DNS Cache server

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
Post Reply
User avatar
santenkelapa
Contact:

DNS Cache server

Post 22 Mar 2012, 14:20

teman2 sekalian,

Mau tanya ada yang pernah setting DNS cache server tak ..?
kalau ada tolong posting donk sekaligus pengertiannya soalnya saya agak ragu permahamannya ..
mohon bantuannya


User avatar
sipelaut
Contact:

Post 22 Mar 2012, 15:14

bind9 kah ??
atau unbound kah....??
klo iya !!!
hee....
ane juga lagi mo bikin.. tapi kok gak bisa2 yaa...???


User avatar
santenkelapa
Contact:

Post 03 Apr 2012, 10:37

alhamdulillah, solusinya udah ketemu pake pdnsd
:)

ini untuk jaringan lokal aja sih


User avatar
yonyonas
Contact:

Post 02 Jun 2012, 06:04

pakai unbound aja gan lebih mudah dan lebih simple


User avatar
sipelaut
Contact:

Post 02 Jun 2012, 20:46

hmm...
bisa disharing disini masbro konfigurasinya ?? dari A - Z heeee...
soalnya ane baca beberapa tutor ada yang ngaktifin shorewall segala nichh. takutnya bentrok dengan setingan iptables yang udah ada ???


User avatar
yonyonas
Contact:

Post 03 Jun 2012, 08:56

maksudnya cara install dns unbound gan


User avatar
yonyonas
Contact:

Post 03 Jun 2012, 09:24

ini langkahnya gan :

apt-get install unbound
cd /etc/unbound
wget ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:root unbound_*
chmod 440 unbound_*

Terus edit Config Unbondnya di :

/etc/unbound/unbound.conf

Dan saya menggunakan ini :

server:
verbosity: 1
statistics-interval: 120
num-threads: 1

interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 32m
rrset-cache-size: 64m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 20k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone lpcnet
local-zone: "lpc.net." static
local-data: "lpc.net. 86400 IN NS ns1.lpc.net."
local-data: "lpc.net. 86400 IN SOA lpc.net. hostmaster.lpc.net. 3 3600 1200 604800 86400"
local-data: "lpc.net. 86400 IN A 192.168.3.2"
local-data: "www.lpc.net. 86400 IN A 192.168.3.2"
local-data: "ns1.lpc.net. 86400 IN A 192.168.3.2"

#local-data: "mail.lpc.net. 86400 IN A 192.168.3.2"
#local-data: "lpc.net. 86400 IN MX 10 mail.lpc.net."
#local-data: "lpc.net. 86400 IN TXT v=spf1 a mx ~all"

local-zone: "3.168.192.in-addr.arpa." static
local-data: "3.168.192.in-addr.arpa. 10800 IN NS lpc.net."
local-data: "3.168.192.in-addr.arpa. 10800 IN SOA lpc.net. hostmaster.lpc.net. 4 3600 1200 604800 864000"
local-data: "2.3.168.192.in-addr.arpa. 10800 IN PTR lpc.net."

forward-zone:
name: "."
forward-addr: 203.130.196.5
forward-addr: 203.130.193.74
forward-addr: 222.124.204.34
forward-addr: 203.130.196.6
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-addr: 202.134.0.155
forward-addr: 203.130.196.155
forward-addr: 202.134.0.61
forward-addr: 125.160.2.226
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 61.94.192.12
forward-addr: 125.160.2.162
forward-addr: 203.130.206.250
forward-addr: 203.130.208.18
forward-addr: 203.130.209.242
forward-addr: 202.134.0.62
forward-addr: 222.124.18.62
forward-addr: 203.130.193.75
forward-addr: 202.134.1.5
forward-addr: 202.134.1.7
forward-addr: 125.160.14.189

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

Untuk local data sesuaikan dengan IP yang anda install Unbond terus silahkan cek filenya dl siapa tau ada yang error dengan perintah:

unbound-checkconf /etc/unbound/unbound.conf

Dan anda rubah setting nameserver di pc yang anda install unbound (ubuntu server anda)

/etc/resolv.conf
anda ganti dengan ini : nameserver 127.0.0.1

Terus restart unbond:

/etc/init.d/unbound restart

sekarang tes via terminal (consul di ubuntu)

root@lpcnet :~# nslookup 192.168.3.2 (sesuaikan dengan ip anda)

maka hasilnya akan seperti ini :

root@lpcnet :~# nslookup 192.168.3.2
Server: 127.0.0.1
Address: 127.0.0.1#53

2.3.168.192.in-addr.arpa name = lpc.net.

kalau hasil dah seperti itu berarti unbond dah jalan terus anda restart unbond

/etc/init.d/unbound restart

jika tulisan sudah [OK] berarti sobat berhasil menngInstall DNS Unbound


User avatar
sipelaut
Contact:

Post 04 Jun 2012, 09:43

bukan masbrooo
maksud saya installasi pdnsd
soalnya saya liat tutornya ada yang ngidupin shorewall segala
apa gak bentork tuchh ama iptables
atau memang gak harus ngidupin shorewall.. ???


User avatar
yonyonas
Contact:

Post 06 Jun 2012, 13:09

wah maaf kalau pdnsd saya blm pernah coba


User avatar
yonyonas
Contact:

Post 06 Jun 2012, 13:11

Dan saya pribadi lebih condong ke dns unbond soalnya sebab selama ini belum pernah ada kendala dan belum coba yang anda sebut itu


User avatar
n4z4r

Post 09 Jun 2012, 20:02

[spoiler]
yonyonas wrote:ini langkahnya gan :

apt-get install unbound
cd /etc/unbound
wget ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:root unbound_*
chmod 440 unbound_*

Terus edit Config Unbondnya di :

/etc/unbound/unbound.conf

Dan saya menggunakan ini :

server:
verbosity: 1
statistics-interval: 120
num-threads: 1

interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 32m
rrset-cache-size: 64m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 20k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone lpcnet
local-zone: "lpc.net." static
local-data: "lpc.net. 86400 IN NS ns1.lpc.net."
local-data: "lpc.net. 86400 IN SOA lpc.net. hostmaster.lpc.net. 3 3600 1200 604800 86400"
local-data: "lpc.net. 86400 IN A 192.168.3.2"
local-data: "www.lpc.net. 86400 IN A 192.168.3.2"
local-data: "ns1.lpc.net. 86400 IN A 192.168.3.2"

#local-data: "mail.lpc.net. 86400 IN A 192.168.3.2"
#local-data: "lpc.net. 86400 IN MX 10 mail.lpc.net."
#local-data: "lpc.net. 86400 IN TXT v=spf1 a mx ~all"

local-zone: "3.168.192.in-addr.arpa." static
local-data: "3.168.192.in-addr.arpa. 10800 IN NS lpc.net."
local-data: "3.168.192.in-addr.arpa. 10800 IN SOA lpc.net. hostmaster.lpc.net. 4 3600 1200 604800 864000"
local-data: "2.3.168.192.in-addr.arpa. 10800 IN PTR lpc.net."

forward-zone:
name: "."
forward-addr: 203.130.196.5
forward-addr: 203.130.193.74
forward-addr: 222.124.204.34
forward-addr: 203.130.196.6
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-addr: 202.134.0.155
forward-addr: 203.130.196.155
forward-addr: 202.134.0.61
forward-addr: 125.160.2.226
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 61.94.192.12
forward-addr: 125.160.2.162
forward-addr: 203.130.206.250
forward-addr: 203.130.208.18
forward-addr: 203.130.209.242
forward-addr: 202.134.0.62
forward-addr: 222.124.18.62
forward-addr: 203.130.193.75
forward-addr: 202.134.1.5
forward-addr: 202.134.1.7
forward-addr: 125.160.14.189

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

Untuk local data sesuaikan dengan IP yang anda install Unbond terus silahkan cek filenya dl siapa tau ada yang error dengan perintah:

unbound-checkconf /etc/unbound/unbound.conf

Dan anda rubah setting nameserver di pc yang anda install unbound (ubuntu server anda)

/etc/resolv.conf
anda ganti dengan ini : nameserver 127.0.0.1

Terus restart unbond:

/etc/init.d/unbound restart

sekarang tes via terminal (consul di ubuntu)

root@lpcnet :~# nslookup 192.168.3.2 (sesuaikan dengan ip anda)

maka hasilnya akan seperti ini :

root@lpcnet :~# nslookup 192.168.3.2
Server: 127.0.0.1
Address: 127.0.0.1#53

2.3.168.192.in-addr.arpa name = lpc.net.

kalau hasil dah seperti itu berarti unbond dah jalan terus anda restart unbond

/etc/init.d/unbound restart

jika tulisan sudah [OK] berarti sobat berhasil menngInstall DNS Unbound
[/spoiler]

192.168.3.2 itu IP Ubuntu Bapak ya?
kalau iya, apa yg berbau 192.168.3.2 itu harus di ganti. misalnya 2.3.168.192 itu?


User avatar
yonyonas
Contact:

Post 10 Jun 2012, 06:36

Ya (192.168.3.2)=merupakan IP tempat kita install DNS unbound


User avatar
duddy

Post 03 Oct 2012, 02:58

lagi nyimak gan ....


User avatar
q_p
Contact:

Post 14 Oct 2012, 17:06

@yonyonas =

Code: Select all

/etc/init.d/unbound restart
atau
service unbound restart
muncul =

Code: Select all

/etc/init.d/unbound restart
* Restarting recursive DNS server unbound
unbound[1109:0] warning: did not exit gracefully last time (892)      [ OK ]
Saya lebih prefer menggunakan =

Code: Select all

unbound-control stop
dan
unbound-control start
Silahkan dicoba.....


User avatar
jail

Post 20 Oct 2012, 17:31

ternyata lbh ribet ya.. drp config Bind9 :(
apa karena gw yg kurang familiar ama unbound :D

thanks atas sharing nya..


User avatar
kernelpanic

Post 20 Oct 2012, 21:24

dari sisi resource memori dns server mana ya yang lebih ringan ?


User avatar
q_p
Contact:

Post 20 Oct 2012, 22:47

@ Mas Jail dan KernelPanic
Barangkali tertarik, monggo ke sini dan sini.


User avatar
jail

Post 21 Oct 2012, 13:52

pragola_pati wrote:@ Mas Jail dan KernelPanic
Barangkali tertarik, monggo ke sini dan sini.
sepertinya mas pagoda ini mastah dalam bidang server GNU/Linux
semoga berkenan meracuni semua pengguna di sini, dengan ilmunya

alangkah baik nya kita nbahas semuanya di sini saja, agar bisa kita jadikan semacam catetan atau dokumentasi :D

bagaimana kalau kita bahsa unbound di sini saja??
============================================================

sudikah mas pagda sharing tentang unbound di sini?
kalau bisa sih berkas configurasinya, sedikit di share dimarih, agar kita bisa membahas nya pelan2 :D

dari link yg mas kasih, saya tertarik dengan kalimat ini;
"Unbound DNS cluster with BIND or NSD master server"

sorry "im bad english :("

kira2 selain menawarkan kecepatan, apa lagi yg dapat di tawarkan oleh unbound.

pada ubound, apakah mengenal istilah primary dal slave DNS ?
dapatkan unbound melayani request DNS sendiri (berdiri sendiri), tanpa perlu mengajukan request ke "root DNS"? (dalam kasus ini, unbound hanya melayani permintaan DNS local"

mohon petunjuk dan arahan nya

salam,
jail


User avatar
q_p
Contact:

Post 22 Oct 2012, 13:09

@jail.
sepertinya mas pagoda ini mastah dalam bidang server GNU/Linux
Wah, masih jauh mas. Saya juga bisa-nya dari forum ini kok.
kira2 selain menawarkan kecepatan, apa lagi yg dapat di tawarkan oleh unbound.
Dari yang yang baca2, Unbound itu ="cepat, handal, stabil dan sangat aman". Dan yang saya catat/sukai, Unbound mendukung multi-thread. Berikut contoh statistik yang saya ambil pada saat 3 user/client yang aktif =

Code: Select all

root@warnetersa:~# unbound-control stats
thread0.num.queries=8
thread0.num.cachehits=7
thread0.num.cachemiss=1
thread0.num.recursivereplies=1
thread0.requestlist.avg=0
thread0.requestlist.max=0
thread0.requestlist.overwritten=0
thread0.requestlist.exceeded=0
thread0.requestlist.current.all=0
thread0.requestlist.current.user=0
thread0.recursion.time.avg=0.126261
thread0.recursion.time.median=0
thread1.num.queries=8
thread1.num.cachehits=6
thread1.num.cachemiss=2
thread1.num.recursivereplies=2
thread1.requestlist.avg=0
thread1.requestlist.max=0
thread1.requestlist.overwritten=0
thread1.requestlist.exceeded=0
thread1.requestlist.current.all=0
thread1.requestlist.current.user=0
thread1.recursion.time.avg=0.174564
thread1.recursion.time.median=0
thread2.num.queries=27
thread2.num.cachehits=27
thread2.num.cachemiss=0
thread2.num.recursivereplies=0
thread2.requestlist.avg=0
thread2.requestlist.max=0
thread2.requestlist.overwritten=0
thread2.requestlist.exceeded=0
thread2.requestlist.current.all=0
thread2.requestlist.current.user=0
thread2.recursion.time.avg=0.000000
thread2.recursion.time.median=0
thread3.num.queries=9
thread3.num.cachehits=9
thread3.num.cachemiss=0
thread3.num.recursivereplies=0
thread3.requestlist.avg=0
thread3.requestlist.max=0
thread3.requestlist.overwritten=0
thread3.requestlist.exceeded=0
thread3.requestlist.current.all=0
thread3.requestlist.current.user=0
thread3.recursion.time.avg=0.000000
thread3.recursion.time.median=0
total.num.queries=52
total.num.cachehits=49
total.num.cachemiss=3
total.num.recursivereplies=3
total.requestlist.avg=0
total.requestlist.max=0
total.requestlist.overwritten=0
total.requestlist.exceeded=0
total.requestlist.current.all=0
total.requestlist.current.user=0
total.recursion.time.avg=0.158463
total.recursion.time.median=0
time.now=1350885111.726615
time.up=301502.743911
time.elapsed=1430.360619
pada ubound, apakah mengenal istilah primary dal slave DNS ?
Tidak seperti Bind, setahu saya Unbound tidak ada fitur Primary-Slave. Tetapi bisa memanfaatkan BIND (named) atau NSD (Name Server Daemon) sebagai authoritative DNS. Yang terakhir ini, saya tidak pernah coba.
dapatkan unbound melayani request DNS sendiri (berdiri sendiri), tanpa perlu mengajukan request ke "root DNS"? (dalam kasus ini, unbound hanya melayani permintaan DNS local"
Kalau yang dimaksud adalah root.hints di Unbound atau db.root di Bind, kayaknya kok gak bisa ya.
CMIIW dan smoga membantu.


User avatar
jail

Post 22 Oct 2012, 13:36

pragola_pati wrote:@jail.
sepertinya mas pagoda ini mastah dalam bidang server GNU/Linux
Wah, masih jauh mas. Saya juga bisa-nya dari forum ini kok.
kira2 selain menawarkan kecepatan, apa lagi yg dapat di tawarkan oleh unbound.
Dari yang yang baca2, Unbound itu ="cepat, handal, stabil dan sangat aman". Dan yang saya catat/sukai, Unbound mendukung multi-thread. Berikut contoh statistik yang saya ambil pada saat 3 user/client yang aktif =

