Configurando um servidor DNS e DHCP na rede
Galera, como todos meus outros artigos digo que isso não é receita de bolo e que eu sei que na internet está cheio de artigos ensinando a montar o mesmo servidor. Mas todos esses artigos da internet ensinam a fazer um ou outro servidor, então resolvi montar os dois e postar minha experiência. E lembrem-se: aprender é fundamental.
[ Hits: 69.655 ]
Por: Perfil removido em 16/02/2011
Script para automação da instalação
Este script foi obtido na internet no site descrito em bibliografia e seu autor está descriminado no próprio script, eu não o testei, mas fica como dica.
Segue o mesmo:
O código abaixo pode ser obtido aqui.
Após preparado o script, basta dar permissão de execução para ele e segui-lo.
Segue o mesmo:
O código abaixo pode ser obtido aqui.
#!/bin/bash
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#Sistema de Configuração de Servidores Bind9
#Desenvolvido por Douglas Q. dos Santos
#<douglashx@gmail.com>
# Criado em 19/10/2009 - Ultima alteração em 19/10/2009
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
######################COMANDOS UTILIZADOS NO SCRIPT#############
APTITUDE=$(which aptitude)
CAT=$(which cat)
CHMOD=$(which chmod)
CHOWN=$(which chown)
DATA=$(which date)
LN=$(which ln)
MKDIR=$(which mkdir)
MKNOD=$(which mknod)
MV=$(which mv)
SLEEP=$(which sleep)
CUT=$(which cut)
############################################################
###################CAMINHO DA JAULA DO BIND######################
PATH_BIND="/var/lib/named"
############################################################
###################VARIÁVEIS PARA A CONFIGURAÇÃO DAS ZONAS#########
echo -n "Forneça o nome do domínio a ser configurado (dominio.com.br): "
read DOMAIN
echo -n "Forneça a faixa de IP da rede valida (ip/mask EX:10.10.10.0/24): "
read NETWORK_RANGE
echo -n "Forneça o endereço IP do servidor NS1 (ip): "
read NS1_IP
echo -n "Forneça o endereço IP do servidor NS2 (ip): "
read NS2_IP
echo -n "Forneça o endereço IP do servidor MX (ip): "
read MX_IP
echo -n "Forneça o endereço IP do servidor WWW (ip): "
read WWW_IP
echo
############################################################
######################INSTALAÇÃO DOS PACOTES####################
echo "A instalação sera iniciada em 5 segundos"
${SLEEP} 5
${APTITUDE} update
${APTITUDE} install bind9 dnsutils -y
/etc/init.d/bind9 stop
#############################################################
######################CRIAÇÃO DA ARVORE DE DIRETÓRIOS##############
${MKDIR} -p ${PATH_BIND}/etc
${MKDIR} -p ${PATH_BIND}/dev
${MKDIR} -p ${PATH_BIND}/var/cache/bind
${MKDIR} -p ${PATH_BIND}/var/run/bind/run
${MKNOD} ${PATH_BIND}/dev/null c 1 3
${MKNOD} ${PATH_BIND}/dev/random c 1 8
######################AJUSTANDO PERMISSÕES#######################
${CHMOD} 666 ${PATH_BIND}/dev/null ${PATH_BIND}/dev/random
${CHOWN} -R bind:bind ${PATH_BIND}/var/*
${MV} /etc/bind ${PATH_BIND}/etc
${LN} -s ${PATH_BIND}/etc/bind /etc/bind
${CHOWN} -R bind:bind ${PATH_BIND}/etc/bind
######################AJUSTANDO O ARQUIVO /etc/default/bind9############
${CAT} <<EOF > /etc/default/bind9
