Monday, December 26, 2011

DNS Server configuration in Linux

root name server:
A root name server is a name server for the Domain Name System's root zone,The choice of 13 nameservers was made because of limitations in the original DNS specification,While only 13 names are used for the root nameservers, there are many more physical servers; A, C, F, I, J, K, L and M servers now exist in multiple locations on different continents

DNS Hierarchy and the Internet:

It consists of the root directory, represented as a dot (.), and two top level domain hierarchies, one organizational and one geographical.

Diagram shows organizational and geographical top level domain structures for the Internet.

                                                       Figure: Hierarchy of Internet Domains


Domain Name Service(DNS) :
Domain Name Service (DNS) was created in 1983 out of the necessity to convert domain  names to  IP Addresses like 192.168.9.2 . DNS is a distributed database, what this means is that no one computer is used to maintain a complete database of all of the domains on the Internet.Instead this information is distributed across many computers.To further understand how this works,  take a look at the DNS structure:

Notice how the DNS namespace resembles an inverted tree.  The top node, symbolized by a single dot, is known as the root.  Below the root, you have the top-level domains like: com, net, org, mil, gov, etc. There are many top-level domains and now even international domains so the number is almost unlimited for top-level domains.

Example:Consider the web address:

mail.example.org

How do you access mail.example.org to see your web based email ?

There are two components to DNS to help you get where you want to go ?

When someone tries to access a website from their computer, the resolver on their computer sends a query to the nameserver that’s listed in the resolver’s configuration file.The nameserver may or may not know how to access this site.  If it does, fine, the client computer is directed to the site.If it doesn’t know how to access the site, then it will send the query to the root nameserver.  
The root nameserver will see that the address is part of the “org” domain, and will send the query to a “org” nameserver.  The “org” nameserver will see that the query is for “example.org”, and will send the query to a lower-level nameserver that may know about “example.org”.  It still doesn’t stop there, since  the client also specified that they are  asking for a web site (mail), instead of something else, find the “mail.example.org” web server.

Notice that the nameserver returns an IP Address for the “mail.example.org” 


DNS Server configuration for LINUX :
At first we disabled all of the firewall rules :
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules:                                                  [  OK  ]
Setting chains to policy ACCEPT: filter                     [  OK  ]
Unloading iptables modules:                                       [  OK  ]
[root@ns1 named]# /etc/init.d/iptables save
[root@ns1 named]# /etc/init.d/iptables restart

  
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf 
nameserver 192.168.50.18
nameserver 192.168.50.21
 [root@localhost named]# vim /etc/hosts 
127.0.0.1               localhost.localdomain  localhost
i::1              localhost6.localdomain6 localhost6
192.168.50.18            ns1.gix.com             ns1
 [root@localhost named]# vim /etc/sysconfig/network 
HOSTNAME=ns1.gix.com 
[root@localhost named]# hostname ns1.gix.com

Here we search necessary package for DNS
[root@ns1 ~]# rpm -qa | grep bind*
bind-utils-9.3.6-4.P1.el5
bind-chroot-9.3.6-4.P1.el5
binutils-2.17.50.0.6-12.el5
bind-9.3.6-4.P1.el5
bind-sdb-9.3.6-4.P1.el5
bind-devel-9.3.6-4.P1.el5
ypbind-1.19-12.el5
bind-libs-9.3.6-4.P1.el5
bind-libbind-devel-9.3.6-4.P1.el5

[root@ns1 ~]# rpm -qa | grep caching*
caching-nameserver-9.3.6-4.P1.el5
If bind* & cachind* not installed then you must install those package
[root@localhost ~]# yum install bind* -y
[root@localhost ~]# yum install caching* -y

[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# ll
total 32
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root root   955 Nov 14 13:49 named.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key
[root@localhost etc]# chgrp named named.conf
OR 

[root@ns1 etc]# chown .named named.conf 
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root named  955 Nov 14 13:49 named.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key


