root name server:
A root name server is a name server for the Domain Name System's root zone,The choice of 13 nameservers was made because of limitations in the original DNS specification,While only 13 names are used for the root nameservers, there are many more physical servers; A, C, F, I, J, K, L and M servers now exist in multiple locations on different continentsDNS Hierarchy and the Internet:
It consists of the root directory, represented as a dot (.), and two top level domain hierarchies, one organizational and one geographical.Figure: Hierarchy of Internet Domains
Domain Name Service(DNS) :
Domain Name Service (DNS) was created in 1983 out of the necessity to convert domain names to IP Addresses like 192.168.9.2 . DNS is a distributed database, what this means is that no one computer is used to maintain a complete database of all of the domains on the Internet.Instead this information is distributed across many computers.To further understand how this works, take a look at the DNS structure:
Notice how the DNS namespace resembles an inverted tree. The top node, symbolized by a single dot, is known as the root. Below the root, you have the top-level domains like: com, net, org, mil, gov, etc. There are many top-level domains and now even international domains so the number is almost unlimited for top-level domains.
Example:Consider the web address:
mail.example.org
How do you access mail.example.org to see your web based email ?
There are two components to DNS to help you get where you want to go ?
When someone tries to access a website from their computer, the resolver on their computer sends a query to the nameserver that’s listed in the resolver’s configuration file.The nameserver may or may not know how to access this site. If it does, fine, the client computer is directed to the site.If it doesn’t know how to access the site, then it will send the query to the root nameserver.
The root nameserver will see that the address is part of the “org” domain, and will send the query to a “org” nameserver. The “org” nameserver will see that the query is for “example.org”, and will send the query to a lower-level nameserver that may know about “example.org”. It still doesn’t stop there, since the client also specified that they are asking for a web site (mail), instead of something else, find the “mail.example.org” web server.
Notice that the nameserver returns an IP Address for the “mail.example.org”
DNS Server configuration for LINUX :
[root@localhost named]# hostname ns1.gix.com
Here we search necessary package for DNS
[root@ns1 ~]# rpm -qa | grep bind*
bind-utils-9.3.6-4.P1.el5
bind-chroot-9.3.6-4.P1.el5
binutils-2.17.50.0.6-12.el5
bind-9.3.6-4.P1.el5
bind-sdb-9.3.6-4.P1.el5
bind-devel-9.3.6-4.P1.el5
ypbind-1.19-12.el5
bind-libs-9.3.6-4.P1.el5
bind-libbind-devel-9.3.6-4.P1.el5
[root@ns1 ~]# rpm -qa | grep caching*
caching-nameserver-9.3.6-4.P1.el5
If bind* & cachind* not installed then you must install those package
[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# ll
total 32
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root root 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# chgrp named named.conf
OR
[root@ns1 etc]# chown .named named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
Here we edit named.conf file :
type master;
file "named.zero";
allow-update { none; };
};
zone "gix.com" IN {
type master;
file "gix.fz";
allow-update { none; };
};
zone "50.168.192.in-addr.arpa" IN {
type master;
file "gix.rx";
allow-update { none; };
};
IN NS ns1.gix.com.
IN A 192.168.50.18
ns1 IN A 192.168.50.18
Here we edit reverse zone file:
vim /var/named/chroot/var/named/gix.rz
IN NS ns1.gix.com.
18 IN PTR ns1.gix.com.
Here we check named.conf + forward zone file + reverse zone file :
For Check syntax error :
For check forward zone file database:
[root@ns1 named]# named-checkzone gix.com /var/named/chroot/var/named/gix.fz zone gix.com/IN: loaded serial 42
OK
For check reverse zone file database:
[root@ns1 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.rz
zone gix.com/IN: loaded serial 1997022700
OK
Now we restart the DNS service:
[root@localhost named]# chkconfig named on
[root@localhost named]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
ns1.gix.com has address 192.168.50.18
[root@localhost named]# nslookup ns1.gix.com
Server: 192.168.50.18
Address: 192.168.50.18#53
Name: ns1.gix.com
Address: 192.168.50.18
[root@localhost named]# nslookup 192.168.50.18
Server: 192.168.50.18
Address: 192.168.50.18#53
18.50.168.192.in-addr.arpa name = ns1.gix.com.
[root@localhost named]# dig ns1.gix.com
[root@localhost named]# dig -x 192.168.50.18
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
[root@ns1 named]# /etc/init.d/iptables save
[root@ns1 named]# /etc/init.d/iptables restart
Configuration procedure :
[root@localhost named]# vim /etc/sysconfig/network
HOSTNAME=ns2.gix.com
[root@localhost named]# hostname ns2.gix.com
[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# ll
total 32
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root root 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# chgrp named named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
type master;
file "named.zero";
allow-update { none; };
};
zone "gix.com" IN {
type slave;
file "gix.fz";
masters { 192.168.50.18; };
};
zone "50.168.192.in-addr.arpa" IN {
type slave;
file "gix.rz";
masters { 192.168.50.18; };
};
zone "gix.com" IN {
type master;
file "gix.fz";
allow-update { 192.168.50.21; };
};
zone "50.168.192.in-addr.arpa" IN {
type master;
file "gix.rz";
allow-update { 192.168.50.21; };
};
IN NS ns1.gix.com.
IN NS ns2.gix.com.
IN A 192.168.50.18
ns1 IN A 192.168.50.18
ns2 IN A 192.168.50.21
Here we edit reverse zone file:
IN NS ns2.gix.com.
18 IN PTR ns1.gix.com.
21 IN PTR ns2.gix.com.
Here we check named.conf + forward zone file + reverse zone file :
For Check syntax error :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf
For check forward zone file database:
[root@ns2 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.fz
zone gix.com/IN: loaded serial 42
OK
For check reverse zone file database:
[root@ns2 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.rz
/var/named/chroot/var/named/gix.rz:3: ignoring out-of-zone data (50.168.192.in-addr.arpa)
/var/named/chroot/var/named/gix.rz:13: ignoring out-of-zone data (18.50.168.192.in-addr.arpa)
/var/named/chroot/var/named/gix.rz:14: ignoring out-of-zone data (21.50.168.192.in-addr.arpa)
zone gix.com/IN: has 0 SOA records
zone gix.com/IN: has no NS records
DNS Server configuration for LINUX :
At first we disabled all of the firewall rules :
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
[root@ns1 named]# /etc/init.d/iptables restart
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
[root@ns1 named]# /etc/init.d/iptables save[root@ns1 named]# /etc/init.d/iptables restart
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf
nameserver 192.168.50.18
nameserver 192.168.50.21
[root@localhost named]# vim /etc/hosts 127.0.0.1 localhost.localdomain localhost
i::1 localhost6.localdomain6 localhost6
192.168.50.18 ns1.gix.com ns1
i::1 localhost6.localdomain6 localhost6
192.168.50.18 ns1.gix.com ns1
[root@localhost named]# vim /etc/sysconfig/network
HOSTNAME=ns1.gix.com [root@localhost named]# hostname ns1.gix.com
Here we search necessary package for DNS
[root@ns1 ~]# rpm -qa | grep bind*
bind-utils-9.3.6-4.P1.el5
bind-chroot-9.3.6-4.P1.el5
binutils-2.17.50.0.6-12.el5
bind-9.3.6-4.P1.el5
bind-sdb-9.3.6-4.P1.el5
bind-devel-9.3.6-4.P1.el5
ypbind-1.19-12.el5
bind-libs-9.3.6-4.P1.el5
bind-libbind-devel-9.3.6-4.P1.el5
[root@ns1 ~]# rpm -qa | grep caching*
caching-nameserver-9.3.6-4.P1.el5
If bind* & cachind* not installed then you must install those package
[root@localhost ~]# yum install bind* -y
[root@localhost ~]# yum install caching* -y
[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# ll
total 32
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root root 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# chgrp named named.conf
OR
[root@ns1 etc]# chown .named named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# cd /var/named/chroot/var/named/
[root@localhost named]# ll
total 72
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
[root@localhost named]# cp localhost.zone gix.fz
[root@localhost named]# cp named.local gix.rz
[root@localhost named]# ll
total 88
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root root 195 Nov 14 13:55 gix.fz
-rw-r----- 1 root root 426 Nov 14 13:56 gix.rz
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
[root@localhost named]# chgrp named gix.fz
[root@localhost named]# chgrp named gix.rz
[root@localhost named]# ll
total 88
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root named 195 Nov 14 13:55 gix.fz
-rw-r----- 1 root named 426 Nov 14 13:56 gix.rz
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
[root@localhost named]# ll
total 72
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
[root@localhost named]# cp localhost.zone gix.fz
[root@localhost named]# cp named.local gix.rz
[root@localhost named]# ll
total 88
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root root 195 Nov 14 13:55 gix.fz
-rw-r----- 1 root root 426 Nov 14 13:56 gix.rz
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
[root@localhost named]# chgrp named gix.fz
[root@localhost named]# chgrp named gix.rz
[root@localhost named]# ll
total 88
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root named 195 Nov 14 13:55 gix.fz
-rw-r----- 1 root named 426 Nov 14 13:56 gix.rz
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
Here we edit named.conf file :
[root@localhost named]# vim /var/named/chroot/etc/named.conf
options{ directory "/var/named"; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
type master;
file "named.zero";
allow-update { none; };
};
zone "gix.com" IN {
type master;
file "gix.fz";
allow-update { none; };
};
zone "50.168.192.in-addr.arpa" IN {
type master;
file "gix.rx";
allow-update { none; };
};
Here we edit forward zone file:
vim /var/named/chroot/var/named/gix.fzIN NS ns1.gix.com.
IN A 192.168.50.18
ns1 IN A 192.168.50.18
Here we edit reverse zone file:
vim /var/named/chroot/var/named/gix.rz
IN NS ns1.gix.com.
18 IN PTR ns1.gix.com.
Here we check named.conf + forward zone file + reverse zone file :
For Check syntax error :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf
For check forward zone file database:
[root@ns1 named]# named-checkzone gix.com /var/named/chroot/var/named/gix.fz zone gix.com/IN: loaded serial 42
OK
For check reverse zone file database:
[root@ns1 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.rz
zone gix.com/IN: loaded serial 1997022700
OK
Now we restart the DNS service:
[root@localhost named]# chkconfig named on
[root@localhost named]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
[root@localhost named]# /etc/init.d/network restart
Shutting down interface eth0: [ OK ]Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
For DNS Service test :
[root@localhost named]# host 192.168.50.18
18.50.168.192.in-addr.arpa domain name pointer ns1.gix.com.
[root@ns1 named]# host ns1.gix.comns1.gix.com has address 192.168.50.18
[root@localhost named]# nslookup ns1.gix.com
Server: 192.168.50.18
Address: 192.168.50.18#53
Name: ns1.gix.com
Address: 192.168.50.18
[root@localhost named]# nslookup 192.168.50.18
Server: 192.168.50.18
Address: 192.168.50.18#53
18.50.168.192.in-addr.arpa name = ns1.gix.com.
[root@localhost named]# dig ns1.gix.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> ns1.gix.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47951
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.gix.com. IN A
;; ANSWER SECTION:
ns1.gix.com. 86400 IN A 192.168.50.18
;; AUTHORITY SECTION:
gix.com. 86400 IN NS ns1.gix.com.
;; Query time: 15 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Mon Nov 14 15:54:17 2011
;; MSG SIZE rcvd: 59
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -x 192.168.50.18
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55329
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;18.50.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
18.50.168.192.in-addr.arpa. 86400 IN PTR ns1.gix.com.
;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400 IN NS ns1.gix.com.
;; ADDITIONAL SECTION:
ns1.gix.com. 86400 IN A 192.168.50.18
;; Query time: 10 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Mon Nov 14 15:55:34 2011
;; MSG SIZE rcvd: 99
Secondary DNS Server configuration :
At first we disabled all of the firewall rules : [root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
[root@ns1 named]# /etc/init.d/iptables save
[root@ns1 named]# /etc/init.d/iptables restart
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf
nameserver 192.168.50.18
nameserver 192.168.50.21
nameserver 192.168.50.21
[root@localhost named]# vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
i::1 localhost6.localdomain6 localhost6
192.168.50.21 ns2.gix.com ns2
i::1 localhost6.localdomain6 localhost6
192.168.50.21 ns2.gix.com ns2
HOSTNAME=ns2.gix.com
[root@localhost named]# hostname ns2.gix.com
[root@localhost ~]# yum install bind* -y
[root@localhost ~]# yum install caching* -y
[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# ll
total 32
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root root 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost etc]# chgrp named named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
Here we edit named.conf file :
[root@localhost named]# vim /var/named/chroot/etc/named.conf
options{ directory "/var/named"; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
type master;
file "named.zero";
allow-update { none; };
};
zone "gix.com" IN {
type slave;
file "gix.fz";
masters { 192.168.50.18; };
};
zone "50.168.192.in-addr.arpa" IN {
type slave;
file "gix.rz";
masters { 192.168.50.18; };
};
Now need to change primary DNS server :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf
zone "gix.com" IN {
type master;
file "gix.fz";
allow-update { 192.168.50.21; };
};
zone "50.168.192.in-addr.arpa" IN {
type master;
file "gix.rz";
allow-update { 192.168.50.21; };
};
Here we edit forward zone file:
[root@ns1 ~]# vim /var/named/chroot/var/named/gix.fz
IN NS ns1.gix.com.
IN NS ns2.gix.com.
IN A 192.168.50.18
ns1 IN A 192.168.50.18
ns2 IN A 192.168.50.21
Here we edit reverse zone file:
[root@ns1 ~]# vim /var/named/chroot/var/named/gix.rz
IN NS ns1.gix.com.IN NS ns2.gix.com.
18 IN PTR ns1.gix.com.
21 IN PTR ns2.gix.com.
Here we check named.conf + forward zone file + reverse zone file :
For Check syntax error :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf
For check forward zone file database:
[root@ns2 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.fz
zone gix.com/IN: loaded serial 42
OK
For check reverse zone file database:
[root@ns2 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.rz
/var/named/chroot/var/named/gix.rz:3: ignoring out-of-zone data (50.168.192.in-addr.arpa)
/var/named/chroot/var/named/gix.rz:13: ignoring out-of-zone data (18.50.168.192.in-addr.arpa)
/var/named/chroot/var/named/gix.rz:14: ignoring out-of-zone data (21.50.168.192.in-addr.arpa)
zone gix.com/IN: has 0 SOA records
zone gix.com/IN: has no NS records
Now we restart the DNS service:
[root@localhost named]# chkconfig named on
[root@localhost named]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
[root@localhost named]# /etc/init.d/network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
If both primary & secondary DNS server configuration successfully done,forward & reverse zone files are automatically imported from primary DNS server to secondary DNS server
[root@ns2 ~]# cd /var/named/chroot/var/named/
[root@ns2 named]# ll
total 44
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r--r-- 1 named named 356 Nov 18 16:21 gix.fz
-rw-r--r-- 1 named named 385 Nov 18 16:06 gix.rz
For DNS Service test :
[root@localhost named]# host 192.168.50.21
21.50.168.192.in-addr.arpa domain name pointer ns2.gix.com.[root@localhost named]# host ns2.gix.com
ns2.gix.com has address 192.168.50.21
[root@localhost named]# nslookup ns2.gix.com
Server: 192.168.50.18
Address: 192.168.50.18#53
Name: ns2.gix.com
Address: 192.168.50.21
[root@localhost named]# nslookup 192.168.50.21Server: 192.168.50.18
Address: 192.168.50.18#53
21.50.168.192.in-addr.arpa name = ns2.gix.com.
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> ns2.gix.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25623
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;ns2.gix.com. IN A
;; ANSWER SECTION:
ns2.gix.com. 86400 IN A 192.168.50.21
;; AUTHORITY SECTION:
gix.com. 86400 IN NS ns1.gix.com.
gix.com. 86400 IN NS ns2.gix.com.
;; ADDITIONAL SECTION:
ns1.gix.com. 86400 IN A 192.168.50.18
;; Query time: 14 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Tue Nov 15 22:15:23 2011
;; MSG SIZE rcvd: 93
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -x 192.168.50.18
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55329
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;18.50.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
18.50.168.192.in-addr.arpa. 86400 IN PTR ns1.gix.com.
;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400 IN NS ns1.gix.com.
;; ADDITIONAL SECTION:
ns1.gix.com. 86400 IN A 192.168.50.18
;; Query time: 10 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Mon Nov 14 15:55:34 2011
;; MSG SIZE rcvd: 99
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34021
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;21.50.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
21.50.168.192.in-addr.arpa. 86400 IN PTR ns2.gix.com.
;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400 IN NS ns2.gix.com.
50.168.192.in-addr.arpa. 86400 IN NS ns1.gix.com.
;; ADDITIONAL SECTION:
ns1.gix.com. 86400 IN A 192.168.50.18
ns2.gix.com. 86400 IN A 192.168.50.21
;; Query time: 12 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Tue Nov 15 22:17:57 2011
;; MSG SIZE rcvd: 133
Client pc configuration for windows:
Another Easy procedure to DNS server configuration :
At first we disabled all of the firewall rules :
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
[root@ns1 named]# /etc/init.d/iptables restart
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
[root@ns1 named]# /etc/init.d/iptables save[root@ns1 named]# /etc/init.d/iptables restart
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf
nameserver 192.168.50.18
[root@localhost named]# vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
i::1 localhost6.localdomain6 localhost6
192.168.50.18 ns1.gix.com ns1
i::1 localhost6.localdomain6 localhost6
192.168.50.18 ns1.gix.com ns1
[root@localhost named]# vim /etc/sysconfig/network
HOSTNAME=ns1.gix.com [root@localhost named]# hostname ns1.gix.com
[root@localhost ~]# yum install bind* -y
[root@localhost ~]# yum install caching* -y
[root@localhost etc]# cp /var/named/chroot/etc/named.rfc1912.zones named.conf
[root@localhost etc]# chgrp named named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root 364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 955 Nov 14 13:49 named.conf
-rw-r----- 1 root named 955 Jul 30 2009 named.rfc1912.zones
-rw-r----- 1 root named 113 Nov 14 13:47 rndc.key
[root@localhost named]# cp /var/named/chroot/var/named/localhost.zone gix.fz
[root@localhost named]# cp /var/named/chroot/var/named/named.local gix.rz
[root@localhost named]# chgrp named gix.fz
[root@localhost named]# chgrp named gix.rz
[root@localhost named]# ll
total 88
drwxrwx--- 2 named named 4096 Aug 26 2004 data
-rw-r----- 1 root named 195 Nov 14 13:55 gix.fz
-rw-r----- 1 root named 426 Nov 14 13:56 gix.rz
-rw-r----- 1 root named 198 Jul 30 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 30 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 30 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 30 2009 named.ca
-rw-r----- 1 root named 424 Jul 30 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 30 2009 named.local
-rw-r----- 1 root named 427 Jul 30 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
Here you just copy & paste these line file :
[root@localhost named]#vim /var/named/chroot/etc/named.conf
options{
directory "/var/named";
};
zone "tsbd.com" IN {
type master;
file "tsbd.fz";
allow-update { none; };
};
zone "50.168.192.in-addr.arpa" IN {
type master;
file "tsbd.rz";
allow-update { none; };
};
Here you just copy & paste these line file :
vim /var/named/chroot/var/named/gix.fz
$TTL 86400
@ IN SOA dns1.tsbd.com. root.tsbd.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns1.tsbd.com.
