[21전국] 3과제 DNS 설정

1) DNS

CENT-R

conf t

ip nat inside source static udp 172.16.0.1 53 107.58.65.1 53

ip nat inside source static tcp 172.16.0.1 53 107.58.65.1 53

 

CENT-FW

conf t

access-list OUT-TO-IN extended permit udp 110.240.50.0 255.255.255.0 host 172.16.0.1 eq domain

access-list OUT-TO-IN extended permit tcp 110.240.50.0 255.255.255.0 host 172.16.0.1 eq domain

access-group OUT-TO-IN in interface OUTSIDE

 

EX-FW

conf t

access-list OUT-TO-IN extended permit udp 107.58.65.0 255.255.255.252 host 110.240.50.1 eq domain

access-list OUT-TO-IN extended permit tcp 107.58.65.0 255.255.255.252 host 110.240.50.1 eq domain

access-list OUT-TO-IN extended permit udp 9.9.9.0 255.255.255.0 host 110.240.50.1 eq domain

access-list OUT-TO-IN extended permit tcp 9.9.9.0 255.255.255.0 host 110.240.50.1 eq domain

access-group OUT-TO-IN in interface OUTSIDE

 

ISP

#apt-get –y install bind9

#vim /etc/bind/named.conf.options

#vim /etc/bind/named.conf

 

#cp /etc/bind/db.empty /var/cache/bind/isp.zone

#vim /var/cache/bind/isp.zone

:%s:localhost:ISP.isp.net:g

 

#systemctl restart bind9

 

CENT-SRV

#apt-get –y install bind9

#vim /etc/bind/named.conf.options

 

#vim /etc/bind/named.conf

 

#cp /etc/bind/db.empty /var/cache/bind/skills2021.zone

#cp /etc/bind/db.empty /var/cache/bind/skills2021.zone.ext

#vim /var/cache/bind/skills2021.zone

:%s:localhost:CENT-SRV.skills2021.kr:g

#vim /var/cache/bind/skills2021.zone.ext

:%s:localhost:CENT-SRV.skills2021.kr:g

 

#systemctl restart bind9