[root@localhost etc]# cd /var/named/chroot/var/named/
[root@localhost named]# ll

total 72
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r----- 1 root  named  198 Jul 30  2009 localdomain.zone
-rw-r----- 1 root  named  195 Jul 30  2009 localhost.zone
-rw-r----- 1 root  named  427 Jul 30  2009 named.broadcast
-rw-r----- 1 root  named 1892 Jul 30  2009 named.ca
-rw-r----- 1 root  named  424 Jul 30  2009 named.ip6.local
-rw-r----- 1 root  named  426 Jul 30  2009 named.local
-rw-r----- 1 root  named  427 Jul 30  2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves
[root@localhost named]# cp localhost.zone gix.fz
[root@localhost named]# cp named.local gix.rz

[root@localhost named]# ll
total 88
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r----- 1 root  root   195 Nov 14 13:55 gix.fz
-rw-r----- 1 root  root   426 Nov 14 13:56 gix.rz

-rw-r----- 1 root  named  198 Jul 30  2009 localdomain.zone
-rw-r----- 1 root  named  195 Jul 30  2009 localhost.zone
-rw-r----- 1 root  named  427 Jul 30  2009 named.broadcast
-rw-r----- 1 root  named 1892 Jul 30  2009 named.ca
-rw-r----- 1 root  named  424 Jul 30  2009 named.ip6.local
-rw-r----- 1 root  named  426 Jul 30  2009 named.local
-rw-r----- 1 root  named  427 Jul 30  2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves

[root@localhost named]# chgrp named gix.fz
[root@localhost named]# chgrp named gix.rz
[root@localhost named]# ll

total 88
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r----- 1 root  named  195 Nov 14 13:55 gix.fz
-rw-r----- 1 root  named  426 Nov 14 13:56 gix.rz

-rw-r----- 1 root  named  198 Jul 30  2009 localdomain.zone
-rw-r----- 1 root  named  195 Jul 30  2009 localhost.zone
-rw-r----- 1 root  named  427 Jul 30  2009 named.broadcast
-rw-r----- 1 root  named 1892 Jul 30  2009 named.ca
-rw-r----- 1 root  named  424 Jul 30  2009 named.ip6.local
-rw-r----- 1 root  named  426 Jul 30  2009 named.local
-rw-r----- 1 root  named  427 Jul 30  2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves


Here we edit named.conf file :
[root@localhost named]# vim /var/named/chroot/etc/named.conf

options{ directory "/var/named"; };
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};
zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "gix.com" IN {
        type master;
        file "gix.fz";
        allow-update { none; };
};

zone "50.168.192.in-addr.arpa" IN {
        type master;
        file "gix.rx";
        allow-update { none; };
};



         
Here we edit forward zone file:
vim /var/named/chroot/var/named/gix.fz
                  
                  IN NS           ns1.gix.com.
                  IN A             192.168.50.18
ns1           IN A             192.168.50.18





Here we edit reverse zone file:
vim /var/named/chroot/var/named/gix.rz



IN       NS       ns1.gix.com.
18       IN        PTR     ns1.gix.com.



Here we check named.conf + forward zone file + reverse zone file :

For Check syntax error :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf


For check forward zone file database:

[root@ns1 named]# named-checkzone gix.com /var/named/chroot/var/named/gix.fz    zone gix.com/IN: loaded serial 42
OK

For check reverse zone file database:
[root@ns1 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.rz
zone gix.com/IN: loaded serial 1997022700
OK

Now we restart the DNS service:
[root@localhost named]# chkconfig named on
[root@localhost named]# /etc/init.d/named restart

Stopping named:                                            [  OK  ]
Starting named:                                               [  OK  ]

[root@localhost named]# /etc/init.d/network restart
Shutting down interface eth0:                             [  OK  ]
Shutting down loopback interface:                    [  OK  ]
Bringing up loopback interface:                         [  OK  ]
Bringing up interface eth0:                                   [  OK  ]

