Solved

DNS server  - centos

Posted on 2012-04-12
19
591 Views
Last Modified: 2012-05-31
I am setting up DNS server in centos firsttime. can you please give me the steps.
0
Comment
Question by:ittechlab
19 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37839719
0
 

Author Comment

by:ittechlab
ID: 37839850
i don't find named.ca file. How can i get it?
0
 

Author Comment

by:ittechlab
ID: 37839857
[root@test ~]# locate named.conf
/etc/dbus-1/system.d/named.conf
/usr/share/doc/bind-9.3.6/sample/etc/named.conf
/usr/share/logwatch/default.conf/services/named.conf
/usr/share/man/man5/named.conf.5.gz
/var/named/chroot/etc/named.conf


should i copy /usr/share/doc/bind-9.3.6/sample/etc/named.conf to /var/named/chroot/etc/
directory?

or

should i start create the file from the scratch.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37839873
you can copy..
0
 

Author Comment

by:ittechlab
ID: 37839876
/var/named/chroot/etc/named.conf

[root@test named]# cat /var/named/chroot/etc/named.conf
//
// Sample named.conf BIND DNS server 'named' configuration file
// for the Red Hat BIND distribution.
//
// See the BIND Administrator's Reference Manual (ARM) for details, in:
//   file:///usr/share/doc/bind-*/arm/Bv9ARM.html
// Also see the BIND Configuration GUI : /usr/bin/system-config-bind and
// its manual.
//
options
{
        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        // Put files that named is allowed to write in the data/ directory:
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";

};
logging
{
/*      If you want to enable debugging, eg. using the 'rndc trace' command,
 *      named will try to write the 'named.run' file in the $directory (/var/named).
 *      By default, SELinux policy does not allow named to modify the /var/named directory,
 *      so put the default debug log file in data/ :
 */
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
//
// All BIND 9 zones are in a "view", which allow different zones to be served
// to different types of client addresses, and for options to be set for groups
// of zones.
//
// By default, if named.conf contains no "view" clauses, all zones are in the
// "default" view, which matches all clients.
//
// If named.conf contains any "view" clause, then all zones MUST be in a view;
// so it is recommended to start off using views to avoid having to restructure
// your configuration files in the future.
//
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
 * If all you want is a caching-only nameserver, then you need only define this view:
 */
        match-clients           { localhost; };
        match-destinations      { localhost; };
        recursion yes;
        # all views must contain the root hints zone:
        include "/etc/named.root.hints";

        /* these are zones that contain definitions for all the localhost
         * names and addresses, as recommended in RFC1912 - these names should
         * ONLY be served to localhost clients:
         */
        include "/etc/named.rfc1912.zones";
};
view "internal"
{
/* This view will contain zones you want to serve only to "internal" clients
   that connect via your directly attached LAN interfaces - "localnets" .
 */
        match-clients           { localnets; };
        match-destinations      { localnets; };
        recursion yes;
        // all views must contain the root hints zone:
        include "/etc/named.root.hints";

        // include "named.rfc1912.zones";
        // you should not serve your rfc1912 names to non-localhost clients.

        // These are your "authoritative" internal zones, and would probably
        // also be included in the "localhost_resolver" view above :

        zone "my.internal.zone" {
                type master;
                file "my.internal.zone.db";
        };
        zone "my.slave.internal.zone" {
                type slave;
                file "slaves/my.slave.internal.zone.db";
                masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
                // put slave zones in the slaves/ directory so named can update them
        };
        zone "my.ddns.internal.zone" {
                type master;
                allow-update { key ddns_key; };
                file "slaves/my.ddns.internal.zone.db";
                // put dynamically updateable zones in the slaves/ directory so named can update them
        };
};
key ddns_key
{
        algorithm hmac-md5;
        secret "use /usr/sbin/dns-keygen to generate TSIG keys";
};
view    "external"
{
/* This view will contain zones you want to serve only to "external" clients
 * that have addresses that are not on your directly attached LAN interface subnets:
 */
        match-clients           { any; };
        match-destinations      { any; };

        recursion no;
        // you'd probably want to deny recursion to external clients, so you don't
        // end up providing free DNS service to all takers

        allow-query-cache { none; };
        // Disable lookups for any cached data and root hints

        // all views must contain the root hints zone:
        include "/etc/named.root.hints";

        // These are your "authoritative" external zones, and would probably
        // contain entries for just your web and mail servers:

        zone "my.external.zone" {
                type master;
                file "my.external.zone.db";
        };
};
0
 

