Domain Name System (DNS)
A domain name server can be configured using
a configuration file, several zone files, and a cache file. The part of a
network that the name server is responsible for is known as a zone. A zone is
not the same as a domain, in that in a very large domain you can have several
zones, each with its own name server. You can also have one name server service
several zones, each with its own name server. You can also have one name server
service several zones. In this case, each zone will have its own zone file. The
zone files hold resource records that provide hostname and IP address
associations for computers on the network that the domain name server is
responsible for. There are zone files for the server’s network and the local
machine. In addition, there is also a cache file that lists the root servers
your domain server connects to.
1. named.conf
The configuration file for the named daemon
is named.conf, located in the /etc directory. It uses a flexible syntax similar
to C programs. The format enables easy configuration of selected zones,
enabling features such as access control lists and categorized logging. The
named.conf file consists of BIND configuration commands with attached blocks,
within which specific options are listed. A configuration command is followed
by arguments and a block that is delimited with braces. Within the block are
lines of option and feature entries. Each entry is terminated with a semicolon.
Comments can use the C, C++ or Shell/Perl Syntax: enclosing /* */, preceding
//, or preceding #. The following example shows a zone command followed by the
zone name and a block of options that begin with an opening brace, {. Each
option entry ends with a semicolon. The entire block ends with a closing brace
also followed by a semicolon.
// a caching only
nameserver config
//
zone “.” {
type hint;
file “named.ca”; };
The zone command is
used to specify the domains that the name server will service for you. Enter
the keyword zone followed by the name of the domain placed
within double quotes. Do not place a period at the end of the domain name.
There are several
types of zones to choose from: master, slave, stub, forward, and hint.
The type master specifies that the zone holds
master information and is authorized to act on it. The type slave indicates that the zone needs to
update its date periodically from a specified master name server. A slave is
also known as a secondary server. You can use this entry if your name
sever is operating as a secondary server for another primary (master) domain
name server. A stub zone only copies
other name server entries, instead of the entire zone. A forward zone will direct all queries to a specified name server. A hint zone specifies the set of root name
servers used by all Internet domain name servers. You can also specify several
options that will override any global options set with the options command. The
following example illustrates a simple zone command for the mytrek.com domain.
Its class is Internet, IN, and type is master.
2. Step-by-step Configuration Guide
The machine used in this example has been
configured and assigned an IP as follows:
Hostname ops-isb
Domain name test.edu.pk
FQDN ops-isb.test.edu.pk
Routable/Static IP 203.135.44.5
Non-Routable IP 192.168.1.14
Open the file /etc/named.conf. It must
be configured in the manner given below:
|
// generated by
named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers
you want
* to talk to, you might need to uncomment
the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses
an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only
nameserver config
//
zone “.” IN{
type hint;
file
db.cache;
};
zone “test.edu.pk” IN{
type master ;
file “db.test”;
};
zone “44.135.203.in-addr.arpa” IN{
type
master ;
file
“db.203.135.44”;
};
zone “0.0.127.in.addr.arpa” IN{
type
master ;
file
named.local ;
};
|
Explaining the /etc/named.conf file:
options {
This portion of the file
is left to its original state.
};
zone
“.” {
type
hint;
file db.cache;
};
This block is also
left to its original configuration. After this block, you can start the real theme of named.conf i.e.
defining your zone.
zone “test.edu.pk” {
type master ;
file “db.test” ;
};
The key word zone
is written as it is. Write
the name of your zone in quotes. This
zone name must be the name as your domain name. Now the first line of the block defines the type of this
zone i.e. master. The type master means that it is an independent
Name Server (NS) i.e., it doesn’t need to be updated from any other NS, and if was to be updated from another NS,
then it would have been a type slave. File shows the name of your zone file i.e. db.test, in which you will be configuring your zone.
zone “44.135.203.in-addr.arpa” {
type
master ;
file
“db.203.135.44” ;
};
This file configures the backward mapping
i.e. resolves IP to name.
zone “0.0.127.in.addr.arpa”{
type
master ;
file
named.local ;
};
NOTE
- Don’t forget to put a semicolon (;) after the closing braces of every zone block.
- Don’t forget to put the semicolon after each statement of the zone block.
- .db in the filename is just a naming naming convention and you can use your own naming convention for this purpose.
- All the files mentioned in named.conf must exist in the specified path in the option {} block and must be correctly configured.
After configuring the
named.conf file, the next step is the zone files’ configuration. Go to the path
mentioned in the option {} block of the named.conf file, i.e., /var/named.
Begin with the zone
file db.test (as
mentioned in the third block of named.conf).
|
1.
@ IN SOA ops-isb.test.edu.pk. root.ops-isb.test.edu.pk. (
2.
1 ;
Serial
3.
10800 ;
Refresh after 3 hours
4.
3600 ;
Retry after 1 hour
5.
604800 ;
Expire after 1 week
6.
86400 ;
Minimum TTL of 1 day
7.
)
8.
9.
IN NS ops-isb.test.edu.pk.
10.
IN
A 203.135.44.5
11.
12.
$ORIGIN test.edu.pk.
13.
xyz IN A 203.135.44.5
14.
ops-isb IN A 203.135.44.5
15.
www IN A 203.135.44.5
16.
abc IN A 203.135.44.5
17.
bakar IN A 203.135.44.5
18.www.bakar IN A 203.135.44.5
|
NOTE
·
Here
ops-isb is the hostname i.e. the name of machine on which the named
daemon is running.
·
203.135.44.5
is the IP address the machine ops-isb (hostname) has been assigned.
·
xyz,
abc, bakar and www.bakar are the names of my virtual hosts. For example, the
full address of the virtual host, bakar, would be bakar.test.edu.pk. You
can add as many virtual hosts as you want.
·
When
writing the SOA, write the “hostname.zonename” (zone name is the name that you
have declared in the file named.conf). In this example, as in the line one, it
is ops-isb.test.edu.pk, where ops-isb is the host name of my
machine and test.edu.pk is the zonename. Write the name of the
administrator of the zone in the format root.hostname.zonename. In this
example, it is root.ops-isb.test.edu.pk.
·
Don’t
forget to put dot (.) after “ops-isb.test.edu.pk., root.ops-isb.test.edu.pk.
and test.edu.pk.” in line 1, 9 and
12.
The next
configuration is the reverse lookup zone i.e. it resolves IP to domain name.
The file name used in this example is db.203.135.44
|
1.
@ IN SOA ops-isb.test.edu.pk. root.ops-isb.test.edu.pk.
(
2.
1 ;
Serial
3.
10800 ;
Refresh after 3 hours
4.
3600 ;
Retry after 1 hour
5.
604800 ;
Expire after 1 week
6.
86400 ;
Minimum TTL of 1 day
7.
)
8.
9.
IN NS ops-isb.test.edu.pk.
10.
1.44.135.203.IN-ADDR,ARPA IN PTR ops-isb.test.edu.pk.
|
named.local:
|
1.
@ IN SOA ops-isb.test.edu.pk. root.ops-isb.test.edu.pk.
(
2.
1 ; Serial
3.
10800 ; Refresh after 3 hours
4.
3600 ; Retry after 1 hour
5.
604800 ; Expire after 1 week
6.
86400 ; Minimum TTL of 1 day
7.
)
8.
9.
IN NS 127.0.01
10.
1.0.0.127.IN-ADDR.ARPA. IN NS PTR locahost.
|
NOTE
- Numbers have been assigned to the above configuration files in order to clearly explain each line, otherwise they (numbers i.e. 1, 2, 3…) must not be written, neither in the zone, nor in any configuration files.
The next step is the zone file db.cache.
Leave the zone db.cache to its default configurations.
Open the file /etc/resolv.conf and
write the following lines:
search test.edu.pk
nameserver 203.135.44.5
nameserver 127.0.0.1
NOTE
- In search, give the domain name of your system
- nameserver is the IP of the machine in the example, and the loopback address
Starting the Daemon:
Start the DNS server by starting its daemon
by running the following script:
/etc/rc.d/init.d/named
start
You can start, stop or restart the daemon by
putting start, stop, restart at the end of the /etc/rc.d/init.d/named
script.
Testing the DNS:
There are two major ways to ensure that your
DNS has been configured correctly:
- Ping your domain name or any of your virtual host (s).
ping test.edu.pk
ping
bakar.test.edu.pk
If you get the ping reply that means your DNS
is functioning correctly.
- Use nslookup command.
nslookup test.edu.pk
If it is functioning correctly, it
will give the following message:
Server: localhost
Address: 127.0.0.1
Name test.edu.pk
Address 203.135.44.5
No comments:
Post a Comment