Section 37.1. Objective 1: Basic DNS Server Configuration

Previous page
Table of content
Next page

37.1. Objective 1: Basic DNS Server Configuration

The main configuration file for BIND 8.x is /etc/named.conf. In it you can specify options such as the default directory for named files and specify the zones for the named entries you are hosting. You generally host two types of named files. The first is the database (db) entry for each domain you host. These db entries are typically named either db.domain.com or domain.com.db, depending on the naming scheme you use. The db entries are the forward DNS entries for your domain. The second type of named file you host is the reverse DNS file, denoted typically by db.x.x.x.in-addr.arpa, where x.x.x is the subnet you are hosting with its elements reversed. For example , if you host the 208.201.239 subnet, you would have a db.239.201.208.in-addr.arpa reverse DNS file.

It is common for your ISP to manage the reverse DNS on the IP addresses that they have assigned to you, so in-addr.arpa entries may not always be necessary.

37.1.1. named.conf

The /etc/named.conf file is the main configuration file for named. Within the named.conf file, you will specify options such as the default directory for named entries and zone entries for individual named files. The following is a sample /etc/named.conf file:

 options {         directory "/var/named"; }; zone "." {         type hint;         file "named.ca"' }; zone "1.168.192.in-addr.arpa" {         type master;         file "db.1.168.192.in-addr.arpa"; }; zone "example.com" {         type master;         file "db.example.com"; }; zone "example.net" {         type slave;         file "db.example.net";         masters {                 192.168.0.100;         }; };

The preceding sample /etc/named.conf has five different types of entries. The first two entries are mandatory configuration options for BIND. The first entry specifies BIND options. In this example, the directory option sets where all named files will be placed. By default, this option is set to /var/named. Many DNS administrators are accustomed to keeping named files under /etc/named and therefore change this directory option.

The second entry is a default zone entry to specify what file can be used as a "hint" for where to find root name servers. By default, BIND 8 uses /var/named/named.ca. This second entry is required, and it is not recommended to edit this entry or file unless necessary.

The third entry in the example is a reverse DNS zone entry. The zone specified is 1.168.192.in-addr.arpa. The reverse DNS is a primary DNS record, so the type entry is set to master. The file with the reverse DNS information is in /var/named/db.1.168.192.in-addr.arpa, so the file option is set to db.1.168.192.in-addr.arpa.

The fourth entry in the example is a primary DNS zone entry. The zone specified is example.com. Because the entry is a primary DNS entry, the type is set to master. The file for the entry is found in /var/named/db.example.com, so the file option is set to db.example.com.

The fifth entry in the example is a sample secondary DNS zone entry. The zone specified in the example is example.net. Because the entry is a secondary DNS entry, the type is set to slave. The file for this secondary entry is found in /var/named/db.example.net, so the file option is set to db.example.net. Because this entry is a secondary DNS entry, you must provide the primary DNS server information where the DNS information is retrieved from. In this entry's case, the primary DNS server is 192.168.0.100, so the masters option is set to 192.168.0.100.

37.1.2. Primary DNS

After you have a domain registered with the DNS server you specify as the primary DNS server, you will need to set up your named files by following these steps:

  1. Add the corresponding zone to /etc/named.conf. As a primary entry, your zone entry in /etc/named.conf will look like this:

     zone "example.com" {         type master;         file "db.example.com"; };

  2. Edit db.example.com. Create a file under /var/named named db.example.com. Add any necessary token entries and change the file serial number to reflect the current date.

    The serial number (by standard convention) should be 10 characters. The first four (1999) reflect the year, the next two (08) reflect the current month; the next two (01) reflect the current day, and the last two (01) reflect the number of times you changed that file that day (for instance, if this is the first time you made a change, the digits would be 01, the second 02, the third 03, and so on). It is important that you update the serial number upon every change, because this tells named that changes have been made to a zone.

  3. Set your primary and secondary DNS servers. Add any hosts for this domain with appropriate tokens and so forth. Note that the hostname always ends with a period (.); one of the most common errors made by DNS administrators is to leave off the trailing period. Your db.example.com should look something like this:

         @          IN      SOA     ns.example.com.  root.example.com. (                                1999080101     ; serial                                10800  ; refresh (3 hours)                                3600   ; retry (1 hour)                              604800 ; expire (7 days)                              86400 ) ; minimum (1 day)            IN       NS             ns1.example.com.            IN       NS             ns2.example.net.            IN       A              192.168.0.212 www        IN       A              192.168.0.212 ftp        IN       CNAME          www node2      IN       A              192.168.0.2 router     IN       A              192.168.0.254 ns1        IN       A                 192.168.0.10

  4. Set up reverse DNS. Create the db.0.168.192.in-addr.arpa file under /var/named. Set up any and all reverse entries for each node, as specified in the forward DNS file. (Remember to change your file serial number accordingly!) Your reverse DNS file should look something like this:

         @          IN       SOA     ns.example.com. root.example.com. (                  1999080101     ; serial                                 10800   ; refresh (3 hours)                                 3600    ; retry (1 hour)                  604800  ; expire (7 days)                  86400 ) ; minimum (1 day) IN       NS      ns1.example.com.     2          IN       PTR     node2.example.com.     10         IN       PTR     ns1.example.com.     254        IN       PTR     router.example.com.

  5. Verify changes and restart named. Verify that your IPs, hosts, and serial number information are correct. Then restart named by running /etc/rc.d/init.d/named restart. To verify that you have your domain running properly, use nslookup (discussed in the "DNS Tools" section of this chapter) by running nslookup www.example.comserver_IP_address and nslookup 192.168.0.212server_IP_address. Specifying the DNS server's IP address in the command allows you to see exactly what information your server is delivering, helping to avoid caching or misconfiguration issues. You should also run nslookup without the server IP address argument, to help detect such issues. The command should return the appropriate IP address and domain information, if DNS is set up properly.

37.1.3. Secondary and Tertiary DNS

When a domain is registered, it must be registered with not only a primary DNS server, but also a secondary DNS server. If the primary server is down, the secondary server will take over. For even more failover support, a tertiary DNS server can be set up.

Setting up secondary DNS for a domain is even simpler than setting up primary DNS. Essentially, you have to do only Steps 1 and 5 from the previous list that describes setting up primary DNS. There is a difference, however, from Step 1 for primary DNS. The following steps explain how to set up secondary DNS.

  1. Add the zone to /etc/named.conf. As a secondary entry, your type is slave. With a slave entry you have to specify the master (used to pull the DNS information for the domain from), which in this example is 192.168.2.50. As a secondary entry, your zone entry in /etc/named.conf will look like this:

     zone "example.com" {         type slave;         file "db.example.com";         masters {                  192.168.2.50;         }; };

  2. Verify changes and restart named. Verify that your IPs and host information are correct. Then, restart named by running /etc/rc.d/init.d/named restart.


Previous page
Table of content
Next page
LPI Linux Certification in a Nutshell
LPI Linux Certification in a Nutshell (In a Nutshell (OReilly))
ISBN: 0596005288
EAN: 2147483647
Year: 2004
Pages: 257
Authors: Steven Pritchard, Bruno Gomes Pessanha, Nicolai Langfeldt, James Stanger, Jeff Dean
BUY ON AMAZON
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
MySQL Cookbook
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
File System Forensic Analysis
Quantitative Methods in Project Management
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy