{"id":8898,"date":"2026-02-27T15:38:03","date_gmt":"2026-02-27T06:38:03","guid":{"rendered":"https:\/\/hasu0707.duckdns.org\/blog\/?p=8898"},"modified":"2026-02-27T16:56:04","modified_gmt":"2026-02-27T07:56:04","slug":"bind-%eb%84%a4%ec%9e%84%ec%84%9c%eb%b2%84-%ea%b5%ac%ec%b6%95","status":"publish","type":"post","link":"https:\/\/hasu0707.duckdns.org\/blog\/?p=8898","title":{"rendered":"bind \ub124\uc784\uc11c\ubc84 \uad6c\ucd95"},"content":{"rendered":"\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\uc608\uc2dc \ud658\uacbd)\n  \ub3c4\uba54\uc778: mydomain.com\n  IP \uc8fc\uc18c:\n    11.22.33.44(reverse 33.22.11)\n    100.101.102.103(reverse 102.101.100)\n  Secondary Name Server: 202.31.187.220\n\n1. bind \uc124\uce58\n  apt update\n  apt install -y bind9 bind9-utils bind9-dnsutils\n\n2. \ub514\ub809\ud1a0\ub9ac \uc0dd\uc131\n  mkdir -p \/etc\/bind\/zones\n  chown -R root:bind \/etc\/bind\/zones\n  chmod 2750 \/etc\/bind\/zones\n\n3. \uc124\uce58 \ud30c\uc77c \uc791\uc131\n  vi \/etc\/bind\/named.conf\n-----\n\/\/ This is the primary configuration file for the BIND DNS server named.\n\/\/\n\/\/ Please read \/usr\/share\/doc\/bind9\/README.Debian for information on the\n\/\/ structure of BIND configuration files in Debian, *BEFORE* you customize\n\/\/ this configuration file.\n\/\/\n\/\/ If you are just adding zones, please do that in \/etc\/bind\/named.conf.local\n\ninclude \"\/etc\/bind\/named.conf.options\";\ninclude \"\/etc\/bind\/named.conf.local\";\ninclude \"\/etc\/bind\/named.conf.root-hints\";\n-----\n\n  vi \/etc\/bind\/named.conf.local\n-----\nzone \"mydomain.com\" {\n    type master;\n    file \"\/etc\/bind\/zones\/db.mydomain.com\";\n\n    allow-transfer { 202.31.187.220; };\n    also-notify { 202.31.187.220; };\n};\n\nzone \"221.170.121.in-addr.arpa\" {\n    type master;\n    file \"\/etc\/bind\/zones\/db.33.22.11\";\n\n    allow-transfer { 202.31.187.220; };\n    also-notify { 202.31.187.220; };\n};\n\nzone \"102.101.100.in-addr.arpa\" {\n    type master;\n    file \"\/etc\/bind\/zones\/db.119.196.53\";\n\n    allow-transfer { 202.31.187.220; };\n    also-notify { 202.31.187.220; };\n};\n-----\n\n  vi \/etc\/bind\/named.conf.options\n-----\noptions {\n    directory \"\/var\/cache\/bind\";\n\n    recursion no;\n    allow-query { any; };\n\n    \/\/ \uc804\uc5ed \uae30\ubcf8\uc740 \ucc28\ub2e8, \uc874\ubcc4\ub85c\ub9cc \ud5c8\uc6a9\n    allow-transfer { none; };\n\n    dnssec-validation auto;\n\n    listen-on { any; };\n    listen-on-v6 { any; };\n\n    version \"not disclosed\";\n};\n-----\n\n  vi \/etc\/bind\/zones\/db.mydomain.com\n-----\n$TTL 300\n$ORIGIN mydomain.com.\n\n@   IN  SOA ns1.mydomain.com. tech.mydomain.com. (\n        2026022701  ; Serial (YYYYMMDDnn)\n        3600        ; Refresh\n        900         ; Retry\n        1209600     ; Expire\n        300         ; Negative Cache TTL\n)\n\n; #################################################\n; # NS\n; #################################################\n@       IN  NS  ns1.mydomain.com.\n@       IN  NS  ns2.mydomain.com.\n\n; #################################################\n; # A (ns1 \/ \uc11c\ube44\uc2a4: 11.22.33.44)\n; #################################################\n@           IN  A   11.22.33.44\nns1         IN  A   11.22.33.44\nmail        IN  A   11.22.33.44\ncloud       IN  A   11.22.33.44\nftp         IN  A   11.22.33.44\nhasu0707    IN  A   11.22.33.44\nimap        IN  A   11.22.33.44\npop         IN  A   11.22.33.44\npop3        IN  A   11.22.33.44\nsmtp        IN  A   11.22.33.44\ntech        IN  A   11.22.33.44\nwww         IN  A   11.22.33.44\n\n; #################################################\n; # A (ns2: 202.31.187.220)\n; #################################################\nns2         IN  A   202.31.187.220\n\n; #################################################\n; # A (\uc11c\ube44\uc2a4: 100.101.102.103)\n; #################################################\nlocal       IN  A   100.101.102.103\nseetrol     IN  A   100.101.102.103\nwebdav      IN  A   100.101.102.103\nnas         IN  A   100.101.102.103\n\n; #################################################\n; # MX\n; #################################################\n@           IN  MX  10 mail.mydomain.com.