choibk/obsidian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
obsidian/inbox/라즈베리파이 bind9 (dns) 서버 설정.md

266 lines
9.8 KiB
Markdown
Raw Permalink Blame History

[Ubuntu에 BIND 9 설치 및 사용을 위한 구성]([Ubuntu에 BIND 9 설치 및 사용을 위한 구성 (linux-console.net)](https://ko.linux-console.net/?p=17400))
[가비아]([웹을 넘어 클라우드로. 가비아 (gabia.com)](https://www.gabia.com/))
에서 도메인 구매 "bkuse.com", 2024.5.12기준 17600원, 네임서버에 ns1.bkuse.com 추가 공유기 ip주소 입력(59.13.38.36), dns 호스트 입력 "ns1.bkuse.com", "59.13.38.36" 본인인증후 저장
도메인 가비아 구입에서 내 NAS에 연동까지 완벽셋팅[2000원짜리 도메인]
[50대 컴쟁이] baseyou21
<iframe width="560" height="315" src="https://www.youtube.com/embed/98sVcrxh7nU?si=896lbwb2rMaPkZpu" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>
만약 상기내용과 같이 했는데도 안되면 헤놀로지 네임서버를 가동해야함.
수정해야 하는 폴더
/var/cache/bind
/etc/bind
세부설정내용
sudo nano /etc/bind/db.bkuse.com 파일의 내용
```
$TTL 604800
@ IN SOA ns1.bkuse.com. (
2017081401 ; serial
604800 ; refresh
86400 ; retry
4W ; expire
1D ; minimum
)
;
IN NS ns1.bkuse.com.
ns1.bkuse.com. IN A 59.13.38.36
bkuse.com. IN A 59.13.38.36
```
sudo nano /etc/bind/db.rev.38.13.59.in-addr.arpa 파일의 내용
```
$TTL 604800
@ IN SOA ns1.bkuse.com. (
2017081401 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
IN NS ns1.bkuse.com.
36 IN PTR ns1.bkuse.com.
36 IN PTR bkuse.com.
```
sudo nano /etc/bind/named.conf.local 파일의 내용
```
zone "bkuse.com" {
type master;
file "/var/cache/bind/bkuse.com.zone";
};
```
sudo nano /etc/bind/named.conf.options 파일의 내용
```
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
1.1.1.1;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
//listen-on-v6 { any; };
};
```
sudo nano /var/cache/bind/bkuse.com.zone 파일의 내용
```
$ORIGIN bkuse.com.
$TTL 30
@ IN SOA bkuse.com. root (
20211016 ; Serial
43200 ; Refresh
3600 ; Retry
1209600 ; Expire
7200) ; Negative Cache TTL
@ IN NS ns1.bkuse.com.
@ IN A 59.13.38.36
ns1 IN A 59.13.38.36
www IN CNAME @
choibk IN A 59.13.38.36
doku IN A 59.13.38.36
port IN A 59.13.38.36
heimdall IN A 59.13.38.36
choibknas IN A 59.13.38.36
file IN A 59.13.38.36
file2 IN A 59.13.38.36
onlyoffice IN A 59.13.38.36
portainer IN A 59.13.38.36
search IN A 59.13.38.36
searx IN A 59.13.38.36
thinknas IN A 59.13.38.36
vaultwarden IN A 59.13.38.36
webdav IN A 59.13.38.36
websiteshot IN A 59.13.38.36
youtubedl IN A 59.13.38.36
wetty IN A 59.13.38.36
pikvm IN A 59.13.38.36
auth IN A 59.13.38.36
```
상기 위의 내용은 참조만 할것 .. 완전히 최적화된 내용이 아닐수 있음
수정후 재기동
`service restart bind`
상급네임서버와 교신 및 제대로 된 작동이 되는지 확인은
`dig @59.13.38.36 bkuse.com any` 입력, @59.13.38.36은 네임서버 주소
`nslookup bkuse.com 8.8.8.8` 입력
` systemctl status named.service` 네임서버 상태 확인
` cat /var/log/syslog` 문제발생시 로그 확인
`named-checkzone bkuse.com /var/cache/bind/bkuse.com.zone` zone파일 설정확인 명령어
`named -v` 네임서버 버전 확인
` named-checkconf /etc/bind/named.conf.options` 네임서버 설정파일 확인
`named-checkconf /etc/bind/named.conf` 네임서버 환경설정 파일 확인
` sudo update-rc.d bind9 defaults` 네임서버 자동시작 명령어
` sudo netstat -nlpu` 열린 53 포트 확인
`systemctl is-enabled named` 자동시작?
`sudo apt-get install --reinstall bind9` 재설치
`sudo apt-get install bind9` 초기설치
기타
` raspi-config`, ` pivpn -c`, ` pivpn -qr`, ` docker ps` , ` sudo apt update && sudo apt upgrade` , ` find -p history.txt |grep ras` , ` curl -sSL https://install.pi-hole.net | bash` , `find / -type f -name "*pivpn*"` , ` cat history.txt | grep -E *pivpn*` ,
` apt list --installed` , `/etc/init.d` ,
Nano 사용법
1. ^(ctrl) + w : 검색
2. ^(ctrl) + w : 다음 검색
3. ^(ctrl) + ₩ : 검색 바꾸기, y 또는 a
출처 : https://jjeongil.tistory.com/1626
59.12.119.144
2025.1.25(토) 11:51
named-checkzone bkuse.com bkuse.com.zone 실행시 에러발생
에러내용은
"zone bkuse.com/IN: loading from master file bkuse.com.zone failed: file not found
zone bkuse.com/IN: not loaded due to errors."
확인결과
nano bkuse.com.zone 파일의
$ORIGIN bkuse.com.
$TTL 30
@ IN SOA bkuse.com. root (
20211016 ; Serial
43200 ; Refresh
3600 ; Retry
1209600 ; Expire
7200) ; Negative Cache TTL
@ IN NS ns1.bkuse.com.
@ IN A 59.12.119.144
ns1 IN A 59.12.119.144
www IN CNAME @
**mail IN MX 10 mail.bkuse.com.**
**mail.bkuse.com. IN A 59.12.119.144**
choibk IN A 59.12.119.144
doku IN A 59.12.119.144
port IN A 59.12.119.144
heimdall IN A 59.12.119.144
choibknas IN A 59.12.119.144
file IN A 59.12.119.144
file2 IN A 59.12.119.144
onlyoffice IN A 59.12.119.144
portainer IN A 59.12.119.144
search IN A 59.12.119.144
searx IN A 59.12.119.144
thinknas IN A 59.12.119.144
vaultwarden IN A 59.12.119.144
webdav IN A 59.12.119.144
websiteshot IN A 59.12.119.144
youtubedl IN A 59.12.119.144
wetty IN A 59.12.119.144
pikvm IN A 59.12.119.144
auth IN A 59.12.119.144
meshcentral IN A 59.12.119.144
내용에서
굵은색 부분을 수정하여 문제해결이 안되어
2025.1.29(화) 21:32
named-checkzone bkuse.com bkuse.com.zone 실행시 에러발생
에러내용은
"zone bkuse.com/IN: loading from master file bkuse.com.zone failed: file not found
zone bkuse.com/IN: not loaded due to errors."
확인결과
nano bkuse.com.zone 파일의
$ORIGIN bkuse.com.
$TTL 30
@ IN SOA **vvvvvvvvvvvv** bkuse.com. root (
20211016 ; Serial
43200 ; Refresh
3600 ; Retry
1209600 ; Expire
7200) ; Negative Cache TTL
@ IN NS ns1.bkuse.com.
@ IN A 59.12.119.144
ns1 IN A 59.12.119.144
www IN CNAME @
choibk IN A 59.12.119.144
doku IN A 59.12.119.144
port IN A 59.12.119.144
heimdall IN A 59.12.119.144
choibknas IN A 59.12.119.144
file IN A 59.12.119.144
file2 IN A 59.12.119.144
onlyoffice IN A 59.12.119.144
portainer IN A 59.12.119.144
search IN A 59.12.119.144
searx IN A 59.12.119.144
thinknas IN A 59.12.119.144
vaultwarden IN A 59.12.119.144
webdav IN A 59.12.119.144
websiteshot IN A 59.12.119.144
youtubedl IN A 59.12.119.144
wetty IN A 59.12.119.144
pikvm IN A 59.12.119.144
auth IN A 59.12.119.144
meshcentral IN A 59.12.119.144
내용에서
굵은색 부분을 수정하여 문제해결
2025.2.1(토)
`named-checkzone bkuse.com bkuse.com.zone` 계속해서 오류가 났었는데, 알고보니
`named-checkzone bkuse.com /var/cache/bind/bkuse.com.zone` 경로를 설정해 주지 않아서 였다.
접속이 원활하지 않아 opnsense 방화벽의 nat 포트포워딩 부분을 손댐
[[Opnsense에서 포트포워딩 사용하기]]
![[포트포워딩.JPG]] 참조
위에 53포트 프로토콜을 tcp로 변경하니 외부에서 접속이 안되었음
그래서 다시 원위치함. tcp/udp로..
opnsense->시스템->설정->일반->dns서버 항목에 168.126.63.1, 8.8.8.8 을
입력함.
npm(nginx proxy manager)에서 portainer에 접속(https://192.168.1.41:9443)이 접속이 되지 않아 npm의 해당주소(https://port.bkuse.com) 설정에서 모든 버튼을 활성화하니 접속이됨. 솔직히 무슨 관련인지는 모르겠음.
Reference in New Issue View Git Blame Copy Permalink