For DNS Service test :
[root@localhost named]# host 192.168.50.18
18.50.168.192.in-addr.arpa domain name pointer ns1.gix.com.
[root@ns1 named]# host ns1.gix.com
ns1.gix.com has address 192.168.50.18

[root@localhost named]# nslookup ns1.gix.com
Server:         192.168.50.18
Address:        192.168.50.18#53


Name:   ns1.gix.com
Address: 192.168.50.18


[root@localhost named]# nslookup 192.168.50.18
Server:         192.168.50.18
Address:        192.168.50.18#53


18.50.168.192.in-addr.arpa      name = ns1.gix.com.
[root@localhost named]# dig ns1.gix.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> ns1.gix.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47951
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.gix.com.                   IN      A

;; ANSWER SECTION:
ns1.gix.com.            86400   IN      A       192.168.50.18

;; AUTHORITY SECTION:
gix.com.                86400   IN      NS      ns1.gix.com.

;; Query time: 15 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Mon Nov 14 15:54:17 2011
;; MSG SIZE  rcvd: 59

[root@localhost named]# dig -x 192.168.50.18


; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -x 192.168.50.18
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55329
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;18.50.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
18.50.168.192.in-addr.arpa. 86400 IN    PTR     ns1.gix.com.

;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400  IN      NS      ns1.gix.com.

;; ADDITIONAL SECTION:
ns1.gix.com.            86400   IN      A       192.168.50.18

;; Query time: 10 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Mon Nov 14 15:55:34 2011
;; MSG SIZE  rcvd: 99



Secondary DNS Server configuration :
At first we disabled all of the firewall rules :
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules:                                                  [  OK  ]
Setting chains to policy ACCEPT: filter                     [  OK  ]

Unloading iptables modules:                                       [  OK  ]
[root@ns1 named]# /etc/init.d/iptables save
[root@ns1 named]# /etc/init.d/iptables restart


Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf 
 nameserver 192.168.50.18
 nameserver 192.168.50.21
[root@localhost named]# vim /etc/hosts 
127.0.0.1               localhost.localdomain  localhost
i::1              localhost6.localdomain6 localhost6
192.168.50.21            ns2.gix.com             ns2
  
[root@localhost named]# vim /etc/sysconfig/network 
HOSTNAME=ns2.gix.com

[root@localhost named]# hostname ns2.gix.com

[root@localhost ~]# yum install bind* -y
[root@localhost ~]# yum install caching* -y

[root@localhost ~]# cd /var/named/chroot/etc/
[root@localhost etc]# ll
total 32
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key
[root@localhost etc]# cp named.rfc1912.zones named.conf
[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root root   955 Nov 14 13:49 named.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key
[root@localhost etc]# chgrp named named.conf
[root@localhost etc]# ll

total 40
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root named  955 Nov 14 13:49 named.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key


Here we edit named.conf file :
[root@localhost named]# vim /var/named/chroot/etc/named.conf

options{ directory "/var/named"; };
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};
zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};
zone "gix.com" IN {
        type slave;
        file "gix.fz";
        masters { 192.168.50.18; };
};

zone "50.168.192.in-addr.arpa" IN {
        type slave;
        file "gix.rz";
        masters { 192.168.50.18; };
};

Now need to change primary DNS server :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf


zone "gix.com" IN {
        type master;
        file "gix.fz";
        allow-update { 192.168.50.21; };
};

zone "50.168.192.in-addr.arpa" IN {
        type master;
        file "gix.rz";
        allow-update { 192.168.50.21; };
};
 

Here we edit forward zone file:
 [root@ns1 ~]# vim /var/named/chroot/var/named/gix.fz  

IN NS           ns1.gix.com.
IN NS           ns2.gix.com. 
IN A            192.168.50.18
ns1             IN A            192.168.50.18
ns2             IN A            192.168.50.21

Here we edit reverse zone file:
[root@ns1 ~]# vim /var/named/chroot/var/named/gix.rz
 
IN      NS      ns1.gix.com.
IN      NS      ns2.gix.com.
18      IN      PTR     ns1.gix.com.
21      IN      PTR     ns2.gix.com.





Here we check named.conf + forward zone file + reverse zone file :

For Check syntax error :
[root@localhost named]# named-checkconf /var/named/chroot/etc/named.conf


For check forward zone file database:

[root@ns2 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.fz
zone gix.com/IN: loaded serial 42
OK


For check reverse zone file database:
[root@ns2 ~]# named-checkzone gix.com /var/named/chroot/var/named/gix.rz
/var/named/chroot/var/named/gix.rz:3: ignoring out-of-zone data (50.168.192.in-addr.arpa)
/var/named/chroot/var/named/gix.rz:13: ignoring out-of-zone data (18.50.168.192.in-addr.arpa)
/var/named/chroot/var/named/gix.rz:14: ignoring out-of-zone data (21.50.168.192.in-addr.arpa)
zone gix.com/IN: has 0 SOA records
zone gix.com/IN: has no NS records

Now we restart the DNS service:
[root@localhost named]# chkconfig named on
[root@localhost named]# /etc/init.d/named restart

Stopping named:                                            [  OK  ]
Starting named:                                               [  OK  ]

[root@localhost named]# /etc/init.d/network restart
Shutting down interface eth0:                                [  OK  ]
Shutting down loopback interface:                      [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:                                    [  OK  ]
If both primary & secondary DNS server configuration successfully done,forward & reverse zone files are automatically imported from primary DNS server to secondary DNS server
[root@ns2 ~]# cd /var/named/chroot/var/named/
[root@ns2 named]# ll
total 44
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r--r-- 1 named named  356 Nov 18 16:21 gix.fz
-rw-r--r-- 1 named named  385 Nov 18 16:06 gix.rz

For DNS Service test :
[root@localhost named]# host 192.168.50.21
21.50.168.192.in-addr.arpa domain name pointer ns2.gix.com.
[root@localhost named]# host ns2.gix.com
ns2.gix.com has address 192.168.50.21

[root@localhost named]# nslookup ns2.gix.com
Server:         192.168.50.18
Address:        192.168.50.18#53

Name:   ns2.gix.com
Address: 192.168.50.21

[root@localhost named]# nslookup 192.168.50.21Server:         192.168.50.18
Address:        192.168.50.18#53

21.50.168.192.in-addr.arpa      name = ns2.gix.com.
 
[root@localhost named]# dig ns2.gix.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> ns2.gix.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25623
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;ns2.gix.com.                   IN      A

;; ANSWER SECTION:
ns2.gix.com.            86400   IN      A       192.168.50.21

;; AUTHORITY SECTION:
gix.com.                86400   IN      NS      ns1.gix.com.
gix.com.                86400   IN      NS      ns2.gix.com.

;; ADDITIONAL SECTION:
ns1.gix.com.            86400   IN      A       192.168.50.18

;; Query time: 14 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Tue Nov 15 22:15:23 2011
;; MSG SIZE  rcvd: 93


; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -x 192.168.50.18
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55329
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;18.50.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
18.50.168.192.in-addr.arpa. 86400 IN    PTR     ns1.gix.com.

;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400  IN      NS      ns1.gix.com.

;; ADDITIONAL SECTION:
ns1.gix.com.            86400   IN      A       192.168.50.18

;; Query time: 10 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Mon Nov 14 15:55:34 2011
;; MSG SIZE  rcvd: 99

[root@localhost named]# dig -x 192.168.50.21

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -x 192.168.50.21
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34021
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;21.50.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
21.50.168.192.in-addr.arpa. 86400 IN    PTR     ns2.gix.com.

;; AUTHORITY SECTION:
50.168.192.in-addr.arpa. 86400  IN      NS      ns2.gix.com.
50.168.192.in-addr.arpa. 86400  IN      NS      ns1.gix.com.

;; ADDITIONAL SECTION:
ns1.gix.com.            86400   IN      A       192.168.50.18
ns2.gix.com.            86400   IN      A       192.168.50.21

;; Query time: 12 msec
;; SERVER: 192.168.50.18#53(192.168.50.18)
;; WHEN: Tue Nov 15 22:17:57 2011
;; MSG SIZE  rcvd: 133
 


Client pc configuration for windows:









Another Easy procedure to DNS server configuration : 

At first we disabled all of the firewall rules :
[root@ns1 named]# iptables -F
[root@ns1 named]# /etc/init.d/iptables stop
Flushing firewall rules:                                                  [  OK  ]
Setting chains to policy ACCEPT: filter                     [  OK  ]
Unloading iptables modules:                                       [  OK  ]
[root@ns1 named]# /etc/init.d/iptables save
[root@ns1 named]# /etc/init.d/iptables restart

  
Configuration procedure :
[root@localhost named]# vim /etc/resolv.conf 
nameserver 192.168.50.18
 [root@localhost named]# vim /etc/hosts 
127.0.0.1               localhost.localdomain  localhost
i::1              localhost6.localdomain6 localhost6
192.168.50.18            ns1.gix.com             ns1
[root@localhost named]# vim /etc/sysconfig/network 
HOSTNAME=ns1.gix.com 
[root@localhost named]# hostname ns1.gix.com
[root@localhost ~]# yum install bind* -y
[root@localhost ~]# yum install caching* -y

[root@localhost etc]# cp /var/named/chroot/etc/named.rfc1912.zones named.conf
[root@localhost etc]# chgrp named named.conf

[root@localhost etc]# ll
total 40
-rw-r--r-- 1 root root   364 Nov 14 06:13 localtime
-rw-r----- 1 root named 1230 Jul 30  2009 named.caching-nameserver.conf
-rw-r----- 1 root named  955 Nov 14 13:49 named.conf
-rw-r----- 1 root named  955 Jul 30  2009 named.rfc1912.zones
-rw-r----- 1 root named  113 Nov 14 13:47 rndc.key
[root@localhost named]# cp
/var/named/chroot/var/named/localhost.zone gix.fz
[root@localhost named]# cp
/var/named/chroot/var/named/named.local gix.rz
[root@localhost named]# chgrp named gix.fz
[root@localhost named]# chgrp named gix.rz
[root@localhost named]# ll

total 88
drwxrwx--- 2 named named 4096 Aug 26  2004 data
-rw-r----- 1 root  named  195 Nov 14 13:55 gix.fz
-rw-r----- 1 root  named  426 Nov 14 13:56 gix.rz

-rw-r----- 1 root  named  198 Jul 30  2009 localdomain.zone
-rw-r----- 1 root  named  195 Jul 30  2009 localhost.zone
-rw-r----- 1 root  named  427 Jul 30  2009 named.broadcast
-rw-r----- 1 root  named 1892 Jul 30  2009 named.ca
-rw-r----- 1 root  named  424 Jul 30  2009 named.ip6.local
-rw-r----- 1 root  named  426 Jul 30  2009 named.local
-rw-r----- 1 root  named  427 Jul 30  2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves
[root@localhost named]#echo " " > /var/named/chroot/etc/named.conf
Here you just copy & paste these line file :
[root@localhost named]#vim  /var/named/chroot/etc/named.conf

 options{
        directory "/var/named";
       };

zone "tsbd.com" IN {
                type master;
                file "tsbd.fz";
                allow-update { none; };
};
zone "50.168.192.in-addr.arpa" IN {
                type master;
                file "tsbd.rz";
                allow-update { none; };
};

Here we edit forward zone file:echo " " >  /var/named/chroot/var/named/gix.fz

Here you just copy & paste these line file : 

vim /var/named/chroot/var/named/gix.fz


$TTL       86400
@                            IN SOA  dns1.tsbd.com. root.tsbd.com. (
                                                                                42                           ; serial (d. adams)
                                                                                3H                           ; refresh
                                                                                15M                       ; retry
                                                                                1W                         ; expiry
                                                                                1D )                        ; minimum

                        IN NS                             dns1.tsbd.com.
                        IN MX 10                       mail.tsbd.com.
dns1               IN A                                192.168.50.19
mail                IN A                                192.168.50.19
www               IN CNAME                     dns1.tsbd.com.          

Here we edit forward zone file:
echo " " >  /var/named/chroot/var/named/gix.rz
Here you just copy & paste these line file : 

vim /var/named/chroot/var/named/gix.rz

 $TTL       86400
@       IN      SOA     dns1.tsbd.com. root.tsbd.com.   (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
          IN      NS         dns1.tsbd.com.
          IN      MX 10   mail.tsbd.com.
19      IN      PTR      dns1.tsbd.com.
19      IN      PTR      mail.tsbd.com.


Important Example For Forward Zone & Reverse Zone File :

Sample entries in the ``/var/named/mydomain.fz' forward zone file:
; This is the Start of Authority (SOA) record.  Contains contact
; & other information about the name server.  The serial number
; must be changed whenever the file is updated (to inform secondary
; servers that zone information has changed).
    @ IN SOA mydomain.name.  postmaster.mydomain.name. (
 19990811 ; Serial number
 3600  ; 1 hour refresh
 300  ; 5 minutes retry
 172800  ; 2 days expiry
 43200 )  ; 12 hours minimum

; List the name servers in use.  Unresolved (entries in other zones)
; will go to our ISP's name server isp.domain.name.com
 IN NS  mydomain.name.
 IN NS  isp.domain.name.com.

; This is the mail-exchanger.  You can list more than one (if
; applicable), with the integer field indicating priority (lowest
; being a higher priority)
 IN MX  mail.mydomain.name.

; Provides optional information on the machine type & operating system
; used for the server
 IN HINFO Pentium/350 LINUX

; A list of machine names & addresses
    spock.mydomain.name.    IN A    123.12.41.40   ; OpenVMS Alpha
    mail.mydomain.name.     IN A    123.12.41.41   ; Linux (main server)
    kirk.mydomain.name.     IN A    123.12.41.42   ; Windows NT (blech!)

; Including any in our other class C's
    twixel.mydomain.name.   IN A    126.27.18.161  ; Linux test machine
    foxone.mydomain.name.   IN A    126.27.18.162  ; Linux devel. kernel

; Alias (canonical) names
    gopher IN CNAME mail.mydomain.name.
    ftp  IN CNAME mail.mydomain.name.
    www  IN CNAME mail.mydomain.name.

Sample entries in the ``/var/named/mydomain.rz'' reverse zone file:

; This is the Start of Authority record.  Same as in forward lookup table.
    @ IN SOA mydomain.name.  postmaster.mydomain.name. (
 19990811 ; Serial number
 3600  ; 1 hour refresh
 300  ; 5 minutes retry
 172800  ; 2 days expiry
 43200 )  ; 12 hours minimum

; Name servers listed as in forward lookup table
 IN NS  mail.mydomain.name.
 IN NS  isp.domain.name.com.

; A list of machine names & addresses, in reverse.  We are mapping
; more than one class C here, so we need to list the class B portion
; as well.
    40.41 IN PTR    spock.mydomain.name.
    41.41 IN PTR    mail.mydomain.name.
    42.41 IN PTR    kirk.mydomain.name.

; As you can see, we can map our other class C's as long as they are
; under the 123.12.* class B addresses
    24.42 IN PTR    tsingtao.mydomain.name.
    250.42 IN PTR    redstripe.mydomain.name.
    24.43 IN PTR    kirin.mydomain.name.
    66.44 IN PTR    sapporo.mydomain.name.

; No alias (canonical) names should be listed in the reverse lookup
; file (for obvious reasons).