\n\n; #################################################\n; # SPF (\uad8c\uc7a5: \ub8e8\ud2b8\uc5d0 \uc9c1\uc811 \uac8c\uc2dc)\n; #################################################\n@           IN  TXT \"v=spf1 ip4:11.22.33.44 ip4:100.101.102.103 ~all\"\n_spf        IN  TXT \"v=spf1 ip4:11.22.33.44 ip4:100.101.102.103 ~all\"\n\n; #################################################\n; # DKIM\n; #################################################\nmydkim._domainkey IN  TXT ( \"v=DKIM1; h=sha256; k=rsa; \"\n    \"p=MIIBIjANBgkqhkiG9w0BAQEFA29832ur89ifq34jfq98fqjhfqoiqfjw98q238u923hjfq239h289q38923rh89235t8qkufCwYmJfmOH7VXuVqUyg1LqFDBzDHptJigJClC6UqympkiA8qADieaCv858fWNiS7kuOJrcN5GhLz9oTfzg+mjBGqbcugExNa3mTcB1gVgJGeVHj8Wbpr2jWr0rCWltwTukRkGE+6J1aY1CNbrmdxtMwBNoS\"\n    \"arUp4fk09erbst89h3498fja089jfalkzxdmnva09234902390q342fj093q4gj349sguaegopadfjmaorjb4c2fR6UG6SCLdYXJudfx5X8gVb00LBTi1QadVJ\/qhSyPcCs0WQSQIDAQAB\" )  ; ----- DKIM key mydkim for mydomain.com\n\n; #################################################\n; # DMARC\n; #################################################\n; rua = \uc9d1\uacc4 \ub9ac\ud3ec\ud2b8 \uc218\uc2e0\n; ruf = \uc2e4\ud328 \ub9ac\ud3ec\ud2b8 \uc218\uc2e0\n; fo=1 = \ud558\ub098\ub77c\ub3c4 \uc2e4\ud328\ud558\uba74 \ub9ac\ud3ec\ud2b8\n; adkim=s = DKIM strict alignment\n; aspf=s = SPF strict alignment\n; pct=100 = 100% \uc801\uc6a9\n_dmarc      IN  TXT \"v=DMARC1; p=reject; sp=reject; rua=mailto:hasu0707@nate.com; fo=1; adkim=s; aspf=s; pct=100\"\n-----\n\n  vi \/etc\/bind\/zones\/db.33.22.11\n-----\n$TTL 300\n$ORIGIN 33.22.11.in-addr.arpa.\n\n@   IN  SOA ns1.mydomain.com. tech.mydomain.com. (\n        2026022701\n        3600\n        900\n        1209600\n        300\n)\n\n@       IN  NS  ns1.mydomain.com.\n@       IN  NS  ns2.mydomain.com.\n\n44      IN  PTR mail.mydomain.com.\n-----\n\n  vi \/etc\/bind\/zones\/db.102.101.100\n-----\n$TTL 300\n$ORIGIN 102.101.100.in-addr.arpa.\n\n@   IN  SOA ns1.mydomain.com. tech.mydomain.com. (\n        2026022701\n        3600\n        900\n        1209600\n        300\n)\n\n@       IN  NS  ns1.mydomain.com.\n@       IN  NS  ns2.mydomain.com.\n\n103     IN  PTR local.mydomain.com.\n-----\n\n4. \ud14c\uc2a4\ud2b8\n  named-checkconf\n  named-checkzone mydomain.com \/etc\/bind\/zones\/db.mydomain.com\n  named-checkzone 33.22.11.in-addr.arpa \/etc\/bind\/zones\/db.33.22.11\n  named-checkzone 102.101.100.in-addr.arpa \/etc\/bind\/zones\/db.102.101.100\n\n  dig @127.0.0.1 mydomain.com NS +short\n  dig @127.0.0.1 mail.mydomain.com A +short\n  dig @127.0.0.1 mydomain.com MX +short\n  dig @127.0.0.1 mail._domainkey.mydomain.com TXT +short\n  dig @127.0.0.1 _dmarc.mydomain.com TXT +short\n  dig @127.0.0.1 -x 11.22.33.44 +short\n  dig @127.0.0.1 -x 100.101.102.103 +short\n\n5. \uc7ac\uc2dc\uc791\n  systemctl enable named\n  systemctl restart named\n  systemctl status named --no-pager<\/pre>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[39],"tags":[],"class_list":["post-8898","post","type-post","status-publish","format-standard","hentry","category-os_linux_unix_macos"],"_links":{"self":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/8898","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8898"}],"version-history":[{"count":0,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/8898\/revisions"}],"wp:attachment":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8898"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8898"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8898"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}