linux primary dns server setup
TRANSCRIPT
Chapter - 2 Primary DNS Server Configuration
Fist we need IP Configuration of DNS Server
Step – 1 : Setup IP address to Network card.[root@trifola]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0IPADDR = 192.168.100.2 NETMASK = 255.255.255.0 ONBOOT = yesBOOTPROTO = static
[root@trifola]# service network restart
Step – 2:[root@trifola]# vi /etc/sysconfig/network
NETWORKING = yesHOSTNAME = trifolaGATEWAY=192.168.100.1[root@trifola]# init 6 (after edite this file need to restart)
Step – 3 : [root@trifola]# vi /etc/hosts
l127.0.0.1 localhost.localdomain localhost
6
192.168.100.2 noyadingi.com trifola192.168.100.3 noyadingi.com titash
/etc/hosts function.It can help to speedup the IP address lookup of frequently required address. IP address of the local machineDuring boot time machine need to know maping of same host name to IP address.
Step – 4 : [root@trifola]# vi /etc/resolv.conf
search noyadingi.comnameserver 192.168.100.2nameserver 192.168.100.3
DNS Configurations
Step– 1 : Planning(a) Select the proper server for Primary DNS(b) Finalize the unique Domain name(c) Registered your domain under .com, .net, org, gov or under country
domain .bd, .sg, .au etc.(d) Select the public/real IP for Primary DNS
Step – 2 : Required RPM for Primary DNS configuration . 1. bind-9.3.3-7.el5.i386.rpm 2. bind-utis-9.3.3-7.el5.i386.rpm
3. bind-chroot-9.3.3-7.el5.i386.rpm 4. caching name-server 9.3.3-7.el5.i386.rpm 5. bind libs el5.i386.rpmNote : bind .X.X rpm is requird DNS server and bind utility is required for DNS troubleshoot.
To check bind is installed or not[root@trifola]# rpm – qa | grep bind If not available then we have to install the software by following commands :[root@trifola]# rpm -ivh bind-9.3.3-7.el5.i386.rpm[root@trifola]# rpm -ivh bind-utis-9.3.3-7.el5.i386.rpm[root@trifola]# rpm -ivh bind-chroot-9.3.3-7.el5.i386.rpm[root@trifola]# rpm -ivh caching name-server 9.3.3-7.el5.i386.rpm[root@trifola]# rpm -ivh bind libs el5.i386.rpm
Step – 3 : Let us consider the Domain Name “noyadingi.com” and IP Address 192.168.100.1 in the domain. Necessary files need to configure for primary DNS server in two locationsa. /etc
1. /etc/hosts2. /etc/sysconfig/network-script/ifcfg-eth03. /etc/sysconfig/network4. /etc/resolv.conf
b. /var1. /var/named/chroot/etc/var/zonedatabase2. /var/named/chroot/etc/namedrfczone.conf
Step –5 : [root@trifola]# cp /var/named/chroot/etc/namedrfc1912zone.conf /var/named/chroot/etc/named.conf
7
[root@trifola]# chgrp named named.conf[root@trifola]# chmod 777 named.conf
[root@trifola]# vi /var/named/chroot/etc/named.conf
options {directory “/var/named/”;};
zone “.” IN {type hint;file named.ca;
};
zone “noyadingi.com” IN {type master;file “noyadingi-fz” ;allow-update {none ;};
}
zone “.100.168.192 in-addr.arpa” IN {type master;file “noyadingi-rz” ;allow-update {none ;};
}
Zone “.0.0.127 in-addr.arpa” IN {type master ;file “named.local” ;allow-update {none ;};
}
Step – 6 : check of configuration of named.conf[root@trifola]# named-checkconf /var/named/chroot/etc/named.conf
Step – 7 :[root@trifola]# cp /var/named/chroot/var/named/zonedatabase file /var/named/chroot/var/named/noyadingi-fz
[root@trifola]# chgrp named noyadingi-fz[root@trifola]# chmod 777 noyadingi-fz[root@trifola]# vi /var/named/chroot/var/named/noyadingi-fz
$TTL 64000@ IN SOA trifola.noyadingi.com. root.noyadingi.com. (
42 ; Serial3H ; Refresh15M ; Retry1W ; Expire1D ) ; Minimum
@ IN NS trifola.noyadingi.com. (for primary DNS)@ IN NS titash.noyadingi.com. (for Secondary DNS)@ IN MX 10 mail.noyadingi.com. (for 1st Mail Server)@ IN MX 20 mail2.noyadingi.com. (for 2nd Mail Server)
trifola IN A 192.168.100.2titash IN A 192.168.100.3
8
mail IN A 192.168.100.4mail2 IN A 192.168.100.5www IN A 192.168.100.6proxy IN A 192.168.100.7
Step – 8:[root@trifola]# named-checkzone /var/named/chroot/etc/named.conf/var/named/chroot/var/named/noyadingi-fz
Step – 9 : [root@trifola]# cp /var/named/chroot/var/named/ noyadingi-fz /var/named/chroot/var/ named/noyadingi-rz[root@trifola]# chgrp named noyadingi-rz[root@trifola]# chmod 777 noyadingi-rz
[root@trifola]# vi /var/named/chroot/var/named/noyadingi-rz
$TTL 64000@ IN SOA trifola.noyadingi.com. root.noyadingi.com. (
42 ; Serial3H ; Refresh15M ; Retry1W ; Expire1D ) ; Minimum
@ IN NS trifola.noyadingi.com. (for primary DNS)@ IN NS titash.noyadingi.com. (for Secondary DNS)@ IN MX 10 mail.noyadingi.com. (for 1st Mail Server)@ IN MX 20 mai2.noyadingi.com. (for 2nd Mail Server)
2 IN PTR trifola.noyadingi.com.3 IN PTR titash.noyadingi.com.4 IN PTR mail.noyadingi.com.5 IN PTR mail.noyadingi.com.6 IN PTR www.noyadingi.com.7 IN PTR proxy.noyadingi.com.
Step – 10 : Check zone files against with named.conf file
[root@trifola]# named-checkzone /var/named/chroot/etc/named.conf /var/named/chroot/var/named/noyading-rz
Step – 11 : To start DNS [root@trifola]# service network restart[root@trifola]# service named restart[root@trifola]# chkconfig named on
Step – 12 : To check the DNS server using the following command
[root@trifola]# nslookup> set type = any> trifola> trifola.noyadingi.com> mail.noyadingi.com > www.noyadingi.com > yahoo.com
9
> google.com[root@trifola]# host mal.noyadingi.com[root@trifola]# host www.noyadingi.com
Step - 13 : If DNS is not working properly then solve the problem according to error log [root@dhaka]# tail – f /var/log/messages
More Test :To check the DNS server using the following command[root@trifola]# dig trifola.noyadingi.com[root@trifola]# dig titash.noyadingi.com[root@trifola]# dig –x 192.168.100.2[root@trifola]# host trifola
When dig command apply output will like as follow.[root@trifola]# dig trifola.noyadingi.com
Returns:; <<>> DiG 9.2.1 <<>>
noyadingi.com;; global options: printcmd;; Got answer:;;
->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29309;; flags: qrrd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION
SECTION:; noyadingi.com. IN A;; ANSWER
SECTION:noyadingi.com. 4959 IN A 192.168.100.2;;AUTHORITY SECTION:noyadingi.com. 4959 IN NS
;; Query time: 2 msec;; SERVER:
127.0.0.1#53(127.0.0.1);; WHEN: Sat Feb 24 17:42:15 2006;; MSG SIZE rcvd:
[Status NO ERROR, QUERY: 1, ANSWER: 1 appear then DNS is Ok]
The DNS Database FilesMaster files included by named, like named.hosts, always have a domain associated with them, which is called the origin. This is the domain name specified with the cache and primary commands. Within a master file, you are allowed to specify domain and host names relative to this domain. A name given in a configuration file is considered absolute if it ends in a single dot, otherwise it is considered relative to the origin. The origin all by itself may be referred to using ``@''.
