Results 1 to 3 of 3

Thread: How to configure DNS with BIND

Hybrid View

  1. #1

    How to configure DNS with BIND

    Hi,
    I am new a Linux newbie, but I am trying the best to make sure I know things i'm still lacking now. I am in charge of installation of my organization's DNS Server. I was given the task of installing bind. But I don't know what is required of me from the server to the clients. What are the necessary information I need to ask the organization to supply for me to be able to carry out this task. Including the body to provide the nameservers is it the ISP or the company that hosted the domain or the company that registered the name e.g. example.com.ng. I need to know who supply what information so that I can contact the appropriate body.
    About the clients to the servers, the clients are Windows XP computers, is there anything I'm going to do and where to the client for them to be able to be seen by the Server? or am I just going to specify only the IP addresses of the clients in the MX record, A record or Pointer? please I need more enlightenment on these issues. I will be happy I someone out there can give me a comprehensive details of how to go about this.
    Thank you in advance.

  2. #2

    Smile DNS Conf

    Q: - What is the role of "named-checkconf Utility"?


    The named-checkconf utility checks the syntax of the named.conf configuration file.
    Syntax: named-checkconf [-t directory] [filename]


    Q: - what is the role of "named-checkzone Utility"?


    The named-checkzone utility checks the syntax and consistency of the zone file.
    Syntax: named-checkzone [-dgv] [-c class] zone [filename]




    BINDS:
    If you didn't install BIND packages then install them with: All theDNS are stored in /etc/resolv.conf add more ips to the nameserver


    yum install -y php* bind* mysql* postfix* sendmail* httpd* vsftpd* caching*


    yum install -y php* bind* mysql* postfix* sendmail* httpd* vsftpd* caching* vim* screen* mutt* postfix*


    yum install php* --exclude=php53* -y




    yum install -y bind
    yum install -y bind-chroot
    yum install -y bind-devel
    yum install -y bind-libbind-devel
    yum install -y bind-libs
    yum install -y bind-sdb
    yum install -y bind-utils
    yum install -y caching-nameserver
    yum install -y system-config-bind




    chmod 755 /var/named/
    chmod 775 /var/named/chroot/
    chmod 775 /var/named/chroot/var/
    chmod 775 /var/named/chroot/var/named/
    chmod 775 /var/named/chroot/var/run/
    chmod 777 /var/named/chroot/var/run/named/


    cp /var/named/chroot/etc/named.rfc1912.zones /var/named/chroot/etc/named.conf
    ln -s /var/named/chroot/etc/named.conf /etc/named.conf




    chmod 777 /etc/named.conf
    chkconfig named on


    service named start


    To set SElinux


    setsebool -P named_write_master_zones 1


    Assumptions


    your network is 192.168.1.0/24


    Your master DNS name server is server2.example.com with IP address 192.168.1.2


    1.


    # cd /var/named/chroot/etc


    2.


    # cp /var/named/chroot/etc/named.rfc1912.zones /var/named/chroot/etc/named.conf


    3.


    # vi named.conf


    4.


    After
    // See /usr/share/doc/bind*/sample/ for example named configuration files.
    //


    5. Insert the following lines:


    options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    // Those options should be used carefully because they disable port
    // randomization
    // query-source port 53;
    // query-source-v6 port 53;


    #allow-query { localhost; };
    };


    zone "example.com" IN {
    type master;
    file "example.com.zone";
    };




    zone "1.168.192.in-addr.arpa" IN {
    type master;
    file "example.com.rr.zone";
    };
    include "/etc/rndc.key";


    6. Modify the listen-on port 53 directive to include your IP address


    listen-on port 53 { 127.0.0.1;192.168.1.2; };


    7. Modify the allow-query to include your network IP address


    allow-query { localhost; 192.168.1.0/24; };


    8. Add the zone and the reverse zone lines by copying the following lines and paste them at the end of the file


    zone "example.com" IN {
    type master;
    file "example.com.zone";
    };


    zone "1.168.192.in-addr.arpa" IN {
    type master;
    file "example.com.rr.zone";
    };
    include "/etc/rndc.key";


    9. Save and close the file
    10. Create a link


    # ln -s /var/named/chroot/etc/named.conf /etc/named.conf


    11. Configure the RNDC key by using this command:


    # rndc-confgen


    12. Configure the zone file(example.com.zone)


    # cd /var/named/chroot/var/named


    # vi example.com.zone


    13. Insert the following lines:


    $TTL 86400 @ IN SOA server2.example.com. root.server2.example.com. ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS server2.example.com


    14. Save and close the file
    15. Create the symbolic link


    ln -s /var/named/chroot/var/named/example.com.zone /var/named/example.com.zone


    16. Configure the reverse zone
    # cd /var/named/chroot/var/named


    # vi example.com.rr.zone


    17. Insert the following lines:


    $TTL 86400 @ IN SOA server2.example.com. root.server2.example.com. ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS server2.example.com 2 IN PTR server2.example.com


    18. Save and close the file
    19.


    ln -s /var/named/chroot/var/named/example.com.rr.zone /var/named/example.com.rr.zone


    20.


