DNSサーバをVMネットワーク上に作成する
DNSサーバの設定
sudo apt install bind9 bind9utils bind9-doc
/etc/bind/named.conf.optionsの編集
acl internal-network {
192.168.1.0/24;
};
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
};
allow-query { localhost; internal-network; };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
//listen-on-v6 { any; };
recursion yes;
};
/etc/bind/named.conf.localの編集
zone "mydomain.com" {
type master;
file "/etc/bind/db.mydomain.com";
};
/etc/bind/db.mydomain.comの編集
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA mydomain.com. root.mydomain.com. (
20240421 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dnode
dnode IN A 192.168.1.100
;Host Record
node1 IN A 192.168.1.2
node2 IN A 192.168.1.3
node3 IN A 192.168.1.4
node4 IN A 192.168.1.5
bind9の再起動
sudo systemctl restart bind9
各ノードの設定
/etc/netplanにmydomain.comの自動付与を設定
... other settings ...
nameservers:
addresses: [192.168.1.100, 8.8.8.8]
search: [mydomain.com]
/etc/systemd/resolved.confの編集
[Resolve]
DNSStubListener=no
/etc/resolve.confのシンボリックリンクを編集
ldasudo mv /etc/resolv.conf /tmp/resolv.conf.bak
sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
systemd-resolvedの再起動
sudo systemctl restart systemd-resolved
参考ページ
https://technologyrss.com/how-to-install-and-configure-dns-bind9-on-ubuntu-22-04-server/