Servidor DNSmasq
Tarea 1: Modifica los clientes para que utilicen el nuevo servidor dns. Realiza una consulta a www.iesgn.org, y a www.josedomingo.org. Realiza una prueba de funcionamiento para comprobar que el servidor dnsmasq funciona como cache dns. Muestra el fichero hosts del cliente para demostrar que no estás utilizando resolución estática. Realiza una consulta directa al servidor dnsmasq. ¿Se puede realizar resolución inversa?.
Instalamos dnsmasq:
1
| vagrant@apache2:~$ sudo apt install dnsmasq
|
Editamos el fichero de configuración:
1
| vagrant@apache2:~$ sudo nano /etc/dnsmasq.conf
|
Descomentamos lo siguiente:
1
2
| strict-order
interface=eth2
|
Editamos /etc/resolv.conf del cliente
1
2
3
4
5
| vagrant@apache2cliente:~$ sudo nano /etc/resolv.conf
domain gonzalonazareno.org
search gonzalonazareno.org
nameserver 192.168.100.1
|
Modificamos el enrutamiento por defecto del servidor:
1
2
| vagrant@apache2:~$ sudo ip r del default
vagrant@apache2:~$ sudo ip r add default via 172.22.0.1
|
Activamos el ip_forward:
1
| root@apache2:/home/vagrant# echo 1 > /proc/sys/net/ipv4/ip_forward
|
En el cliente:
1
2
| vagrant@apache2cliente:~$ sudo ip r del default
vagrant@apache2cliente:~$ sudo ip r add default via 192.168.100.1
|
Probamos a hacer la consulta desde el cliente:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| vagrant@apache2cliente:~$ dig www.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36319
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.iesgn.org. IN A
;; ANSWER SECTION:
www.iesgn.org. 0 IN A 172.22.7.50
;; Query time: 0 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 19 07:50:28 GMT 2019
;; MSG SIZE rcvd: 58
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
| vagrant@apache2cliente:~$ dig www.josedomingo.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.josedomingo.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46076
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 6
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 7a796aaf9ff102b9b9ccc47a5dd39f1ced2f15b4921da692 (good)
;; QUESTION SECTION:
;www.josedomingo.org. IN A
;; ANSWER SECTION:
www.josedomingo.org. 325 IN CNAME playerone.josedomingo.org.
playerone.josedomingo.org. 407 IN A 137.74.161.90
;; AUTHORITY SECTION:
josedomingo.org. 84021 IN NS ns3.cdmon.net.
josedomingo.org. 84021 IN NS ns4.cdmondns-01.org.
josedomingo.org. 84021 IN NS ns2.cdmon.net.
josedomingo.org. 84021 IN NS ns1.cdmon.net.
josedomingo.org. 84021 IN NS ns5.cdmondns-01.com.
;; ADDITIONAL SECTION:
ns1.cdmon.net. 170421 IN A 35.189.106.232
ns2.cdmon.net. 170421 IN A 35.195.57.29
ns3.cdmon.net. 170421 IN A 35.157.47.125
ns4.cdmondns-01.org. 84021 IN A 52.58.66.183
ns5.cdmondns-01.com. 170421 IN A 52.59.146.62
;; Query time: 2 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 19 07:51:56 GMT 2019
;; MSG SIZE rcvd: 322
|
Muestra el fichero hosts del cliente para demostrar que no estás utilizando resolución estática.
Se puede hacer resolución inversa
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| vagrant@apache2cliente:~$ dig -x 172.22.7.50
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> -x 172.22.7.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53877
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;50.7.22.172.in-addr.arpa. IN PTR
;; ANSWER SECTION:
50.7.22.172.in-addr.arpa. 0 IN PTR www.iesgn.org.
;; Query time: 0 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 19 07:50:35 GMT 2019
;; MSG SIZE rcvd: 80
|
Servidor bind9
Tarea 2: Realiza la instalación y configuración del servidor bind9 con las características anteriomente señaladas. Entrega las zonas que has definido. Muestra al profesor su funcionamiento.
