[Solved] instalasi NS Authoritative dengan Bind pada CentOS 6

[tompskin]

misi momod dan abang abang sesepuh disini, ane udah muter muter googling sana googling sini, entah key word nyta salah apa bagaimana engga ketemu juga , mungkin di devilcode ini ada yang bisa bantu permasalah ane

pertama tama ane ikutin tutorial disini

Quote:http://aziz.or.id/instalasi-name-server-...p#more-573

oke lanjut , disini ane install bind dengan mengetikan perintah

Code:

yum install bind-chroot

ane cek paketnya

# rpm -qa bind*

Code:

bind-libs-9.7.3-8.P3.el6_2.2.i686
bind-chroot-9.7.3-8.P3.el6_2.2.i686
bind-9.7.3-8.P3.el6_2.2.i686
bind-utils-9.7.3-8.P3.el6_2.2.i686
nah langkah awal sukses

langkah ke 2

Code:

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.local /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.root /var/named/chroot/var/named/named.root
touch /var/named/chroot/etc/named.conf
chkconfig –levels 235 named on
/etc/init.d/named start

ini yang ane bingung disana tertulis :

Code:

cp /usr/share/doc/bind-9.3.6/sample/var/named/named.local /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.root /var/named/chroot/var/named/named.root

berhubung disana menggunakan bind-9.3.6 , kemudian ane menggunakan bind 9.7.3 its oke.. ane rubah 9.3.6 menjadi 9.7.3 menjadi

Code:

cp /usr/share/doc/bind-9.7.3/sample/var/named/named.local /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.7.3/sample/var/named/named.root /var/named/chroot/var/named/named.root

Code:

[root@webserver named]# cp: cannot stat `/usr/share/doc/bind-9.7.3/sample/var/named/named.local': No such file or directory

ternyata ga bisa juga , sampai disini udah mulai stuck

terus ane cek folder itu ternyata file itu ga ada

ane ls -a dicentos ane

Code:

.   data                 my.internal.zone.db  named.empty      named.loopback
..  my.external.zone.db  named.ca             named.localhost  slaves

terus ane cari named.local taunya disini
# whereis named.local

Code:

named: /usr/sbin/named /etc/named /etc/named.conf /usr/share/man/man8/named.8.gz

dari pada pusing ane terusin aja langkah selanjutnya mengabaikan command yang tadi

akhirnya ane ikutin syntak2 selanjutnya dengan gagah berani

ane ikutin semua nya tutor yg ada disini

Code:

http://aziz.or.id/instalasi-name-server-authoritative-dengan-bind-pada-centos-5-4-64-bit.php#more-573

setelah selesai tapi malah error

Code:

[root@webserver named]# service name start
                                  
Starting named:
Error in named configuration:
/etc/named.conf:4: unknown key 'rndckey'
                                                           [FAILED]

kemudian ane tail

[root@webserver named]# tail -f /var/log/messages

Code:

Feb  3 16:21:32 webserver named: /etc/named.conf:4: unknown key 'rndckey'
Feb  3 16:21:33 webserver rpc.statd[1210]: Version 1.2.2 starting
Feb  3 16:21:33 webserver sm-notify[1211]: Version 1.2.2 starting
Feb  3 16:21:33 webserver kernel: RPC: Registered udp transport module.
Feb  3 16:21:33 webserver kernel: RPC: Registered tcp transport module.
Feb  3 16:21:33 webserver kernel: RPC: Registered tcp NFSv4.1 backchannel transport module.
Feb  3 16:21:33 webserver kernel: 802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com>
Feb  3 16:21:33 webserver kernel: All bugs added by David S. Miller <davem@redhat.com>
Feb  3 16:21:34 webserver lldpad[1264]: /usr/sbin/lldpad is starting
Feb  3 17:23:41 webserver named: /etc/named.conf:4: unknown key 'rndckey'

apakah disini ada yang bisa membantu ane untuk konfigurasinya ? tolong dibantu yah agan agan

[Motaro Irhaby]

itu ane liat log failed nya rndc.key nya om .
coba check cat /etc/rndc.key
cek dl ..

[tompskin]

(02-03-2012 10:51 AM)motaroirhaby Wrote:  itu ane liat log failed nya rndc.key nya om .
coba check cat /etc/rndc.key
cek dl ..

cat /etc/rndc.key

Code:

cat: /etc/rndc.key: No such file or director

rndc.keynya kayaknya ga ada

[Motaro Irhaby]

berarti kan belum buat yah
coba rndc-cofgen
itu harus pakai chroot om untuk ns nya ?
boleh liat paket bind nya om ? coba ketik ini rpm -qa | grep bind ?

[tompskin]

(02-03-2012 10:58 AM)motaroirhaby Wrote:  berarti kan belum buat yah
coba rndc-cofgen
itu harus pakai chroot om untuk ns nya ?
boleh liat paket bind nya om ? coba ketik ini rpm -qa | grep bind ?

ini bind nya om

Code:

bind-libs-9.7.3-8.P3.el6_2.2.i686
bind-chroot-9.7.3-8.P3.el6_2.2.i686
bind-9.7.3-8.P3.el6_2.2.i686
bind-utils-9.7.3-8.P3.el6_2.2.i686

rndc-cofgen

Code:

-bash: rndc-cofgen: command not found

mungkin maksudnya rndc-confgen , itu udah ane runing tapi ga keluar apa apa loadingnya lama



ini gan sebenernya sih mau pake chroot ato bukan terserah aja, soalnya tutor yg ane dapet cuma yg pake chroot emang bedanya apa gan yg chroot dan bukan chroot

[Motaro Irhaby]

kalo ane gini om
[root@ etc]# rndc-confgen > rndc.key
otomatis langsung generate .key nya di /etc/rndc.key
cat /etc/rndc.key

Quote:# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "ZwjJooeTY0dK4gXWcvOPJA==";
};

options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "ZwjJooeTY0dK4gXWcvOPJA==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf

misalkan untuk beberapa NS .
kalo ane dikasih tau temen . seperti ini

Quote:[root@ etc]# cat named.conf
acl "trusted" {
localhost;
127.0.0.1/8;

};

acl "xfer" {
203.xxx.xxx.xxx;
203.xxx.xxx.xxx;
203.xxx.xxx.xxx;
};
options {
listen-on port 53 { 127.0.0.1; 203.xxx.xxx.xxx; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { any; };
allow-recursion {trusted;};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

controls {
inet 127.0.0.1 allow {localhost;} keys {"rndckey";};
};

view "internal" {
match-clients {
localhost;
203.xxx.xxx.xxx;
};
match-destinations {
localhost;
203.xxx.xxx.xxx;
};
recursion yes;

zone "." IN {
type hint;
file "named.ca";
};

zone "domain.com" {
type om;
file "domain.com.db";
allow-transfer {xfer;};
};

};

view "external" {
match-clients {
any;
};

zone "." IN {
type hint;
file "named.ca";
};

zone "domain.com" {
type om;
file "domain.com.db";
allow-transfer {xfer;};
};
};


include "/etc/rndc.key";

coba googling dl om tentang DNS . fungsi DNS sama kok pada umunya

[tompskin]

fungsi2 dns ane udah tau om udah ada basicnya dikit, tapi ini trouble pas installasi..

ane udah googling2 belom solved2 udah 1 minggu

[Motaro Irhaby]

Ok . lanjutin nanti om . salat jumatan dl yah

[tompskin]

(02-03-2012 11:34 AM)motaroirhaby Wrote:  Ok . lanjutin nanti om . salat jumatan dl yah

siapp om

[tompskin]

udah dapet sedikit pencerahan ,

pertama cek rndc nya da apa engga

Code:

# whereis rndc-confgen
rndc-confgen: /usr/sbin/rndc-confgen /usr/share/man/man8/rndc-confgen.8.gz

terus kalo udah ada RNDC diconfigure dulu

Code:

cd /var/named/chroot/etc
rndc-confgen > rndc.key

tapi baru sampe sini aja udah stuck lagi commandnya

Code:

rndc-confgen > rndc.key

terus ane cek filenya

Code:

# named-checkzone tompskin.biz /var/named/chroot/var/named/tompskin.biz.db
zone tompskin.biz/IN: loaded serial 2008021501
OK

kayaknya udah bener