DNS


$ vim  /etc/unbound/unbound.conf

server:
        access-control: 192.168.0.0/16 allow
        auto-trust-anchor-file: "/etc/unbound/root.anchor"
        chroot: ""
        do-ip6: no
        directory: "/etc/unbound"
        dlv-anchor-file: "/etc/unbound/dlv.isc.org.key"
        extended-statistics: yes
        harden-below-nxdomain: yes
        harden-dnssec-stripped: yes
        harden-glue: yes
        harden-referral-path: yes
        include: /etc/unbound/local.d/*.conf
        interface: 192.168.1.10
        interface: 127.0.0.1
        log-time-ascii: yes
        num-threads: 2
        pidfile: "/var/run/unbound/unbound.pid"
        prefetch-key: yes
        prefetch: yes
        statistics-cumulative: no
        statistics-interval: 0
        trusted-keys-file: /etc/unbound/keys.d/*.key
        unwanted-reply-threshold: 10000000
        use-caps-for-id: no
        username: "unbound"
        val-clean-additional: yes
        val-log-level: 1
        val-permissive-mode: no
        verbosity: 1

remote-control:
        control-enable: yes
        server-key-file: "/etc/unbound/unbound_server.key"
        server-cert-file: "/etc/unbound/unbound_server.pem"
        control-key-file: "/etc/unbound/unbound_control.key"
        control-cert-file: "/etc/unbound/unbound_control.pem"

include: /etc/unbound/conf.d/*.conf


vim  /etc/unbound/conf.d/intra.office.jp.conf

server:
        local-zone: "intra.office.jp." static
        local-data: "redmine.intra.office.jp. IN A 192.168.1.10"
        local-data: "jenkins.intra.office.jp. IN A 192.168.1.10"
        local-data: "gyazo.intra.office.jp. IN A 192.168.1.10"

DHCP

$ vim /etc/dhcp/dhcpd.conf

#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample
#   see 'man 5 dhcpd.conf'
#
option domain-name "intra.office.jp";
#option domain-name-servers 8.8.8.8, 8.8.4.4;
option domain-name-servers 192.168.1.10, 8.8.8.8;

subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.50 192.168.1.254;
    option routers 192.168.1.1;
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.1.255;
    option netbios-name-servers 192.168.1.1;
    option netbios-dd-server 192.168.1.1;
    option netbios-node-type 8;
    default-lease-time 600;
    max-lease-time 7200;
}


上記設定後、ルータのDHCP機能を切り、下記の通りクライアントがDNSサーバの情報を取得できていたらOK



blog comments powered by Disqus

Categories

Tags

iPhone Sales

Books

Pinboard