Desinstalamos el servicio dnsmasq:
1
| vagrant@apache2:~$ sudo apt purge dnsmasq
|
Instalamos el servidor dns bind9:
1
| vagrant@apache2:~$ sudo apt install bind9
|
Configuramos el servidor dns:
1
2
3
4
5
6
7
8
| vagrant@apache2:/etc/bind$ sudo nano named.conf.local
include "/etc/bind/zones.rfc1918";
zone "iesgn.org"{
type master;
file "db.iesgn.org";
};
|
Configuramos la zona directa del servidor dns:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| vagrant@apache2:/etc/bind$ sudo nano db.iesgn.org
;
; BIND reverse data file for broadcast zone
;
$ORIGIN iesgn.org.
$TTL 604800
@ IN SOA ernesto.iesgn.org. root.iesgn.org. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ernesto.iesgn.org.
@ IN MX 10 correo.iesgn.org.
ernesto IN A 192.168.100.1
correo IN A 192.168.100.200
ftp IN A 192.168.100.201
apache2cliente IN A 192.168.100.2
www IN CNAME ernesto.iesgn.org.
departamento IN CNAME ernesto.iesgn.org.
|
Comprobaciones de funcionamiento:
1
2
3
4
| root@apache2:/etc/bind# named-checkzone iesgn.org /etc/bind/db.iesgn.org
zone iesgn.org/IN: loaded serial 1
OK
|
Reinciamos:
1
| root@apache2:/etc/bind# service bind9 restart
|
Comprobamos con dig :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| vagrant@apache2:~$ dig www.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22941
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: a17a9f11a1e124a4a0f110dd5dd3b559892f6875e0747a11 (good)
;; QUESTION SECTION:
;www.iesgn.org. IN A
;; ANSWER SECTION:
www.iesgn.org. 604800 IN CNAME ernesto.iesgn.org.
ernesto.iesgn.org. 604800 IN A 192.168.100.1
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; Query time: 0 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 19 09:26:49 GMT 2019
;; MSG SIZE rcvd: 122
|
Zona de resolución inversa .
1
2
3
4
5
6
7
8
| vagrant@apache2:/etc/bind$ nano named.conf.local
// Zona inversa
zone "100.168.192.in-addr.arpa" {
type master;
file "192.168.rev";
};
|
Fichero de configuración zona inversa
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| vagrant@apache2:/var/cache/bind$ sudo nano 192.168.rev
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA ernesto.iesgn.org. root.iesgn.org. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ernesto.iesgn.org.
$ORIGIN 100.168.192.in-addr.arpa.
1 IN PTR ernesto.iesgn.org.
|
Reinciamos y comprobamos el funcionamiento:
1
| vagrant@apache2:/var/cache/bind$ sudo service bind9 restart
|
1
2
3
4
| vagrant@apache2:/var/cache/bind$ sudo named-checkzone 168.192.in-addr.arpa /var/cache/bind/192.168.rev
zone 168.192.in-addr.arpa/IN: loaded serial 1
OK
|
Comprobamos la zona inversa
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| vagrant@apache2:~$ dig -x 192.168.100.1
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> -x 192.168.100.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4102
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 36f19e7845b370d476c3049b5dd3b592de1efa52aa8cfbc1 (good)
;; QUESTION SECTION:
;1.100.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
1.100.168.192.in-addr.arpa. 604800 IN PTR ernesto.iesgn.org.
;; AUTHORITY SECTION:
168.192.in-addr.arpa. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
;; Query time: 0 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 19 09:27:46 GMT 2019
;; MSG SIZE rcvd: 144
|
IPv6
1
2
3
4
5
6
7
8
| vagrant@apache2:/etc/bind$ sudo nano named.conf.local
// Zona inversa ipv6
zone "0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa"{
type master;
file "db.0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa.db";
};
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| root@apache2:/home/vagrant# sudo nano /var/cache/bind/db.0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa.db
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA ernesto.iesgn.org. root.iesgn.org. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ernesto.iesgn.org.
