Problemas com Servidor DNS e DHCP

sergioandrade93
(usa CentOS)

Enviado em 10/11/2012 - 14:52h

Olá pessoal do fórum,

estou montando um cenário para um trabalho da faculdade onde tenho uma rede interna(192.168.0.0/24) e uma DMZ(10.254.0.0/24). Entre elas tem uma máquina que funciona como servidor DNS e DHCP e router. O servidor DNS secundário fica na rede DMZ.

Já configurei o servidor DNS e DHCP, mas está dando alguns erros que por ser um iniciante, não sei do que se trata.

- O servidor DNS secundário não consegue tranferir as zonas da primária (conseguem pingar entre si)

- Nenhum host consegue resolver nomes

- Aparece "failed" quando tento iniciar o servidor DNS.



Vou colocar aqui as configurações do cenário pra facilitar:



Configuração Servidor DNS/DHCP:
eth0 -> 192.168.0.254 Gateway: 0.0.0.0
DNS Servers: 192.168.0.254, 10.254.0.253
Search domains: gsr2013.edu.pt

eth1 -> 10.254.0.254 Gateway 0.0.0.0

Configuração do Servidor DNS secundário:
eth0 -> 10.254.0.253 Gateway 0.0.0.0
DNS Servers: 192.168.0.254, 10.254.0.253
Search domains: gsr2013.edu.pt

eth1 -> 192.168.0.253 Gateway 0.0.0.0




/etc/named.conf (servidor primário):

options {
listen-on port 53 { 192.168.0.254; 10.254.0.254; 10.254.0.253; 192.
168.0.253; 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.0.0/24; 10.254.0.0/24; };
allow-transfer { 10.254.0.253; };
recursion yes;
allow-recursion { 192.168.0.0/24; 127.0.0.1; };
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

zone "gsr2013.edu.pt" {
type master;
file "internal/gsr2013.edu.pt.db";
allow-transfer { 10.254.0.253; };
};

zone "0.168.192.in-addr.arpa" {
type master;
file "internal/192.168.0.rev";
allow-transfer { 10.254.0.253; };
};

zone "0.254.10.in-addr.arpa" {
type master;
file "internal/10.254.0.rev";
allow-transfer { 10.254.0.253; };
};

zone "." IN {
type hint;
file "named.ca";
};






/var/named/internal/gsr2013.edu.pt.db:

$TTL 86400
@ IN SOA dns1.gsr2013.edu.pt. ssantana.student.dei.uc.pt. (
2012102800 ;serial
7200 ;refresh
1800 ;retry
1209600 ;expire
300 ) ;minimum

NS dns1
NS dns2

dns1 A 192.168.0.254
dns2 A 10.254.0.253
admin A 192.168.0.1
intra A 192.168.0.2
dhcp01 A 192.168.0.10
dhcp02 A 192.168.0.11
www A 10.254.0.1
mail A 10.254.0.2





/var/named/internal/192.168.0.rev :

$TTL 86400
@ IN SOA gsr2013.edu.pt. ssantana.student.dei.uc.pt (
2012102800 ;serial
7200 ;refresh
1800 ;retry
1209600 ;expire
300 ) ;minumum

NS dns1.gsr2013.edu.pt.
NS dns2.gsr2013.edu.pt.
A 192.168.0.0

1 PTR admin.gsr2013.edu.pt.
2 PTR intra.gsr2013.edu.pt.
10 PTR dhcp01.gsr2013.edu.pt.
11 PTR dhcp02.gsr2013.edu.pt.
253 PTR dns2.gsr2013.edu.pt.
254 PTR dns1.gsr2013.edu.pt.





/var/named/internal/10.254.0.rev:

$TTL 86400
@ IN SOA gsr2013.edu.pt. ssantana.student.dei.uc.pt (
2012102800 ;serial
7200 ;refresh
1800 ;retry
1209600 ;expire
300 ) ;minumum

NS dns1.gsr2013.edu.pt.
NS dns2.gsr2013.edu.pt.
A 10.254.0.0
1 PTR www.gsr2013.edu.pt.
2 PTR mail.gsr2013.edu.pt.
253 PTR dns2.gsr2013.edu.pt.
254 PTR dns1.gsr2013.edu.pt.





/etc/named.conf (servidor secundário):

options {
listen-on port 53 { 192.168.0.254; 10.254.0.254; 10.254.0.253; 192.
168.0.253; 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.0.0/24; 10.254.0.0/24; };
recursion yes;
allow-recursion { 192.168.0.0/24; 127.0.0.1; };
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

zone "gsr2013.edu.pt" {
type slave;
file "internal/gsr2013.edu.pt.db";
masters { 10.254.0.254; };
};

zone "0.168.192.in-addr.arpa" {
type slave;
file "internal/192.168.0.rev";
masters { 10.254.0.253; };
};

zone "0.254.10.in-addr.arpa" {
type slave;
file "internal/10.254.0.rev";
masters { 10.254.0.253; };
};

zone "." IN {
type hint;
file "named.ca";
};





/etc/dhcp/dhcpd.conf:

ddns-update interim;
ignore client-updates;
option domain-name "gsr2013.edu.pt";
option domain-name-servers 192.168.0.254, 10.168.0.254;

subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.254;
option subnet-mask 255.255.255.0;

deny unknown-clients;
default-lease-time 86400;
max-lease-time 90000;

host admin {
hardware-ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.0.1;
}

host intra {
hardware-ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.0.2;
}

range 192.168.0.10 192.168.0.29;
}



Desde já agradeço :D

sergioandrade93
(usa CentOS)

Enviado em 10/11/2012 - 22:43h

Alguém ?

sergioandrade93
(usa CentOS)

Enviado em 13/11/2012 - 14:05h

???