« NTP クライアントの設定 / CentOS 6.5 (64-bit) | トップページ | NTP サーバーの設定 / CentOS 6.5 (64-bit) »

内部 DNS の構築 / CentOS 6.5 (64-bit)

内部(LAN 内の)DNS サーバーを構築する。



【インストール】

■ インターネット経由でインストール

[root@sv1 ~]# yum -y install bind
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.fairway.ne.jp
 * extras: mirror.fairway.ne.jp
 * updates: mirror.fairway.ne.jp
base                                                                    | 3.7 kB     00:00
extras                                                                  | 3.4 kB     00:00
updates                                                                 | 3.4 kB     00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
--> Processing Dependency: bind-libs = 32:9.8.2-0.17.rc1.el6_4.6 for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: portreserve for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: liblwres.so.80()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libisccfg.so.82()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libisccc.so.80()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libisc.so.83()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libdns.so.81()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libbind9.so.80()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Running transaction check
---> Package bind-libs.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
---> Package portreserve.x86_64 0:0.0.4-9.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package              Arch            Version                              Repository     Size
===============================================================================================
Installing:
 bind                 x86_64          32:9.8.2-0.17.rc1.el6_4.6            base          4.0 M
Installing for dependencies:
 bind-libs            x86_64          32:9.8.2-0.17.rc1.el6_4.6            base          878 k
 portreserve          x86_64          0.0.4-9.el6                          base           23 k

Transaction Summary
===============================================================================================
Install       3 Package(s)

Total download size: 4.9 M
Installed size: 9.5 M
Downloading Packages:
(1/3): bind-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm                           | 4.0 MB     00:14
(2/3): bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm                      | 878 kB     00:04
(3/3): portreserve-0.0.4-9.el6.x86_64.rpm                               |  23 kB     00:00
-----------------------------------------------------------------------------------------------
Total                                                          252 kB/s | 4.9 MB     00:19
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : portreserve-0.0.4-9.el6.x86_64                                              1/3
  Installing : 32:bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64                                  2/3
  Installing : 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64                                       3/3
  Verifying  : 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64                                       1/3
  Verifying  : 32:bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64                                  2/3
  Verifying  : portreserve-0.0.4-9.el6.x86_64                                              3/3

Installed:
  bind.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Dependency Installed:
  bind-libs.x86_64 32:9.8.2-0.17.rc1.el6_4.6          portreserve.x86_64 0:0.0.4-9.el6

Complete!
[root@sv1 ~]# yum -y install bind-chroot
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.fairway.ne.jp
 * extras: mirror.fairway.ne.jp
 * updates: mirror.fairway.ne.jp
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind-chroot.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package              Arch            Version                              Repository     Size
===============================================================================================
Installing:
 bind-chroot          x86_64          32:9.8.2-0.17.rc1.el6_4.6            base           71 k

Transaction Summary
===============================================================================================
Install       1 Package(s)

Total download size: 71 k
Installed size: 0
Downloading Packages:
bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm                           |  71 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : 32:bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64                                1/1
  Verifying  : 32:bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64                                1/1

Installed:
  bind-chroot.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Complete!
[root@sv1 ~]# yum -y install bind-utils
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.fairway.ne.jp
 * extras: mirror.fairway.ne.jp
 * updates: mirror.fairway.ne.jp
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind-utils.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package             Arch            Version                               Repository     Size
===============================================================================================
Installing:
 bind-utils          x86_64          32:9.8.2-0.17.rc1.el6_4.6             base          182 k

Transaction Summary
===============================================================================================
Install       1 Package(s)

Total download size: 182 k
Installed size: 438 k
Downloading Packages:
bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm                            | 182 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : 32:bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64                                 1/1
  Verifying  : 32:bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64                                 1/1

Installed:
  bind-utils.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Complete!
[root@sv1 ~]#


■ インストール DVD(ISO イメージファイル)からインストール(※事前にこの処理をする必要あり)

