Install DNS Ubuntu 20.04
BIND (Berkeley Internet Name Domain) adalah implementasi dari protokol Domain Name System (DNS). Di dalam-nya termasuk,
- Domain Name Server (named)
- Library untuk Domain Name System (DNS) resolver
- Berbagai tool / alat untuk mencek apakah DNS Server bekerja dengan baik.
Di Ubuntu, Instalasi BIND sangat mudah hanya dengan menggunakan perintah
sudo apt -y install dnsutils bind9
~$ sudo apt -y install dnsutils bind9 Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: bind9-utils dns-root-data python3-ply Suggested packages: bind-doc resolvconf python-ply-doc The following NEW packages will be installed: bind9 bind9-utils dns-root-data dnsutils python3-ply 0 upgraded, 5 newly installed, 0 to remove and 156 not upgraded. Need to get 459 kB of archives. After this operation, 1974 kB of additional disk space will be used. Get:1 http://id.archive.ubuntu.com/ubuntu focal-updates/main amd64 python3-ply all 3.11-3ubuntu0.1 [46.3 kB] Get:2 http://id.archive.ubuntu.com/ubuntu focal-updates/main amd64 bind9-utils amd64 1:9.16.1-0ubuntu2.15 [172 kB] Get:3 http://id.archive.ubuntu.com/ubuntu focal/main amd64 dns-root-data all 2019052802 [5300 B] Get:4 http://id.archive.ubuntu.com/ubuntu focal-updates/main amd64 bind9 amd64 1:9.16.1-0ubuntu2.15 [233 kB] Get:5 http://id.archive.ubuntu.com/ubuntu focal-updates/universe amd64 dnsutils all 1:9.16.1-0ubuntu2.15 [2756 B] Fetched 459 kB in 28s (16.5 kB/s) Selecting previously unselected package python3-ply. (Reading database ... 73108 files and directories currently installed.) Preparing to unpack .../python3-ply_3.11-3ubuntu0.1_all.deb ... Unpacking python3-ply (3.11-3ubuntu0.1) ... Selecting previously unselected package bind9-utils. Preparing to unpack .../bind9-utils_1%3a9.16.1-0ubuntu2.15_amd64.deb ... Unpacking bind9-utils (1:9.16.1-0ubuntu2.15) ... Selecting previously unselected package dns-root-data. Preparing to unpack .../dns-root-data_2019052802_all.deb ... Unpacking dns-root-data (2019052802) ... Selecting previously unselected package bind9. Preparing to unpack .../bind9_1%3a9.16.1-0ubuntu2.15_amd64.deb ... Unpacking bind9 (1:9.16.1-0ubuntu2.15) ... Selecting previously unselected package dnsutils. Preparing to unpack .../dnsutils_1%3a9.16.1-0ubuntu2.15_all.deb ... Unpacking dnsutils (1:9.16.1-0ubuntu2.15) ... Setting up python3-ply (3.11-3ubuntu0.1) ... Setting up dnsutils (1:9.16.1-0ubuntu2.15) ... Setting up dns-root-data (2019052802) ... Setting up bind9-utils (1:9.16.1-0ubuntu2.15) ... Setting up bind9 (1:9.16.1-0ubuntu2.15) ... named-resolvconf.service is a disabled or a static unit not running, not starting it. Processing triggers for systemd (245.4-4ubuntu3.17) ... Processing triggers for man-db (2.9.1-1) ... Processing triggers for ufw (0.36-6ubuntu1) ... robie@robie:~$
sudo apt -y install bind9 bind9utils bind9-doc
~$ sudo apt -y install bind9 bind9utils bind9-doc Reading package lists... Done Building dependency tree Reading state information... Done bind9 is already the newest version (1:9.16.1-0ubuntu2.15). The following NEW packages will be installed: bind9-doc bind9utils 0 upgraded, 2 newly installed, 0 to remove and 156 not upgraded. Need to get 256 kB of archives. After this operation, 1923 kB of additional disk space will be used. Get:1 http://id.archive.ubuntu.com/ubuntu focal-updates/main amd64 bind9-doc all 1:9.16.1-0ubuntu2.15 [253 kB] Get:2 http://id.archive.ubuntu.com/ubuntu focal-updates/universe amd64 bind9utils all 1:9.16.1-0ubuntu2.15 [2756 B] Fetched 256 kB in 22s (11.9 kB/s) Selecting previously unselected package bind9-doc. (Reading database ... 73223 files and directories currently installed.) Preparing to unpack .../bind9-doc_1%3a9.16.1-0ubuntu2.15_all.deb ... Unpacking bind9-doc (1:9.16.1-0ubuntu2.15) ... Selecting previously unselected package bind9utils. Preparing to unpack .../bind9utils_1%3a9.16.1-0ubuntu2.15_all.deb ... Unpacking bind9utils (1:9.16.1-0ubuntu2.15) ... Setting up bind9-doc (1:9.16.1-0ubuntu2.15) ... Setting up bind9utils (1:9.16.1-0ubuntu2.15) ... robie@robie:~$
Untuk menjalankan DNS Server tidak sukar. Setelah terinstall, dapat dilakukan dengan menggunakan perintah,
sudo systemctl restart bind9.service
Mengkonfigurasi DNS Server
Untuk mememulai konfigurasi DNS menggunakan BIND 9 terlebih dahulu kita pindah kedalam direktori /etc/bind.
cd /etc/bind
pwd
/etc/bind
Selanjutnya kita buat file db.ip dengan cara melakukan copy dari file db.127. Copy juga file db.local dengan nama db.domain.
sudo cp db.127 db.ip
sudo cp db.local db.domain
ls bind.keys db.255 db.ip named.conf.default-zones rndc.key db.0 db.domain db.local named.conf.local zones.rfc1918 db.127 db.empty named.conf named.conf.options
Setelah 2 file tersebut terbuat kita edit file db.domain terlebih dahulu.
sudo nano db.domain
Pada file db.domain replace / ubah localhost menjadi nama domain yang ingin kita buat. Jika seperti dicontoh ini saya menciba membuat domain untuk zonabiner.dev. Pada kasus ini saya juga akan membuat 2 buah sub domain yaitu nantinya www.zonabiner.dev dan blog.zonabiner.dev. Jangan lupa kita berikan IP Address server DNS kita.
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA zonabiner.dev. root.zonabiner.dev. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS zonabiner.dev.
@ IN A 10.1.1.27
www IN A 10.1.1.27
blog IN A 10.1.1.27
Jika kalian juga hendak menambahkan mx record yang nantinya akan digunakan sebagai mail server pada DNS Server yang kalian buat bisa menggunakan Config berikut.
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA zonabiner.dev. root.zonabiner.dev. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS zonabiner.dev.
IN MX 10 zonabiner.dev.
@ IN A 10.1.1.27
www IN A 10.1.1.27
mail IN A 10.1.1.27
blog IN CNAME www
Selanjutnya kita lakukan edit pada file db.ip. Replace / ubah localhost sesuai dengan nama domain kalian. Ingat pada angka 27 tersebut ganti dengan angka terakhir (host) dari IP Address Server. Contoh dinisi jika saya menggunakan IP Address 10.1.1.27 sebagai IP Server DNS maka angka terakhir tersebut adalah 27.
sudo nano db.ip
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA zonabiner.dev. root.zonabiner.dev. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS zonabiner.dev.
27 IN PTR zonabiner.dev.
Lanjut pada file named.conf.local kita lakukan pendefinisian zone berdasarkan Nama Domain yang kita buat beserta IP Address DNS Servernya. Pada bagian 1.1.10.in-addr.arpa perlu diperhatikan bahwa ini sebenarnya adalah reverse dari IP Address DNS kita. Jika IP Address DNS Server adalah 10.1.1.27 maka akan direverse menjadi 1.1.10 ditambah dengan .in-addr.arp. Mengapa angka terakhir dari IP Address tidak ikut direverse ? Angka terakhir ini sudah ada pada file db.ip.
sudo nano named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "zonabiner.dev"{
type master;
file "/etc/bind/db.domain";
};
zone "1.1.10.in-addr.arpa"{
type master;
file "/etc/bind/db.ip";
};
Karena DNS Server kita hanya mengelola domain zonabiner.dev maka untuk domain lain yang kita tidak kelola seperti google.com, facebook.com , dll. Agar kita dapat melakukan akses ke domain lainya maka kita harus menambahkan DNS Forwarding. Sebagai contoh disini saya menggunakan Google Public DNS 8.8.8.8 sebagai DNS forwarding.
sudo nano named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
listen-on-v6 { any; };
};
Langkah terakhir kita harus lakukan restart service BIND 9 agar melakukan load konfigurasi terbaru. Pastikan service berjalan dengan normal tidak ada error.
sudo systemctl restart bind9.service
sudo systemctl status bind9.service
● named.service - BIND Domain Name Server
Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-05-15 03:36:36 UTC; 1min 26s ago
Docs: man:named(8)
Main PID: 2702 (named)
Tasks: 8 (limit: 1073)
Memory: 18.5M
CGroup: /system.slice/named.service
└─2702 /usr/sbin/named -f -u bind
May 15 03:36:36 zonabiner named[2702]: command channel listening on ::1#953
May 15 03:36:36 zonabiner named[2702]: managed-keys-zone: loaded serial 2
May 15 03:36:36 zonabiner named[2702]: zone 0.in-addr.arpa/IN: loaded serial 1
May 15 03:36:36 zonabiner named[2702]: zone 1.1.10.in-addr.arpa/IN: loaded serial 1
May 15 03:36:36 zonabiner named[2702]: zone localhost/IN: loaded serial 2
May 15 03:36:36 zonabiner named[2702]: zone 127.in-addr.arpa/IN: loaded serial 1
May 15 03:36:36 zonabiner named[2702]: zone 255.in-addr.arpa/IN: loaded serial 1
May 15 03:36:36 zonabiner named[2702]: zone zonabiner.dev/IN: loaded serial 2
May 15 03:36:36 zonabiner named[2702]: all zones loaded
May 15 03:36:36 zonabiner named[2702]: running
Test Konfigurasi
Jika kalian ingin melakukan testing DNS Server pada server DNS tersebut kalian dapat mengganti sementara resolv dns Server pada file /etc/resolv.conf. Ganti dengan alamat IP DNS Server. Cara ini bisa dilakukan juga pada client yang menggunakan distro linux.
sudo nano /etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit. # # This is a dynamic resolv.conf file for connecting local clients to the # internal DNS stub resolver of systemd-resolved. This file lists all # configured search domains. # # Run "resolvectl status" to see details about the uplink DNS servers # currently in use. # # Third party programs must not access this file directly, but only through the # symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way, # replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. nameserver 10.1.1.27
Gunakan tools nslookup untuk melakukan pengujian DNS Server.
nslookup zonabiner.dev Server: 10.1.1.27 Address: 10.1.1.27#53 Name: zonabiner.dev Address: 10.1.1.27
nslookup www.zonabiner.dev Server: 10.1.1.27 Address: 10.1.1.27#53 Name: www.zonabiner.dev Address: 10.1.1.27
nslookup blog.zonabiner.dev Server: 10.1.1.27 Address: 10.1.1.27#53 Name: blog.zonabiner.dev Address: 10.1.1.27
nslookup 10.1.1.27 27.1.1.10.in-addr.arpa name = zonabiner.dev.
Pengujian mx record menggunakan tools dig dan nslookup.
nslookup > set q=mx > zonabiner.dev Server: 10.1.1.27 Address: 10.1.1.27#53 zonabiner.dev mail exchanger = 10 zonabiner.dev. > exit
dig zonabiner.dev MX ; <<>> DiG 9.16.1-Ubuntu <<>> zonabiner.dev MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3486 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 362ced337cdc66910100000060dab85b868869978021fd1a (good) ;; QUESTION SECTION: ;zonabiner.dev. IN MX ;; ANSWER SECTION: zonabiner.dev. 604800 IN MX 10 zonabiner.dev. ;; ADDITIONAL SECTION: zonabiner.dev. 604800 IN A 10.1.1.27 ;; Query time: 0 msec ;; SERVER: 10.1.1.27#53(10.1.1.27) ;; WHEN: Wed May 19 06:06:19 UTC 2021 ;; MSG SIZE rcvd: 102
Hal yang mungkin agak rumit adalah mengkonfigurasi DNS Server.
Pada dasarnya DNS Server hanya sebuah tabel dengan format kira-kira sebagai berikut,
hostname IN A xxx.xxx.xxx.xxx hostname IN MX 10 mailserver hostname IN NS dns.server
Bagi anda yang masih pusing cara mengkonfigurasi-nya ada baiknya menggunakan Webmin supaya jauh lebih mudah mengkonfigurasi DNS Server
Bagi anda yang penasaran dan ingin mengkonfigurasi DNS Server secara manual menggunakan tangan. Ada baiknya membaca-baca contoh konfigurasi ENUM Server
Referensi
artikel ini juga masuk di rubrik artikel direktori. jika ada artikel menarik silakan submit manual di web ID atau kita juga bisa memasukkan otomatis tanpa anda submit artikelnya.
- http://www.domain.my.id/ - daftar registrar domain Indonesia