$ORIGIN 0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR ernesto.iesgn.org.
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR apachecliente2.iesgn.o$
3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR correo.iesgn.org.
4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR ftp.iesgn.org.
5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR web.iesgn.org.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| vagrant@apache2:/var/cache/bind$ sudo nano db.iesgn.org
;
; BIND reverse data file for broadcast zone
;
$TTL 604800
@ IN SOA ernesto.iesgn.org. root.iesgn.org. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ernesto.iesgn.org.
@ IN MX 10 correo.iesgn.org.
$ORIGIN iesgn.org.
ernesto IN A 192.168.100.1
correo IN A 192.168.100.200
ftp IN A 192.168.100.201
apache2cliente IN A 192.168.100.2
www IN CNAME ernesto
departamento IN CNAME ernesto
ernesto IN AAAA 2001:0DB8::1
apache2cliente IN AAAA 2001:0DB8::2
correo IN AAAA 2001:0DB8::3
ftp IN AAAA 2001:0DB8::4
|
Reiniciamos:
1
| vagrant@apache2:/var/cache/bind$ sudo systemctl restart bind9
|
Comprobaciones:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| vagrant@apache2cliente:~$ dig AAAA ernesto.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> AAAA ernesto.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31834
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: cc07b32d201353c187035ce45dd5067439abd479b1ec85ce (good)
;; QUESTION SECTION:
;ernesto.iesgn.org. IN AAAA
;; ANSWER SECTION:
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 09:25:08 GMT 2019
;; MSG SIZE rcvd: 132
|
Inversa:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| vagrant@apache2cliente:~$ dig -x 2001:0DB8::1
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> -x 2001:0DB8::1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58145
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: c3d45d5c411f30dbe61a96d65dd50572583f85862f5700d3 (good)
;; QUESTION SECTION:
;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. IN PTR
;; ANSWER SECTION:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa. 604800 IN PTR ernesto.iesgn.org.
;; AUTHORITY SECTION:
0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 09:20:50 GMT 2019
;; MSG SIZE rcvd: 272
|
Tarea 3: Realiza las consultas dig/nslookup desde los clientes preguntando por los siguientes:
- Dirección de pandora.iesgn.org, www.iesgn.org, ftp.iesgn.org
- El servidor DNS con autoridad sobre la zona del dominio iesgn.org
- El servidor de correo configurado para iesgn.org
- La dirección IP de www.josedomingo.org
- Una resolución inversa
- La dirección ipv6 de pandora.iesgn.org
Consulta ernesto.iesgn.org
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| vagrant@apache2cliente:~$ dig ernesto.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> ernesto.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35090
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 279402a035fe72c6966023a95dd4f2bebb48d7c7670ccef0 (good)
;; QUESTION SECTION:
;ernesto.iesgn.org. IN A
;; ANSWER SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN AAAA fe80::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:01:02 GMT 2019
;; MSG SIZE rcvd: 132
|
Consulta www.iesgn.org
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| vagrant@apache2cliente:~$ dig www.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19595
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: f96dc630262c4e53493a0a635dd4f2f406c9f012ab34cb47 (good)
;; QUESTION SECTION:
;www.iesgn.org. IN A
;; ANSWER SECTION:
www.iesgn.org. 604800 IN CNAME ernesto.iesgn.org.
