From aeb96a02a728db2c7b2952461ea1c50d9d0ba8a3 Mon Sep 17 00:00:00 2001 From: "Lockszmith (cs-dbg@VAST)" Date: Sat, 26 Apr 2025 01:26:21 +0300 Subject: [PATCH] Initial commit, see README.md for details --- README.md | 34 ++++++++++++++++++++++++++++ cleanup-dnslab.sh | 8 +++++++ client_Dockerfile | 5 +++++ compose.yaml | 56 ++++++++++++++++++++++++++++++++++++++++++++++ db.example.com | 13 +++++++++++ db.sub.example.com | 10 +++++++++ dnslab | 6 +++++ maindns_named.conf | 24 ++++++++++++++++++++ start-dnslab.sh | 8 +++++++ subdns_named.conf | 20 +++++++++++++++++ 10 files changed, 184 insertions(+) create mode 100644 README.md create mode 100755 cleanup-dnslab.sh create mode 100644 client_Dockerfile create mode 100644 compose.yaml create mode 100644 db.example.com create mode 100644 db.sub.example.com create mode 100755 dnslab create mode 100644 maindns_named.conf create mode 100755 start-dnslab.sh create mode 100644 subdns_named.conf diff --git a/README.md b/README.md new file mode 100644 index 0000000..07af580 --- /dev/null +++ b/README.md @@ -0,0 +1,34 @@ +# Docker DNS Lab + +```mermaid +flowchart TD + client["client
172.20.0.100"] + subgraph main["example.com"] + maindns[(maindns
ns1.example.com
172.20.0.10)] + subgraph sub["sub.example.com"] + subdns[(subdns
ns1.sub.example.com
172.20.0.20)] + end + end + + client -->|"DNS"| maindns + maindns -->|"delegate:sub"| subdns +``` + +## Running + +```shell +#start the containers +./start-dnslab.sh + +# do your tests +./dnslab dig ns1.example.com +./dnslab dig ns1.sub.example.com + +./dnslab ip -br a +``` + +## Cleaning up + +``` +./cleanup-dnslab.sh +``` diff --git a/cleanup-dnslab.sh b/cleanup-dnslab.sh new file mode 100755 index 0000000..ed48d6c --- /dev/null +++ b/cleanup-dnslab.sh @@ -0,0 +1,8 @@ +#! /usr/bin/env bash + +set -e + +docker compose down --remove-orphans + +[[ $# -eq 0 ]] || docker run --rm -v .:/tmp/x bash -vc "cd /tmp/x; ${*:-ls -la --color}" + diff --git a/client_Dockerfile b/client_Dockerfile new file mode 100644 index 0000000..a214e81 --- /dev/null +++ b/client_Dockerfile @@ -0,0 +1,5 @@ +FROM ubuntu + +RUN apt-get update \ + && apt-get install --yes dnsutils iputils-arping iputils-ping iproute2 + diff --git a/compose.yaml b/compose.yaml new file mode 100644 index 0000000..6fcebe9 --- /dev/null +++ b/compose.yaml @@ -0,0 +1,56 @@ +services: + maindns: + image: internetsystemsconsortium/bind9:9.18 + container_name: maindns + command: -u root -g -d 9 -f -c /etc/bind/named.conf + volumes: + - maindns_etc_bind:/etc/bind + - ./maindns_named.conf:/etc/bind/named.conf:ro + - ./db.example.com:/etc/bind/db.example.com:ro + tmpfs: + - /var/cache/bind + - /var/log + depends_on: + - subdns + networks: + dnsnet: + ipv4_address: 172.20.0.10 + + subdns: + image: internetsystemsconsortium/bind9:9.18 + command: -u root -g -d 9 -f -c /etc/bind/named.conf + container_name: subdns + volumes: + - subdns_etc_bind:/etc/bind + - ./subdns_named.conf:/etc/bind/named.conf:ro + - ./db.sub.example.com:/etc/bind/db.sub.example.com:ro + tmpfs: + - /var/cache/bind + - /var/log + networks: + dnsnet: + ipv4_address: 172.20.0.20 + + client: + build: + dockerfile: client_Dockerfile + container_name: client + command: sleep infinity + depends_on: + - maindns + dns: + - 172.20.0.10 + networks: + dnsnet: + ipv4_address: 172.20.0.100 + +networks: + dnsnet: + driver: bridge + ipam: + config: + - subnet: 172.20.0.0/24 + +volumes: + maindns_etc_bind: + subdns_etc_bind: diff --git a/db.example.com b/db.example.com new file mode 100644 index 0000000..692ac20 --- /dev/null +++ b/db.example.com @@ -0,0 +1,13 @@ +$TTL 86400 +@ IN SOA ns1.example.com. admin.example.com. ( + 1 ; Serial + 3600 ; Refresh + 1800 ; Retry + 604800 ; Expire + 86400 ) ; Minimum TTL + IN NS ns1.example.com. +ns1 IN A 172.20.0.10 + +; Delegate subdomain to subdns +sub IN NS ns1.sub.example.com. +ns1.sub IN A 172.20.0.20 diff --git a/db.sub.example.com b/db.sub.example.com new file mode 100644 index 0000000..a24a2ab --- /dev/null +++ b/db.sub.example.com @@ -0,0 +1,10 @@ +$TTL 86400 +@ IN SOA ns1.sub.example.com. admin.sub.example.com. ( + 1 ; Serial + 3600 ; Refresh + 1800 ; Retry + 604800 ; Expire + 86400 ) ; Minimum TTL + IN NS ns1.sub.example.com. +ns1 IN A 172.20.0.20 +client IN A 172.20.0.100 diff --git a/dnslab b/dnslab new file mode 100755 index 0000000..5b7e396 --- /dev/null +++ b/dnslab @@ -0,0 +1,6 @@ +#! /usr/bin/env bash + +set -e + +docker exec -it client "${@:-bash}" + diff --git a/maindns_named.conf b/maindns_named.conf new file mode 100644 index 0000000..8abcbc8 --- /dev/null +++ b/maindns_named.conf @@ -0,0 +1,24 @@ +options { + directory "/var/cache/bind"; + listen-on port 53 { any; }; + allow-query { any; }; + recursion no; +}; + +zone "example.com" { + type master; + file "/etc/bind/db.example.com"; +}; + +zone "sub.example.com" { + type delegation-only; +}; + +logging { + channel default_log { + file "/var/log/named.log"; + severity info; + print-time yes; + }; + category default { default_log; }; +}; diff --git a/start-dnslab.sh b/start-dnslab.sh new file mode 100755 index 0000000..a5d98e7 --- /dev/null +++ b/start-dnslab.sh @@ -0,0 +1,8 @@ +#! /usr/bin/env bash + +set -e + +docker compose down --remove-orphans \ +&& docker compose build \ +&& docker compose up -d + diff --git a/subdns_named.conf b/subdns_named.conf new file mode 100644 index 0000000..9c7a291 --- /dev/null +++ b/subdns_named.conf @@ -0,0 +1,20 @@ +options { + directory "/var/cache/bind"; + listen-on port 53 { any; }; + allow-query { any; }; + recursion no; +}; + +zone "sub.example.com" { + type master; + file "/etc/bind/db.sub.example.com"; +}; + +logging { + channel default_log { + file "/var/log/named.log"; + severity info; + print-time yes; + }; + category default { default_log; }; +};