Code: Select all

root@warnetersa:~# unbound-control stats
thread0.num.queries=8
thread0.num.cachehits=7
thread0.num.cachemiss=1
thread0.num.recursivereplies=1
thread0.requestlist.avg=0
thread0.requestlist.max=0
thread0.requestlist.overwritten=0
thread0.requestlist.exceeded=0
thread0.requestlist.current.all=0
thread0.requestlist.current.user=0
thread0.recursion.time.avg=0.126261
thread0.recursion.time.median=0
thread1.num.queries=8
thread1.num.cachehits=6
thread1.num.cachemiss=2
thread1.num.recursivereplies=2
thread1.requestlist.avg=0
thread1.requestlist.max=0
thread1.requestlist.overwritten=0
thread1.requestlist.exceeded=0
thread1.requestlist.current.all=0
thread1.requestlist.current.user=0
thread1.recursion.time.avg=0.174564
thread1.recursion.time.median=0
thread2.num.queries=27
thread2.num.cachehits=27
thread2.num.cachemiss=0
thread2.num.recursivereplies=0
thread2.requestlist.avg=0
thread2.requestlist.max=0
thread2.requestlist.overwritten=0
thread2.requestlist.exceeded=0
thread2.requestlist.current.all=0
thread2.requestlist.current.user=0
thread2.recursion.time.avg=0.000000
thread2.recursion.time.median=0
thread3.num.queries=9
thread3.num.cachehits=9
thread3.num.cachemiss=0
thread3.num.recursivereplies=0
thread3.requestlist.avg=0
thread3.requestlist.max=0
thread3.requestlist.overwritten=0
thread3.requestlist.exceeded=0
thread3.requestlist.current.all=0
thread3.requestlist.current.user=0
thread3.recursion.time.avg=0.000000
thread3.recursion.time.median=0
total.num.queries=52
total.num.cachehits=49
total.num.cachemiss=3
total.num.recursivereplies=3
total.requestlist.avg=0
total.requestlist.max=0
total.requestlist.overwritten=0
total.requestlist.exceeded=0
total.requestlist.current.all=0
total.requestlist.current.user=0
total.recursion.time.avg=0.158463
total.recursion.time.median=0
time.now=1350885111.726615
time.up=301502.743911
time.elapsed=1430.360619
pada ubound, apakah mengenal istilah primary dal slave DNS ?
Tidak seperti Bind, setahu saya Unbound tidak ada fitur Primary-Slave. Tetapi bisa memanfaatkan BIND (named) atau NSD (Name Server Daemon) sebagai authoritative DNS. Yang terakhir ini, saya tidak pernah coba.
dapatkan unbound melayani request DNS sendiri (berdiri sendiri), tanpa perlu mengajukan request ke "root DNS"? (dalam kasus ini, unbound hanya melayani permintaan DNS local"
Kalau yang dimaksud adalah root.hints di Unbound atau db.root di Bind, kayaknya kok gak bisa ya.
CMIIW dan smoga membantu.
hmmm patut di coba sepertinya :D
terimah kasih atas bimbingan nya Mas...
nanti kalau ade yg mau bangun DNS, aye mau tetsing pake ubound...


User avatar
myitanium
Contact:

Post 26 Oct 2012, 22:09

kenapa gak pakai DNSMASQ aja sebagai dns-cache??
ente cuman perlu ubah 3 baris di konfigurasinya. Coba search aja:
"dnsmasq DNS cache"

saya pakai di kantor selama ini gak pernah ada masalah sama sekali, overkill klo pakai Bind9 klo hanya untuk DNS cache.
Bind9 cocok dipakai untuk DNS server yang menangani akses publik dalam trafik besar, misal DNS nya telkom.

klo cuman dns-cache, dnsmasq aja udah cukup buanget gan...


User avatar
q_p
Contact:

Post 27 Oct 2012, 14:48

@mytanium = mungkin tentang preferensi saja mas.


User avatar
rizaaal
Contact:

Post 29 Oct 2012, 22:16

loh jadi apa bedanya bind sama unbound sih mas? aku kok gamudeng ya :confused:


User avatar
q_p
Contact:

Post 29 Oct 2012, 22:40

@rizal :
Kalo maksudnya mau membandingkan, coba link ini.
Semoga mambantu.


User avatar
jail

Post 02 Nov 2012, 01:33

myitanium wrote:kenapa gak pakai DNSMASQ aja sebagai dns-cache??
ente cuman perlu ubah 3 baris di konfigurasinya. Coba search aja:
"dnsmasq DNS cache"

saya pakai di kantor selama ini gak pernah ada masalah sama sekali, overkill klo pakai Bind9 klo hanya untuk DNS cache.
Bind9 cocok dipakai untuk DNS server yang menangani akses publik dalam trafik besar, misal DNS nya telkom.

klo cuman dns-cache, dnsmasq aja udah cukup buanget gan...
dnsmasq itu sejenis ama dns forwarding ya mas atau gimana, mohon pencerahan nya...


User avatar
dja

Post 03 Dec 2012, 16:23

edit dnsmasq bagaimana ya mas di ubuntu 12.4 biar maksimal?


User avatar
dja

Post 04 Dec 2012, 16:33

ok mas mksh


User avatar
budi11
Contact:

Post 06 Dec 2012, 20:22

DNS Server merupakan aplikasi pengelola domain sekaligus penerjemah alamat teks menjadi IP. Selain itu DNS juga menjadi pengarah surat elektronik (email) ke domain tujuan melalui MX Record. Cara paling mudah melakukan konfigurasi DNS BIND9 adalah dengan menggunakan webmin.
webmin dapat di download di
http://www.webmin.com
pilih file debian kemudian install
Lalu install aplikasi DNS BIND9
apt-get install bind9
Konfigurasi lanjutan DNS BIND9 ada di situs saya silahkan berkunjung.


User avatar
dja

Post 15 Jan 2013, 05:45

yonyonas wrote:ini langkahnya gan :

apt-get install unbound
cd /etc/unbound
wget ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:root unbound_*
chmod 440 unbound_*

Terus edit Config Unbondnya di :

/etc/unbound/unbound.conf

Dan saya menggunakan ini :

server:
verbosity: 1
statistics-interval: 120
num-threads: 1

interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 32m
rrset-cache-size: 64m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 20k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone lpcnet
local-zone: "lpc.net." static
local-data: "lpc.net. 86400 IN NS ns1.lpc.net."
local-data: "lpc.net. 86400 IN SOA lpc.net. hostmaster.lpc.net. 3 3600 1200 604800 86400"
local-data: "lpc.net. 86400 IN A 192.168.3.2"
local-data: "www.lpc.net. 86400 IN A 192.168.3.2"
local-data: "ns1.lpc.net. 86400 IN A 192.168.3.2"

#local-data: "mail.lpc.net. 86400 IN A 192.168.3.2"
#local-data: "lpc.net. 86400 IN MX 10 mail.lpc.net."
#local-data: "lpc.net. 86400 IN TXT v=spf1 a mx ~all"

local-zone: "3.168.192.in-addr.arpa." static
local-data: "3.168.192.in-addr.arpa. 10800 IN NS lpc.net."
local-data: "3.168.192.in-addr.arpa. 10800 IN SOA lpc.net. hostmaster.lpc.net. 4 3600 1200 604800 864000"
local-data: "2.3.168.192.in-addr.arpa. 10800 IN PTR lpc.net."

forward-zone:
name: "."
forward-addr: 203.130.196.5
forward-addr: 203.130.193.74
forward-addr: 222.124.204.34
forward-addr: 203.130.196.6
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-addr: 202.134.0.155
forward-addr: 203.130.196.155
forward-addr: 202.134.0.61
forward-addr: 125.160.2.226
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 61.94.192.12
forward-addr: 125.160.2.162
forward-addr: 203.130.206.250
forward-addr: 203.130.208.18
forward-addr: 203.130.209.242
forward-addr: 202.134.0.62
forward-addr: 222.124.18.62
forward-addr: 203.130.193.75
forward-addr: 202.134.1.5
forward-addr: 202.134.1.7
forward-addr: 125.160.14.189

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

Untuk local data sesuaikan dengan IP yang anda install Unbond terus silahkan cek filenya dl siapa tau ada yang error dengan perintah:

unbound-checkconf /etc/unbound/unbound.conf

Dan anda rubah setting nameserver di pc yang anda install unbound (ubuntu server anda)

/etc/resolv.conf
anda ganti dengan ini : nameserver 127.0.0.1

Terus restart unbond:

/etc/init.d/unbound restart

sekarang tes via terminal (consul di ubuntu)

root@lpcnet :~# nslookup 192.168.3.2 (sesuaikan dengan ip anda)

maka hasilnya akan seperti ini :

root@lpcnet :~# nslookup 192.168.3.2
Server: 127.0.0.1
Address: 127.0.0.1#53

2.3.168.192.in-addr.arpa name = lpc.net.

kalau hasil dah seperti itu berarti unbond dah jalan terus anda restart unbond

/etc/init.d/unbound restart

jika tulisan sudah [OK] berarti sobat berhasil menngInstall DNS Unbound



kalau semisal saya pakai dns ubound apakah dipc klient juga ikut diset pakai dns server ubound juga?


Post Reply

Who is online

Users browsing this forum: No registered users and 44 guests