Thursday, April 29, 2010

Linux DNS Server - RHCE Notes (29/04/2010)

Linux Bind DNS Name Server Configuration

#rpm –qi bind / bind-chroot / caching-nameserver
#yum grouplist check group name
#yum groupinstall "DNS Name Server"
# that will install bind / bind-chroot
----------------------------------------------------------------------------------------------------------
Selinux for named
# setsebool -P named_write_master_zones 1
----------------------------------------------------------------------------------------------------------
Install Caching only Name Server
#yum -y install caching-nameserver
# cd /var/named/chroot/etc
#cp named.caching-nameserver.conf named.conf
#chgrp -R named named.conf
#vi named.conf
Change
listen-on port 53 { 127.0.0.1; 192.168.0.254; };
allow-query { 192.168.0.0/24; };
# vi /etc/resolv.conf
nameserver 127.0.0.1
Creating RNDC (Remote Name Daemon Control)
/etc/rndc.key
#rhdc-confgen
#rndc-confgen -a -b 512

Bind Commands to troubleshoot name resolution

#service named restart/reload/stop/start
#rndc start/stop/reload/status
#host –l example.com
#dig www.redhat.com

Domain example.com configuration

# vi /var/named/chroot/etc/named.conf

# chgrp -R named named.conf ßchange group to named for named.conf

# ln -s /var/named/chroot/etc/named.conf /etc/named.conf

------------------------------------------------------------------------------------------

named.conf (SAMPLE)

options {

listen-on port 53 { 127.0.0.1; 192.168.0.254; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { 192.168.0.0/24; };

forward only;

forwarders {

172.16.1.73;

};

};

zone "." IN {

type hint;

file "named.ca";

};

zone "example.com" IN {

type master;

file "example.com.zone";

allow-update { none; };

};

zone "0.168.192.in-addr.arpa" IN {

type master;

file "192.168.0.zone";

allow-update { none; };

};

include "/etc/rndc.key";

------------------------------------------------------------------------------------------------------------

vi /var/named/chroot/var/named/example.com.zone

chgrp -R named example.com.zone

------------------------------------------------------------------------------------------------------------

example.com.zone (SAMPLE)

$TTL 86400

example.com. IN SOA server1.example.com. root.server1.example.com. (

2010042900 ; serial number

1H ; refresh slave

5M ; retry query

1W ; expire

1M ; negative TTL

)

@ IN NS server1.example.com.

@ IN MX 10 server1.example.com.

example.com. IN A 192.168.0.254

mail.example.com. 3600 IN CNAME server1.example.com.

kerberos.example.com. 3600 IN CNAME server1.example.com.

station1.example.com. IN A 192.168.0.1

station2 IN A 192.168.0.2

station3 IN A 192.168.0.3

station4 IN A 192.168.0.4

station5 IN A 192.168.0.5

station6 IN A 192.168.0.6

station7 IN A 192.168.0.7

station8 IN A 192.168.0.8

station9 IN A 192.168.0.9

station10 IN A 192.168.0.10

www10 IN CNAME station10.example.com.

ssl IN CNAME station10.example.com.

gateway IN A 192.168.0.100

server1 IN A 192.168.0.254

------------------------------------------------------------------------------------------------------------

vi /var/named/chroot/var/named/192.168.0.zone

chgrp –R named 192.168.0.zone

----------------------------------------------------------------------------------------------------------

192.168.0.zone (SAMPLE)

$TTL 86400

0.168.192.IN-ADDR.ARPA. IN SOA server1.example.com. root.server1.example.com.(

2010042900 ; serial number

1H ; refresh slave

5M ; retry query

1W ; expire

1M ; negative TTL

)

@ IN NS server1.example.com.

1.0.168.192.IN-ADDR.ARPA. IN PTR station1.example.com.

2 IN PTR station2.example.com.

3 IN PTR station3.example.com.

4 IN PTR station4.example.com.

5 IN PTR station5.example.com.

6 IN PTR station6.example.com.

7 IN PTR station7.example.com.

8 IN PTR station8.example.com.

9 IN PTR station9.example.com.

10 IN PTR station10.example.com.

---------------------------------------------------------------------------------------------------------

Bind Slave zone Configuration on stationx (SAMPLE)

# vi /var/named/chroot/etc/named.conf

# chgrp -R named named.conf ßchange group to named for named.conf

# ln -s /var/named/chroot/etc/named.conf /etc/named.conf

------------------------------------------------------------------------------------------------------------

options {

listen-on port 53 { 127.0.0.1; 192.168.0.10; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { 192.168.0.0/24; };

};

zone "example.com" IN {

type slave;

file "slaves/example.com.zone";

masters {

192.168.0.254;

};

};

zone "0.168.192.in-addr.arpa" IN {

type slave;

file "slaves/192.168.0.zone";

masters {

192.168.0.254;

};

};

------------------------------------------------------------------------------------------------------------

# service named restart

After restart the server, example.com.zone / 192.168.0.zone files automatically create in

/var/named/chroot/var/named/example.com.zone (forward lookup)

/var/named/chroot/var/named/192.168.0.zone (reversed lookup)

# dig server1.example.com (forward lookup test)

# dig -x 192.168.0.254 (reversed lookup test)



No comments: