DNS/BIND the Easy Way(tm)
This is another one of the tutorials that I wrote several years ago when I was first working my way into the Linux world.
DNS/BIND the Easy Way(tm)
In this tutorial, I will show you how to get name service running on a network with the following configuration:
– Network: 192.168.10.0
– Domain: home.lan
– Hosts: ns1, foo, bar and baz
– The PC’s address are :
192.168.10.1 – ns1.home.lan home.lan : Linux running BIND (named)
192.168.10.2 – foo.home.lan
192.168.10.3 – bar.home.lan
192.168.10.4 – baz.home.lan
This tutorial is written in a manner that will allow any monkey to copy and paste a few things and get a dns server running. (I was able to do it after all!). I would suggest using this tutorial along with some other documentation such as can be found at google.com.
So let’s do it!
Warning : Be mindful of syntax, there are dots “.” everywhere. Don’t forget them!
File : /etc/resolv.conf
This tells the resolver to send queries to our name server
search home.lan
nameserver 192.168.10.1
File : /etc/named.conf
This is where you tell named what zones to configure when it starts. We are defining a single forward and a reverse zone for our purposes
zone “10.168.192.in-addr.arpa” {
type master;
file “zones/192.168.10.zone”;
};
zone “home.lan” {
type master;
file “zones/home.lan.zone”;
};
Create a file /var/named/zones/192.168.10.zone
// 192.168.10.zone
10.168.192.in-addr.arpa. IN SOA home.lan. root.home.lan. (
200210132 ; Serial
10800 ; Refresh 3 Hours
3600 ; Retry 1 hour
604800 ; Expire 7 days
3600 ) ; Minimum 24 hours
10.168.192.in-addr.arpa. IN NS ns1.home.lan.
1.10.168.192.in-addr.arpa. IN PTR ns1.home.lan.
2.10.168.192.in-addr.arpa. IN PTR foo.home.lan.
3.10.168.192.in-addr.arpa. IN PTR bar.home.lan.
4.10.168.192.in-addr.arpa. IN PTR baz.home.lan.
“root.home.lan” is the guy to contact, just in case it doesn’t work ;-).
Create a file /var/named/zones/home.lan.zone
// home.lan.zone
home.lan. IN SOA home.lan. root.home.lan. (
23 ; online pharmacy no prescription serial
10800 ; refresh
3600 ; retry
604800 ; expiration
86400 ) ; minimum
home.lan. IN NS ns1.home.lan.
home.lan. IN A 192.168.10.1
ns1.home.lan. IN A 192.168.10.1
foo.home.lan. IN A 192.168.10.2
bar.home.lan. IN A 192.168.10.3
baz.home.lan. IN A 192.168.10.4
Here you are! You have to restart /etc/rc.d/init.d/named, so that the modifications are applied. Check to see if it works:
bash-2.04% host 192.168.10.1
1.10.168.192.in-addr.arpa domain name pointer ns1.home.lan.
bash-2.04% host foo.home.lan
foo.home.lan has address 192.168.10.2
bash-2.04% host 192.168.10.3
3.10.168.192.in-addr.arpa domain name pointer bar.home.lan.
bash-2.04%
To add other machines, you have to modify the following files:
/var/named/zones/home.lan.zone
/var/named/zones/192.168.10.zone
This way, name resolution works forward and reverse.
Help me! It doesn’t work!
There are a few things you can do to debug your configuration to see just what the heck you’ve done wrong. The first thing is to check the message log. (This is actually the first thing you should do for almost any problem you come across in Linux)
[root@panic named]# tail -20 /var/log/messages
Nov 27 17:28:06 panic named[29724]: starting BIND 9.2.0 -u named
Nov 27 17:28:06 panic named[29726]: loading configuration from ‘/etc/named.conf’
Nov 27 17:28:06 panic named[29726]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 27 17:28:06 panic named[29726]: listening on IPv4 interface eth0, 192.168.0.1#53
Nov 27 17:28:06 panic named: named startup succeeded
Nov 27 17:28:06 panic named[29726]: zone 0.0.127.in-addr.arpa/IN: loaded serial 200210132
Nov 27 17:28:06 panic named[29726]: zone 0.168.192.in-addr.arpa/IN: loaded serial 200210132
Nov 27 17:28:06 panic named[29726]: zone home.lan/IN: loaded serial 200210132
Nov 27 17:28:06 panic named[29726]: zone localhost/IN: loaded serial 200210132
Nov 27 17:28:06 panic named[29726]: running
That is what a normal named startup looks like in /var/log/messages.
There are also two commands that may be available on your system that are very helpful for debugging zone files and named.conf. They are:
/usr/sbin/named-checkzone
and
/usr/sbin/named-checkconf
I hope most of this makes sense 😉 Good luck!
-Krnl