```txt +zone "." IN { + type master; + file "/etc/bind/extra-zones/zone.."; +}; +``` + +Then add the reverse zone. +The following lines assume the subnet is at `192.168.178.0/24`. +Note the reverse subnet address without the `.0/24` in the lines. + +```txt +zone "178.168.192.in-addr.arpa" { + type master; + file "/etc/bind/extra-zones/revp.178.168.192"; +}; +``` + +Following this create the directory `/etc/bind/extra-zones/`. +Then place the file `zone..` inside it with the following content: + +```txt +$TTL 1D +@ IN SOA .. .. ( + 200405191 ; serial + 8H ; refresh + 4H ; retry + 4W ; expire + 1D ) ; minimum +@ NS + + A +``` + +To make the server you operate on the nameserver select a subdomain for it and +subsitute `` for it and its IP address ``. +More [DNS records](./dns.md#records) can be added. + +Then create `/etc/bind/extra-zones/revp.178.168.192` and fill it with the +following lines. + +```txt +$ORIGIN 178.168.192.in-addr.arpa. +$TTL 1D +@ IN SOA .tld ... ( + 200405190 ; serial + 28800 ; refresh + 14400 ; retry + 2419200 ; expire + 86400 ; minimum + ) + NS ... + +15 PTR ... +``` + +Additionally add all domain names in front of the first `)` that have been +added in the `zone..` file as an [A record](./dns.md#a-record). +Note that all these have to be followed by a `.` just like +`...` is. +For all these records add a PTR record too. +The first part of the PTR line indicated the IP address. +To get the full address add it to the subnet. +In this case this server has the IP `192.168.178.15`. diff --git a/wiki/dns.md b/wiki/dns.md index b448be8..b09ebf8 100644 --- a/wiki/dns.md +++ b/wiki/dns.md @@ -4,9 +4,12 @@ The Domain Name System (DNS) is a naming system for computers or other resources connected to a network. It associates various information with domain names. -## Server +## Software suites for DNS interaction -A server can be setup via docker with the [ventz image](./docker-images/ventz_-_bind.md) +The following list shows possible DNS software suites that can be used to set +up a DNS server. + +- [Bind](./bind.md) is a open source package for setting up DNS ## Records diff --git a/wiki/docker-images/ventz_-_bind.md b/wiki/docker-images/ventz_-_bind.md index 6a4f933..37e2db6 100644 --- a/wiki/docker-images/ventz_-_bind.md +++ b/wiki/docker-images/ventz_-_bind.md @@ -1,6 +1,6 @@ # ventz - bind -This is a docker container for a [dns](../dns.md) resolver. +This is a docker container for a [bind](../bind.md) [DNS](../dns.md) resolver. The official container and documentation was made by [ventz](https://hub.docker.com/r/ventz/bind). @@ -15,8 +15,8 @@ Set the following volumes with the -v tag. | Outside mount/volume name | Container mount | Description | | ------------------------- | ----------------- | --------------------- | -| `bind_cache` | `/var/cache/bind` | cache for dns | -| `bind_etc` | `/etc/bind` | configuration for dns | +| `bind_cache` | `/var/cache/bind` | cache for DNS | +| `bind_etc` | `/etc/bind` | configuration for DNS | ## Ports @@ -24,8 +24,8 @@ Set the following ports with the -p tag. | Container Port | Recommended outside port | Protocol | Description | | -------------- | ------------------------ | -------- | ----------------- | -| `53` | `53` | TCP | dns protocol port | -| `53` | `53` | UDP | dns protocol port | +| `53` | `53` | TCP | DNS protocol port | +| `53` | `53` | UDP | DNS protocol port | ## Additional @@ -33,7 +33,7 @@ There are some special variables to set. | Flag | Usage | | ------- | ------------------------------------------------------- | -| `--dns` | set two of these flags for specific dns forward servers | +| `--dns` | set two of these flags for specific DNS forward servers | ## Rebuild