Home > World Of ICT > Upgrade to bind-9.8.1 on FreeBSD (Again…)

Upgrade to bind-9.8.1 on FreeBSD (Again…)

“Moral Of the Story” dari note dibawah adalah, kerjakan pekerjaan sampai tuntas, jangan mudah menyerah, dimana ada niat tentunya disitu ada jalan. Bagi yang mau mencoba silakan upgradeΒ  DNS server ke versi 9.8Β  (saya coba malam ini dan berhasil selesai dalam waktu 30 Menit πŸ˜€ , trust me )

dns# cd /usr/ports/dns/bind98/
dns# make config

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚
 β”‚ β”‚[X] SSL Building without OpenSSL removes DNSSEC β”‚ β”‚
 β”‚ β”‚[X] LINKS Create conf file symlinks in /usr/local β”‚ β”‚
 β”‚ β”‚[X] XML Support for xml statistics output β”‚ β”‚
 β”‚ β”‚[ ] IDN Add IDN support to dig, host, etc. β”‚ β”‚
 β”‚ β”‚[ ] REPLACE_BASE Replace base BIND with this version β”‚ β”‚
 β”‚ β”‚[ ] LARGE_FILE 64-bit file support β”‚ β”‚
 β”‚ β”‚[ ] SIGCHASE dig/host/nslookup will do DNSSEC validation β”‚ β”‚
 β”‚ β”‚[X] IPV6 IPv6 Support (autodetected by default) β”‚ β”‚
 β”‚ β”‚[X] THREADS Compile with thread support β”‚ β”‚
 β”‚ β”‚[ ] DLZ_POSTGRESQL DLZ Postgres driver β”‚ β”‚
 β”‚ β”‚[ ] DLZ_MYSQL DLZ MySQL driver (single-threaded BIND) β”‚ β”‚
 β”‚ β”‚[ ] DLZ_BDB DLZ BDB driver β”‚ β”‚
 β”‚ β”‚[ ] DLZ_LDAP DLZ LDAP driver β”‚ β”‚
 β”‚ β”‚[ ] DLZ_FILESYSTEM DLZ filesystem driver β”‚ β”‚
 β”‚ β”‚[ ] DLZ_STUB DLZ stub driver β”‚ β”‚
 β”œβ”€β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜β”€β”€
 β”‚ [ OK ] Cancel
>

dns# make config
dns# make && make install
===> Installing for bind98-9.8.1
===> bind98-9.8.1 depends on shared library: xml2.5 – found
===> Generating temporary packing list
===> Checking if dns/bind98 already installed
dns#

dns# cd /var/named/etc/namedb/
dns# rndc-confgen

akan ada output temporary data copy ke named.conf rndc.conf dan rndc.key
dns# more /var/named/etc/namedb/named.conf

acl "unila" {2001:df0:230::/48; 127.0.0.1/32; 192.168.0.0/16; 192.168.1.0/24; 103.3.46.0/24; };
 options {
 directory "/etc/namedb";
 pid-file "/var/run/named/pid";
 version "We forward your request version to /dev/null";
 listen-on-v6 { any; };
 allow-query {"unila";};
 allow-recursion {"unila";};
 minimal-responses yes;
forwarders {
 180.131.144.144;
 180.131.145.145;
};
 query-source address * port 53;
 dump-file "s/named_dump.db";
};
logging {
 category lame-servers { null; };
 };
zone "." IN {
 type hint;
 file "named.root";
 };
zone "localhost" IN {
 type master;
 file "db.localhost";
 allow-update { none; };
 };
zone "0.0.127.in-addr.arpa" IN {
 type master;
 file "db.127.0.0";
 allow-update { none; };
 };
zone "unila.ac.id" {
 type master;
 file "/var/named/etc/namedb/db/xxx/db.unila.ac.id";
 };
# Use with the following in named.conf, adjusting the allow list as needed:
 key "rndc-key" {
 algorithm hmac-md5;
 secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ==";
 };
controls {
 inet 127.0.0.1 port 953
 allow { 127.0.0.1; } keys { "rndc-key"; };
 };

dns# more rndc.key

key "rndc-key" {
 algorithm hmac-md5;
 secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ==";
 };

dns#

dns# more rndc.conf

# Start of rndc.conf
 key "rndc-key" {
 algorithm hmac-md5;
 secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ==";
 };
options {
 default-key "rndc-key";
 default-server 127.0.0.1;
 default-port 953;
 };
 # End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
 # key "rndc-key" {
 # algorithm hmac-md5;
 # secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ==;
 # };
 #
 # controls {
 # inet 127.0.0.1 port 953
 # allow { 127.0.0.1; } keys { "rndc-key"; };
 # };
 # End of named.conf
 dns#

terakhir buat zone unila.ac.id
dns# pwd
/var/named/etc/namedb/db

 dns# more db.unila.ac.id
 $TTL 86400
 @ IN SOA dns.unila.ac.id. root.unila.ac.id. (
 201204018 ; serial
 28800
 14400
 3600000
 86400
 )
IN NS dns.unila.ac.id.
 IN MX 10 barracuda.unila.ac.id.
 IN A 192.168.1.116
;layanan unila
 ;------------------
zimbra IN A 192.168.1.25
 IN MX 500 ns1
 IN MX 400 zimbra
 barracuda IN A 172.16.1.23
 IN MX 10 barracuda
 dns IN A 192.168.1.3
 ns1 IN A 192.168.1.8
BLAH..BLAH...BLAH..BLAH

Jalankan service Bind
dns# /usr/local/named/sbin/named -u named -c /usr/local/named/etc/named.conf

Buat jadi startup

dns# more /etc/rc.local

/usr/local/sbin/named -c /var/named/etc/namedb/named.conf

dns#

Lihat di log server ada masalah gak ??

dns# tail -f /var/log/messages
 Apr 11 19:37:24 dns named[27283]: built with '--localstatedir=/var' '--disable-linux-caps' '--disable-symtable' '--with-randomdev=/dev/random' '--with-openssl=/usr' '--with-libxml2=/usr/local' '--without-idn' '--enable-ipv6' '--enable-threads' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=x86_64-portbld-freebsd8.1' 'build_alias=x86_64-portbld-freebsd8.1' 'CC=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS= -rpath=/usr/lib:/usr/local/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -fno-strict-aliasing'
 Apr 11 19:37:24 dns named[27283]: could not listen on UDP socket: address in use
 Apr 11 19:37:24 dns named[27283]: creating IPv4 interface lo0 failed; interface ignored
 Apr 11 19:37:24 dns named[27283]: not listening on any interfaces
 Apr 11 19:37:24 dns named[27283]: couldn't add command channel 127.0.0.1#953: address in use
 Apr 11 19:37:25 dns named[27283]: command channel listening on ::1#953
 Apr 11 19:37:25 dns named[27283]: could not listen on UDP socket: address in use
 Apr 11 19:37:25 dns named[27283]: creating IPv4 interface lo0 failed; interface ignored
 Apr 11 19:37:25 dns named[27283]: managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found
 Apr 11 19:37:25 dns named[27283]: running

Kalo gak ada masalah ya udah baru ditinggal, jangan maen tinggal aja kalau masih masalah

Terakhir check apakah bisa melakukan query dari luar network unila

lemlit# nslookup
 > server
 Default server: 192.168.1.3
 Address: 192.168.1.3#53
 > www.unila.ac.id
 Server: 192.168.1.3
 Address: 192.168.1.3#53
Name: www.unila.ac.id
 Address: 192.168.1.116
 > www.google.com
 Server: 192.168.1.3
 Address: 192.168.1.3#53
Non-authoritative answer:
 www.google.com canonical name = www.l.google.com.
 Name: www.l.google.com
 Address: 74.125.235.18
 Name: www.l.google.com
 Address: 74.125.235.19
 Name: www.l.google.com
 Address: 74.125.235.20
 Name: www.l.google.com
 Address: 74.125.235.16
 Name: www.l.google.com
 Address: 74.125.235.17

  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.