Author Comment

by:ittechlab
ID: 37839882
[root@test named]# service named start
Starting named:
Error in named configuration:
zone localdomain/IN: loading master file localdomain.zone: file not found
localhost_resolver/localdomain/IN: file not found
zone localhost/IN: loading master file localhost.zone: file not found
localhost_resolver/localhost/IN: file not found
zone 0.0.127.in-addr.arpa/IN: loading master file named.local: file not found
localhost_resolver/0.0.127.in-addr.arpa/IN: file not found
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loading master file named.ip6.local: file not found
localhost_resolver/0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: file not found
zone 255.in-addr.arpa/IN: loading master file named.broadcast: file not found
localhost_resolver/255.in-addr.arpa/IN: file not found
zone 0.in-addr.arpa/IN: loading master file named.zero: file not found
localhost_resolver/0.in-addr.arpa/IN: file not found
zone my.internal.zone/IN: loading master file my.internal.zone.db: file not found
internal/my.internal.zone/IN: file not found
zone my.ddns.internal.zone/IN: loading master file slaves/my.ddns.internal.zone.db: file not found
internal/my.ddns.internal.zone/IN: file not found
zone my.external.zone/IN: loading master file my.external.zone.db: file not found
external/my.external.zone/IN: file not found
                                                           [FAILED]
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37839918
please see step by step for the changes you have to make in the files.
http://www.minoraddition.com/2010/12/28/step-by-step-configuration-of-dns-server/
0
 

Author Comment

by:ittechlab
ID: 37840001
Hi,

My network i 10.10.10.0 is it correct way to setup the named.conf

[root@test etc]# cat named.conf
options {
 directory "var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 query-source port 53;
};

zone .pdc.home. IN {
 type master;
 file "test.local.forward";
 allow-update { none; };
};

zone "10.10.10.in-addr.arpa. IN {
 type master;
 file "test.local.reverse";
 allow-update { none; };
};
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 37840104
Change the following lines:

directory "var/named";
to
directory "/var/named";

zone .pdc.home. IN {
to
zone "pdc.home" IN {

zone "10.10.10.in-addr.arpa. IN {
to
zone "10.10.10.in-addr.arpa" IN {
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 13

Expert Comment

by:Sandy
ID: 37841437
Agreed with papertrip
0
 

Author Comment

by:ittechlab
ID: 37843859
Let me know if this is fine.

[root@test named]# cat /var/named/chroot/etc/named.conf
options {
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 query-source port 53;
};

zone "test.local" IN {
 type master;
 file "test.local.forward";
 allow-update { none; };
};

zone "10.10.10.in-addr.arpa" IN {
 type master;
 file "test.local.reverse";
 allow-update { none; };
};
0
 

Author Comment

by:ittechlab
ID: 37843894
[root@test named]# service named restart
Stopping named:                                            [  OK  ]
Starting named:
Error in named configuration:
test.local.forward:11: unknown RR type 'server'
zone test.local/IN: loading master file test.local.forward: unknown class/type
_default/test.local/IN: unknown class/type
zone 10.10.10.in-addr.arpa/IN: has no NS records
_default/10.10.10.in-addr.arpa/IN: bad zone
                                                           [FAILED]
0
 

Author Comment

by:ittechlab
ID: 37843896
[root@test named]# ls -l
total 24
drwxrwx--- 2 named named 4096 Aug 25  2004 data
drwxrwx--- 2 named named 4096 Jul 27  2004 slaves
-rw-r--r-- 1 root  root   205 Apr 13 08:08 test.local.forward
-rw-r--r-- 1 root  root   399 Apr 13 08:12 test.local.reverse
[root@test named]#
[root@test named]#
[root@test named]# cat test.local.forward
$TTL    86400
@               IN SOA  @       root (
                                        42              ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

                IN NS           @
                IN A            127.0.0.1
                server IN A 10.10.10.18
[root@test named]# cat test.local.reverse
$TTL    86400
@       IN      SOA     test.local. root.test.local.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
IN NS test.local.
250 IN PTR test.local.
0
 

Author Comment

by:ittechlab
ID: 37843903
[root@test named]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=test.local
GATEWAY=10.10.10.1

[root@test named]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
10.10.10.18     test.local      test
127.0.0.1               localhost.localdomain localhost
0
 

Author Comment

by:ittechlab
ID: 37843919
[root@test named]# cat /etc/resolv.conf
search test.local
nameserver 10.10.10.18
0
 

Author Comment

by:ittechlab
ID: 37843997
can you tell me how to fix this

[root@test named]# service named restart
Stopping named:                                            [  OK  ]
Starting named:
Error in named configuration:
test.local.forward:11: unknown RR type 'server'
zone test.local/IN: loading master file test.local.forward: unknown class/type
_default/test.local/IN: unknown class/type
zone 10.10.10.in-addr.arpa/IN: has no NS records
_default/10.10.10.in-addr.arpa/IN: bad zone
                                                           [FAILED]
0
 

Author Comment

by:ittechlab
ID: 37897293
I am setting up my own dns server and need some help with building up the zone file.
0
 

Author Comment

by:ittechlab
ID: 37966940
why we do need 2 DNS servers. my domain registar is not allowing to map one DNS.

it requires at least two NS.
0
 

Author Comment

by:ittechlab
ID: 37968588
If i have one public ip and can i use two name servers.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now