| 1 |
systemctl start firewalld |
| 2 |
systemctl enable firewalld |
| 3 |
firewall-cmd --permanent --zone=public --add-interface=eth0 |
| 4 |
firewall-cmd --permanent --add-service=dns --zone=public |
| 5 |
firewall-cmd --reload |
| 6 |
|
| 7 |
yum install -y bind bind-utils |
| 8 |
|
| 9 |
sed -i.original "s/listen-on port 53 { 127.0.0.1; };/listen-on port 53 { 127.0.0.1; 10.18.0.5; };/" /etc/named.conf |
| 10 |
sed -i "s/allow-query { localhost; };/allow-query { localhost; 10.18.0.0\/16; };\n forwarders {\n 168.63.129.16;\n 8.8.8.8;\n 8.8.4.4;\n };/" /etc/named.conf |
| 11 |
sed -i "s/listen-on-v6 port.*/listen-on-v6 port 53 { none; };/" /etc/named.conf |
| 12 |
sed -i "/dnssec/d" /etc/named.conf |
| 13 |
|
| 14 |
sed -i "s/PEERDNS=.*/PEERDNS=no/" /etc/sysconfig/network-scripts/ifcfg-eth0 |
| 15 |
sed -i "s/nameserver.*/nameserver 127.0.0.1/" /etc/resolv.conf |
| 16 |
|
| 17 |
cat >> /etc/named.conf << EOF |
| 18 |
zone "lab.example.net." IN { |
| 19 |
type master; |
| 20 |
file "db.lab.example.net"; |
| 21 |
allow-transfer { none; }; |
| 22 |
}; |
| 23 |
EOF |
| 24 |
|
| 25 |
cat > /var/named/db.lab.example.net <<\EOF |
| 26 |
$TTL 3H |
| 27 |
$ORIGIN lab.example.net. |
| 28 |
@ IN SOA alpha.lab.example.net root.lab.example.net (0 |
| 29 |
1D |
| 30 |
1H |
| 31 |
1W |
| 32 |
3H) |
| 33 |
lab.example.net. NS alpha.lab.example.net. |
| 34 |
alpha A 10.18.0.5 |
| 35 |
beta A 10.18.0.6 |
| 36 |
EOF |
| 37 |
|
| 38 |
systemctl restart named |
| 39 |
systemctl enable named |
| 40 |
|