IN MX 10 mail.tsbd.com.
dns1 IN A 192.168.50.19
mail IN A 192.168.50.19
www IN CNAME dns1.tsbd.com.
Here we edit forward zone file:
echo " " > /var/named/chroot/var/named/gix.rzHere you just copy & paste these line file :
vim /var/named/chroot/var/named/gix.rz
$TTL 86400
@ IN SOA dns1.tsbd.com. root.tsbd.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns1.tsbd.com.
IN MX 10 mail.tsbd.com.
19 IN PTR dns1.tsbd.com.
19 IN PTR mail.tsbd.com.Sample entries in the ``/var/named/mydomain.fz' forward zone file:
; This is the Start of Authority (SOA) record. Contains contact ; & other information about the name server. The serial number ; must be changed whenever the file is updated (to inform secondary ; servers that zone information has changed). @ IN SOA mydomain.name. postmaster.mydomain.name. ( 19990811 ; Serial number 3600 ; 1 hour refresh 300 ; 5 minutes retry 172800 ; 2 days expiry 43200 ) ; 12 hours minimum ; List the name servers in use. Unresolved (entries in other zones) ; will go to our ISP's name server isp.domain.name.com IN NS mydomain.name. IN NS isp.domain.name.com. ; This is the mail-exchanger. You can list more than one (if ; applicable), with the integer field indicating priority (lowest ; being a higher priority) IN MX mail.mydomain.name. ; Provides optional information on the machine type & operating system ; used for the server IN HINFO Pentium/350 LINUX ; A list of machine names & addresses spock.mydomain.name. IN A 123.12.41.40 ; OpenVMS Alpha mail.mydomain.name. IN A 123.12.41.41 ; Linux (main server) kirk.mydomain.name. IN A 123.12.41.42 ; Windows NT (blech!) ; Including any in our other class C's twixel.mydomain.name. IN A 126.27.18.161 ; Linux test machine foxone.mydomain.name. IN A 126.27.18.162 ; Linux devel. kernel ; Alias (canonical) names gopher IN CNAME mail.mydomain.name. ftp IN CNAME mail.mydomain.name. www IN CNAME mail.mydomain.name. |
Sample entries in the ``/var/named/mydomain.rz'' reverse zone file:
; This is the Start of Authority record. Same as in forward lookup table. @ IN SOA mydomain.name. postmaster.mydomain.name. ( 19990811 ; Serial number 3600 ; 1 hour refresh 300 ; 5 minutes retry 172800 ; 2 days expiry 43200 ) ; 12 hours minimum ; Name servers listed as in forward lookup table IN NS mail.mydomain.name. IN NS isp.domain.name.com. ; A list of machine names & addresses, in reverse. We are mapping ; more than one class C here, so we need to list the class B portion ; as well. 40.41 IN PTR spock.mydomain.name. 41.41 IN PTR mail.mydomain.name. 42.41 IN PTR kirk.mydomain.name. ; As you can see, we can map our other class C's as long as they are ; under the 123.12.* class B addresses 24.42 IN PTR tsingtao.mydomain.name. 250.42 IN PTR redstripe.mydomain.name. 24.43 IN PTR kirin.mydomain.name. 66.44 IN PTR sapporo.mydomain.name. ; No alias (canonical) names should be listed in the reverse lookup ; file (for obvious reasons).