[root@sv1 ~]# mount /dev/cdrom /mnt
mount: block device /dev/sr0 is write-protected, mounting read-only
[root@sv1 ~]# yum --disablerepo=\* --enablerepo=centos-dvd -y install bind
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
centos-dvd                                                              | 4.0 kB     00:00 ...
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
--> Processing Dependency: bind-libs = 32:9.8.2-0.17.rc1.el6_4.6 for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: portreserve for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: liblwres.so.80()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libisccfg.so.82()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libisccc.so.80()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libisc.so.83()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libdns.so.81()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Processing Dependency: libbind9.so.80()(64bit) for package: 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64
--> Running transaction check
---> Package bind-libs.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
---> Package portreserve.x86_64 0:0.0.4-9.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package             Arch           Version                           Repository          Size
===============================================================================================
Installing:
 bind                x86_64         32:9.8.2-0.17.rc1.el6_4.6         centos-dvd         4.0 M
Installing for dependencies:
 bind-libs           x86_64         32:9.8.2-0.17.rc1.el6_4.6         centos-dvd         878 k
 portreserve         x86_64         0.0.4-9.el6                       centos-dvd          23 k

Transaction Summary
===============================================================================================
Install       3 Package(s)

Total download size: 4.9 M
Installed size: 9.5 M
Downloading Packages:
-----------------------------------------------------------------------------------------------
Total                                                           22 MB/s | 4.9 MB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : portreserve-0.0.4-9.el6.x86_64                                              1/3
  Installing : 32:bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64                                  2/3
  Installing : 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64                                       3/3
  Verifying  : 32:bind-9.8.2-0.17.rc1.el6_4.6.x86_64                                       1/3
  Verifying  : 32:bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64                                  2/3
  Verifying  : portreserve-0.0.4-9.el6.x86_64                                              3/3

Installed:
  bind.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Dependency Installed:
  bind-libs.x86_64 32:9.8.2-0.17.rc1.el6_4.6          portreserve.x86_64 0:0.0.4-9.el6

Complete!
[root@sv1 ~]# yum --disablerepo=\* --enablerepo=centos-dvd -y install bind-chroot
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind-chroot.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package             Arch           Version                           Repository          Size
===============================================================================================
Installing:
 bind-chroot         x86_64         32:9.8.2-0.17.rc1.el6_4.6         centos-dvd          71 k

Transaction Summary
===============================================================================================
Install       1 Package(s)

Total download size: 71 k
Installed size: 0
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : 32:bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64                                1/1
  Verifying  : 32:bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64                                1/1

Installed:
  bind-chroot.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Complete!
[root@sv1 ~]# yum --disablerepo=\* --enablerepo=centos-dvd -y install bind-utils
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package bind-utils.x86_64 32:9.8.2-0.17.rc1.el6_4.6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package            Arch           Version                            Repository          Size
===============================================================================================
Installing:
 bind-utils         x86_64         32:9.8.2-0.17.rc1.el6_4.6          centos-dvd         182 k

Transaction Summary
===============================================================================================
Install       1 Package(s)

Total download size: 182 k
Installed size: 438 k
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : 32:bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64                                 1/1
  Verifying  : 32:bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64                                 1/1

Installed:
  bind-utils.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Complete!
[root@sv1 ~]# umount /mnt
[root@sv1 ~]# 




【関係するファイル】

■ /var/named/chroot/etc/named.conf(青太字:説明)

acl "AclInternal" {                アクセスリスト
        127.0.0.1;                    ループバックアドレス
        192.168.154.0/24;             アクセスを許可するネットワーク
};

options {
        directory "/var/named";    ファイルの起点となるディレクトリ
        allow-query{               名前解決の問い合わせを受け付けるネットワーク/サーバー
                    AclInternal;
        };
        allow-recursion{           キャッシュサーバーとしての使用を許可するネットワーク/サーバー
                    AclInternal;
        };
        allow-transfer{            ゾーン情報の転送元として許可するネットワーク/サーバー
                    none;
        };
        forwarders{                自分自身が名前解決ができない時に参照するサーバー
                    8.8.8.8;
        };
};

controls {                         rndc キーの設定
        inet 127.0.0.1 allow { localhost; }
        keys { rndckey; };
};

include "/etc/rndc.key";

logging {
        category lame-servers { null; };
                                   DNS解決の際にほかのサーバで見つけた設定ミス(lame)を記録しない
};

zone "." IN {                      . ゾーン
        type hint;
        file "named.ca";
};

zone "localhost" IN {              localhost ゾーン(正引き)
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {   127.0.0.* ゾーン(逆引き)
        type master;
        file "0.0.127.in-addr.arpa.zone";
        allow-update { none; };
};

zone "exam.local" IN {             正引きゾーン(ドメイン名 → IP アドレス)
        type master;
        file "exam.local.zone";
        allow-update { none; };
};

zone "154.168.192.in-addr.arpa" IN {   逆引きゾーン( IP アドレス → ドメイン名)
        type master;
        file "154.168.192.in-addr.arpa.zone";
        allow-update { none; };
};


