( ngomong nya gimana ya .... ??? )h...m.... Berdasarkan kasus : untuk membedakan hasil resolve dari client yang berbeda. Yang intinya jika dari loclahost hasil resolv nya 192.168.1.2 jika dari network lain hasil resolv nya 1.1.1.234. Ataupun sebalik nya sesuai selera. ( tergantung kebutuhan pribadi masing masing )
nb : dalam kasus ini saya memakai windows ;D
--1--
download bind dari site nya : http://www.isc.org/index.pl?/sw/bind/index.php
untuk installasi bisa mengarah ke sini
download file sample konfigurasi ke sini
setelah di download, simpan file sample configurasi ke dalam directory etc ( dalam kasus saya berada di directory : "C:\WINDOWS\dns\etc" )
file yang di butuhkan antara lain :
- named.conf
- rndc.key
- named.ca
- basiczone.com.zone
- 127.0.0.rev
- basiczone.com.in ( untuk internal )
- basiczone.com.ex ( untuk external )
sekarang mari kita kemon....
--2--
yang perlu di perhatikan adalah config sebagai berikut
untuk named.conf
options {
#
# Working directory from which all relative paths are based
#
directory "C:\WINDOWS\dns\etc";
#
#
# Working directory from which all relative paths are based
#
directory "C:\WINDOWS\dns\etc";
#
dan settingan intinya berada pada bagian "view"
view "dalam" {
#
# Handler for clients who exist on our local subnet(s) or loopback.
match-clients { localhost; };
#
# Lookup requests we are not authoritative for.
#
recursion yes;
# Specify the root name servers
#
zone "." IN {
type hint;
file "named.ca";
};
#
# RFC 1537 recommended loopback zone, helps broken clients.
#
zone "0.0.127.in-addr.arpa" IN {
type master;
file "127.0.0.rev";
};
#
# The internal split for basiczone.com
#
zone "basiczone.com" IN {
type master;
file "basiczone.com.in";
};
};
####################################
# Authoritative Server Configuration
#
view "luar" {
#
# Handler for anyone that doesn't match the above.
#
match-clients { 192.168.1.0/24; any; };
#
# We are not a public resolver.
#
recursion no;
# Should BIND provide IP address information found in zones other than the
# one that was queried? Say yes if you trust the content of all of your
# zones.
#
additional-from-auth yes;
# Should BIND provide answers gotten from cache? By saying no, you refuse
# to provide answers for zones you're not authoritative for.
#
additional-from-cache no;
# RFC 1537 recommended loopback zone, helps broken clients.
#
zone "0.0.127.in-addr.arpa" IN {
type master;
file "127.0.0.rev";
};
# The external split for basiczone.com
#
zone "basiczone.com" IN {
type master;
file "basiczone.com.ex";
};
};
#
# Handler for clients who exist on our local subnet(s) or loopback.
match-clients { localhost; };
#
# Lookup requests we are not authoritative for.
#
recursion yes;
# Specify the root name servers
#
zone "." IN {
type hint;
file "named.ca";
};
#
# RFC 1537 recommended loopback zone, helps broken clients.
#
zone "0.0.127.in-addr.arpa" IN {
type master;
file "127.0.0.rev";
};
#
# The internal split for basiczone.com
#
zone "basiczone.com" IN {
type master;
file "basiczone.com.in";
};
};
####################################
# Authoritative Server Configuration
#
view "luar" {
#
# Handler for anyone that doesn't match the above.
#
match-clients { 192.168.1.0/24; any; };
#
# We are not a public resolver.
#
recursion no;
# Should BIND provide IP address information found in zones other than the
# one that was queried? Say yes if you trust the content of all of your
# zones.
#
additional-from-auth yes;
# Should BIND provide answers gotten from cache? By saying no, you refuse
# to provide answers for zones you're not authoritative for.
#
additional-from-cache no;
# RFC 1537 recommended loopback zone, helps broken clients.
#
zone "0.0.127.in-addr.arpa" IN {
type master;
file "127.0.0.rev";
};
# The external split for basiczone.com
#
zone "basiczone.com" IN {
type master;
file "basiczone.com.ex";
};
};
singkatnya :
pada konfigurasi diatas di buat dua "view" dalam dan luar.
- view dalam match-clients nya adalah localhost yang berarti jika ada akses dari localhost maka yang di resolv menggunakan file basiczone.com.in
- view luar match-clients nya adalah network 192.168.1.0/24 yang berarti jika ada akses dari network tersebut, maka file yang digunakan untuk meresolv adalah file basiczone.com.ex
file basiczone.com.in
$TTL 900 ; 900 seconds default record (T)ime (T)o (L)ive in cache
; Authored by SilentRage
; Download Location:
; http://www.dollardns.net/bind/views/
@ SOA ns ( ; ns.basiczone.com is the primary server for basiczone.com
postmaster ; contact email for basiczone.com is postmaster@basiczone.com
2004041700 ; Serial ID in reverse date format
21600 ; Refresh interval for slave servers
1800 ; Retry interval for slave servers
604800 ; Expire limit for cached info on slave servers
900 ) ; Minimum Cache TTL in zone records
@ NS ns ; ns.basiczone.com is a host for basiczone.com
@ A 192.168.1.2 ; basiczone.com's IP address is 192.168.1.2
@ MX 10 mail ; Mail for *@basiczone.com is sent to mail.basiczone.com
ns A 192.168.1.1 ; ns1.basiczone.com's IP address is 192.168.1.1
mail A 192.168.1.254 ; mail.basiczone.com's IP address is 192.168.1.3
www A 192.168.1.2 ; www.basiczone.com's IP address is 192.168.1.2
; Authored by SilentRage
; Download Location:
; http://www.dollardns.net/bind/views/
@ SOA ns ( ; ns.basiczone.com is the primary server for basiczone.com
postmaster ; contact email for basiczone.com is postmaster@basiczone.com
2004041700 ; Serial ID in reverse date format
21600 ; Refresh interval for slave servers
1800 ; Retry interval for slave servers
604800 ; Expire limit for cached info on slave servers
900 ) ; Minimum Cache TTL in zone records
@ NS ns ; ns.basiczone.com is a host for basiczone.com
@ A 192.168.1.2 ; basiczone.com's IP address is 192.168.1.2
@ MX 10 mail ; Mail for *@basiczone.com is sent to mail.basiczone.com
ns A 192.168.1.1 ; ns1.basiczone.com's IP address is 192.168.1.1
mail A 192.168.1.254 ; mail.basiczone.com's IP address is 192.168.1.3
www A 192.168.1.2 ; www.basiczone.com's IP address is 192.168.1.2
file basiczone.com.ex
$TTL 900 ; 900 seconds default record (T)ime (T)o (L)ive in cache
; Authored by SilentRage
; Download Location:
; http://www.dollardns.net/bind/views/
@ SOA ns1 ( ; ns1.basiczone.com is the primary server for basiczone.com
postmaster ; contact email for basiczone.com is postmaster@basiczone.com
2004041700 ; Serial ID in reverse date format
21600 ; Refresh interval for slave servers
1800 ; Retry interval for slave servers
604800 ; Expire limit for cached info on slave servers
900 ) ; Minimum Cache TTL in zone records
@ NS ns1 ; ns1.basiczone.com is a host for basiczone.com
@ A 1.1.1.234 ; basiczone.com's IP address is 123.45.6.2
@ MX 10 mail ; Mail for *@basiczone.com is sent to mail.basiczone.com
ns1 A 1.1.1.234 ; ns1.basiczone.com's IP address is 123.45.6.1
mail A 1.1.1.234 ; mail.basiczone.com's IP address is 123.45.6.3
www A 1.1.1.234 ; www.basiczone.com's IP address is 123.45.6.2
; Authored by SilentRage
; Download Location:
; http://www.dollardns.net/bind/views/
@ SOA ns1 ( ; ns1.basiczone.com is the primary server for basiczone.com
postmaster ; contact email for basiczone.com is postmaster@basiczone.com
2004041700 ; Serial ID in reverse date format
21600 ; Refresh interval for slave servers
1800 ; Retry interval for slave servers
604800 ; Expire limit for cached info on slave servers
900 ) ; Minimum Cache TTL in zone records
@ NS ns1 ; ns1.basiczone.com is a host for basiczone.com
@ A 1.1.1.234 ; basiczone.com's IP address is 123.45.6.2
@ MX 10 mail ; Mail for *@basiczone.com is sent to mail.basiczone.com
ns1 A 1.1.1.234 ; ns1.basiczone.com's IP address is 123.45.6.1
mail A 1.1.1.234 ; mail.basiczone.com's IP address is 123.45.6.3
www A 1.1.1.234 ; www.basiczone.com's IP address is 123.45.6.2
--testing n jajal--
nslookup dari local komputer
nslookup dari net 192.168.1.227/24
sumber :
http://www.zytrax.com/books/dns/ch7/view.html
comment please ... ConversionConversion EmoticonEmoticon