#/etc/default/bind9
RESOLVCONF=yes
# startup options for the server
#OPTIONS="-u bind"
OPTIONS="-u bind -t ${PATH_BIND}"
EOF
##############################################################
######################AJUSTANDO O ARQUIVO /etc/resolv.conf#############
${CAT} <<EOF > /etc/resolv.conf
domain ${DOMAIN}
nameserver 127.0.0.1
EOF
##############################################################
######################EXTRAINDO O ENDEREÇO REVERSO DO NS1###########
REV3=$(echo ${NS1_IP} | cut -d '.' -f 3)
REV2=$(echo ${NS1_IP} | cut -d '.' -f 2)
REV1=$(echo ${NS1_IP} | cut -d '.' -f 1)
IP_REVERSE=${REV3}.${REV2}.${REV1}
######################AJUSTANDO O ARQUIVO /etc/bind/named.conf.options#####
${MV} ${PATH_BIND}/etc/bind/named.conf.options ${PATH_BIND}/etc/bind/named.conf.options.orig
${CAT} <<EOF > ${PATH_BIND}/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
listen-on { 127.0.0.1/32; ${NETWORK_RANGE}; };
allow-query { any; };
allow-recursion { 127.0.0.1/32; };
allow-transfer { none; };
version "Nao disponível";
};
EOF
###############################################################
#######################AJUSTANDO O ARQUIVO /etc/bind/named.conf.local#######
${MV} ${PATH_BIND}/etc/bind/named.conf ${PATH_BIND}/etc/bind/named.conf.orig
${CAT} <<EOF > ${PATH_BIND}/etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "${DOMAIN}" {
type master;
file "db.${DOMAIN}";
allow-transfer { ${NS2_IP}; };
};
zone "${IP_REVERSE}.in-addr.arpa" {
type master;
file "db.${IP_REVERSE}";
allow-transfer { ${NS2_IP}; };
};
include "/etc/bind/named.conf.local";
EOF
#################################################################
###############AJUSTANDO O ARQUIVO /var/lib/named/var/cache/bind/db.dominio.com.br##
${CAT} <<EOF > ${PATH_BIND}/var/cache/bind/db.${DOMAIN}
`echo '$TTL 86400'`
@ IN SOA dns.${DOMAIN}. root.dns.${DOMAIN}. (
`date +%Y%m%d`01 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
3600 ) ; Minimum
;
@ IN NS ${DOMAIN}.
@ IN NS ns1.${DOMAIN}.
@ IN NS ns2.${DOMAIN}.
@ IN MX 0 mail.${DOMAIN}.
;NAME SERVERS
@ IN A ${NS1_IP}
ns1 IN A ${NS1_IP}
ns2 IN A ${NS2_IP}
dns IN A ${NS1_IP}
;MAIL SERVERS
mail IN A ${MX_IP}
imap IN CNAME mail
pop IN CNAME mail
smtp IN CNAME mail
webmail IN CNAME mail
;WEB SERVERS
adm IN A ${WWW_IP}
www IN A ${WWW_IP}
ftp IN CNAME www
dbadmin IN CNAME www
mailadmin IN CNAME www
EOF
#####################################################################
#####################RETIRANDO OS ENDEREÇOS FINAIS PARA O ARQUIVO REVERSO######
REV_NS1=$(echo ${NS1_IP} | cut -d '.' -f 4)
REV_NS2=$(echo ${NS2_IP} | cut -d '.' -f 4)
REV_MX=$(echo ${MX_IP} | cut -d '.' -f 4)
REV_WWW=$(echo ${WWW_IP} | cut -d '.' -f 4)
#####################################################################
##########AJUSTANDO O ARQUIVO /var/lib/named/var/cache/bind/db.10.10.10###############
${CAT} <<EOF > ${PATH_BIND}/var/cache/bind/db.${IP_REVERSE}
`echo '$TTL 86400'`
@ IN SOA dns.${DOMAIN}. root.dns.${DOMAIN}. (
`date +%Y%m%d`01 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
3600 ) ; Minimum
;
@ IN NS ${DOMAIN}.
@ IN NS ns1.${DOMAIN}.
@ IN NS ns2.${DOMAIN}.