■ /var/named/chroot/var/named/localhost.zone

$TTL    86400
@       IN      SOA     sv1.exam.local.   examuser.exam.local.   (
                                      2013123101 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS        sv1.exam.local.
localhost.    IN      A         127.0.0.1


■ /var/named/chroot/var/named/0.0.127.in-addr.arpa.zone

$TTL    86400
@       IN      SOA     sv1.exam.local.  examuser.exam.local.   (
                                      2013123101 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS        sv1.exam.local.
1             IN      PTR       localhost.


■ /var/named/chroot/var/named/exam.local.zone

$TTL    86400
@        IN     SOA     sv1.exam.local.   examuser.exam.local.(
                                      2013123101 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS        sv1.exam.local.
              IN      MX 10     sv1.exam.local.
@             IN      A         192.168.154.11
sv1           IN      A         192.168.154.11
ntp           IN      A         192.168.154.16


■ /var/named/chroot/var/named/154.168.192.in-addr.arpa.zone

$TTL    86400
@       IN      SOA     sv1.exam.local.   examuser.exam.local.(
                                      2013123101 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS    sv1.exam.local.
11            IN      PTR   sv1.exam.local.
16            IN      PTR   ntp.exam.local.


■ /etc/sysconfig/named : BIND の動作を IPv4 に限定

ROOTDIR=/var/named/chroot
OPTIONS="-4"


■ /etc/resolv.conf : nameserver を自サーバー(127.0.0.1)に変更

search exam.local
nameserver 127.0.0.1


■ /etc/sysconfig/network-scripts/ifcfg-eth0 : DNS1 を自サーバー(127.0.0.1)に変更

DEVICE=eth0
TYPE=Ethernet
UUID=e4ef067c-92e2-49c8-b8ee-b0dc970ebc8a
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
HWADDR=00:0C:29:FC:2C:9A
IPADDR=192.168.154.11
PREFIX=24
GATEWAY=192.168.154.2
DNS1=127.0.0.1
DOMAIN=exam.local
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"


■ /etc/sysconfig/iptables : DNS 用のポートの解放

:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT




【オペレーション】

■ /var/named/chroot/var/named/named.ca の作成

[root@sv1 ~]# dig @a.root-servers.net . ns > /var/named/chroot/var/named/named.ca
[root@sv1 ~]#


■ /etc/rndc.ky の作成

[root@sv1 ~]# rndc-confgen -a -b 512 -k rndckey
wrote key file "/etc/rndc.key"
[root@sv1 ~]# chgrp named /etc/rndc.key
[root@sv1 ~]# chmod 644 /etc/rndc.key
[root@sv1 ~]#


■ 各ゾーンファイルおよび named.conf の構文確認

[root@sv1 ~]# named-checkzone localhost /var/named/chroot/var/named/localhost.zone
zone localhost/IN: loaded serial 2013123101
OK
[root@sv1 ~]# named-checkzone 0.0.127.in-addr.arpa /var/named/chroot/var/named/0.0.127.in-addr.arpa.zone
zone 0.0.127.in-addr.arpa/IN: loaded serial 2013123101
OK
[root@sv1 ~]# named-checkzone exam.local /var/named/chroot/var/named/exam.local.zone
zone exam.local/IN: loaded serial 2013123101
OK
[root@sv1 ~]# named-checkzone 154.168.192.in-addr.arpa /var/named/chroot/var/named/154.168.192.in-addr.arpa
.zone
zone 154.168.192.in-addr.arpa/IN: loaded serial 2013123101
OK
[root@sv1 ~]# named-checkconf /var/named/chroot/etc/named.conf
[root@sv1 ~]#