10
All data contained in a master file is split up in resource records, or RRs for short. They make up the smallest unit of information available through DNS. Each resource record has a type. A records, for instance, map a hostname to an IP-address, and a CNAME record associates an alias for a host with its official hostname. domain
This is the domain name to which the entry applies. If no domain name is given, the RR is assumed to apply to the domain of the previous RR.
ttl In order to force resolvers to discard information after a certain time, each RR is associated a ``time to live'', or ttl for short. The ttl field specifies the time in seconds the information is valid after it has been retrieved from the server. It is a decimal number with at most eight digits. If no ttl value is given, it defaults to the value of the minimum field of the preceding SOA record.
class This is an address class, like IN for IP addresses, or HS for objects in the Hesiod class. For TCP/IP networking, you have to make this IN. If no class field is given, the class of the preceding RR is assumed.
type This describes the type of the RR. The most common types are A, SOA, PTR, and NS. The following sections describe the var- ious types of RR's.
origin This is the canonical hostname of the primary name server for this domain. It is usually given as an absolute name.
contact This is the email address of the person responsible for maintaining the domain, with the `@' character replaced by a dot. For instance, if the responsible person at the Virtual Brewery is janet, then this field would contain janet.vbrew.com.
serial This is the version number of the zone file, expressed as a single decimal number. Whenever data is changed in the zone file, this number should be incremented. The serial number is used by secondary name servers to recognize when zone information has changed. To stay up to date, secondary servers request the primary server's SOA record at certain intervals, and compare the serial number to that of the cached SOA record. If the number has changed, the secondary servers transfers the whole zone database from the primary server.
refresh This specifies the interval in seconds that the sec- ondary servers should wait between checking the SOA record of the primary server. Again, this is a deci- mal number with at most eight digits. Generally, the network topology doesn't change too often, so that this number should specify an interval of roughly a day for larger networks, and even more for smaller ones.
retry This number determines the intervals at which a sec- ondary server should retry contacting the primary server if a request or a zone refresh fails. It must not be too low, or else a temporary failure of the server or a network problem may cause the secondary server to waste network resources. One hour, or perhaps one half hour, might be a good choice.
expire This specifies the time in seconds after which the server should finally discard all zone data if it hasn't been able to contact the primary server. It should normally be very large. Craig Hunt ([ GETST "hunt-tcpip" ]) recommends 42 days.
minimum This is the default ttl value for resource records that do not explicitly specify one. This requires other name servers to discard the RR after a certain amount of time. It has however nothing to do with the time after which a secondary server tries to update the zone information. minimum should be a large value, especially for LANs where the network topology almost never changes.
11
A value of around a week or a month is probably a good choice. In the case that single RRs may change more frequently, you can still assign them different ttl's.
A This associates an IP address with a hostname. Address (A) records map a host name to an IP address.
NS Name server (NS) records identify hosts as name servers authoritative for the specific domain.
CNAME This associates an alias for a host with its canonical hostname. Aliases are simply linked to that name by a CNAME record, but don't have any other records of their own.
PTR This type of record is used to associate names in the in- addr.arpa domain with hostnames. This is used for reverse map- ping of IP addresses to hostnames. The hostname given must be the canonical hostname.
MX This RR announces a mail exchanger for a domain. host names the mail exchanger for domain. Every mail exchanger has an integer preference associated with it. A mail transport agent who desires to deliver mail to domain will try all hosts who have an MX record for this domain until it succeeds. The one with the lowest preference value is tried first, then the others in order of increasing preference value.
12