Oui, c'est fedora 32 (faute de frappe).
J'ai bel et bien ouvert le port 53 (j'ai ajouté le service DNS dans la config permanente du firewall).
J'ai suivit le tutoriel d'OpenClassRoom:
https://openclassrooms.com/fr/courses/857447-apprenez-le-fonctionnement-des-reseaux-tcp-ip/857163-le-service-dns
Et pour infos, voici mes fichiers de config:
/etc/named.conf:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { localhost; };
allow-recursion { localhost; };
version "SECRET";
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
managed-keys-directory "/var/named/dynamic";
geoip-directory "/usr/share/GeoIP";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
include "/etc/crypto-policies/back-ends/bind.config";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/home.local.zone";
/etc/home.local.zone:
zone "home.local." IN {
type master;
file "/etc/db.home.local";
};
zone "0.168.192.in-addr.arpa." {
type master;
file "/etc/db.192.168.0";
};
/etc/db.home.local:
$TTL 604800 ; 1 semaine
$ORIGIN home.local.
@ IN SOA ns.home.local. Fedora.home.local. (
2020071401 ; Serial
3600 ; refresh (1 hour)
3000 ; Retry (50 minutes)
4619200 ; Expire (7 weeks, 4 days, 11 hours, 40 seconds
604800 ; Minimum (1 week)
)
;
@ IN NS ns.home.local.
@ IN NS sfr-box.home.local.
ns IN A 192.168.0.100
sfr-box IN A 192.168.0.1
minecraft IN CNAME ns
Fedora IN CNAME ns
/etc/db.192.168.0
$TTL 604800 ; 1 semaine
$ORIGIN 0.168.192.in-addr.arpa.
@ IN SOA ns.home.local. Fedora.home.local. (
2020071401 ; Serial
3600 ; Refresh (1 hour)
3000 ; retry (50 minutes)
4619200 ; Expire (7 weeks, 4 days, 11 hours, 6 minutes, 40 seconds)
604800 ) ; minimum (1 week)
;
@ IN NS ns.home.local.
100 IN PTR ns.home.local.
Et le message que me retourne nslookup (sous windows):
nslookup Fedora.home.local
DNS request timed out.
timeout was 2 seconds.
Serveur : UnKnown
Address: 192.168.0.100
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Le délai de la requête sur UnKnown est dépassé.