1) DNS
CENT-R
conf t
ip nat inside source static udp 172.16.0.1 53 107.58.65.1 53
ip nat inside source static tcp 172.16.0.1 53 107.58.65.1 53
CENT-FW
conf t
access-list OUT-TO-IN extended permit udp 110.240.50.0 255.255.255.0 host 172.16.0.1 eq domain
access-list OUT-TO-IN extended permit tcp 110.240.50.0 255.255.255.0 host 172.16.0.1 eq domain
access-group OUT-TO-IN in interface OUTSIDE
EX-FW
conf t
access-list OUT-TO-IN extended permit udp 107.58.65.0 255.255.255.252 host 110.240.50.1 eq domain
access-list OUT-TO-IN extended permit tcp 107.58.65.0 255.255.255.252 host 110.240.50.1 eq domain
access-list OUT-TO-IN extended permit udp 9.9.9.0 255.255.255.0 host 110.240.50.1 eq domain
access-list OUT-TO-IN extended permit tcp 9.9.9.0 255.255.255.0 host 110.240.50.1 eq domain
access-group OUT-TO-IN in interface OUTSIDE
ISP
#apt-get –y install bind9
#vim /etc/bind/named.conf.options
#vim /etc/bind/named.conf
#cp /etc/bind/db.empty /var/cache/bind/isp.zone
#vim /var/cache/bind/isp.zone
:%s:localhost:ISP.isp.net:g
#systemctl restart bind9
CENT-SRV
#apt-get –y install bind9
#vim /etc/bind/named.conf.options
#vim /etc/bind/named.conf
#cp /etc/bind/db.empty /var/cache/bind/skills2021.zone
#cp /etc/bind/db.empty /var/cache/bind/skills2021.zone.ext
#vim /var/cache/bind/skills2021.zone
:%s:localhost:CENT-SRV.skills2021.kr:g
#vim /var/cache/bind/skills2021.zone.ext
:%s:localhost:CENT-SRV.skills2021.kr:g
#systemctl restart bind9
'물리서버' 카테고리의 다른 글
| [21전국] 3과제 Site-to-Site VPN (0) | 2021.11.11 |
|---|---|
| [21전국] 3과제 Certificate Authority (0) | 2021.11.10 |
| [21전국] 3과제 라우팅 및 NTP (0) | 2021.11.10 |
| [21전국] 3과제 기본 세팅 Basic Configuration (0) | 2021.11.10 |
| [인프라 기초] 패리티(Parity) (0) | 2021.10.25 |
