[Tutorial] : DNS Slave dengan Bind di Centos

 Author: Rhesa Mahendra.


DNS Slave dengan Bind di Centos

Setelah tutorial sebelumnya membahas mengenai installasi DNS server, kita akan coba membuat dns slave untuk antisipasi apabila DNS yang pertama (master) down, tutorial ini akan berjalan setelah tutorial sebelumnya berjalan, berikut ada tutorial singkatnya :

NS1 192.168.0.1
NS2 192.168.0.2
domain : contoh.com

1. Check Package Bind

[root@contoh ~]# rpm -qa bind*
bind-libs-9.2.4-2
bind-utils-9.2.4-2
bind-9.2.4-2

2. Setting file resolv.conf

[root@contoh ~]# nano /etc/resolv.conf
nameserver 192.168.0.1
nameserver 192.168.0.2

3. Setting file named.conf

[root@contoh ~]# nano /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//

options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
allow-transfer {208.99.198.184/32;};
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone “localhost” IN {
type master;
file “localhost.zone”;
allow-update { none; };
};

zone “contoh.com” IN {
type slave;
file “/var/named/contoh.com.zone”;
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };
};

zone “0.168.192.in-addr.arpa” IN {
type slave;
file “/var/named/0.168.192.rev”;
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };

};

include “/etc/rndc.key”;

4. Rubah permission pada folder /var/named

[root@contoh ~]# chmod 777 -Rvf /var/named/
mode of `/var/named/’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.zero’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localhost.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/data’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ca’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ip6.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localdomain.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.broadcast’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/slaves’ changed to 0777 (rwxrwxrwx)

5. Restart Service Bind

[root@contoh]# /etc/init.d/named restart
Stopping named: . [ OK ] Starting named: [ OK ]

6. File /var/named/contoh.com.zone otomatis akan di transfer ke ns2 atau slave menggunakan port 53, sehingga setiap perubahan akan otomatis di transfer ke ns2.

7. Kita coba perhatikan log nya, apa yang sebenarnya dilakukan

[root@contoh ~]# tail /var/log/messages
Aug 3 04:25:42 contoh named[9362]: listening on IPv4 interface venet0:0, 192.168.0.2#53
Aug 3 04:25:42 contoh named[9362]: command channel listening on 127.0.0.1#953
Aug 3 04:25:42 contoh named[9362]: zone localhost/IN: loaded serial 42
Aug 3 04:25:42 contoh named[9362]: running
Aug 3 04:25:42 contoh named[9362]: zone contoh.com/IN: transferred serial 100
Aug 3 04:25:42 contoh named[9362]: transfer of ‘contoh.com/IN’ from 192.168.0.1#53: end of transfer
Aug 3 04:25:42 contoh named[9362]: zone contoh.com/IN: sending notifies (serial 100)
Aug 3 04:25:43 contoh named[9362]: zone 0.168.192.in-addr.arpa/IN: transferred serial 100
Aug 3 04:25:43 contoh named[9362]: transfer of ’0.168.192.in-addr.arpa/IN’ from 192.168.0.1#53: end of transfer
Aug 3 04:25:43 contoh named[9362]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 100)

Terlihat ada file yang ditransfer pada log diatas, disitu dikatakan bahwa transfer of ……….
sebenarnya file tersebut di copy sehingga apabila NS1 dimatikan NS2 masih mempunyai backup konfigurasi (salinan)

8. Kita testing menggunakan nslookup

[root@contoh ~]# nslookup contoh.com
Server: 192.168.0.1
Address: 192.168.0.1#53

Name: contoh.com
Address: 192.168.0.1

Jawaban diatas terlihat domain masih menggunakan NS1, bagaimana klo NS1 mati?

9. Check file resolv.conf

[root@contoh ~]# cat /etc/resolv.conf
nameserver 192.168.0.1
nameserver 192.168.0.2

Disini domain akan memanggil NS2 karena NS1 sudah dimatikan lalu bagaimana dengan setting
file /etc/named dll??
setelah service dijalankan semua file di NS1 akan tercopy ke Ns2 sehingga konfigurasi akan
diambil dari file copy tadi.

10. Kita coba matikan NS1 dan kita lihat apa hasil menggunakan nslookup

[root@contoh ~]# nslookup contoh.com
Server: 192.168.0.2
Address: 192.168.0.2#53

Name: contoh.com
Address: 192.168.0.1

diatas dapat dilihat bahwa server dan adress sudah menggunakan IP 192.168.0.2
apabila ada masalah pada NS1, DNS akan tetap bisa berjalan..