Linux DNS setup

Linux DNS setup http://www.r71.nl/wp-content/themes/blade/images/empty/thumbnail.jpg 150 150 Roderick Derks Roderick Derks https://secure.gravatar.com/avatar/3959ba05a8e569b2d8ca79bdd57021e5?s=96&d=mm&r=g 07/16/2006 07/18/2016

This tutorial explains how to setup a DNS master and slave server using RedHat Linux. This configuration is tested on RHES 4.0 and Fedore Core 5 systems. Configuration for both is the same.

11-02-2007: I recently added a new article: Howto setup dynamic DNS

1. Install BIND on Fedora and set rights to the directories:

# yum install bind-chroot
# chmod 755 /var/named/
# chmod 775 /var/named/chroot/
# chmod 775 /var/named/chroot/var/
# chmod 775 /var/named/chroot/var/named/
# chmod 775 /var/named/chroot/var/run/
# chmod 777 /var/named/chroot/var/run/named/
# cd /var/named/chroot/var/named/
# ln -s ../../ chroot
# chkconfig –levels 235 named on
# /etc/init.d/named start

Bind will run in a chroot jail under /var/named/chroot/var/named/

2. Configuration file DNS master server

# vi /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
// named configured as master server (RRD 26-01-2006)
//

include "/etc/rndc.key";

acl internal { 10.0.0.0/8; };
acl slaves { 10.0.2.10; 10.0.2.3; 10.0.2.6; };

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

// allow-query { internal; };

        forwarders {
                10.0.1.254;
        };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "127.0.0";
        allow-update { none; };
};

zone "r71.nl" {
        type master;
        file "r71.nl.zone";
        allow-update { none; };
        allow-transfer { slaves; };
        notify yes ;
};

zone "roderickderks.nl" {
        type master;
        file "roderickderks.nl.zone";
        allow-update { none; };
        allow-transfer { slaves; };
        notify yes ;
};

zone "10.in-addr.arpa" {
        type master;
        file "r71.nl.rev";
        allow-update { none; };
        allow-transfer { slaves; };
        notify yes ;
};

3. Configuration file DNS slave server

# vi /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
// named configured as slave server (RRD 26-01-2006)
//

include "/etc/rndc.key";

// acl internal { 10.0.0.0/8; };
// acl slaves { 10.0.2.5; 10.0.2.6; };

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

// allow-query { internal; };

        forwarders {
                10.0.1.254;
        };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "127.0.0";
        allow-update { none; };
};

zone "r71.nl" {
        type slave;
        file "r71.nl.zone";
        masters { 10.0.2.5; };
};

zone "roderickderks.nl" {
        type slave;
        file "roderickderks.nl.zone";
        masters { 10.0.2.5; };
};

zone "10.in-addr.arpa" {
        type slave;
        file "r71.nl.rev";
        masters { 10.0.2.5; };
};

4. Configuration zone and reverse lookup files

# vi etc/named/chroot/var/named/r71.nl.zone

$TTL 3D
@       IN      SOA     r71.nl. roderick.r71.nl. (
                        2006071501      ; serial, todays date + todays serial #
                        3600            ; refresh, seconds
                        2H              ; retry, seconds
                        8D              ; expire, seconds
                        1D )            ; minimum, seconds

                NS      galibier.r71.nl.
                NS      bonette.r71.nl.
                NS      ventoux.r71.nl.
                MX      10 galibier.r71.nl. ; Primairy Mail Exchanger
                MX      20 ventoux.r71.nl.   ; Secundairy Mail Exchanger
                TXT     "r71.nl domain"

localhost A 127.0.0.1

r71.nl. IN A 10.0.2.5

router01    IN    A    10.0.1.254
www            IN    A    10.0.2.5
ventoux    IN    A    10.0.2.3
galibier       IN    A    10.0.2.5
bonette    IN    A    10.0.2.6
tourmalet    IN    A    10.0.2.7
aubisque    IN    A    10.0.2.8
alpedhuez    IN    A    10.0.2.10
ssl        IN    A    10.0.2.4
printer01    IN    A    10.0.3.1
pc01        IN    A    10.0.4.100

mail        IN    CNAME    galibier
imap        IN    CNAME    galibier
smtp        IN    CNAME    galibier
ns3        IN    CNAME    ventoux
ns1        IN    CNAME    galibier
ns2        IN    CNAME    bonette
music        IN    CNAME    galibier
webmin        IN    CNAME    galibier
ezhpoule    IN    CNAME    galibier
webmail     IN    CNAME    galibier
phpmyadmin     IN    CNAME    galibier
sslexplorer    IN    CNAME    aubisque

# vi etc/named/chroot/var/named/r71.nl.rev

$ORIGIN .
$TTL 86400    ; 1 day
10.in-addr.arpa        IN SOA    r71.nl. roderick.r71.nl. (
                2006070301 ; serial
                10800      ; refresh (3 hours)
                3600       ; retry (1 hour)
                432000     ; expire (5 days)
                86400      ; minimum (1 day)
                )
            NS    bonette.r71.nl.
            NS    ventoux.r71.nl.
            NS    galibier.r71.nl.
$ORIGIN 0.10.in-addr.arpa.
254.1            PTR    router01.r71.nl.
$ORIGIN 2.0.10.in-addr.arpa.
1            PTR    tenerife.r71.nl.
2            PTR    tenerife.r71.nl.
3            PTR    ventoux.r71.nl.
5            PTR    imap.r71.nl.
              PTR    smtp.r71.nl.
              PTR    ghost.r71.nl.
              PTR    webmail.r71.nl.
              PTR    galibier.r71.nl.
6            PTR    bonette.r71.nl.
7            PTR    tourmalette.r71.nl.
8            PTR    aubisque.r71.nl.
$ORIGIN 0.10.in-addr.arpa.
1.3            PTR    printer01.r71.nl.
$ORIGIN 4.0.10.in-addr.arpa.
100            PTR    pc01.r71.nl.

Linux DNS setup

Linux DNS setup

Roderick Derks

Leave a Reply Cancel Reply