From 28d6879ee89c71cb217ba3c2c55764967415351d Mon Sep 17 00:00:00 2001
From: "anthony.boillot" <anthony.boillot21300@gmail.com>
Date: Mon, 3 Feb 2025 11:12:26 +0100
Subject: [PATCH] dns2

---
 sisr1/tp02-dns/.:                 |  1 +
 sisr1/tp02-dns/db.sio-ab.lan      | 20 ++++++++++++++++++++
 sisr1/tp02-dns/db.sio-ab.lan.rev  | 16 ++++++++++++++++
 sisr1/tp02-dns/hostname           |  1 +
 sisr1/tp02-dns/hosts              |  7 +++++++
 sisr1/tp02-dns/named.conf.local   | 24 ++++++++++++++++++++++++
 sisr1/tp02-dns/named.conf.options | 25 +++++++++++++++++++++++++
 7 files changed, 94 insertions(+)
 create mode 100644 sisr1/tp02-dns/.:
 create mode 100644 sisr1/tp02-dns/db.sio-ab.lan
 create mode 100644 sisr1/tp02-dns/db.sio-ab.lan.rev
 create mode 100644 sisr1/tp02-dns/hostname
 create mode 100644 sisr1/tp02-dns/hosts
 create mode 100644 sisr1/tp02-dns/named.conf.local
 create mode 100644 sisr1/tp02-dns/named.conf.options

diff --git a/sisr1/tp02-dns/.: b/sisr1/tp02-dns/.:
new file mode 100644
index 0000000..be1f544
--- /dev/null
+++ b/sisr1/tp02-dns/.:
@@ -0,0 +1 @@
+dns2-ab 
diff --git a/sisr1/tp02-dns/db.sio-ab.lan b/sisr1/tp02-dns/db.sio-ab.lan
new file mode 100644
index 0000000..0cd2255
--- /dev/null
+++ b/sisr1/tp02-dns/db.sio-ab.lan
@@ -0,0 +1,20 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	dns1-ab.sio-ab.lan. root.dns1-ab.sio-ab.lan. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+			 NS	dns1-ab.sio-ab.lan.
+			 NS	dns2-ab.sio-ab.lan.
+dns2-ab.sio-ab.lan.	A	192.168.0.162
+dns1-ab.sio-ab.lan.	A	192.168.0.161
+;
+@	IN	NS	localhost.
+;@	IN	A	127.0.0.1
+deb-dhcp-ab       IN      A       192.168.0.160
+;@	IN	AAAA	::1
+;
diff --git a/sisr1/tp02-dns/db.sio-ab.lan.rev b/sisr1/tp02-dns/db.sio-ab.lan.rev
new file mode 100644
index 0000000..84788c6
--- /dev/null
+++ b/sisr1/tp02-dns/db.sio-ab.lan.rev
@@ -0,0 +1,16 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	dns1-ab.sio-ab.lan. root  (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+	IN	NS	dns1-ab.sio.lan.
+	IN	NS	dns2-ab.sio-.lan.	
+160	IN	PTR	deb-dhcp-ab.sio-ab.lan.
+161	IN	PTR	dns1-ab.sio-ab.lan.
+162	IN	PTR	dns2-ab.sio-ab.lan.
diff --git a/sisr1/tp02-dns/hostname b/sisr1/tp02-dns/hostname
new file mode 100644
index 0000000..be1f544
--- /dev/null
+++ b/sisr1/tp02-dns/hostname
@@ -0,0 +1 @@
+dns2-ab 
diff --git a/sisr1/tp02-dns/hosts b/sisr1/tp02-dns/hosts
new file mode 100644
index 0000000..c250b9c
--- /dev/null
+++ b/sisr1/tp02-dns/hosts
@@ -0,0 +1,7 @@
+127.0.0.1	localhost
+127.0.1.1	dns2-ab.sio.lan	dns2-ab 
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
diff --git a/sisr1/tp02-dns/named.conf.local b/sisr1/tp02-dns/named.conf.local
new file mode 100644
index 0000000..a68310f
--- /dev/null
+++ b/sisr1/tp02-dns/named.conf.local
@@ -0,0 +1,24 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+// zone directe
+        zone "sio-ab.lan" {
+             type slave;
+             file "/etc/bind/db.sio-ab.lan";
+	     masters { 192.168.0.161; };
+	     masterfile-format text;
+        };
+
+	// zone inverse 
+	zone "0.168.192.in-addr.arpa" {
+	     type slave;
+             notify no;
+             file "/etc/bind/db.sio-ab.lan.rev";
+	     masters { 192.168.0.161; };
+	     masterfile-format text;
+	};
diff --git a/sisr1/tp02-dns/named.conf.options b/sisr1/tp02-dns/named.conf.options
new file mode 100644
index 0000000..c263b73
--- /dev/null
+++ b/sisr1/tp02-dns/named.conf.options
@@ -0,0 +1,25 @@
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+	 forwarders {
+		10.121.38.7; // ici forwarder 1
+	
+	 };
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation no;
+
+	listen-on-v6 { any; };
+};