Opensourcetechブログ

OpensourcetechによるNGINX/Kubernetes/Zabbix/Neo4j/Linuxなどオープンソース技術に関するブログです。

Bind9(キャッシュDNSサーバ・権威DNSサーバ)の構築 on Ubuntu 20.04.3 LTS


LinuCエヴァンジェリストの鯨井貴博@opensourcetechです。

今回は、Ubuntu 20.04.3 LTS上にBind9でキャッシュDNSサーバと権威DNSサーバを構築してみます。
Bind9の場合、設定ファイル(named.conf)やゾーンファイル(正引き・逆引き)の記載方法がミスしやすいので、
構文チェックや動作確認などしっかり実施しましょう。


DNSの役割
DNSの役割ですが、以下のようにクライアントからの問い合わせを受けて再帰問い合わせやキャッシュを行うキャッシュDNSサーバと、自身がDNSレコード情報を保持する権威DNSサーバがあります。

今回は両役割を同居させるようにBind9を構築していきます。


Ubuntuの状態
NIC enp1s0に設定されているIPアドレス"192.168.1.247"がDNSサーバのIPアドレスとなります。
また、CPU2コア・メモリー2GB・ストレージ25GBという小さいVMで作業をしています。

linucserver login: ubuntu

Password:
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-109-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Wed May  4 10:57:44 UTC 2022

  System load:  0.66               Processes:               145
  Usage of /:   18.4% of 23.49GB   Users logged in:         0
  Memory usage: 9%                 IPv4 address for enp1s0: 192.168.1.247
  Swap usage:   0%


56 updates can be applied immediately.
To see these additional updates run: apt list --upgradable

ubuntu@linucserver:~$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:42:b2:94 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.247/24 brd 192.168.1.255 scope global enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe42:b294/64 scope link
       valid_lft forever preferred_lft forever

ubuntu@linucserver:~$ free -h
              total        used        free      shared  buff/cache   available
Mem:          1.9Gi       210Mi       198Mi       1.0Mi       1.5Gi       1.6Gi
Swap:         2.0Gi       1.0Mi       2.0Gi

ubuntu@linucserver:~$ cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 58
model name      : Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)
stepping        : 9
microcode       : 0x1
cpu MHz         : 3192.748
cache size      : 16384 KB
physical id     : 0
siblings        : 1
core id         : 0
cpu cores       : 1
apicid          : 0
initial apicid  : 0
fpu             : yes
fpu_exception   : yes
cpuid level     : 13
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc rep_good nopl xtopology cpuid tsc_known_freq pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm cpuid_fault pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust smep erms xsaveopt arat umip md_clear arch_capabilities
bugs            : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs srbds
bogomips        : 6385.49
clflush size    : 64
cache_alignment : 64
address sizes   : 40 bits physical, 48 bits virtual
power management:

processor       : 1
vendor_id       : GenuineIntel
cpu family      : 6
model           : 58
model name      : Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)
stepping        : 9
microcode       : 0x1
cpu MHz         : 3192.748
cache size      : 16384 KB
physical id     : 1
siblings        : 1
core id         : 0
cpu cores       : 1
apicid          : 1
initial apicid  : 1
fpu             : yes
fpu_exception   : yes
cpuid level     : 13
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc rep_good nopl xtopology cpuid tsc_known_freq pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm cpuid_fault pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust smep erms xsaveopt arat umip md_clear arch_capabilities
bugs            : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs srbds
bogomips        : 6385.49
clflush size    : 64
cache_alignment : 64
address sizes   : 40 bits physical, 48 bits virtual
power management:

ubuntu@linucserver:~$ df -h
Filesystem                         Size  Used Avail Use% Mounted on
udev                               948M     0  948M   0% /dev
tmpfs                              199M  1.2M  198M   1% /run
/dev/mapper/ubuntu--vg-ubuntu--lv   24G  5.7G   17G  26% /
tmpfs                              992M     0  992M   0% /dev/shm
tmpfs                              5.0M     0  5.0M   0% /run/lock
tmpfs                              992M     0  992M   0% /sys/fs/cgroup
/dev/loop1                          71M   71M     0 100% /snap/lxd/21029
/dev/vda2                          2.0G  308M  1.5G  17% /boot
/dev/loop4                          56M   56M     0 100% /snap/core18/2344
/dev/loop5                          45M   45M     0 100% /snap/snapd/15534
/dev/loop6                          62M   62M     0 100% /snap/core20/1434
/dev/loop7                          68M   68M     0 100% /snap/lxd/22753
/dev/loop2                          56M   56M     0 100% /snap/core18/2409
/dev/loop0                          68M   68M     0 100% /snap/powershell/206
/dev/loop8                          68M   68M     0 100% /snap/powershell/208
/dev/loop3                          45M   45M     0 100% /snap/snapd/15904
/dev/loop9                          62M   62M     0 100% /snap/core20/1494
tmpfs                              199M     0  199M   0% /run/user/1000



Bind9のインストール
bind9、及びbind9-utils(DNSクライアントツールなど)をパッケージ管理コマンドaptでインストールします。

ubuntu@linucserver:~$ sudo apt install bind9 bind9-utils
[sudo] password for ubuntu:
Reading package lists... 100%
Reading package lists... Done
Building dependency tree... 0%
Building dependency tree... 50%
Building dependency tree
Reading state information... 0%
Reading state information... Done
The following additional packages will be installed:
  dns-root-data python3-ply
Suggested packages:
  bind-doc resolvconf python-ply-doc
The following NEW packages will be installed:
  bind9 bind9-utils dns-root-data python3-ply
0 upgraded, 4 newly installed, 0 to remove and 56 not upgraded.
Need to get 457 kB of archives.
After this operation, 1927 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 python3-ply all 3.11-3ubuntu0.1 [46.3 kB]
Get:2 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 bind9-utils amd64 1:9.16.1-0ubuntu2.10 [172 kB]
Get:3 http://jp.archive.ubuntu.com/ubuntu focal/main amd64 dns-root-data all 2019052802 [5300 B]
Get:4 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 bind9 amd64 1:9.16.1-0ubuntu2.10 [233 kB]
100% [Working]

Fetched 457 kB in 1s (629 kB/s)

Selecting previously unselected package python3-ply.
(Reading database ... 100%
(Reading database ... 71748 files and directories currently installed.)
Preparing to unpack .../python3-ply_3.11-3ubuntu0.1_all.deb ...
Progress: [ 88%][##############################################################################...........] Adding group `bind' (GID 117) ...
Done.
Adding system user `bind' (UID 113) ...
Adding new user `bind' (UID 113) with group `bind' ...
Not creating home directory `/var/cache/bind'.
wrote key file "/etc/bind/rndc.key"
named-resolvconf.service is a disabled or a static unit, not starting it.
Created symlink /etc/systemd/system/bind9.service → /lib/systemd/system/named.service.
Created symlink /etc/systemd/system/multi-user.target.wants/named.service → /lib/systemd/system/named.service.
Progress: [ 94%][###################################################################################......] 8Processing triggers for systemd (245.4-4ubuntu3.15) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for ufw (0.36-6) ...



Bind9の設定
インストール後、以下のように設定ファイル(named.conf+外部参照設定ファイルnamed.conf.localなど)とゾーンファイル(db.xxxなど)が/etc/bind/に配置されています。

ubuntu@linucserver:~$ ls /etc/bind/
bind.keys                 db.255                    named.conf                named.conf.options
db.0                      db.empty                  named.conf.default-zones  rndc.key
db.127                    db.local                  named.conf.local          zones.rfc1918


簡単に内容を確認しておくと、named.confのincludeステートメントで外部設定ファイルを参照するようになっています。
なので、権威DNSサーバで設定する自身のドメイン情報に関する設定もこのincludeを使って追加します。

ubuntu@linucserver:~$ cat /etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";


named.conf.default-zonesでは再帰問い合わせ用のルートヒントファイルやlocalhostなどに関するzoneステートメント、
naned.conf.optionsではBind9(named)の動作に関するoptionsステートメントを設定してあります。

ubuntu@linucserver:~$ cat /etc/bind/named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
    type hint;
    file "/usr/share/dns/root.hints";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
    type master;
    file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
    type master;
    file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
    type master;
    file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
    type master;
    file "/etc/bind/db.255";
};


ubuntu@linucserver: ~ubuntu@linucserver:~$ cat /etc/bind/named.conf.options
options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    // forwarders {
    //  0.0.0.0;
    // };

    //========================================================================
    // If BIND logs error messages about the root key being expired,
    // you will need to update your keys.  See https://www.isc.org/bind-keys
    //========================================================================
    dnssec-validation auto;

    listen-on-v6 { any; };
};


世界に16台ある(A~M)ルートDNSの情報は、/usr/share/dns/root.hintsにあります。

ubuntu@linucserver:~$ ls /usr/share/dns/
root.ds         root.hints      root.hints.sig  root.key

ubuntu@linucserver:~$ cat /usr/share/dns/root.hints
;       This file holds the information on root name servers needed to
;       initialize cache of Internet domain name servers
;       (e.g. reference this file in the "cache  .  <file>"
;       configuration file of BIND domain name servers).
;
;       This file is made available by InterNIC
;       under anonymous FTP as
;           file                /domain/named.cache
;           on server           FTP.INTERNIC.NET
;       -OR-                    RS.INTERNIC.NET
;
;       last update:     May 28, 2019
;       related version of root zone:     2019052802
;
; FORMERLY NS.INTERNIC.NET
;
.                        3600000      NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
;
; FORMERLY NS1.ISI.EDU
;
.                        3600000      NS    B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.      3600000      A     199.9.14.201
B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b
;
; FORMERLY C.PSI.NET
;
.                        3600000      NS    C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c
;
; FORMERLY TERP.UMD.EDU
;
.                        3600000      NS    D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d
;
; FORMERLY NS.NASA.GOV
;
.                        3600000      NS    E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
E.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:a8::e
;
; FORMERLY NS.ISC.ORG
;
.                        3600000      NS    F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
;
; FORMERLY NS.NIC.DDN.MIL
;
.                        3600000      NS    G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
G.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:12::d0d
;
; FORMERLY AOS.ARL.ARMY.MIL
;
.                        3600000      NS    H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
;
; FORMERLY NIC.NORDU.NET
;
.                        3600000      NS    I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53
;
; OPERATED BY VERISIGN, INC.
;
.                        3600000      NS    J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30
;
; OPERATED BY RIPE NCC
;
.                        3600000      NS    K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
;
; OPERATED BY ICANN
;
.                        3600000      NS    L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:9f::42
;
; OPERATED BY WIDE
;
.                        3600000      NS    M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
; End of file


ゾーンファイルも見ておきましょう。

ubuntu@linucserver:/etc/bind$ cat db.local
;
; BIND data file for local loopback interface
;
$TTL    604800
@   IN  SOA localhost. root.localhost. (
                  2     ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
;
@   IN  NS  localhost.
@   IN  A   127.0.0.1
@   IN  AAAA    ::1
ubuntu@linucserver:/etc/bind$ cat db.127
;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@   IN  SOA localhost. root.localhost. (
                  1     ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
;
@   IN  NS  localhost.
1.0.0   IN  PTR localhost.


追加設定するドメイン用の設定やゾーンファイルは、
これらのファイルをコピーして編集すればOKです。

なお、各ファイルの詳細は以下などを参照ください。
named.confについて https://linuxjm.osdn.jp/html/bind/man5/named.conf.5.html
ゾーンファイルについて https://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-rg-ja-4/s1-bind-zone.html

Bind9の設定
named.confに外部参照設定ファイルに関する行を、
named.conf.my-zonesとして正引き用・逆引き用のzoneステートメントを記載します。
※opensourcetech.test ⇔ 192.168.1.0/24と対応している例

ubuntu@linucserver:/etc/bind$ cat named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/etc/bind/named.conf.my-zones";  ・・・追加した行

ubuntu@linucserver:/etc/bind$ cat named.conf.my-zones
zone "opensourcetech.test" {
        type master;
        file "/etc/bind/test.zone";
};

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/test.rev";
};


続いてゾーンファイルも作成。
※192.168.1.247に、DNS/メール/ウェブ/FTP/Fileサーバ(Samba)を割り当てる例

ubuntu@linucserver:/etc/bind$ sudo cp db.local test.zone
[sudo] password for ubuntu:
ubuntu@linucserver:/etc/bind$ sudo cp db.127 test.rev
ubuntu@linucserver:/etc/bind$ ls
bind.keys  db.0  db.127  db.255  db.empty  db.local  named.conf  named.conf.default-zones  named.conf.local  named.conf.options  rndc.key  test.zone test.rev zones.rfc1918

ubuntu@linucserver:/etc/bind$ cat test.zone
$ORIGIN opensourcetech.test.
$TTL    604800
@       IN      SOA     dns.opensourcetech.test. root.opensourcetech.test. (
                         2022051501     ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
        IN      NS      dns.opensourcetech.test.
        IN      MX 10   mail.opensourcetech.test.
dns     IN      A       192.168.1.247
www     IN      A       192.168.1.247
mail    IN      A       192.168.1.247
ftp     IN      A       192.168.1.247
smb     IN      A       192.168.1.247

ubuntu@linucserver:/etc/bind$ cat test.rev
$ORIGIN 1.168.192.in-addr.arpa.
$TTL    604800
@       IN      SOA     dns.opensourcetech.test. root.opensourcetech.test. (
                        2022051501      ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
        IN      NS      dns.opensourcetech.test.
247     IN      PTR     www.opensourcetech.test.
247     IN      PTR     dns.opensourcetech.test.
247     IN      PTR     mail.opensourcetech.test.
247     IN      PTR     ftp.opensourcetech.test.
247     IN      PTR     smb.opensourcetech.test.


ゾーンファイルはのミスりやすいポイント




Bind9の設定の確認
named-checkconfとnamed-checkzoneコマンドで確認します。
※構文チェックです

ubuntu@linucserver:/etc/bind$ named-checkconf /etc/bind/named.conf

ubuntu@linucserver:/etc/bind$ named-checkzone opensourcetech.test test.zone
zone opensourcetech.test/IN: loaded serial 2022051501
OK
ubuntu@linucserver:/etc/bind$ named-checkzone 1.168.192.in-addr.arpa test.rev
zone 1.168.192.in-addr.arpa/IN: loaded serial 2022051501



Bind9の起動・動作確認
nslookup・host・digコマンドでそれぞれ確認しています。
出力される量などに違いがありますね。

ubuntu@linucserver: /etc/bindubuntu@linucserver:/etc/bind$ sudo systemctl restart named

ubuntu@linucserver:/etc/bind$ nslookup
> server 192.168.1.247
Default server: 192.168.1.247
Address: 192.168.1.247#53
> www.opensourcetech.test
Server:         192.168.1.247
Address:        192.168.1.247#53

Name:   www.opensourcetech.test
Address: 192.168.1.247
> 192.168.1.247
247.1.168.192.in-addr.arpa      name = www.opensourcetech.test.
247.1.168.192.in-addr.arpa      name = dns.opensourcetech.test.
247.1.168.192.in-addr.arpa      name = ftp.opensourcetech.test.
247.1.168.192.in-addr.arpa      name = smb.opensourcetech.test.
247.1.168.192.in-addr.arpa      name = mail.opensourcetech.test.
> www.zeus-enterprise.co.jp
Server:         192.168.1.247
Address:        192.168.1.247#53

Non-authoritative answer:
Name:   www.zeus-enterprise.co.jp
Address: 52.197.151.21
Name:   www.zeus-enterprise.co.jp
Address: 54.150.151.222
> exit

ubuntu@linucserver:/etc/bind$ host www.opensourcetech.test 192.168.1.247
Using domain server:
Name: 192.168.1.247
Address: 192.168.1.247#53
Aliases:

www.opensourcetech.test has address 192.168.1.247

ubuntu@linucserver:/etc/bind$ host 192.168.1.247 192.168.1.247
Using domain server:
Name: 192.168.1.247
Address: 192.168.1.247#53
Aliases:

247.1.168.192.in-addr.arpa domain name pointer www.opensourcetech.test.
247.1.168.192.in-addr.arpa domain name pointer smb.opensourcetech.test.
247.1.168.192.in-addr.arpa domain name pointer ftp.opensourcetech.test.
247.1.168.192.in-addr.arpa domain name pointer mail.opensourcetech.test.
247.1.168.192.in-addr.arpa domain name pointer dns.opensourcetech.test.


ubuntu@linucserver:/etc/bind$ dig @192.168.1.247 www.opensourcetech.test

; <<>> DiG 9.16.1-Ubuntu <<>> @192.168.1.247 www.opensourcetech.test
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58128
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: ef4f58f78879caf2010000006299969d5e46f137343bfbc4 (good)
;; QUESTION SECTION:
;www.opensourcetech.test.       IN      A

;; ANSWER SECTION:
www.opensourcetech.test. 604800 IN      A       192.168.1.247

;; Query time: 0 msec
;; SERVER: 192.168.1.247#53(192.168.1.247)
;; WHEN: Fri Jun 03 05:05:33 UTC 2022
;; MSG SIZE  rcvd: 96

ubuntu@linucserver:/etc/bind$ dig @192.168.1.247 -x 192.168.1.247

; <<>> DiG 9.16.1-Ubuntu <<>> @192.168.1.247 -x 192.168.1.247
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58094
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 2e1dabf52f07c63101000000629996da6d5390555a8ce18f (good)
;; QUESTION SECTION:
;247.1.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
247.1.168.192.in-addr.arpa. 604800 IN   PTR     smb.opensourcetech.test.
247.1.168.192.in-addr.arpa. 604800 IN   PTR     ftp.opensourcetech.test.
247.1.168.192.in-addr.arpa. 604800 IN   PTR     mail.opensourcetech.test.
247.1.168.192.in-addr.arpa. 604800 IN   PTR     www.opensourcetech.test.
247.1.168.192.in-addr.arpa. 604800 IN   PTR     dns.opensourcetech.test.

;; Query time: 0 msec
;; SERVER: 192.168.1.247#53(192.168.1.247)
;; WHEN: Fri Jun 03 05:06:34 UTC 2022
;; MSG SIZE  rcvd: 193



おわりに
久しぶりにDNSサーバ構築してみましたが、
ゾーンファイルの記載でやっぱりはまりましたw
※いいリハビリになったけど

その分、出来たときの達成感があるサーバだなと改めて感じたところ。
インターネット社会には欠かせないし、ドメイン取った後の登録でも知識として必要になるし、
しっかり覚えておきたいですね。

Opensourcetech by Takahiro Kujirai