    # chkconfig named on


    21. Allow access to TCP and UDP ports 53


    # system-config-securitylevel


    other port add 53 as tcp
    other port add 53 as udp


    22. Restart named


    # chmod 777 /etc/named.conf


    # service named restart


    # host yahoo.com


    # dig yahoo.com


    $TTL 86400 means the default time to live for the data on this master DNS server is three days.


    SOA means start of authority which it describes where the zone is coming from.The zone in this case is coming from the computer named server2.example.com and the email is root@server2.example.com.


    Serial Numbers means the date and version number of this data.


    NS means the name server record which it is the name of the master DNS server(server2.example.com)


    The final named.conf

  3. #3
    I am new to this too. Here is my named.conf file, it's just for a LAN network now. It all works, but I have a question. The above has localhost for the listen on option. Is that what I should be using too? I assume that "any" in my case is listening to any ip not just the NS ip? I also used an include file for my zone files. I like this because it keeps things a little cleaner in the named.conf file. Just use the line I did at the bottom and include a file name "your-include-file" in the etc directory with the zone info. My example of the include file is shown below too. I also included an example of a zone file. Everything resolves correctly including ftp, mail and my win 2003 media server. My question is even though everyting is showing correctly with dig or nslookup is it correct? I am able to send mail on my LAN wiht my names. If I were using it in an internet environment would it be right?


    I changed all the actual fqdn's and ip's from their actual but left the mail, ftp ,win 2003 server and suse beginning names because that is what I have as my clients. The win server 2003 does serve as a media server for my video and itunes. I wanted to set up a web server from my home computer but something is not letting me to the outside world, that is a whole other issue. I hope these file are helpful to someone, I had a hard time figuring out exactly how they should be set up. I do not have them in a chrooted environment either. I did, but broke something and had to redo the whole server and did not set up a chrooted bind this time. These are also VM's running in vmware workstation on a windows 2008 server.



    options {

    listen-on port 53{ any; };
    listen-on-v6 port 53{ any; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    notify yes;
    forwarders { 192.168.0.1; };
    };

    zone "." in {
    type hint;
    file "root.hints";
    };

    zone "localhost" in {
    type master;
    file "localhost.db";
    };

    zone "0.0.127.in.addr.arpa" in {
    type master;
    file "0.0.127.in.addr.arpa.zone";
    };

    include "/etc/named.conf.include";


    include file:

    zone "centos.local" in {
    type master;
    file "/var/named/centos.local.zone";
    allow-query { any; };
    };

    zone "0.168.192.in-addr.arpa" IN{
    type master;
    file "/var/named/centos.local.rev";
    };


    My zone file example:

    $TTL 1W
    centos.local. IN SOA dns1.centos.local. ktb.home.centos.local. (
    2011072701 ; serial
    8H ; refresh
    4H ; retry
    4W ; expire
    1D ) ; minimum

    centos.local. IN NS dns1.centos.local.
    centos.local. IN NS origin.centos.local.
    centos.local. IN MX 10 mail.centos.local.
    localhost IN A 127.0.0.1
    dns1.centos.local. IN A 192.168.0.170
    ftp.centos.local. IN A 192.168.0.171
    mail.centos.local. IN A 192.168.0.171
    www.home.centos.local. IN A 192.168.0.172
    home.centos.local. IN A 192.168.0.172
    media.centos.local. IN A 192.168.0.140
    2003web.centos.local. IN A 192.168.0.141
    svr2003.centos.local. IN A 192.168.0.142
    suse.centos.local. IN A 192.168.0.150
    Last edited by ktb; 08-02-2011 at 01:40 AM. Reason: trying to keep proper formatting of zone file but can't figure out how in post.

Similar Threads

  1. BIND configuration
    By rhel in forum Redhat / Fedora
    Replies: 0
    Last Post: 04-23-2012, 02:01 PM
  2. Bind IP With MAC??/
    By sapheroth in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 09-20-2006, 11:42 AM
  3. bind setup on RH
    By elovkoff in forum Linux - Hardware, Networking & Security
    Replies: 5
    Last Post: 02-09-2002, 03:27 AM
  4. Bind won't resolv
    By kenshi in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 12-30-2001, 06:31 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •