{"id":3499,"date":"2016-02-22T23:58:48","date_gmt":"2016-02-22T22:58:48","guid":{"rendered":"http:\/\/michlstechblog.info\/blog\/?p=3499"},"modified":"2022-01-20T21:19:14","modified_gmt":"2022-01-20T20:19:14","slug":"debian-simple-bind-setup-for-test-environments","status":"publish","type":"post","link":"https:\/\/michlstechblog.info\/blog\/debian-simple-bind-setup-for-test-environments\/","title":{"rendered":"Debian: Simple bind setup for test environments"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_3499 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_3499')){$('.twoclick_social_bookmarks_post_3499').socialSharePrivacy({\"services\":{\"flattr\":{\"uid\":\"Michl\",\"status\":\"on\",\"the_title\":\"Debian%3A%20Simple%20bind%20setup%20for%20test%20environments\",\"the_excerpt\":\"Hi%2C%0D%0A%0D%0Athese%20steps%20sets%20up%20a%20bind9%20DNS%20Server%20on%20Debian%208%20Jessie.%0D%0A%0D%0AInstall%20necessary%20packages%0D%0A%0D%0Aroot%40devdev%20~%23%20apt-get%20install%20bind9%0D%0A%0D%0A%20%28more%26hellip%3B%29\",\"txt_info\":\"2 clicks for more data protection:\\r\\n\\r\\nOnly when you click here, the button will be come active and you can send your recommendation to Flattr. When activating, data are transmitted to third parties. \",\"perma_option\":\"off\"}},\"txt_help\":\"When you activate these fields by clicking, information to Flattr may be transferred abroad, and probably may also stored there.\",\"settings_perma\":\"Enable permanently and accept data transmission. \",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/michlstechblog.info\\\/blog\\\/debian-simple-bind-setup-for-test-environments\\\/\",\"post_id\":3499,\"post_title_referrer_track\":\"Debian%3A+Simple+bind+setup+for+test+environments\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p>Hi,<\/p>\n<p>these steps sets up a bind9 DNS Server on Debian 8 Jessie.<\/p>\n<p>Install necessary packages<br \/>\n<code><br \/>\nroot@devdev ~# apt-get install bind9<br \/>\n<\/code><br \/>\n<!--more--><br \/>\nSome definitions<br \/>\n<code><br \/>\nPrimary    Nameserver 1: ns1.your.domain.org               IpAddress: 192.168.56.1<br \/>\nSecondary  Nameserver 2: ns2.your.domain.org               IpAddress: 192.168.56.2<br \/>\nClientHost               hostmetallica.your.domain.org     IpAddress: 192.168.56.200<br \/>\nAlias                    aliasmetallica.your.domain.org => hostmetallica.your.domain.org<br \/>\n<\/code><br \/>\nDefault config directory is <strong>\/etc\/bind<\/strong><\/p>\n<p>The Forward zone. Create a file <strong>\/etc\/bind\/db.your.domain.org<\/strong><br \/>\n<code><br \/>\n$TTL 3600<br \/>\n$ORIGIN your.domain.org.<br \/>\n;===========================================================================<br \/>\n; Addresses and other host information for zone: your.domain.org<br \/>\n;===========================================================================<br \/>\n@       IN      SOA     your.domain.org. admin\\.mail.your.domain.org. (<br \/>\n                        2016022300\t; Serial No.<br \/>\n                        900             ; Refresh<br \/>\n                        3600           ; Retry<br \/>\n                        7200           ; Expire<br \/>\n                        300 )          ; Negative Cache TTL<br \/>\n                        IN      NS      ns1.your.domain.org.<br \/>\n                        IN      NS      ns2.your.domain.org.<br \/>\n;*************<br \/>\n; A records<br \/>\n;*************<br \/>\nns1                     IN              A       192.168.56.1<br \/>\nns2                     IN              A       192.168.56.2<br \/>\nhostmetallica           IN              A       192.168.56.200<\/p>\n<p>;****************<br \/>\n; CNAME records<br \/>\n;****************<br \/>\naliasmetallica          IN  CNAME  hostmetallica.your.domain.org.<\/p>\n<p><\/code><\/p>\n<p>Create the reverse zone <strong>\/etc\/bind\/56.168.192.zone<\/strong><br \/>\n<code><br \/>\n$TTL 3600<br \/>\n;===========================================================================<br \/>\n; Local server zone information: 56.168.192.in-addr.arpa<br \/>\n;===========================================================================<br \/>\n$ORIGIN 56.168.192.IN-ADDR.ARPA.<br \/>\n@\tIN\tSOA your.domain.org. admin\\.mail.your.domain.org. (<br \/>\n\t\t\t2016022300  ; Serial No.<br \/>\n\t\t\t900         ; Refresh<br \/>\n\t\t\t3600\t    ; Retry<br \/>\n\t\t\t7200\t    ; Expire<br \/>\n\t\t\t300 )\t    ; Negative Cache TTL<br \/>\n;<br \/>\n\t\t\tIN\tNS\tns1.your.domain.org.<br \/>\n1\tIN\t\tPTR\t\tns1.your.domain.org.<br \/>\n2\tIN\t\tPTR\t\tns2.your.domain.org.<br \/>\n200\tIN\t\tPTR\t\thostmetallica.your.domain.org.<\/p>\n<p><\/code><br \/>\nTo activate the forward and the reverse zone add insert a config section for both zones to <strong>\/etc\/bind\/named.conf.local<\/strong><br \/>\n<code><br \/>\nzone \"your.domain.org\" {<br \/>\n    type master;<br \/>\n    file \"\/etc\/bind\/db.your.domain.org\";<br \/>\n};<br \/>\nzone \"56.168.192.in-addr.arpa\" in {<br \/>\n    type master;<br \/>\n    file \"\/etc\/bind\/56.168.192.zone\";<br \/>\n};<br \/>\n<\/code><br \/>\nFor a detailed logging create a file \/etc\/bind\/named.conf.logging<br \/>\n<code><br \/>\nlogging {<br \/>\n\tchannel default {<br \/>\n\t\tfile \"\/var\/log\/named\/named.log\" versions 3 size 5m;<br \/>\n\t\tseverity info;<br \/>\n\t\tprint-time yes;<br \/>\n\t\tprint-severity yes;<br \/>\n\t\tprint-category yes;<br \/>\n\t};<br \/>\n\tcategory queries { default; };<br \/>\n\tcategory default{ default;};<br \/>\n};<br \/>\n<\/code><br \/>\nCreate a folder for the logfile<br \/>\n<code><br \/>\nmkdir \/var\/log\/named<br \/>\nchown root:bind \/var\/log\/named<br \/>\nchmod 770 \/var\/log\/named<br \/>\n<\/code><br \/>\nAnd enable logging in config file by adding the following line to \/etc\/bind\/named.local<br \/>\n<code><br \/>\ninclude \"\/etc\/bind\/named.conf.logging\";<br \/>\n<\/code><br \/>\nIf your DNS Server should resolve other system in internal domain you can define a DNS server to which queries are forwarded. Add the &#8220;forwarder&#8221; directive to the options section in \/etc\/bind\/named.conf.options . If they do not have DNS Sec configured comment out the &#8220;dnssec-validation auto&#8221; option. And add some other usefull options.<br \/>\n<code><br \/>\noptions {<br \/>\n  ...<br \/>\n  ... some other options<br \/>\n  ...<br \/>\n  \/\/ For test environments dnssec is not needed<br \/>\n  dnssec-enable no;<br \/>\n  dnssec-validation no;<\/p>\n<p>  \/\/ Interfaces bind listen to<br \/>\n  listen-on { 127.0.0.1; 192.168.56.101; };<br \/>\n  forward only;<br \/>\n  forwarders {<br \/>\n       10.254.1.1;10.254.1.10;<br \/>\n  };<br \/>\n  \/\/ DNS Should not offer its version<br \/>\n  version none;<br \/>\n<\/code><br \/>\nCheck your config<br \/>\n<code><br \/>\nnamed-checkconf<br \/>\n<\/code><br \/>\nStart DNS Server<br \/>\n<code><br \/>\nsystemctl restart bind9.service && journalctl -xn 100 -u bind9.service<br \/>\n<\/code><\/p>\n<p>To do secondary config&#8230;coming soon.<br \/>\nSee also https:\/\/wiki.debian.org\/Bind9<\/p>\n<p>Michael <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hi, these steps sets up a bind9 DNS Server on Debian 8 Jessie. Install necessary packages root@devdev ~# apt-get install bind9<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[712,369,335,224,806,807],"class_list":["post-3499","post","type-post","status-publish","format-standard","hentry","category-linux","tag-bind","tag-config","tag-debian","tag-linux-2","tag-named","tag-sample"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/3499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/comments?post=3499"}],"version-history":[{"count":21,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/3499\/revisions"}],"predecessor-version":[{"id":3518,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/3499\/revisions\/3518"}],"wp:attachment":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/media?parent=3499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/categories?post=3499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/tags?post=3499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}