-->
DNS
Server
DNS server is part of a global network
of server that translate host name like www.facebook.com
into numeraical IP address like 119.82.69.202 which computer on the
Net use to communicate with each other. This is allow us to memorize
or intuitive URLs and e-mail addresses instead of a long string of
numbers.
Types
of DNS Server.
- A master DNS server for your domain(s), which stores authoritative records for your domain.
- A slave DNS server, which relies on a master DNS server for data.
- A caching-only DNS server, which stores recent requests like a proxy server. It otherwise refers to other DNS servers.
- A forwarding-only DNS server, which refers
all requests to other DNS servers.
Master
DNS ( Primary DNS Server )
The authoritative server that contains
the master zone file, which can be modified to update DNS information
about the zone, is called the primary master server, or just
master server.
Slave
DNS ( Secondary DNS Server )
The
additional name servers for the zone are called secondary
servers
or slave
servers.
Secondary servers retrieve information about the zone through a zone
transfer from the master server or from another secondary server. DNS
information about a zone is never modified directly on the secondary
server.
Here
I am using RHEL 5.5 64 bit operating System.
Domain
name is = facebook.com
Master
IP = 10.64.10.1 and host name is = server.example.com
Slave
IP = 10.64.10.2 and host name is = slave.example.com
client
IP = 10.64.10.3 and host name is = client.example.com
How
to Setup Master DNS ( Primary DNS) Server.
First we check
some file.
[root@server ~]# cat
/etc/sysconfig/network
[root@server ~]# cat /etc/resolv.conf
[root@server ~]# cat /etc/hosts
Install
Required RPMs.
[root@server ~] # yum install bind*
caching-nameserver
[root@server
~]# /etc/init.d/named restart;chkconfig named on ( restart the
service and make it permanent running )
Make the
named.conf file and sysmbol link.
[root@server ~]# cd
/var/named/chroot/etc/
[root@server etc]# cp -p
named.caching-nameserver.conf named.conf
[root@server etc]# ln -s
/var/named/chroot/etc/named.conf /etc/named.conf
[root@server etc]# ls -la
/etc/named.conf
lrwxrwxrwx 1 root root 32 Dec 22 16:39
/etc/named.conf -> /var/named/chroot/etc/named.conf
Now Generate
the Key. Edit it into named.conf
[root@server etc]# rndc-confgen -a -b
512
include “/etc/rndc.key”;
Now Edit the named.conf file.
| options {
listen-on port 53 { 127.0.0.1; 10.64.10.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 10.64.10.0/24; }; allow-query-cache { localhost; 10.64.10.0/24; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { localhost; 10.64.10.0/24; }; match-destinations { localhost; 10.64.10.0/24; }; recursion yes; include "/etc/named.rfc1912.zones"; };
include “/etc/rndc.key”;
|
Now mention the zone files in.
[root@server etc]# vim named.rfc1912.zones
| zone "facebook.com" IN {
type master; file "facebook.com.zone"; allow-update { none; }; allow-transfer { 10.64.10.2; }; }; zone "10.64.10.in-addr.arpa" IN { type master; file "rev-facebook.com.zone"; allow-update { none; }; allow-transfer { 10.64.10.2; }; }; |
Now create fowared zones files.
[root@server ~]# cd
/var/named/chroot/var/named/
[root@server named]# cp -p
localhost.zone facebook.com.zone
| $TTL 86400
@ IN SOA master.facebook.com. root.facebook.com. ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS master.facebook.com. IN NS slave.facebook.com. master IN A 10.64.10.1 slave IN A 10.64.10.2 client IN A 10.64.10.3 |
Now create reverse zone file.
[root@server named]# cp -p named.local rev-facebook.com.zone
| $TTL 86400
@ IN SOA master.facebook.com. root.master.facebook.com. ( 42 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS master.facebook.com. IN NS slave.facebook.com. 1 IN PTR master. 2 IN PTR slave. 3 IN PTR client. |
Now Restart service.
[root@server named]# /etc/init.d/named
restart
Stopping named:
[ OK ]
Starting named:
[ OK ]
Now check
Master is running file.
| [root@server named]# nslookup 10.64.10.1
Server: 10.64.10.1 Address: 10.64.10.1#53 1.10.64.10.in-addr.arpa name = master. |
Or
| [root@server named]# nslookup master.facebook.com
Server: 10.64.10.1 Address: 10.64.10.1#53 Name: master.facebook.com Address: 10.64.10.1 |
Or
| [root@server named]# dig -x 10.64.10.1
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -x 10.64.10.1 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17417 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;1.10.64.10.in-addr.arpa. IN PTR ;; ANSWER SECTION: 1.10.64.10.in-addr.arpa. 86400 IN PTR master. ;; AUTHORITY SECTION: 10.64.10.in-addr.arpa. 86400 IN NS slave.facebook.com. 10.64.10.in-addr.arpa. 86400 IN NS master.facebook.com. ;; ADDITIONAL SECTION: slave.facebook.com. 86400 IN A 10.64.10.2 master.facebook.com. 86400 IN A 10.64.10.1 ;; Query time: 1 msec ;; SERVER: 10.64.10.1#53(10.64.10.1) ;; WHEN: Tue Dec 25 06:04:19 2012 ;; MSG SIZE rcvd: 146 |
That means master is running fine.
How
to Setup Slave DNS ( Secondary DNS) Server.
Install
Required RPMs.
[root@slave ~] # yum install bind*
caching-nameserver
[root@slave
~]# /etc/init.d/named restart;chkconfig named on ( restart the
service and make it permanent running )
Make the
named.conf file and sysmbol link.
[root@slave ~]# cd
/var/named/chroot/etc/
[root@slave etc]# cp -p
named.caching-nameserver.conf named.conf
[root@slave etc]# ln -s
/var/named/chroot/etc/named.conf /etc/named.conf
[root@slave etc]# ls -la
/etc/named.conf
lrwxrwxrwx 1 root root 32 Dec 22 16:39
/etc/named.conf -> /var/named/chroot/etc/named.conf
Now Generate
the Key. Edit it into named.conf
[root@slave etc]# rndc-confgen -a -b
512
include “/etc/rndc.key”;
Now
Edit the named.conf file.
| options {
listen-on port 53 { 127.0.0.1; 10.64.10.2; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; // Those options should be used carefully because they disable port // randomization // query-source port 53; // query-source-v6 port 53; allow-query { localhost; 10.64.10.0/24; }; allow-query-cache { localhost; 10.64.10.0/24; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { localhost; 10.64.10.0/24; }; match-destinations { localhost; 10.64.10.0/24; }; recursion yes; include "/etc/named.rfc1912.zones"; }; include “/etc/rndc.key”; |
Now
mention zone files.
[root@slave
~]# cd /var/named/chroot/etc/
[root@slave
etc]# vim named.rfc1912.zones
| zone "facebook.com" IN {
type slave; file "slaves/facebook.com.zone"; masters { 10.64.10.1; }; }; zone "10.64.10.in-addr.arpa" { type slave; file "slaves/facebook.com.zone"; masters { 10.64.10.1; }; }; |
Now
create the zones file.
[root@slave
~]# cd /var/named/chroot/var/named/slaves
[root@slave
slaves]# vim facebook.com.zone
T$TL 86400 2010031200 ; Serial |
[root@slave
slaves]# vim rev-facebook.com.zone
| $TTL 86400
@ IN SOA master.facebook.com. root.facebook.com. ( 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum |
Create
the Symbol link
[root@slave
~]# ln -s /var/named/chroot/var/named/slaves/facebook.com.zone
/var/named/slaves/facebook.com.zone
[root@slave
~]# ls -la /var/named/slaves/facebook.com.zone
lrwxrwxrwx
1 root root 52 Dec 25 06:27 /var/named/slaves/facebook.com.zone ->
/var/named/chroot/var/named/slaves/facebook.com.zone
Now
change the permission
[root@slave
~]# chown named.named
/var/named/chroot/var/named/slaves/rev-facebook.com.zone
[root@slave
~]# ls -l /var/named/chroot/var/named/slaves/rev-facebook.com.zone
-rw-r-----
1 named named 175 Dec 24 15:00
/var/named/chroot/var/named/slaves/rev-facebook.com.zone
Now
Restart the service.
[root@slave
~]# /etc/init.d/named restart
Stopping
named: [ OK ]
Starting
named: [ OK ]
Now
check the slave is working file.
| [root@slave ~]# nslookup 10.64.10.2
Server: 10.64.10.2 Address: 10.64.10.2#53 2.10.64.10.in-addr.arpa name = slave. |
Or
| [root@slave ~]# nslookup slave.facebook.com
Server: 10.64.10.2 Address: 10.64.10.2#53 Name: slave.facebook.com Address: 10.64.10.2 |
Or
| [root@slave ~]# dig -x 10.64.10.2
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -x 10.64.10.2 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23303 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;2.10.64.10.in-addr.arpa. IN PTR ;; ANSWER SECTION: 2.10.64.10.in-addr.arpa. 86400 IN PTR slave. ;; AUTHORITY SECTION: 10.64.10.in-addr.arpa. 86400 IN NS master.facebook.com. 10.64.10.in-addr.arpa. 86400 IN NS slave.facebook.com. ;; ADDITIONAL SECTION: slave.facebook.com. 86400 IN A 10.64.10.2 master.facebook.com. 86400 IN A 10.64.10.1 ;; Query time: 2 msec ;; SERVER: 10.64.10.2#53(10.64.10.2) ;; WHEN: Tue Dec 25 06:38:56 2012 ;; MSG SIZE rcvd: 145 |
Now
check the client side.
| [root@client ~]# nslookup 10.64.10.1
Server: 10.64.10.1 Address: 10.64.10.1#53 1.10.64.10.in-addr.arpa name = master. [root@client ~]# nslookup 10.64.10.2 Server: 10.64.10.1 Address: 10.64.10.1#53 2.10.64.10.in-addr.arpa name = slave. |
Thanks & Regards
Manish Singh Bhandari
