DNS/NAME-SERVER Configuration
Service Profile
service type: stand alone service
package: bind, bind-chroot, caching-nameserver
Deamons: /usr/sbin/named, /usr/sbin/rndc
startup script: /etc/init.d/named
port: 53(named), 953(rndc)
conf files: /var/named/chroot, /etc/named.conf, /var/named*, /etc/rndc.key
Releated: caching nameserver, openssl
Resolver
Resolver /etc/hosts
/etc/nsswitch.conf
/etc/resolve.conf
Using dig command for resolving DNS server
Resolving particuler server excepting /etc/resolve.conf
Resolve Server #dig @server_name fqdn
#dig @192.168.8.254 server1.example.com
#dig +trace yahoo.com
forword lookup query #dig fqdn
#dig station3.example.com
Reverselookup query #dig -x ip_address
#dig -x 192.168.8.203
Resolving based on record #dig -t mx example.com
To view total zone information by transferring zone
# dig -t axfr example.com @192.168.8.254
using host to resoleve name server
forward lookup query # host server1.example.com
Reverse lookup query #host 192.168.8.254
Resolving based on record #host -t soa example.com
Caching only name server
If installed package bind, caching-nameserver
DNS configuration file /etc/named.conf
Zone file /var/named/example.com.fz
If installed package bind, bind-chroot, caching-nameserver
DNS configuration file /var/named/chroot/etc/named.conf
Zone file /var/named/chroot/var/named/example.com.fz
1 check whether package are installed or not #rpm -qa | grep bind
#rpm -qa | grep caching-nameserver
2 copy named.caching-nameserver.conf to
#cd /var/named/chroot/etc
named.conf (/var/named/chroot/etc)
#cp named.caching-nameserver.conf named.conf
3 Edit the file named.conf
# vim named.conf
listen-on port (add your interface ip_address)
listen-on port 53 { 127.0.0.1; 192.168.9.254; };
allow-query (add your network subnet address)
allow-query { localhost; 192.168.8.0/24; };
Add forward entry for ISP DNS server
forwarders { 192.168.8.254; };
4 make named group as owner of the file named.conf #chgrp named named.conf
5 start the service #service named start
6 check the service is working #netstat -ntulp | grep named
#netstat -ntulp | grep :53
#dig @127.0.0.1 www.yahoo.com
Master Name server (forward lookup zone)
1 Edit named.conf file make enry for your zone
# vim /var/named/chroot/etc/named.conf
zone "zone_name" Class_type{
Type;
File_name;
};
2 Create zone file under directory
#cd /var/named/chroot/var/named
/var/named/chroot/var/named
#cp localdomain.zone zone_file_name
3 Edit the zone file which you have created #
vim zone_file_name
$TTL 86400
@ IN SOA station29.abc.com root.abc.com (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS station29
station29 IN A 192.168.9.129
4 Make named group as owner of zone_file #chgrp named zone_file_name
5 restart the named service #service named restart
Primary DNS (Reverse lookup zone)
1 Edit
amed.conf
named.conf file make enry for your zone
#vim /var/named/chroot/etc/n
zone "0.0.127.in-addr.arpa" IN {
type master;
file "rana.personal.rz";
2 Create zone file under directory
#cd /var/named/chroot/var/named
/var/named/chroot/var/named
# cp localdomain.zone zone_file_name
3 Edit the zone file which you have created #vim zone_file_name
4 Make named group as owner of zone_file #chgrp named zone_file_name
5 restart the named service #service named restart
Slave name server (forward lookup zone)
1 permit zone transfer from master
to slave nameserver
zone "zone_name" Class_type{
Type;
File_name;
allow-transfer { 192.168.8.254; };
};
2 Create a NS record on Master name server
#vim named.conf
in zone file
IN NS server1
server1 IN A 192.168.8.254
3 Install name service in slave server
4 Create zone entry in named.conf
# vim /var/named/chroot/etc/named.conf
zone "anis.personal" IN {
type slave;
file "slaves/anis.personal.fz";
masters { 192.168.8.202; };
};
5 Restart the service #
File Configuration
resolve.conf file #vim etc/resolve.conf
search example.com
nameserver 192.168.9.254
hosts file #vim /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 server1.example.com server1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
named.conf file #vim /var/named/chroot/etc/named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.9.254; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { localhost; 192.168.9.0/24; };
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
nsswitch.conf file #vim /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files
shadow: files
group: files
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
Some Command line History of lecture class
387 cd /var/named/chroot/etc/
388 ls
389 vim named.conf
390 cd ../var/named/
391 ls
392 cat named.zero
393 cp localdomain.zone example.rz
394 vim example.rz
395 chown root:named example.rz
396 service named restart
397 dig -x server1.example.com
398 dig -x 192.168.9.254
399 vim example.rz
400 service named restart
401 dig -x 192.168.9.254
402 vim example.rz
403 service named restart
404 dig -x 192.168.9.101
405 dig -x 192.168.9.102
406 dig -x 192.168.9.120
407 exit
No comments:
Post a Comment