• info@zen.co.id

Membuat server dns menggunakan bind9 untuk reverse dns (ptr record) di Ubuntu 22.04

Disini kita akan menggunakan 2 vps sebagai server dns.

Langkah pertama pastikan di kedua server ubuntu 22.04 kita menggunakan hostname yang sudah fqdn.

Hostname IP Address FQDN Used As

ns1 103.126.26.26 ns1.net2byte.com BIND Master
ns2 103.126.26.27 ns2.net2byte.com BIND Slave

Setup FQDN di server 1 :

sudo hostnamectl set-hostname ns1.net2byte.com

Setup FQDN di server 2 :

sudo hostnamectl set-hostname ns2.net2byte.com

Edit file “/etc/hosts”

sudo nano /etc/hosts

Tambahkan konfigurasi berikut pada setiap server :

103.126.26.26 ns1.net2byte.com ns1
103.126.26.27 ns2.net2byte.com ns2

cek hostname menggunakan :

sudo hostname -f

INSTALL BIND SERVER

Sebelumnya kita updat eterlebih dahulu :

sudo apt update

Kemudian kita install BIND

sudo apt install bind9 bind9utils bind9-doc

Edit Named

sudo nano /etc/default/named

Tambahkan -4 di akhir parameter OPTIONS

OPTIONS=”-u bind -4″

Restrat Bind

sudo systemctl restart bind9

KONFIGURASI dns server Primary

Buka file “named.conf.options”

sudo nano /etc/bind/named.conf.options

tambahkan berikut

acl “trusted” {
103.126.26.26; # ns1
103.126.26.27; # ns2
103.126.26.28; # host
103.126.26.29; # mail
};

options {
directory “/var/cache/bind”;

recursion yes; # enables recursive queries
allow-recursion { trusted; }; # allows recursive queries from “trusted” clients
listen-on { 103.126.26.26; }; # ns1 private IP address – listen on private network only
allow-transfer { none; }; # disable zone transfers by default

forwarders {
8.8.8.8;
1.1.1.1;
};

Konfigurasi Local File  /etc/bind/named.conf.local

sudo nano /etc/bind/named.conf.local

tambahkan berikut

zone “net2byte.com” {
type primary;
file “/etc/bind/zones/db.net2byte.com”; # zone file path
allow-transfer { 103.126.26.27; }; # ns2 private IP address – secondary
};

zone “26.126.103.in-addr.arpa” {
type primary;
file “/etc/bind/zones/db.103.126.26”; # 103.126.26.0/24 subnet
allow-transfer { 103.126.26.27; }; # ns2 private IP address – secondary
};

Membuat Forward Zone File

sudo mkdir /etc/bind/zones

Copy db.local

sudo cp /etc/bind/db.local /etc/bind/zones/db.net2byte.com

Edit froward zone

sudo nano /etc/bind/zones/db.net2byte.com

Standar muncul seperti berikut

$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost. ; delete this line
@ IN A 127.0.0.1 ; delete this line
@ IN AAAA ::1 ; delete this line

Edit menjadi seperti berikut :

$TTL 604800
@ IN SOA ns1.net2byte.com. admin.net2byte.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers – NS records
IN NS ns1.net2byte.com.
IN NS ns2.net2byte.com.

; name servers – A records
ns1.net2byte.com. IN A 103.126.26.26
ns2.net2byte.com. IN A 103.126.26.27

; 103.126.26.0/24 – A records

net2byte.com.          IN A 103.126.26.28
28.net2byte.com. IN A 103.126.26.28
lg.net2byte.com. IN A 103.126.26.28

;Mail Server
mail IN A 103.126.26.28
@ IN MX 28 mail

Membuat Reverse Zone File

copy db.127

sudo cp /etc/bind/db.127 /etc/bind/zones/db.103.126.26

Edit reverse zone file

sudo nano /etc/bind/zones/db.103.126.26

aslinya muncul seperti ini

$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost. ; delete this line
1.0.0 IN PTR localhost. ; delete this line

Kemudian edit menjadi :

$TTL 604800
@ IN SOA net2byte.com. admin.net2byte.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; name servers
IN NS ns1.net2byte.com.
IN NS ns2.net2byte.com.

; PTR Records
26 IN PTR ns1.net2byte.com. ; 103.126.26.26
27 IN PTR ns2.net2byte.com. ; 103.126.26.27
28 IN PTR 28.net2byte.com. ; 103.126.26.28

Cek syntax konfigurasi BIND

sudo named-checkconf

juga

sudo named-checkzone net2byte.com /etc/bind/zones/db.net2byte.com

hasilnya harus seperti ini :

Output
zone net2byte.com/IN: loaded serial 3
OK

Cek juga 26.126.103.in-addr.arpa

sudo named-checkzone 26.126.103.in-addr.arpa /etc/bind/zones/db.103.126.26

Restrat BIND

sudo systemctl restart bind9

Jika ada firewall cek dengan berikut

sudo ufw allow Bind9

KONFIGURASI Secondary DNS Server

Edit file /etc/bind/named.conf.options

sudo nano /etc/bind/named.conf.options

isi berikut  sebelum option

acl “trusted” {
103.126.26.26; # ns1
103.126.26.27; # ns2
103.126.26.28; # host
};
options {

. . .

kemudian tambahkan di bawah directory directive

. . .

recursion yes;
allow-recursion { trusted; };
listen-on { 103.126.26.27; }; # ns2 private IP address
allow-transfer { none; }; # disable zone transfers by default

forwarders {
8.8.8.8;
1.1.1.1;
};

Sekarang edit  /etc/bind/named.conf.local

sudo nano /etc/bind/named.conf.local

isi berikut

zone “net2byte.com” {
type secondary;
file “db.net2byte.com”;
primaries { 103.126.26.26; }; # ns1 private IP
};

zone “26.126.103.in-addr.arpa” {
type secondary;
file “db.103.126.26”;
primaries { 103.126.26.26; }; # ns1 private IP
};

Cek konfigurasi

sudo named-checkconf

restrat BIND

sudo systemctl restart bind9

kalo menggunakan firewall

sudo ufw allow Bind9

Cek hasil PTR menggunakan

https://www.whatsmydns.net/dns-lookup/ptr-records?query=103.126.26.26&server=google

Demikian

 

Leave a Reply

Your email address will not be published. Required fields are marked *