@ IN MX 0 mail.${DOMAIN}.
;NAME SERVERS
${REV_NS1} IN PTR ${DOMAIN}.
${REV_NS1} IN PTR ns1.${DOMAIN}.
${REV_NS2} IN PTR ns2.${DOMAIN}.
${REV_NS1} IN PTR dns.${DOMAIN}.
;MAIL SERVERS
${REV_MX} IN PTR mail.${DOMAIN}.
;WEB SERVERS
${REV_WWW} IN PTR adm.${DOMAIN}.
${REV_WWW} IN PTR www.${DOMAIN}.
EOF
####################################################################
#########################INICIANDO OS SERVIÇOS##########################
/etc/init.d/bind9 start
#/etc/init.d/bind9 start
####################################################################
###########################MENSAGEM DE FINALIZAÇÃO######################
echo
echo "INSTALAÇÃO FINALIZADA"
echo "Faca os ajustes necessários e reinicie o serviço *bind9*"
echo "Os Logs serão gerados no arquivo /var/log/syslog "
echo
####################################################################
exit 0
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#Sistema de Configuração de Servidores Bind9
#Desenvolvido por Douglas Q. dos Santos
#<douglashx@gmail.com>
# Criado em 19/10/2009 - Ultima alteração em 19/10/2009
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
######################COMANDOS UTILIZADOS NO SCRIPT#############
APTITUDE=$(which aptitude)
CAT=$(which cat)
CHMOD=$(which chmod)
CHOWN=$(which chown)
DATA=$(which date)
LN=$(which ln)
MKDIR=$(which mkdir)
MKNOD=$(which mknod)
MV=$(which mv)
SLEEP=$(which sleep)
CUT=$(which cut)
############################################################
###################CAMINHO DA JAULA DO BIND######################
PATH_BIND="/var/lib/named"
############################################################
###################VARIÁVEIS PARA A CONFIGURAÇÃO DAS ZONAS#########
echo -n "Forneça o nome do domínio a ser configurado (dominio.com.br): "
read DOMAIN
echo -n "Forneça a faixa de IP da rede valida (ip/mask EX:10.10.10.0/24): "
read NETWORK_RANGE
echo -n "Forneça o endereço IP do servidor NS1 (ip): "
read NS1_IP
echo -n "Forneça o endereço IP do servidor NS2 (ip): "
read NS2_IP
echo -n "Forneça o endereço IP do servidor MX (ip): "
read MX_IP
echo -n "Forneça o endereço IP do servidor WWW (ip): "
read WWW_IP
echo
############################################################
######################INSTALAÇÃO DOS PACOTES####################
echo "A instalação sera iniciada em 5 segundos"
${SLEEP} 5
${APTITUDE} update
${APTITUDE} install bind9 dnsutils -y
/etc/init.d/bind9 stop
#############################################################
######################CRIAÇÃO DA ARVORE DE DIRETÓRIOS##############
${MKDIR} -p ${PATH_BIND}/etc
${MKDIR} -p ${PATH_BIND}/dev
${MKDIR} -p ${PATH_BIND}/var/cache/bind
${MKDIR} -p ${PATH_BIND}/var/run/bind/run
${MKNOD} ${PATH_BIND}/dev/null c 1 3
${MKNOD} ${PATH_BIND}/dev/random c 1 8
######################AJUSTANDO PERMISSÕES#######################
${CHMOD} 666 ${PATH_BIND}/dev/null ${PATH_BIND}/dev/random
${CHOWN} -R bind:bind ${PATH_BIND}/var/*
${MV} /etc/bind ${PATH_BIND}/etc
${LN} -s ${PATH_BIND}/etc/bind /etc/bind
${CHOWN} -R bind:bind ${PATH_BIND}/etc/bind
######################AJUSTANDO O ARQUIVO /etc/default/bind9############
${CAT} <<EOF > /etc/default/bind9
#/etc/default/bind9
RESOLVCONF=yes
# startup options for the server
#OPTIONS="-u bind"
OPTIONS="-u bind -t ${PATH_BIND}"
EOF
##############################################################
######################AJUSTANDO O ARQUIVO /etc/resolv.conf#############
${CAT} <<EOF > /etc/resolv.conf
domain ${DOMAIN}
nameserver 127.0.0.1
EOF
##############################################################
######################EXTRAINDO O ENDEREÇO REVERSO DO NS1###########
REV3=$(echo ${NS1_IP} | cut -d '.' -f 3)
REV2=$(echo ${NS1_IP} | cut -d '.' -f 2)
REV1=$(echo ${NS1_IP} | cut -d '.' -f 1)
IP_REVERSE=${REV3}.${REV2}.${REV1}
######################AJUSTANDO O ARQUIVO /etc/bind/named.conf.options#####
${MV} ${PATH_BIND}/etc/bind/named.conf.options ${PATH_BIND}/etc/bind/named.conf.options.orig
${CAT} <<EOF > ${PATH_BIND}/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
listen-on { 127.0.0.1/32; ${NETWORK_RANGE}; };
allow-query { any; };
allow-recursion { 127.0.0.1/32; };
allow-transfer { none; };
version "Nao disponível";
};
EOF
###############################################################
#######################AJUSTANDO O ARQUIVO /etc/bind/named.conf.local#######
${MV} ${PATH_BIND}/etc/bind/named.conf ${PATH_BIND}/etc/bind/named.conf.orig
${CAT} <<EOF > ${PATH_BIND}/etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "${DOMAIN}" {
type master;
file "db.${DOMAIN}";
allow-transfer { ${NS2_IP}; };
};
zone "${IP_REVERSE}.in-addr.arpa" {
type master;
file "db.${IP_REVERSE}";
allow-transfer { ${NS2_IP}; };
};
include "/etc/bind/named.conf.local";
EOF
#################################################################
###############AJUSTANDO O ARQUIVO /var/lib/named/var/cache/bind/db.dominio.com.br##
${CAT} <<EOF > ${PATH_BIND}/var/cache/bind/db.${DOMAIN}
`echo '$TTL 86400'`
@ IN SOA dns.${DOMAIN}. root.dns.${DOMAIN}. (
`date +%Y%m%d`01 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
3600 ) ; Minimum
;
@ IN NS ${DOMAIN}.
@ IN NS ns1.${DOMAIN}.
@ IN NS ns2.${DOMAIN}.
@ IN MX 0 mail.${DOMAIN}.
;NAME SERVERS
@ IN A ${NS1_IP}
ns1 IN A ${NS1_IP}
ns2 IN A ${NS2_IP}
dns IN A ${NS1_IP}
;MAIL SERVERS
mail IN A ${MX_IP}
imap IN CNAME mail
pop IN CNAME mail
smtp IN CNAME mail
webmail IN CNAME mail
;WEB SERVERS
adm IN A ${WWW_IP}
www IN A ${WWW_IP}
ftp IN CNAME www
dbadmin IN CNAME www
mailadmin IN CNAME www
EOF
#####################################################################
#####################RETIRANDO OS ENDEREÇOS FINAIS PARA O ARQUIVO REVERSO######
REV_NS1=$(echo ${NS1_IP} | cut -d '.' -f 4)
REV_NS2=$(echo ${NS2_IP} | cut -d '.' -f 4)
REV_MX=$(echo ${MX_IP} | cut -d '.' -f 4)
REV_WWW=$(echo ${WWW_IP} | cut -d '.' -f 4)
#####################################################################
##########AJUSTANDO O ARQUIVO /var/lib/named/var/cache/bind/db.10.10.10###############
${CAT} <<EOF > ${PATH_BIND}/var/cache/bind/db.${IP_REVERSE}
`echo '$TTL 86400'`
@ IN SOA dns.${DOMAIN}. root.dns.${DOMAIN}. (
`date +%Y%m%d`01 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
3600 ) ; Minimum
;
@ IN NS ${DOMAIN}.
@ IN NS ns1.${DOMAIN}.
@ IN NS ns2.${DOMAIN}.
@ IN MX 0 mail.${DOMAIN}.
;NAME SERVERS
${REV_NS1} IN PTR ${DOMAIN}.
${REV_NS1} IN PTR ns1.${DOMAIN}.
${REV_NS2} IN PTR ns2.${DOMAIN}.
${REV_NS1} IN PTR dns.${DOMAIN}.
;MAIL SERVERS
${REV_MX} IN PTR mail.${DOMAIN}.
;WEB SERVERS
${REV_WWW} IN PTR adm.${DOMAIN}.
${REV_WWW} IN PTR www.${DOMAIN}.
EOF
####################################################################
#########################INICIANDO OS SERVIÇOS##########################
/etc/init.d/bind9 start
#/etc/init.d/bind9 start
####################################################################
###########################MENSAGEM DE FINALIZAÇÃO######################
echo
echo "INSTALAÇÃO FINALIZADA"
echo "Faca os ajustes necessários e reinicie o serviço *bind9*"
echo "Os Logs serão gerados no arquivo /var/log/syslog "
echo
####################################################################
exit 0
Após preparado o script, basta dar permissão de execução para ele e segui-lo.
Páginas do artigo
1. Sobre os serviços instalados2. Instalação dos serviços
3. Configuração, explicação, chroot e testes no dns
4. Script para automação da instalação
5. Configuração, explicação e teste do servidor DHCP
Outros artigos deste autor
Instalando EpiInfo 6.0.4d no Slackware 10.2
Como prevenir o Buffer Overflow
Leitura recomendada
Monitoramento utilizando Centreon 2.4.5 + Nagios 3.5.1 + CentOS 6.5
Implementando servidor web Java com Tomcat no Linux
Importando extratos do Banco do Brasil para o Kmymoney (gerenciador de finanças pessoais)
Instalação do Debian 3.1r2 Sarge como servidor
Dia: O Editor de diagrama (Microsoft Visio) para Linux
Comentários
[1] Comentário enviado por manoserpa em 16/02/2011 - 08:38h
Opa!
Estava pesquisando sobre isso ontem e hoje de manhã vi esse link no Twitter.
Valeu.
Opa!
Estava pesquisando sobre isso ontem e hoje de manhã vi esse link no Twitter.
Valeu.
Patrocínio
Site hospedado pelo provedor RedeHost.
Destaques
Artigos
IA Turbina o Desktop Linux enquanto distros renovam forças
Como extrair chaves TOTP 2FA a partir de QRCODE (Google Authenticator)
Linux em 2025: Segurança prática para o usuário
Desktop Linux em alta: novos apps, distros e privacidade marcam o sábado
IA chega ao desktop e impulsiona produtividade no mundo Linux
Dicas
Atualizando o Fedora 42 para 43
Como saber se o seu e-mail já teve a senha vazada?
Como descobrir se a sua senha já foi vazada na internet?
Tópicos
Top 10 do mês
-
Xerxes
1° lugar - 106.685 pts -
Fábio Berbert de Paula
2° lugar - 83.207 pts -
Alberto Federman Neto.
3° lugar - 25.933 pts -
Mauricio Ferrari
4° lugar - 23.538 pts -
edps
5° lugar - 23.081 pts -
Alessandro de Oliveira Faria (A.K.A. CABELO)
6° lugar - 22.707 pts -
Buckminster
7° lugar - 21.935 pts -
Andre (pinduvoz)
8° lugar - 19.408 pts -
Daniel Lara Souza
9° lugar - 19.232 pts -
Juliao Junior
10° lugar - 15.896 pts
Scripts
A maior comunidade GNU/Linux da América Latina! Artigos, dicas, tutoriais, fórum, scripts e muito mais. Ideal para quem busca auto-ajuda.
Site hospedado por:
