DNS Cache server

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
santenkelapa
Posts: 182
Joined: 29 Jan 2012, 03:47
Location: pondok labu
Contact:

DNS Cache server

Postby santenkelapa » 22 Mar 2012, 14:20

teman2 sekalian,

Mau tanya ada yang pernah setting DNS cache server tak ..?
kalau ada tolong posting donk sekaligus pengertiannya soalnya saya agak ragu permahamannya ..
mohon bantuannya
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: DNS Cache server

Postby sipelaut » 22 Mar 2012, 15:14

bind9 kah ??
atau unbound kah....??
klo iya !!!
hee....
ane juga lagi mo bikin.. tapi kok gak bisa2 yaa...???
User avatar
santenkelapa
Posts: 182
Joined: 29 Jan 2012, 03:47
Location: pondok labu
Contact:

Re: DNS Cache server

Postby santenkelapa » 03 Apr 2012, 10:37

alhamdulillah, solusinya udah ketemu pake pdnsd
:)

ini untuk jaringan lokal aja sih
User avatar
yonyonas
Posts: 18
Joined: 13 May 2012, 15:52
Contact:

Re: DNS Cache server

Postby yonyonas » 02 Jun 2012, 06:04

pakai unbound aja gan lebih mudah dan lebih simple
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: DNS Cache server

Postby sipelaut » 02 Jun 2012, 20:46

hmm...
bisa disharing disini masbro konfigurasinya ?? dari A - Z heeee...
soalnya ane baca beberapa tutor ada yang ngaktifin shorewall segala nichh. takutnya bentrok dengan setingan iptables yang udah ada ???
User avatar
yonyonas
Posts: 18
Joined: 13 May 2012, 15:52
Contact:

Re: DNS Cache server

Postby yonyonas » 03 Jun 2012, 08:56

maksudnya cara install dns unbound gan
User avatar
yonyonas
Posts: 18
Joined: 13 May 2012, 15:52
Contact:

Re: DNS Cache server

Postby yonyonas » 03 Jun 2012, 09:24

ini langkahnya gan :

apt-get install unbound
cd /etc/unbound
wget ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:root unbound_*
chmod 440 unbound_*

Terus edit Config Unbondnya di :

/etc/unbound/unbound.conf

Dan saya menggunakan ini :

server:
verbosity: 1
statistics-interval: 120
num-threads: 1

interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 32m
rrset-cache-size: 64m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 20k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone lpcnet
local-zone: "lpc.net." static
local-data: "lpc.net. 86400 IN NS ns1.lpc.net."
local-data: "lpc.net. 86400 IN SOA lpc.net. hostmaster.lpc.net. 3 3600 1200 604800 86400"
local-data: "lpc.net. 86400 IN A 192.168.3.2"
local-data: "www.lpc.net. 86400 IN A 192.168.3.2"
local-data: "ns1.lpc.net. 86400 IN A 192.168.3.2"

#local-data: "mail.lpc.net. 86400 IN A 192.168.3.2"
#local-data: "lpc.net. 86400 IN MX 10 mail.lpc.net."
#local-data: "lpc.net. 86400 IN TXT v=spf1 a mx ~all"

local-zone: "3.168.192.in-addr.arpa." static
local-data: "3.168.192.in-addr.arpa. 10800 IN NS lpc.net."
local-data: "3.168.192.in-addr.arpa. 10800 IN SOA lpc.net. hostmaster.lpc.net. 4 3600 1200 604800 864000"
local-data: "2.3.168.192.in-addr.arpa. 10800 IN PTR lpc.net."

forward-zone:
name: "."
forward-addr: 203.130.196.5
forward-addr: 203.130.193.74
forward-addr: 222.124.204.34
forward-addr: 203.130.196.6
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-addr: 202.134.0.155
forward-addr: 203.130.196.155
forward-addr: 202.134.0.61
forward-addr: 125.160.2.226
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 61.94.192.12
forward-addr: 125.160.2.162
forward-addr: 203.130.206.250
forward-addr: 203.130.208.18
forward-addr: 203.130.209.242
forward-addr: 202.134.0.62
forward-addr: 222.124.18.62
forward-addr: 203.130.193.75
forward-addr: 202.134.1.5
forward-addr: 202.134.1.7
forward-addr: 125.160.14.189

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

Untuk local data sesuaikan dengan IP yang anda install Unbond terus silahkan cek filenya dl siapa tau ada yang error dengan perintah:

unbound-checkconf /etc/unbound/unbound.conf

Dan anda rubah setting nameserver di pc yang anda install unbound (ubuntu server anda)

/etc/resolv.conf
anda ganti dengan ini : nameserver 127.0.0.1

Terus restart unbond:

/etc/init.d/unbound restart

sekarang tes via terminal (consul di ubuntu)

root@lpcnet :~# nslookup 192.168.3.2 (sesuaikan dengan ip anda)

maka hasilnya akan seperti ini :

root@lpcnet :~# nslookup 192.168.3.2
Server: 127.0.0.1
Address: 127.0.0.1#53

2.3.168.192.in-addr.arpa name = lpc.net.

kalau hasil dah seperti itu berarti unbond dah jalan terus anda restart unbond

/etc/init.d/unbound restart

jika tulisan sudah [OK] berarti sobat berhasil menngInstall DNS Unbound
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: DNS Cache server

Postby sipelaut » 04 Jun 2012, 09:43

bukan masbrooo
maksud saya installasi pdnsd
soalnya saya liat tutornya ada yang ngidupin shorewall segala
apa gak bentork tuchh ama iptables
atau memang gak harus ngidupin shorewall.. ???
User avatar
yonyonas
Posts: 18
Joined: 13 May 2012, 15:52
Contact:

Re: DNS Cache server

Postby yonyonas » 06 Jun 2012, 13:09

wah maaf kalau pdnsd saya blm pernah coba
User avatar
yonyonas
Posts: 18
Joined: 13 May 2012, 15:52
Contact:

Re: DNS Cache server

Postby yonyonas » 06 Jun 2012, 13:11

Dan saya pribadi lebih condong ke dns unbond soalnya sebab selama ini belum pernah ada kendala dan belum coba yang anda sebut itu
User avatar
n4z4r
Posts: 14
Joined: 29 Feb 2012, 22:47

Re: DNS Cache server

Postby n4z4r » 09 Jun 2012, 20:02

Tampilkan
[quote=yonyonas]ini langkahnya gan :

apt-get install unbound
cd /etc/unbound
wget ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:root unbound_*
chmod 440 unbound_*

Terus edit Config Unbondnya di :

/etc/unbound/unbound.conf

Dan saya menggunakan ini :

server:
verbosity: 1
statistics-interval: 120
num-threads: 1

interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 32m
rrset-cache-size: 64m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 20k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone lpcnet
local-zone: "lpc.net." static
local-data: "lpc.net. 86400 IN NS ns1.lpc.net."
local-data: "lpc.net. 86400 IN SOA lpc.net. hostmaster.lpc.net. 3 3600 1200 604800 86400"
local-data: "lpc.net. 86400 IN A 192.168.3.2"
local-data: "www.lpc.net. 86400 IN A 192.168.3.2"
local-data: "ns1.lpc.net. 86400 IN A 192.168.3.2"

#local-data: "mail.lpc.net. 86400 IN A 192.168.3.2"
#local-data: "lpc.net. 86400 IN MX 10 mail.lpc.net."
#local-data: "lpc.net. 86400 IN TXT v=spf1 a mx ~all"

local-zone: "3.168.192.in-addr.arpa." static
local-data: "3.168.192.in-addr.arpa. 10800 IN NS lpc.net."
local-data: "3.168.192.in-addr.arpa. 10800 IN SOA lpc.net. hostmaster.lpc.net. 4 3600 1200 604800 864000"
local-data: "2.3.168.192.in-addr.arpa. 10800 IN PTR lpc.net."

forward-zone:
name: "."
forward-addr: 203.130.196.5
forward-addr: 203.130.193.74
forward-addr: 222.124.204.34
forward-addr: 203.130.196.6
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-addr: 202.134.0.155
forward-addr: 203.130.196.155
forward-addr: 202.134.0.61
forward-addr: 125.160.2.226
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 61.94.192.12
forward-addr: 125.160.2.162
forward-addr: 203.130.206.250
forward-addr: 203.130.208.18
forward-addr: 203.130.209.242
forward-addr: 202.134.0.62
forward-addr: 222.124.18.62
forward-addr: 203.130.193.75
forward-addr: 202.134.1.5
forward-addr: 202.134.1.7
forward-addr: 125.160.14.189

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

Untuk local data sesuaikan dengan IP yang anda install Unbond terus silahkan cek filenya dl siapa tau ada yang error dengan perintah:

unbound-checkconf /etc/unbound/unbound.conf

Dan anda rubah setting nameserver di pc yang anda install unbound (ubuntu server anda)

/etc/resolv.conf
anda ganti dengan ini : nameserver 127.0.0.1

Terus restart unbond:

/etc/init.d/unbound restart

sekarang tes via terminal (consul di ubuntu)

root@lpcnet :~# nslookup 192.168.3.2 (sesuaikan dengan ip anda)

maka hasilnya akan seperti ini :

root@lpcnet :~# nslookup 192.168.3.2
Server: 127.0.0.1
Address: 127.0.0.1#53

2.3.168.192.in-addr.arpa name = lpc.net.

kalau hasil dah seperti itu berarti unbond dah jalan terus anda restart unbond

/etc/init.d/unbound restart

jika tulisan sudah [OK] berarti sobat berhasil menngInstall DNS Unbound



192.168.3.2 itu IP Ubuntu Bapak ya?
kalau iya, apa yg berbau 192.168.3.2 itu harus di ganti. misalnya 2.3.168.192 itu?