/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsDNS or Domain Name System resolves hostnames such as
‘www.pcqlinux.com’ to an IP address such as ‘192. 168.1.1’. In a typical LAN, a DNS server can be set up to provide IP-address to machine-name mapping, and provide extra functionality as a forwarding name server for the Internet. This will speed up name queries since answers to repeated queries will be answered by the local DNS server. This is especially advantageous over a dial-up
link
Installing BIND 9
BIND 9 has many improvements over its previous versions, most notably Signed Zone Transfers (DNSSEC) and Signed DNS Requests (TSIG), which is a secure method using authorized keys. BIND 9 also supports protocol enhancements like Incremental Zone Transfers (IXFR), which means that only modified data is transferred instead of the whole zone; and Dynamic DNS updates (DDNS) or updating, adding or modifying resource records in master zone files on the fly. It also supports IP version 6 (IPv6).
Install BIND 9 RPMS from CD1 if it has not been installed.
~# mount /mnt/cdrom
~# cd /mnt/cdrom/RedHat/RPMS/
~# rpm -ivh bind-9*.rpm
~# rpm -ivh caching-nameserver-*.rpm
The zone files
The SOA (Start Of Authority) record is the preamble to all zone files, and there should be exactly one in each zone file. It describes the zone, where it comes from, who is responsible for its contents, and other things to do with caching and secondary DNS servers. Before the SOA comes a mandatory line, the $TTL 86400 line.
You need to put this in all your zone files. Each entry that’s put in is called a Resource Record (RR).
The forward zone
/pcq/media/post_attachments/3f619adce9ebb6d68f771b1beef006390f5942fd7ff9063f87c3ec9fcd1dad52.jpg)
gateway IN A 192.168.0.1
| localhost | 1D | IN | A | 127.0.0.1 | |
| gateway | 1D | IN | A | 192.168.0.1 | //gateway |
| intranet | 1D | IN | A | 192.168.1.1 | //Intranet |
| ns | 1D | IN | CNAME | intranet | //Alias for Name Server |
| proxy | 1D | IN | CNAME | intranet | //Alias for Proxy Server |
| 1D | IN | CNAME | intranet | //Alias for Incoming Mail Server | |
| smtp | 1D | IN | CNAME | intranet | //Alias for Outgoing Mail Server |
| www | 1D | IN | CNAME | intranet | //Alias for Web Server |
| ws51 | 1D | IN | A | 192.168.1.51 | //Workstation 51 |
| ws52 | 1D | IN | A | 192.168.1.52 | //Workstation 52 |
| ws53 | 1D | IN | A | 192.168.1.53 | //Workstation 53 |
The ‘A’ designates that it is a host. A CNAME (Canonical Name) is an alias. In this case, www.pcqlinux.com is an alias for intranet.pcqlinux.com. If you already have a Web server somewhere on the Internet, you’ll have to add a host RR for it. For example, if the IP address of your Web server is 157.45.23.43, the RR would be like this.
www 1D IN A 157.45.23.43 //Web Server on the Internet
The reverse zon
In this case, The file is 192.168.1.zone and does exactly the opposite of the previous file. The first few lines are similar to that of pcqlinux.com.zone. The RR entries enable DNS to convert an address to a name.
$TTL 86400
/pcq/media/post_attachments/45bd8fd237915fa7f161a135bac647cece85e6064d13690198bcf5503786f74b.jpg)
Setting up a name server
The files which need to be edited are /etc/ named.conf and the various zone files. For setting up a simple DNS server for your domain, the Bindconf configuration tool is a good way to get started. For more complex things, you’ll need to edit the files using a text editor. In X, an easy way to start up the utility is by issuing the command ‘bindconf-gui’ at a command prompt as root. By default, the two zones necessary for the loopback interface are already set up. To set up an internal domain pcqlinux.com, we need two zones–one for forward lookups and the other for reverse lookups.
The forward master zone
- Click on the Add button
- Choose Forward Master Zone and enter pcqlinux.com in the Domain name box
- In the next dialog, you can change the name of the zone file. The default file is /var/named/pcqlinux. com.zone. Now we have to list the name server and mail exchanger for the zone. Click Edit and then Add, in the ‘Name servers’ section. Type intranet. pcqlinux.com. If you have a static IP for your gateway you can add an MX or ‘Mail Exchangers’ RR as ‘gateway.pcqlinux.com’ with priority 10
- Our mail server and name server are on the same machine, so we’ll have to put in a CNAME or alias entry. To do this, in the records section, click on Add, select Alias from the Add Resource Record list, and put ‘mail’ in the alias field and ‘intranet’ in the hostname field
- To add hosts, repeat the step above, but choose Host instead of Alias. First add the name server ‘intranet’ with IP address ‘192.168.1.1’, then the gateway ‘gateway’ with IP address ‘192.168.0.1’, and so on
The reverse master zone - Choose Reverse Master Zone and type in the first three octets of your network, in this case 192.168.1. The file created will be /var/named/ 1.168. 192.in-addr.arpa.zone
- Click ‘Add’ in the ‘Name servers’ Section and put in
‘intranet.pcqlinux.com.’ - In the Reverse address table, put in the IP address and the hostname, for example, ‘192.168.0.1’ is ‘gateway.pcqlinux.com.’. Do this for all the hosts on your network.
- Apply your changes by File>Apply and then Exit.
Resolving hosts on the Internet
Edit /etc/named.conf and add the lines below if they are not there. Make sure that you substitute the values which pertain to your network and ISP.
options {
directory “/var/named”;
forward first;
//Queries are forwarded to the ISP’s name server first, then to the root servers.
forwarders { ; ; };
//You give the ip-addresses of your ISP’s name servers here.
listen-on { 192.168.1.1; 127.0.0.1; };
//Name server listens for queries on these interfaces.
allow-query { 192.168.1.0/24; 127.0.0.1;};
//Name server answers queries coming from hosts.
};
The ‘directory’option specifies where to look for files. ‘forward first’ tells it to forward a query to ‘forwarders’ specified on the next line and, if that’s not successful, to query the root name servers. The ‘forwarders’ section typically contains your ISP’s DNS servers. ‘listen-on’ tells the service to listen for queries coming from specific network interfaces. The ‘allow-query’ option tells it to answer queries coming from specified hosts. You should specify your network address here. For instance, if you assign IP addresses from a 192.168.1.x segment, your network address is 192.168.1.0.
Also make sure that file /etc/resolv.conf contains:
search pcqlinux.com
domain pcqlinux.com
nameserver 127.0.0.1
/pcq/media/post_attachments/afb553644b94543cbc480c59a833e2d7f68c4065e2e306db00c9e7d2aad73c4b.jpg)
Once all the entries are done, you must start or restart the named daemon by issuing ‘# service named restart’ (without the quotes). Make sure that named starts up at boot time, by running ‘ntsysv’ and making sure that the ‘named’ box is marked.
Once the primary name server has been set up, you can set up another machine as a secondary name server. Run bindconf, and choose Slave Server. Type in the domain name, the IP address of your primary name server and click Apply. Be sure to add an RR for the secondary name server in the file /var/named/
pcqlinux.com.zone on the primary name server.
Sony Philip is a technology research consultant with Exocore Consulting