ane ikutin sesuai instruksi persis, tapi ketika ane test DNS laptop ane ganti lewat maraDNS, gak resolve gan. gagal.
gak bisa browsing, nslookup timeout, gak bisa ping google.com
feeling ane, ane salah buat zone (record-record) nya. tapi ane gk tau juga. ane awam di linux dan bikin DNS server.
tapi ane coba buat di Windows Server 2012, nyalain fitur DNS nya. karena GUI ya klik2 aja, tau2 udah jadi semua. tinggal buat record PTR/A/SRV yang ane butuhin. selesai. jalan. bisa dipake.
mungkin agan2 disini bisa bantu saya koreksi configurasi nya salah dimana, berikut ane lampirkan.
Spoiler for centOS network info ::
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens160
# Example mararc file.
# This only shows a subset of MaraDNS' features needed to be an
# authoritative and recursive name server. Look at
# detailed/example_full_mararc for an example showing most of
# the features that MaraDNS has.
# Note that this example mararc file will not actually do anything
# without modification.
# Look in the doc/en/examples directory for a working example
# authoritative nameserver, and a working recursive nameserver.
# The various zones we support
# When running in authoritative mode, we must initialize the csv2 hash,
# or MaraDNS will be unable to load any csv2 zone files
csv2 = {}
# This is just to show the format of the file
# Note the this is commented out. Any line that starts with
# a '#' is not read by the parser. Remove the leading '#' to
# enable any line that is commented out
# The following line (commented out) tells MaraDNS to look at the
# file db.example.net to get the zone for example.net
csv2["ucgraph.com."] = "db.ucgraph.com"
# Naturally, we can have multiple zone files
#csv2["example.com."] = "db.example.com"
# The address this DNS server runs on. If you want to bind
# to multiple addresses, separate them with a comma like this:
# "10.1.2.3, 10.1.2.4, 127.0.0.1"
ipv4_bind_addresses = "127.0.0.1"
# The directory with all of the zone files
chroot_dir = "/etc/maradns"
~
"/etc/mararc" 35L, 1353C
Spoiler for dwood3rc file:
@root#vi /etc/dwood3rc
# This is an example deadwood rc file
# Note that comments are started by the hash symbol
bind_address="127.0.0.2" # IP we bind to
# The following line is disabled by being commented out
#bind_address="::1" # We have optional IPv6 support
chroot_dir = "/etc/maradns" # Directory we run program from (not used in Win32)
# The following upstream DNS servers are Google's newly-announced (as of
# December, 2009) public DNS servers. For more information, see
# the page at http://code.google.com/speed/public-dns/
#
# These IPs can be changed to the IPs of any recursive DNS servers that
# can be reached from the computer running Deadwood.
#
# These are commented out; if upstream_servers is not set, Deadwood will
# act as a recursive DNS server
#
# Please note that each upstream_servers entry takes up space in Deadwood's
# cache and that maximum_cache_elements will need to be increased to store
# a large number of these entries.
upstream_servers = {}
upstream_servers["."]="8.8.8.8, 8.8.4.4" # Servers we connect to
# It is also possible to use other root servers or to blacklist
# a phising website. However, to do this, root_servers needs to be
# defined. For example, to blacklist the domain "phish.example.com":
#root_servers = {}
# ICANN DNS root servers (Deadwood default if both root_servers and
# upstream_servers are not defined)
#root_servers["."]="198.41.0.4, 192.228.79.201, 192.33.4.12, 199.7.91.13,"
#root_servers["."]+="192.203.230.10, 192.5.5.241, 192.112.36.4, 128.63.2.53, "
#root_servers["."]+="192.36.148.17, 192.58.128.30, 193.0.14.129, 199.7.83.42, "
#root_servers["."]+="202.12.27.33"
#root_servers["phish.example.com."]="10.254.254.254"
# Please note that each root_servers entry takes up space in Deadwood's
# cache and that maximum_cache_elements will need to be increased to store
# a large number of these entries.
recursive_acl = "0.0.0.0/0" # Who is allowed to use the cache
maxprocs = 8 # Maximum number of pending requests
handle_overload = 1 # Send SERVER FAIL when overloaded
maradns_uid = 99 # UID Deadwood runs as
maradns_gid = 99 # GID Deadwood runs as
maximum_cache_elements = 60000
# If you want to read and write the cache from disk, make sure chroot_dir
# above is readable and writable by the maradns_uid/gid above, and
# uncomment the following line
cache_file = "dw_cache"
# The following line tells deadwood to fetch an expired record if it's
# impossible to connect to any nameservers
resurrections = 1
# By default, for security reasons, Deadwood does not allow IPs in the
# 192.168.x.x, 172.[16-31].x.x, 10.x.x.x, 127.x.x.x, 169.254.x.x,
# 224.x.x.x, or 0.0.x.x range. If using Deadwood to resolve names
# on an internal network, uncomment the following line:
#filter_rfc1918 = 0
Spoiler for db record file:
@root#vi /etc/maradns/db.ucgraph.com
# This is an example csv3 zone file
# First of all, csv2 zone files do not need an SOA record; however, if
# one is provided, we will make it the SOA record for our zone
# The SOA record needs to be the first record in the zone if provided
# This is a commented out record and disabled.
#% SOA % email@% 1 7200 3600 604800 1800 ~
# Second of all, csv2 zone files do not need authoritative NS records.
# If they aren't there, MaraDNS will synthesize them, based on the IP
# addresses MaraDNS is bound to. (She's pretty smart about this; if
# Mara is bound to both public and private IPs, only the public IPs will
# be synthesized as NS records)
#% NS a.% ~
#% NS b.% ~
# Here are some A (ipv4 address) records; since this is the most
# common field, the zone file format allows a compact representation
# of it.
a.example.net. 10.10.10.10 ~
# Here, you can see that a single name, "b.example.net." has multiple IPs
# This can be used as a primitive form of load balancing; MaraDNS will
# rotate the IPs so that first IP seen by a DNS client changes every time
# a query for "b.example.net." is made
#b.example.net. 10.10.10.11 ~
#b.example.net. 10.10.10.12 ~
# We can have the label in either case; it makes no difference
#Z.EXAMPLE.NET. 10.2.3.4 ~
#Y.EXAMPLE.net. 10.3.4.5 ~
# We can use the percent shortcut. When the percent shortcut is present,
# it indicates that the name in question should terminate with the name
# of the zone we are processing.
#percent.% a 10.9.8.7 ~
# And we can have star records
#*.example.net. A 10.11.12.13 ~
# We can have a ttl in a record; however the ttl needs a '+' before it:
# Note that the ttl has to be in seconds, and is before the RTYPE
#d.example.net. +86400 A 10.11.12.13 ~
#f.example.net. # As you can see, records can span multiple lines
A 10.2.19.83 ~
# This allows well-commented records, like this:
#c.example.net. # Our C class machine
+86400 # This record is stored for one day
A # A record
10.1.1.1 # Where we are
~ # End of record
# We can even have something similar to csv1 if we want...
#e.example.net.|+86400|a|10.2.3.4|~
#h.example.net.|a|10.9.8.7|~
# Here, we see we can specify the ttl but not the rtype if desired
#g.example.net.|+86400|10.11.9.8|~
# Here is a MX record
% mx 10 mail.% ~
#mail.% +86400 IN A 10.22.23.24 ~
# We even have a bit of ipv6 support
a.example.net. aaaa fd4d:6172:6144:4e53:1:2:3::4:f ~
# Not to mention support for SRV records
#_http._tcp.% srv 0 0 80 a.% ~
# TXT records, naturally
#example.net. txt 'This is some text' ~
# Starting with MaraDNS 1.2.08, there is also support for SPF records,
# which are identical to TXT records. See RFC4408 for more details.
#example.net. spf 'v=spf1 +mx a:colo.example.com/28 -all' ~