ernesto.iesgn.org. 604800 IN A 192.168.100.1
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN AAAA fe80::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:01:56 GMT 2019
;; MSG SIZE rcvd: 150
|
Consulta ftp.iesgn.org
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| vagrant@apache2cliente:~$ dig ftp.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> ftp.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 782
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fb4182a83ab43fde16f77e095dd4f339fd74a49755d05faa (good)
;; QUESTION SECTION:
;ftp.iesgn.org. IN A
;; ANSWER SECTION:
ftp.iesgn.org. 604800 IN A 192.168.100.201
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto.iesgn.org. 604800 IN AAAA fe80::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:03:05 GMT 2019
;; MSG SIZE rcvd: 152
|
El servidor DNS con autoridad sobre la zona del dominio iesgn.org
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| vagrant@apache2cliente:~$ dig ns iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> ns iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63450
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: efca2a2dc9320a16bb443d8e5dd4fa33e7446467b9481f76 (good)
;; QUESTION SECTION:
;iesgn.org. IN NS
;; ANSWER SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto.iesgn.org. 604800 IN AAAA fe80::1
;; Query time: 0 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:32:51 GMT 2019
;; MSG SIZE rcvd: 132
El servidor de correo configurado para iesgn.org
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
| root@apache2cliente:/home/vagrant# dig -t mx iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> -t mx iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63478
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fc7dace9a7b884d8584f97255dd4f3adf64b9abc90ed5279 (good)
;; QUESTION SECTION:
;iesgn.org. IN MX
;; ANSWER SECTION:
iesgn.org. 604800 IN MX 10 correo.iesgn.org.
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
correo.iesgn.org. 604800 IN A 192.168.100.200
ernesto.iesgn.org. 604800 IN A 192.168.100.1
correo.iesgn.org. 604800 IN AAAA fe80::3
ernesto.iesgn.org. 604800 IN AAAA fe80::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:05:01 GMT 2019
;; MSG SIZE rcvd: 199
|
La dirección IP de www.josedomingo.org
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
| vagrant@apache2cliente:~$ dig www.josedomingo.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.josedomingo.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35773
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 6
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 161e88837d1b2e82aa71e9c55dd4f40538f51f1dd18b21a3 (good)
;; QUESTION SECTION:
;www.josedomingo.org. IN A
;; ANSWER SECTION:
www.josedomingo.org. 900 IN CNAME playerone.josedomingo.org.
playerone.josedomingo.org. 900 IN A 137.74.161.90
;; AUTHORITY SECTION:
josedomingo.org. 86399 IN NS ns2.cdmon.net.
josedomingo.org. 86399 IN NS ns3.cdmon.net.
josedomingo.org. 86399 IN NS ns5.cdmondns-01.com.
josedomingo.org. 86399 IN NS ns1.cdmon.net.
josedomingo.org. 86399 IN NS ns4.cdmondns-01.org.
;; ADDITIONAL SECTION:
ns1.cdmon.net. 172476 IN A 35.189.106.232
ns2.cdmon.net. 172476 IN A 35.195.57.29
ns3.cdmon.net. 172476 IN A 35.157.47.125
ns4.cdmondns-01.org. 86076 IN A 52.58.66.183
ns5.cdmondns-01.com. 172477 IN A 52.59.146.62
;; Query time: 539 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:06:29 GMT 2019
;; MSG SIZE rcvd: 322
|
Una resolución inversa
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| vagrant@apache2cliente:~$ dig -x 192.168.100.1
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> -x 192.168.100.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54276
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: d697ec4cf370c748efc098f15dd4f4516a123fbc28351b2f (good)
;; QUESTION SECTION:
;1.100.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
1.100.168.192.in-addr.arpa. 604800 IN PTR ernesto.iesgn.org.
;; AUTHORITY SECTION:
168.192.in-addr.arpa. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto.iesgn.org. 604800 IN AAAA fe80::1
;; Query time: 0 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 08:07:45 GMT 2019
;; MSG SIZE rcvd: 172
|
La dirección ipv6 de ernesto.iesgn.org
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| vagrant@apache2cliente:~$ dig AAAA ernesto.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> AAAA ernesto.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31834
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: cc07b32d201353c187035ce45dd5067439abd479b1ec85ce (good)
;; QUESTION SECTION:
;ernesto.iesgn.org. IN AAAA
;; ANSWER SECTION:
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 20 09:25:08 GMT 2019
;; MSG SIZE rcvd: 132
|
Resolución inversa de ipv6
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| vagrant@apache2cliente:~$ dig -x 2001:0DB8::1
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> -x 2001:0DB8::1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45088
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 31c91c2a307ac616103a46015ddcd446cb45446eee03b3ea (good)
;; QUESTION SECTION:
;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. IN PTR
;; ANSWER SECTION:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa. 604800 IN PTR ernesto.iesgn.org.
;; AUTHORITY SECTION:
0.0.0.0.0.0.0.0.8.B.D.0.1.0.0.2.ip6.arpa. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 26 07:29:10 GMT 2019
;; MSG SIZE rcvd: 272
|
Servidor DNS esclavo
Tarea 4: Realiza la instalación del servidor DNS esclavo. Documenta los siguientes apartados:
- Entrega la configuración de las zonas del maestro y del esclavo.
- Comprueba si las zonas definidas en el maestro tienen algún error con el comando adecuado.
- Comprueba si la configuración de named.conf tiene algún error con el comando adecuado.
- Reinicia los servidores y comprueba en los logs si hay algún error. No olvides incrementar el número de serie en el registro SOA si has modificado la zona en el maestro.
- Muestra la salida del log donde se demuestra que se ha realizado la transferencia de zona.
Editamos el siguiente fichero de configuración:
1
| vagrant@apache2:/etc/bind$ sudo nano named.conf.options
|
Y añadimos lo siguiente:
1
| allow-transfer { none; };
|
Zona maestro:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| vagrant@apache2:/etc/bind$ sudo nano named.conf.local
zone "iesgn.org"{
type master;
file "db.iesgn.org";
allow-transfer { 192.168.100.3; };
notify yes;
};
// Zona inversa
zone "100.168.192.in-addr.arpa" {
type master;
file "192.168.rev";
allow-transfer { 192.168.100.3; };
notify yes;
};
|
Configuración esclavo:
1
2
3
4
5
6
7
8
9
10
11
12
13
| vagrant@apache2:/etc/bind$ sudo nano named.conf.local
zone "iesgn.org"{
type slave;
masters { 192.168.100.1; };
};
// Zona inversa
zone "100.168.192.in-addr.arpa" {
type slave;
masters { 192.168.100.1; };
};
|
Editamos la zona iesgn:
1
2
3
4
| vagrant@apache2:/var/cache/bind$ sudo nano db.iesgn.org
@ IN NS ernesto-slave.iesgn.org.
ernesto-slave IN A 192.168.100.3
|
1
2
3
4
| vagrant@apache2:/var/cache/bind$ sudo nano 192.168.rev
@ IN NS ernesto-slave.iesgn.org.
3 IN PTR ernesto-slave.iesgn.org.
|
En el cliente editamos el /etc/resolv.conf:
1
2
| nameserver 192.168.100.1
nameserver 192.168.100.3
|
En el esclavo tendremos que cambiar las reglas de ip r
1
2
| vagrant@esclavo:/etc/bind$ sudo ip r del default
vagrant@esclavo:/etc/bind$ sudo ip r add default via 192.168.100.1
|
Comprobaciones de errores:
1
2
3
4
5
6
7
8
9
| vagrant@apache2:/var/cache/bind$ sudo named-checkzone iesgn.org /var/cache/bind/db.iesgn.org
zone iesgn.org/IN: loaded serial 1
OK
vagrant@apache2:/var/cache/bind$ sudo named-checkzone 192.168.rev /var/cache/bind/192.168.rev
zone 192.168.rev/IN: loaded serial 1
OK
|
Errores en el named.conf
1
2
| root@apache2:/var/cache/bind# named-checkconf
root@apache2:/var/cache/bind#
|
1
2
| root@esclavo:/home/vagrant# named-checkconf
root@esclavo:/home/vagrant#
|
Log de la transferencia de zona.
1
2
3
4
5
6
7
8
9
10
11
12
| root@esclavo:/home/vagrant# tail /var/log/syslog
Nov 26 09:28:55 buster named[2239]: network unreachable resolving './NS/IN': 2001:500:2d::d#53
Nov 26 09:29:04 buster named[2239]: resolver priming query complete
Nov 26 09:29:45 buster named[2239]: client @0x7f35b0533e20 192.168.100.1#57998: received notify for zone 'iesgn.org'
Nov 26 09:29:45 buster named[2239]: zone iesgn.org/IN: notify from 192.168.100.1#57998: zone is up to date
Nov 26 09:29:45 buster named[2239]: client @0x7f35b0533e20 192.168.100.1#47903: received notify for zone '100.168.192.in-addr.arpa'
Nov 26 09:29:45 buster named[2239]: zone 100.168.192.in-addr.arpa/IN: notify from 192.168.100.1#47903: zone is up to date
Nov 26 09:32:25 buster named[2239]: client @0x7f35b0533e20 192.168.100.1#50754: received notify for zone 'iesgn.org'
Nov 26 09:32:25 buster named[2239]: zone iesgn.org/IN: notify from 192.168.100.1#50754: zone is up to date
Nov 26 09:32:26 buster named[2239]: client @0x7f35b0533e20 192.168.100.1#51536: received notify for zone '100.168.192.in-addr.arpa'
Nov 26 09:32:26 buster named[2239]: zone 100.168.192.in-addr.arpa/IN: notify from 192.168.100.1#51536: zone is up to date
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| vagrant@apache2cliente:~$ dig @192.168.100.1 ftp.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> @192.168.100.1 ftp.iesgn.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20965
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: c78572341a0567d0f60490265ddcef650273ac2c85b5c791 (good)
;; QUESTION SECTION:
;ftp.iesgn.org. IN A
;; ANSWER SECTION:
ftp.iesgn.org. 604800 IN A 192.168.100.201
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
iesgn.org. 604800 IN NS ernesto-slave.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto-slave.iesgn.org. 604800 IN A 192.168.100.3
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 26 09:24:52 GMT 2019
;; MSG SIZE rcvd: 196
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| vagrant@apache2cliente:~$ dig @192.168.100.3 ftp.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> @192.168.100.3 ftp.iesgn.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22886
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 39fb69f817bea506a61433ee5ddcf0390daecbc7e28740e8 (good)
;; QUESTION SECTION:
;ftp.iesgn.org. IN A
;; ANSWER SECTION:
ftp.iesgn.org. 604800 IN A 192.168.100.201
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto-slave.iesgn.org.
iesgn.org. 604800 IN NS ernesto.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto-slave.iesgn.org. 604800 IN A 192.168.100.3
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; Query time: 1 msec
;; SERVER: 192.168.100.3#53(192.168.100.3)
;; WHEN: Tue Nov 26 09:28:25 GMT 2019
;; MSG SIZE rcvd: 196
|
Apagamos el servidor maestro y probamos:
1
| root@apache2:/var/cache/bind# systemctl stop bind9
|
Responde al servidor esclavo:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
| vagrant@apache2cliente:~$ dig ftp.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> ftp.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43015
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 948167176e490f96f82243bf5ddcf0ec16f498f305adedd6 (good)
;; QUESTION SECTION:
;ftp.iesgn.org. IN A
;; ANSWER SECTION:
ftp.iesgn.org. 604800 IN A 192.168.100.201
;; AUTHORITY SECTION:
iesgn.org. 604800 IN NS ernesto.iesgn.org.
iesgn.org. 604800 IN NS ernesto-slave.iesgn.org.
;; ADDITIONAL SECTION:
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto-slave.iesgn.org. 604800 IN A 192.168.100.3
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
;; Query time: 1 msec
;; SERVER: 192.168.100.3#53(192.168.100.3)
;; WHEN: Tue Nov 26 09:31:24 GMT 2019
;; MSG SIZE rcvd: 196
|
- Solicita una copia completa de la zona desde el cliente ¿qué tiene que ocurrir?. Solicita una copia completa desde el esclavo ¿qué tiene que ocurrir?
Cliente:
1
2
3
4
5
6
| vagrant@apache2cliente:~$ dig @192.168.100.1 iesgn.org axfr
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> @192.168.100.1 iesgn.org axfr
; (1 server found)
;; global options: +cmd
; Transfer failed.
|
Esclavo:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| vagrant@esclavo:~$ dig @192.168.100.1 iesgn.org axfr
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> @192.168.100.1 iesgn.org axfr
; (1 server found)
;; global options: +cmd
iesgn.org. 604800 IN SOA ernesto.iesgn.org. root.iesgn.org. 1 604800 86400 2419200 604800
iesgn.org. 604800 IN NS ernesto.iesgn.org.
iesgn.org. 604800 IN NS ernesto-slave.iesgn.org.
iesgn.org. 604800 IN MX 10 correo.iesgn.org.
apache2cliente.iesgn.org. 604800 IN AAAA 2001:db8::2
apache2cliente.iesgn.org. 604800 IN A 192.168.100.2
correo.iesgn.org. 604800 IN AAAA 2001:db8::3
correo.iesgn.org. 604800 IN A 192.168.100.200
departamento.iesgn.org. 604800 IN CNAME ernesto.iesgn.org.
ernesto.iesgn.org. 604800 IN AAAA 2001:db8::1
ernesto.iesgn.org. 604800 IN A 192.168.100.1
ernesto-slave.iesgn.org. 604800 IN A 192.168.100.3
ftp.iesgn.org. 604800 IN AAAA 2001:db8::4
ftp.iesgn.org. 604800 IN A 192.168.100.201
www.iesgn.org. 604800 IN CNAME ernesto.iesgn.org.
iesgn.org. 604800 IN SOA ernesto.iesgn.org. root.iesgn.org. 1 604800 86400 2419200 604800
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Tue Nov 26 09:39:24 GMT 2019
;; XFR size: 16 records (messages 1, bytes 472)
|
Delegación de dominios
Configuramos el siguiente fichero:
1
2
3
4
5
6
| vagrant@apache2:/var/cache/bind$ sudo nano db.iesgn.org
$ORIGIN informatica.iesgn.org.
@ IN NS ernesto-sub
ernesto-sub IN A 192.168.100.4
|
Creamos el servidor de delegación en otra máquina y lo configuramos:
Editamos el fichero:
1
2
3
4
5
6
7
| vagrant@delegacion:/etc/bind$ sudo nano named.conf.local
zone "informatica.iesgn.org"
{
type master;
file "db.informatica.iesgn.org";
};
|
Copiamos el fichero db.empty
1
2
| vagrant@delegacion:/etc/bind$ sudo cp db.empty db.informatica.iesgn.org
vagrant@delegacion:/etc/bind$ sudo mv db.informatica.iesgn.org /var/cache/bind/
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| ; BIND reverse data file for empty rfc1918 zone
;
; DO NOT EDIT THIS FILE - it is used for multiple zones.
; Instead, copy it, edit named.conf, and use that copy.
;
$TTL 86400
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;
@ IN NS ernesto-sub.informatica.iesgn.org.
@ IN MX 10 correo.informatica.iesgn.org.
$ORIGIN informatica.iesgn.org.
ernesto-sub IN A 192.168.100.4
prueba-deleg IN A 192.168.100.66
correo IN A 192.168.100.200
web IN A 192.168.100.101
ftp IN A 192.168.100.201
www IN CNAME web
|
Reiniciamos:
1
2
3
| vagrant@delegacion:/var/cache/bind$ sudo rndc reload
server reload successful
|
Comprobaciones:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| vagrant@apache2cliente:~$ dig www.informatica.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.informatica.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32619
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 71ec6f00f48811cd72dcdf9c5dde3a1bf3aaccac3778d278 (good)
;; QUESTION SECTION:
;www.informatica.iesgn.org. IN A
;; ANSWER SECTION:
www.informatica.iesgn.org. 86400 IN CNAME web.informatica.iesgn.org.
web.informatica.iesgn.org. 86400 IN A 192.168.100.101
;; AUTHORITY SECTION:
informatica.iesgn.org. 604800 IN NS ernesto-sub.informatica.iesgn.org.
;; Query time: 3 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 27 08:55:55 GMT 2019
;; MSG SIZE rcvd: 142
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| vagrant@apache2cliente:~$ dig ftp.informatica.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> ftp.informatica.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55739
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 03eb385de10375c48c899e3c5dde3a824bf8871ce3065160 (good)
;; QUESTION SECTION:
;ftp.informatica.iesgn.org. IN A
;; ANSWER SECTION:
ftp.informatica.iesgn.org. 86400 IN A 192.168.100.201
;; AUTHORITY SECTION:
informatica.iesgn.org. 604800 IN NS ernesto-sub.informatica.iesgn.org.
;; Query time: 2 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 27 08:57:38 GMT 2019
;; MSG SIZE rcvd: 124
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| vagrant@apache2cliente:~$ dig prueba-deleg.informatica.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> prueba-deleg.informatica.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22481
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 45a8561973d36ff1ed98da3b5dde3a00bd2a6ab416e54a42 (good)
;; QUESTION SECTION:
;prueba-deleg.informatica.iesgn.org. IN A
;; ANSWER SECTION:
prueba-deleg.informatica.iesgn.org. 86096 IN A 192.168.100.66
;; AUTHORITY SECTION:
informatica.iesgn.org. 604800 IN NS ernesto-sub.informatica.iesgn.org.
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 27 08:55:28 GMT 2019
;; MSG SIZE rcvd: 133
|
- El servidor DNS que tiene configurado la zona del dominio informatica.iesgn.org. ¿Es el mismo que el servidor DNS con autoridad para la zona iesgn.org?
No es el mismo
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| vagrant@apache2cliente:~$ dig ns informatica.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> ns informatica.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47405
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 2c893e9e382592651b4ce0015dde3af8b94de9a7b59fe2d2 (good)
;; QUESTION SECTION:
;informatica.iesgn.org. IN NS
;; ANSWER SECTION:
informatica.iesgn.org. 86306 IN NS ernesto-sub.informatica.iesgn.org.
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 27 08:59:36 GMT 2019
;; MSG SIZE rcvd: 104
|
Servidor de correo configurado para informatica.iesgn.org:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| vagrant@apache2cliente:~$ dig mx informatica.iesgn.org
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> mx informatica.iesgn.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22341
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: cfd3307cfc0209310c5588945dde3b07ff5391279aae06a1 (good)
;; QUESTION SECTION:
;informatica.iesgn.org. IN MX
;; ANSWER SECTION:
informatica.iesgn.org. 86318 IN MX 10 correo.informatica.iesgn.org.
;; AUTHORITY SECTION:
informatica.iesgn.org. 86291 IN NS ernesto-sub.informatica.iesgn.org.
;; Query time: 1 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 27 08:59:51 GMT 2019
;; MSG SIZE rcvd: 127
|
Si hacemos una consulta donde previamente hemos cambiado la ip, no se cambiará porque estará guardada en caché .
Haremos lo siguiente para borrar la caché en el servidor master :
1
| vagrant@apache2:/etc/bind$ sudo rndc flush
|
