1 ) Install the dns packages
#yum install bind bind-utils bind-chroot caching-nameserver
2) Check /etc/resolv.conf
cp /etc/resolv.conf /etc/resolv.conf.original
vi /etc/resolv.conf
Insert,
search tornado.com
nameserver 127.0.0.1
Setting daemon options
cp /var/named/chroot/etc/named.conf var/named/chroot/etc//named.conf.original
set the permission for named.conf
chown root:named named.conf
vi /var/named/chroot/etc/named.conf
Insert the BOLD;
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
//query-source address * port 53;
listen-on { 127.0.0.1; 10.29.29.112 ; };
allow-query { 127.0.0.1; 10.29.29.0/24; };
};
If your DNS server is located behind a firewall and is having difficulty with resolving names, you may need to uncomment this directive.
query-source address * port 53;
The "." zone below tells named to check this file for a list of the root name servers, so it knows where to send external queries. This enables the caching nameserver feature of BIND, by forwarding any unknown requests to the root nameservers listed in the file. This zone should already be listed in the configuration.
zone "." IN {
type hint;
file "named.ca";
};
##################################################################################### You may find that sending every new DNS query to the root name servers will be a little slow. This can be improved by sending all of your queries to a quicker "upstream" DNS server which will process your request for you. An upstream DNS server (like the ones at your ISP) may already have the query you're after in its cache, or it will normally have a faster backbone link to the root name servers.
To use forwarders you need to have at least one upstream DNS server IP address. Forwarders are a configuration option which needs to be placed inside the "options" section (place under the "allow-query" option above).
#Place INSIDE 'options'
forward first;
forwarders { xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; }; <-- Add your ISP's DNS servers in here (IP addresses ONLY)
#####################################################################################
Adding Your Domain
vi /var/named/chroot/etc/named.conf
zone "tornado.com" IN {
type master;
file "data.tornado.com";
allow-update { none; };
};
zone "29.29.10.in-addr.arpa" IN {
type master;
file "reverse-10.29.29";
allow-update { none; };
};
vi /var/named/chroot/var/named/data.tornado.com
The following is an example FORWARD zone file for the "example.com" domain name, it is using private addressing for internal only name resolution.
$TTL 1D
@ IN SOA thunder.tornado.com. root (
10 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D ) ; Minimum
;
IN NS thunder ; Name Server for the domain
IN MX 10 thunder ; Mail Exchange
;
tornado.com. IN A 10.29.29.112 ; IP address for the domain tornado.com
thunder IN A 10.29.29.112 ; IP address for ' thunder'
www IN CNAME thunder ; ' thunder ' is also known as www
ftp IN CNAME thunder ; ' thunder ' is also known as ftp
;
=========================
The forward zone file allows name resolution from NAME to IP address. To allow name resolution from IP address to NAME, we need to configure a REVERSE zone file.
vi /var/named/chroot/var/named/reverse-10.29.29
$TTL 1D
@ IN SOA thunder.tornado.com. root (
10 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D ) ; Minimum
;
IN NS thunder.tornado.com.
1 IN PTR thunder.tornado.com.
The following are some of the common parameters (and definitions) required to configure our zone files.
Parameter Definition
$TTL Time To Live for the zone file
IN The Internet system
SOA Start Of Authority to administer zone
NS Name Server for the zone
MX Mail Exchange for the zone (needs a priority value)
A Address records for hosts / network equipment
CNAME Canonical name for an alias (points to "A" record)
chown named.named /var/named/chroot/var/named/data.tornado.com
chown named.named /var/named/chroot/var/named/reverse-10.29.29
Checking Your Work
named-checkconf /var/named/chroot /etc/named.conf
named-checkzone -d tornado.com /var/named/chroot/var/named/data.tornado.com
loading "example.com" from "/var/named/master-example.com" class "IN"
zone example.com/IN: loaded serial 10
OK
named-checkzone -d 29.29.10.in-addr.arpa //var/named/chroot/var/named/reverse-10.29.29
loading "1.168.192.in-addr.arpa" from "/var/named/data/reverse-192.168.1" class "IN"
zone 1.168.192.in-addr.arpa/IN: loaded serial 10
OK
Starting BIND
chkconfig --level 2345 named on
/etc/init.d/named restart
chkconfig --list named
grep named /var/log/messages
galaxy named[19111]: starting BIND 9.3.2 -u named -t /var/named/chroot
galaxy named[19111]: found 2 CPUs, using 2 worker threads
galaxy named[19111]: loading configuration from '/etc/named.conf'
galaxy named[19111]: listening on IPv4 interface lo, 127.0.0.1#53
galaxy named[19111]: listening on IPv4 interface eth1, 192.168.1.1#53
galaxy named[19111]: command channel listening on 127.0.0.1#953
galaxy named[19111]: zone 0.in-addr.arpa/IN: loaded serial 42
galaxy named[19111]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
galaxy named[19111]: zone 1.168.192.in-addr.arpa/IN: loaded serial 10 <-- Successful load
galaxy named[19111]: zone 255.in-addr.arpa/IN: loaded serial 42
galaxy named[19111]: zone example.com/IN: loaded serial 10 <-- Successful load
galaxy named[19111]: zone localdomain/IN: loaded serial 42
galaxy named[19111]: zone localhost/IN: loaded serial 42
galaxy named[19111]: running
Testing The Server
[bash]# dig www.example.com
; <<>> DiG 9.3.2 <<>> www.example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48535
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.example.com. IN A
;; ANSWER SECTION:
www.example.com. 86400 IN CNAME galaxy.example.com.
galaxy.example.com. 86400 IN A 192.168.1.1 <-- Correct IP address returned
;; AUTHORITY SECTION:
example.com. 86400 IN NS galaxy.example.com.
;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) <-- Query from local server
;; WHEN: Wed May 17 21:16:38 2006
;; MSG SIZE rcvd: 84
dig example.com AXFR @localhost
; <<>> DiG 9.3.2 <<>> example.com AXFR @localhost
; (1 server found)
;; global options: printcmd
example.com. 86400 IN SOA galaxy.example.com. sysadmin.example.com. 10 28800 7200 2419200 86400
example.com. 86400 IN NS galaxy.example.com.
example.com. 86400 IN MX 10 galaxy.example.com.
example.com. 86400 IN A 192.168.1.1
ftp.example.com. 86400 IN CNAME galaxy.example.com.
galaxy.example.com. 86400 IN A 192.168.1.1
wkstn1.example.com. 86400 IN A 192.168.1.201
wkstn2.example.com. 86400 IN A 192.168.1.202
www.example.com. 86400 IN CNAME galaxy.example.com.
example.com. 86400 IN SOA galaxy.example.com. sysadmin.example.com. 10 28800 7200 2419200 86400
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) <-- Query from local server
;; WHEN: Wed May 17 21:17:21 2006
;; XFR size: 9 records (messages 1)
host 10.29.29.112
201.1.168.192.in-addr.arpa domain name pointer wkstn1.example.com.
Jan 20, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment