DNS: Linux Bind Installation

Posted: August 4, 2010 in DNS, LINUX

What is bind?

BIND is alternative software for translating domain names into IP addresses. Because domain names are alphabetic, they are easier to remember. So if we will browse the Internet we don’t need to remember IP addresses. For example, the domain name http://www.yourdomain.com might translate to 192.168.0.1.

1. You Can Check BIND Packet

[root@server named]# rpm -qa bind*

bind-libs-9.2.4-2
bind-utils-9.2.4-2
bind-9.2.4-2

2. Setting Computer NS1 With IP 192.168.0.1 As Nameserver And Domain Name yourdomain.com

[root@server ~]# cat /etc/resolv.conf

nameserver 192.168.0.1

2. Setting Computer NS1 With IP 192.168.0.1 As Nameserver And Domain Name yourdomain.com

[root@server ~]# cat /etc/resolv.conf

nameserver 192.168.0.1

3. Setting File /etc/named.conf

[root@server ~]# nano /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
//
options {
   directory "/var/named";
   dump-file "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND 8.1 uses an unprivileged
 * port by default.
 */
 // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
 inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
   allow-update { none; };
};

zone "yourdomain.com" IN {
   type master;
   file "/var/named/yourdomain.com.zone";
   allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
   type master;
   file "/var/named/0.168.192.rev";
   allow-update { none; };
};

include "/etc/rndc.key";

4. Setting File /var/named/yourdomain.com.zone

First you must create the file yourdomain.com.zone; you can use this syntax: [root@server ~]# nano /var/named/yourdomain.com.zone
$TTL            86400
@                 IN SOA            yourdomain.com.  root.yourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D )    ; minimum
@                   IN NS                 ns1.yourdomain.com.
@                   IN A                 192.168.0.1
ns1                 IN A                 192.168.0.1
@                   IN MX   10           mail.yourdomain.com.
mail                IN A                 192.168.0.1
WWW                 IN A                 192.168.0.1

5. Setting File /var/named/0.168.192.rev

First you must create the file 0.168.192.rev; you can use this syntax: [root@server ~]# nano /var/named/0.168.192.rev
$TTL    86400
@                 IN SOA          yourdomain.com. root.yourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D)     ; minimum

@                 IN NS            ns1.yourdomain.com.
1                 IN PTR           binggo.yourdomain.com

6. nslookup yourdomain.com

[root@server ~]# nslookup yourdomain.com

Server:         192.168.0.1
Address:        192.168.0.1#53

Name:   yourdomain.com
Address: 192.168.0.1

7. dig yourdomain.com

[root@server ~]# dig yourdomain.com

8. Configuration For NS 1 Is Finished

If you see errors, you can try to change the permissions of the folder /var/named.

[root@server ~]# chmod 777 -Rvf /var/named/

mode of `/var/named/’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.zero’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localhost.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/198.99.208.rev’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/data’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ca’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ip6.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localdomain.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/yourdomain.com.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.broadcast’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/slaves’ changed to 0777 (rwxrwxrwx)

9. Check The /var/log/messages Log To Find Out If There Are Errors

[root@server ~]# tail /var/log/messages

————————————————–

Document Source: http://www.howtoforge.com/bind-installation-on-centos

Installation Of BIND As A Secondary (Slave) DNS Server

After we have installed BIND as a master DNS server (NS1) (as explained in my recent post), we can now try to set up a secondary DNS server (NS2) with BIND on CentOS. NS2 acts as a backup if there are problems with NS1.

Make sure you’ve successfully set up NS1, as described in my previous post!

NS1 with IP 192.168.0.1
NS2 with IP 192.168.0.2
Our domain: yourdomain.com

Now we can try setting up NS2.

1.  Check your Bind package

[root@server ~]# rpm -qa bind*

bind-libs-9.2.4-2

bind-utils-9.2.4-2

bind-9.2.4-2

2. Setting file /etc/resolv.conf

[root@server ~]# nano /etc/resolv.conf

nameserver 192.168.0.1

3. Setting file /etc/named.conf

[root@server ~]# nano /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
//

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";

/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/

// query-source address * port 53;
allow-transfer {208.99.198.184/32;};
};

//
// a caching only nameserver config
//

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "yourdomain.com" IN {
type slave;
file "/var/named/yourdomain.com.zone";
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };
};

zone "0.168.192.in-addr.arpa" IN {
type slave;
file "/var/named/0.168.192.rev";
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };
};

include "/etc/rndc.key";

4. Change permission of the directory /var/named

[root@server ~]# chmod 777 -Rvf /var/named/

mode of `/var/named/’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.zero’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/localhost.zone’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/data’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.local’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.ca’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.ip6.local’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/localdomain.zone’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.broadcast’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/slaves’ changed to 0777 (rwxrwxrwx)

5. The files /var/named/yourdomain.com and /var/named/0.168.192.rev will automatically be copied to NS2.

6. Running service named

[root@server ~]# service named restart

Stopping named: [ OK ]

Starting named: [ OK ]

7. And check in log file what’s the matter???

[root@server ~]# tail /var/log/messages

Aug 3 04:25:42 server named[9362]: listening on IPv4 interface venet0:0, 192.168.0.2#53
Aug 3 04:25:42 server named[9362]: command channel listening on 127.0.0.1#953
Aug 3 04:25:42 server named[9362]: zone localhost/IN: loaded serial 42
Aug 3 04:25:42 server named[9362]: running
Aug 3 04:25:42 server named[9362]: zone yourdomain.com/IN: transferred serial 100
Aug 3 04:25:42 server named[9362]: transfer of ‘yourdomain.com/IN’ from 192.168.0.1#53: end of transfer
Aug 3 04:25:42 server named[9362]: zone yourdomain.com/IN: sending notifies (serial 100)
Aug 3 04:25:43 server named[9362]: zone 0.168.192.in-addr.arpa/IN: transferred serial 100
Aug 3 04:25:43 server named[9362]: transfer of ‘0.168.192.in-addr.arpa/IN’ from 192.168.0.1#53: end of transfer
Aug 3 04:25:43 server named[9362]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 100)

Looking at this log, you can see that the yourdomain.com zone gets transferred. Actually this file is copied to NS2 so, if NS1 is dead or has a problem, NS2 has a backup configuration.

8. Result using nslookup

[root@server ~]# nslookup yourdomain.com

Server: 192.168.0.1

Address: 192.168.0.1#53

Name: yourdomain.com

Address: 192.168.0.1

answered from nslookup used server from NS1 with IP 192.168.0.1

Now we can try to deactivate NS1 to see if name resolution is still working.

9. First adding nameserver 192.168.0.2

[root@server ~]# cat /etc/resolv.conf

nameserver 192.168.0.1

nameserver 192.168.0.2

This domain is using NS2 because NS1 is not active. We don’t need to change any files on NS2 because all zone files are transferred from NS1 to NS2.

10. Trying a DNS lookup while NS1 is down

[root@server ~]# nslookup yourdomain.com

Server: 192.168.0.2

Address: 192.168.0.2#53

Name: yourdomain.com

Address: 192.168.0.1

Now if there’s any problem with NS1 you can rest calm because NS2 acts as a backup.

Document Source: http://www.howtoforge.com/installation-of-bind-as-a-secondary-slave-dns-server-on-centos

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s