■ 起動時に named の自動開始の有効化

[root@sv1 ~]# chkconfig named on
[root@sv1 ~]#


■ 起動時に ntpd を自動起動を無効化

[root@sv1 ~]# chkconfig named off
[root@sv1 ~]#


■ ランレベル毎の起動状況確認(自動起動:有効)

[root@sv1 ~]# chkconfig --list named
named           0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@sv1 ~]#


■ ランレベル毎の起動状況確認(自動起動:無効)

[root@sv1 ~]# chkconfig --list named
named           0:off   1:off   2:off   3:off   4:off   5:off   6:off
[root@sv1 ~]#


■ named サービスの開始(起動)

[root@sv1 ~]# service named start
Starting named:                                            [  OK  ]
[root@sv1 ~]#


■ named サービスの終了(停止)

[root@sv1 ~]# service named stop
Stopping named:                                            [  OK  ]
[root@sv1 ~]#


■ named サービスの再起動

[root@sv1 ~]# service named restart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]
[root@sv1 ~]#


■ 起動状態の確認(起動済み)

[root@sv1 ~]# rndc status
version: 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6
CPUs found: 1
worker threads: 1
number of zones: 20
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
[root@sv1 ~]#


■ 起動状態の確認(未起動)

[root@sv1 ~]# rndc status
rndc: connect failed: 127.0.0.1#953: connection refused
[root@sv1 ~]#


■ iptables サービスの再起動

[root@sv1 ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
[root@sv1 ~]#




【確認】

■ 自サーバーで確認 #1

[root@sv1 ~]# dig @127.0.0.1 sv1.exam.local +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @127.0.0.1 sv1.exam.local +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6991
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sv1.exam.local.                        IN      A

;; ANSWER SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; AUTHORITY SECTION:
exam.local.             86400   IN      NS      sv1.exam.local.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 23:10:04 2013
;; MSG SIZE  rcvd: 62

[root@sv1 ~]# dig @127.0.0.1 ntp.exam.local +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @127.0.0.1 ntp.exam.local +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5744
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ntp.exam.local.                        IN      A

;; ANSWER SECTION:
ntp.exam.local.         86400   IN      A       192.168.154.16

;; AUTHORITY SECTION:
exam.local.             86400   IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 23:10:25 2013
;; MSG SIZE  rcvd: 82

[root@sv1 ~]# dig @127.0.0.1 -x 192.168.154.11 +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @127.0.0.1 -x 192.168.154.11 +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5560
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;11.154.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
11.154.168.192.in-addr.arpa. 86400 IN   PTR     sv1.exam.local.

;; AUTHORITY SECTION:
154.168.192.in-addr.arpa. 86400 IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 23:10:46 2013
;; MSG SIZE  rcvd: 103

[root@sv1 ~]# dig @127.0.0.1 -x 192.168.154.16 +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @127.0.0.1 -x 192.168.154.16 +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11865
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;16.154.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
16.154.168.192.in-addr.arpa. 86400 IN   PTR     ntp.exam.local.

;; AUTHORITY SECTION:
154.168.192.in-addr.arpa. 86400 IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 23:11:12 2013
;; MSG SIZE  rcvd: 107

[root@sv1 ~]#


■ 自サーバーで確認 #2

[root@sv1 ~]# dig @192.168.154.11 sv1.exam.local +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 sv1.exam.local +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26394
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sv1.exam.local.                        IN      A

;; ANSWER SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; AUTHORITY SECTION:
exam.local.             86400   IN      NS      sv1.exam.local.

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:11:42 2013
;; MSG SIZE  rcvd: 62

[root@sv1 ~]# dig @192.168.154.11 ntp.exam.local +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 ntp.exam.local +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43713
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ntp.exam.local.                        IN      A

;; ANSWER SECTION:
ntp.exam.local.         86400   IN      A       192.168.154.16

;; AUTHORITY SECTION:
exam.local.             86400   IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:12:00 2013
;; MSG SIZE  rcvd: 82

[root@sv1 ~]# dig @192.168.154.11 -x 192.168.154.11 +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 -x 192.168.154.11 +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38158
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;11.154.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
11.154.168.192.in-addr.arpa. 86400 IN   PTR     sv1.exam.local.

;; AUTHORITY SECTION:
154.168.192.in-addr.arpa. 86400 IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:13:03 2013
;; MSG SIZE  rcvd: 103

[root@sv1 ~]# dig @192.168.154.11 -x 192.168.154.16 +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 -x 192.168.154.16 +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40962
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;16.154.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
16.154.168.192.in-addr.arpa. 86400 IN   PTR     ntp.exam.local.

;; AUTHORITY SECTION:
154.168.192.in-addr.arpa. 86400 IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:13:21 2013
;; MSG SIZE  rcvd: 107

[root@sv1 ~]# 


■ 自サーバーで確認 #3

[root@sv1 ~]# dig @127.0.0.1 jprs.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @127.0.0.1 jprs.jp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9618
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 4

;; QUESTION SECTION:
;jprs.jp.                       IN      A

;; ANSWER SECTION:
jprs.jp.                14933   IN      A       202.11.16.167

;; AUTHORITY SECTION:
.                       5449    IN      NS      a.root-servers.net.
.                       5449    IN      NS      h.root-servers.net.
.                       5449    IN      NS      f.root-servers.net.
.                       5449    IN      NS      j.root-servers.net.
.                       5449    IN      NS      i.root-servers.net.
.                       5449    IN      NS      m.root-servers.net.
.                       5449    IN      NS      k.root-servers.net.
.                       5449    IN      NS      d.root-servers.net.
.                       5449    IN      NS      c.root-servers.net.
.                       5449    IN      NS      l.root-servers.net.
.                       5449    IN      NS      g.root-servers.net.
.                       5449    IN      NS      e.root-servers.net.
.                       5449    IN      NS      b.root-servers.net.

;; ADDITIONAL SECTION:
m.root-servers.net.     9982    IN      A       202.12.27.33
l.root-servers.net.     19383   IN      A       199.7.83.42
b.root-servers.net.     4290    IN      A       192.228.79.201
d.root-servers.net.     9164    IN      A       199.7.91.13

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 22:03:36 2013
;; MSG SIZE  rcvd: 316

[root@sv1 ~]# dig @127.0.0.1 -x 202.11.16.167

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @127.0.0.1 -x 202.11.16.167
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23164
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 4

;; QUESTION SECTION:
;167.16.11.202.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
167.16.11.202.in-addr.arpa. 21455 IN    PTR     jprs.jp.

;; AUTHORITY SECTION:
.                       5439    IN      NS      f.root-servers.net.
.                       5439    IN      NS      d.root-servers.net.
.                       5439    IN      NS      l.root-servers.net.
.                       5439    IN      NS      j.root-servers.net.
.                       5439    IN      NS      g.root-servers.net.
.                       5439    IN      NS      e.root-servers.net.
.                       5439    IN      NS      c.root-servers.net.
.                       5439    IN      NS      m.root-servers.net.
.                       5439    IN      NS      k.root-servers.net.
.                       5439    IN      NS      i.root-servers.net.
.                       5439    IN      NS      b.root-servers.net.
.                       5439    IN      NS      a.root-servers.net.
.                       5439    IN      NS      h.root-servers.net.

;; ADDITIONAL SECTION:
m.root-servers.net.     9972    IN      A       202.12.27.33
l.root-servers.net.     19373   IN      A       199.7.83.42
b.root-servers.net.     4280    IN      A       192.228.79.201
d.root-servers.net.     9154    IN      A       199.7.91.13

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 22:03:46 2013
;; MSG SIZE  rcvd: 340

[root@sv1 ~]# dig @192.168.154.11 jprs.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 jprs.jp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17048
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 4

;; QUESTION SECTION:
;jprs.jp.                       IN      A

;; ANSWER SECTION:
jprs.jp.                14904   IN      A       202.11.16.167

;; AUTHORITY SECTION:
.                       5420    IN      NS      a.root-servers.net.
.                       5420    IN      NS      h.root-servers.net.
.                       5420    IN      NS      i.root-servers.net.
.                       5420    IN      NS      b.root-servers.net.
.                       5420    IN      NS      l.root-servers.net.
.                       5420    IN      NS      d.root-servers.net.
.                       5420    IN      NS      m.root-servers.net.
.                       5420    IN      NS      k.root-servers.net.
.                       5420    IN      NS      f.root-servers.net.
.                       5420    IN      NS      j.root-servers.net.
.                       5420    IN      NS      c.root-servers.net.
.                       5420    IN      NS      e.root-servers.net.
.                       5420    IN      NS      g.root-servers.net.

;; ADDITIONAL SECTION:
m.root-servers.net.     9953    IN      A       202.12.27.33
l.root-servers.net.     19354   IN      A       199.7.83.42
b.root-servers.net.     4261    IN      A       192.228.79.201
d.root-servers.net.     9135    IN      A       199.7.91.13

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 22:04:05 2013
;; MSG SIZE  rcvd: 316

[root@sv1 ~]# dig @192.168.154.11 -x 202.11.16.167

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 -x 202.11.16.167
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27546
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 4

;; QUESTION SECTION:
;167.16.11.202.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
167.16.11.202.in-addr.arpa. 21428 IN    PTR     jprs.jp.

;; AUTHORITY SECTION:
.                       5412    IN      NS      c.root-servers.net.
.                       5412    IN      NS      a.root-servers.net.
.                       5412    IN      NS      b.root-servers.net.
.                       5412    IN      NS      g.root-servers.net.
.                       5412    IN      NS      e.root-servers.net.
.                       5412    IN      NS      j.root-servers.net.
.                       5412    IN      NS      k.root-servers.net.
.                       5412    IN      NS      l.root-servers.net.
.                       5412    IN      NS      f.root-servers.net.
.                       5412    IN      NS      d.root-servers.net.
.                       5412    IN      NS      h.root-servers.net.
.                       5412    IN      NS      m.root-servers.net.
.                       5412    IN      NS      i.root-servers.net.

;; ADDITIONAL SECTION:
m.root-servers.net.     9945    IN      A       202.12.27.33
l.root-servers.net.     19346   IN      A       199.7.83.42
b.root-servers.net.     4253    IN      A       192.228.79.201
d.root-servers.net.     9127    IN      A       199.7.91.13

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 22:04:13 2013
;; MSG SIZE  rcvd: 340

[root@sv1 ~]#


■ 他サーバーで確認 #1 : DNS サーバー 192.168.154.11

[workuser@vm001 ~]$ dig @192.168.154.11 sv1.exam.local +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 sv1.exam.local +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18877
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sv1.exam.local.                        IN      A

;; ANSWER SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; AUTHORITY SECTION:
exam.local.             86400   IN      NS      sv1.exam.local.

;; Query time: 1 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:14:08 2013
;; MSG SIZE  rcvd: 62

[workuser@vm001 ~]$ dig @192.168.154.11 ntp.exam.local +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 ntp.exam.local +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29334
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ntp.exam.local.                        IN      A

;; ANSWER SECTION:
ntp.exam.local.         86400   IN      A       192.168.154.16

;; AUTHORITY SECTION:
exam.local.             86400   IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:14:24 2013
;; MSG SIZE  rcvd: 82

[workuser@vm001 ~]$ dig @192.168.154.11 -x 192.168.154.11 +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 -x 192.168.154.11 +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42359
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;11.154.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
11.154.168.192.in-addr.arpa. 86400 IN   PTR     sv1.exam.local.

;; AUTHORITY SECTION:
154.168.192.in-addr.arpa. 86400 IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:14:57 2013
;; MSG SIZE  rcvd: 103

[workuser@vm001 ~]$ dig @192.168.154.11 -x 192.168.154.16 +norec

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 -x 192.168.154.16 +norec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26555
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;16.154.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
16.154.168.192.in-addr.arpa. 86400 IN   PTR     ntp.exam.local.

;; AUTHORITY SECTION:
154.168.192.in-addr.arpa. 86400 IN      NS      sv1.exam.local.

;; ADDITIONAL SECTION:
sv1.exam.local.         86400   IN      A       192.168.154.11

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 23:15:15 2013
;; MSG SIZE  rcvd: 107

[workuser@vm001 ~]$


■ 他サーバーで確認 #2 : DNS サーバー 192.168.154.11

[root@sv1 ~]# dig @192.168.154.11 jprs.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 jprs.jp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20067
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 4

;; QUESTION SECTION:
;jprs.jp.                       IN      A

;; ANSWER SECTION:
jprs.jp.                14747   IN      A       202.11.16.167

;; AUTHORITY SECTION:
.                       5263    IN      NS      b.root-servers.net.
.                       5263    IN      NS      g.root-servers.net.
.                       5263    IN      NS      m.root-servers.net.
.                       5263    IN      NS      j.root-servers.net.
.                       5263    IN      NS      f.root-servers.net.
.                       5263    IN      NS      l.root-servers.net.
.                       5263    IN      NS      a.root-servers.net.
.                       5263    IN      NS      e.root-servers.net.
.                       5263    IN      NS      k.root-servers.net.
.                       5263    IN      NS      d.root-servers.net.
.                       5263    IN      NS      i.root-servers.net.
.                       5263    IN      NS      c.root-servers.net.
.                       5263    IN      NS      h.root-servers.net.

;; ADDITIONAL SECTION:
m.root-servers.net.     9796    IN      A       202.12.27.33
l.root-servers.net.     19197   IN      A       199.7.83.42
b.root-servers.net.     4104    IN      A       192.228.79.201
d.root-servers.net.     8978    IN      A       199.7.91.13

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 22:06:42 2013
;; MSG SIZE  rcvd: 316

[root@sv1 ~]# dig @192.168.154.11 -x 202.11.16.167

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.154.11 -x 202.11.16.167
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50708
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 4

;; QUESTION SECTION:
;167.16.11.202.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
167.16.11.202.in-addr.arpa. 21270 IN    PTR     jprs.jp.

;; AUTHORITY SECTION:
.                       5254    IN      NS      g.root-servers.net.
.                       5254    IN      NS      d.root-servers.net.
.                       5254    IN      NS      e.root-servers.net.
.                       5254    IN      NS      f.root-servers.net.
.                       5254    IN      NS      m.root-servers.net.
.                       5254    IN      NS      c.root-servers.net.
.                       5254    IN      NS      a.root-servers.net.
.                       5254    IN      NS      b.root-servers.net.
.                       5254    IN      NS      k.root-servers.net.
.                       5254    IN      NS      h.root-servers.net.
.                       5254    IN      NS      l.root-servers.net.
.                       5254    IN      NS      i.root-servers.net.
.                       5254    IN      NS      j.root-servers.net.

;; ADDITIONAL SECTION:
m.root-servers.net.     9787    IN      A       202.12.27.33
l.root-servers.net.     19188   IN      A       199.7.83.42
b.root-servers.net.     4095    IN      A       192.228.79.201
d.root-servers.net.     8969    IN      A       199.7.91.13

;; Query time: 0 msec
;; SERVER: 192.168.154.11#53(192.168.154.11)
;; WHEN: Tue Dec 31 22:06:51 2013
;; MSG SIZE  rcvd: 340

[root@sv1 ~]#


■ Windows クライアントで確認 : DNS サーバー 192.168.154.11


C:\home>nslookup sv1.exam.local
サーバー:  sv1.exam.local
Address:  192.168.154.11

名前:    sv1.exam.local
Address:  192.168.154.11


C:\home>nslookup ntp.exam.local
サーバー:  sv1.exam.local
Address:  192.168.154.11

名前:    ntp.exam.local
Address:  192.168.154.16


C:\home>nslookup jprs.jp
サーバー:  sv1.exam.local
Address:  192.168.154.11

権限のない回答:
名前:    jprs.jp
Addresses:  2001:df0:8:7::80
      202.11.16.167


C:\home>nslookup 192.168.154.11
サーバー:  sv1.exam.local
Address:  192.168.154.11

名前:    sv1.exam.local
Address:  192.168.154.11


C:\home>nslookup 192.168.154.16
サーバー:  sv1.exam.local
Address:  192.168.154.11

名前:    ntp.exam.local
Address:  192.168.154.16


C:\home>nslookup 202.11.16.167
サーバー:  sv1.exam.local
Address:  192.168.154.11

名前:    jprs.jp
Address:  202.11.16.167


C:\home>


« NTP クライアントの設定 / CentOS 6.5 (64-bit) | トップページ | NTP サーバーの設定 / CentOS 6.5 (64-bit) »

Linux」カテゴリの記事