bind-9.8.

1 on FreeBSD Forum BSD Moral Of the Story dari note dibawah adalah, kerjakan pekerjaan sampai tuntas, jan gan mudah menyerah, dimana ada niat tentunya disitu ada jalan. Bagi yang mau mencoba silakan upgrade DNS server ke versi 9.8 (saya coba malam ini dan berhasil selesai dalam waktu 30 Menit :-D , trust me ) #cd /usr/ports/dns/bind99; make config; make install clean; rehash dns# cd /usr/ports/dns/bind98/ dns# make config +--------------------------------------------------------------+ [X] SSL Building without OpenSSL removes DNSSEC [X] LINKS Create conf file symlinks in /usr/local [X] XML Support for xml statistics output [ ] IDN Add IDN support to dig, host, etc. [ ] REPLACE_BASE Replace base BIND with this version [ ] LARGE_FILE 64-bit file support [ ] SIGCHASE dig/host/nslookup will do DNSSEC validation [X] IPV6 IPv6 Support (autodetected by default) [X] THREADS Compile with thread support [ ] DLZ_POSTGRESQL DLZ Postgres driver [ ] DLZ_MYSQL DLZ MySQL driver (single-threaded BIND) [ ] DLZ_BDB DLZ BDB driver [ ] DLZ_LDAP DLZ LDAP driver [ ] DLZ_FILESYSTEM DLZ filesystem driver [ ] DLZ_STUB DLZ stub driver +-+------------------------------------------------+- [ OK ] Cancel > dns# dns# ===> ===> ===> ===> dns# make config make && make install Installing for bind98-9.8.1 bind98-9.8.1 depends on shared library: xml2.5 Generating temporary packing list Checking if dns/bind98 already installed

found

dns# cd /var/named/etc/namedb/ dns# rndc-confgen akan ada output temporary data copy ke named.conf rndc.conf dan rndc.key dns# more /var/named/etc/namedb/named.conf acl "unila" {2001:df0:230::/48; 127.0.0.1/32; 192.168.0.0/16; 192.168.1.0/24; 10 3.3.46.0/24; }; options { directory "/etc/namedb"; pid-file "/var/run/named/pid"; version "We forward your request version to /dev/null"; listen-on-v6 { any; }; allow-query {"unila";}; allow-recursion {"unila";}; minimal-responses yes; forwarders { 180.131.144.144; 180.131.145.145;

}; query-source address * port 53; dump-file "s/named_dump.db"; }; logging { category lame-servers { null; }; }; zone "." IN { type hint; file "named.root"; }; zone "localhost" IN { type master; file "db.localhost"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "db.127.0.0"; allow-update { none; }; }; zone "unila.ac.id" { type master; file "/var/named/etc/namedb/db/xxx/db.unila.ac.id"; }; # Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; dns# more rndc.key key "rndc-key" { algorithm hmac-md5; secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ=="; }; dns# dns# more rndc.conf # Start of rndc.conf key "rndc-key" { algorithm hmac-md5; secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ=="; };

options { default-key "rndc-key"; default-server 127.0.0.1; default-port 953; }; # End of rndc.conf # Use with the following in named.conf, adjusting the allow list as needed: # key "rndc-key" { # algorithm hmac-md5; # secret "3lkajkljasd5GPvhvrhec9gVZ7isE7GQ==; # }; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndc-key"; }; # }; # End of named.conf dns# terakhir buat zone unila.ac.id dns# pwd /var/named/etc/namedb/db dns# more db.unila.ac.id $TTL 86400 @ IN SOA dns.unila.ac.id. root.unila.ac.id. ( 201204018 ; serial 28800 14400 3600000 86400 ) IN NS dns.unila.ac.id. IN MX 10 barracuda.unila.ac.id. IN A 192.168.1.116 ;layanan unila ;-----------------zimbra IN A 192.168.1.25 IN MX 500 ns1 IN MX 400 zimbra barracuda IN A 172.16.1.23 IN MX 10 barracuda dns IN A 192.168.1.3 ns1 IN A 192.168.1.8 BLAH..BLAH...BLAH..BLAH Jalankan service Bind dns# /usr/local/named/sbin/named -u named -c /usr/local/named/etc/named.conf Buat jadi startup dns# more /etc/rc.local /usr/local/sbin/named -c /var/named/etc/namedb/named.conf

dns# Lihat di log server ada masalah gak ?? dns# tail -f /var/log/messages Apr 11 19:37:24 dns named[27283]: built with '--localstatedir=/var' '--disablelinux-caps' '--disable-symtable' '--with-randomdev=/dev/random' '--with-openssl= /usr' '--with-libxml2=/usr/local' '--without-idn' '--enable-ipv6' '--enable-thre ads' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/ ' '--build=x86_64-portbld-freebsd8.1' 'build_alias=x86_64-portbld-freebsd8.1' 'C C=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS= -rpath=/usr/lib:/usr/loc al/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -fno-strict-aliasing ' Apr 11 19:37:24 dns named[27283]: could not listen on UDP socket: address in us e Apr 11 19:37:24 dns named[27283]: creating IPv4 interface lo0 failed; interface ignored Apr 11 19:37:24 dns named[27283]: not listening on any interfaces Apr 11 19:37:24 dns named[27283]: couldn't add command channel 127.0.0.1#953: a ddress in use Apr 11 19:37:25 dns named[27283]: command channel listening on ::1#953 Apr 11 19:37:25 dns named[27283]: could not listen on UDP socket: address in us e Apr 11 19:37:25 dns named[27283]: creating IPv4 interface lo0 failed; interface ignored Apr 11 19:37:25 dns named[27283]: managed-keys-zone ./IN: loading from master f ile managed-keys.bind failed: file not found Apr 11 19:37:25 dns named[27283]: running Kalo gak ada masalah ya udah baru ditinggal, jangan maen tinggal aja kalau masih masalah Terakhir check apakah bisa melakukan query dari luar network unila lemlit# nslookup > server Default server: 192.168.1.3 Address: 192.168.1.3#53 > www.unila.ac.id Server: 192.168.1.3 Address: 192.168.1.3#53 Name: www.unila.ac.id Address: 192.168.1.116 > www.google.com Server: 192.168.1.3 Address: 192.168.1.3#53 Non-authoritative answer: www.google.com canonical name = www.l.google.com. Name: www.l.google.com Address: 74.125.235.18 Name: www.l.google.com Address: 74.125.235.19 Name: www.l.google.com Address: 74.125.235.20 Name: www.l.google.com Address: 74.125.235.16 Name: www.l.google.com Address: 74.125.235.17

Tools menggunakan DNSTOP dnstop em0 tekan s, d t, o, r 1 2 3