page_title_server

DNS Server Settings

  • Linux Distribution : CentOS 5.6 (Final) x86_64
  • NIC
    eth0 : KEK LAN
    eth1 : Private Network(takase.local)
  • Parameters
    Serverlinux.takase.local192.168.1.1
    Client 1client1.takase.local192.168.1.101
    Clinet 2client2.takase.local192.168.1.102
    Server Aliaswww.takase.local192.168.1.1
    Server Aliasftp.takase.local192.168.1.1
    Server Aliassmtp.takase.local192.168.1.1
    Server Aliaspop.takase.local192.168.1.1
    Server Aliasdns.takase.local192.168.1.1
  • Package of installatoin
    bind : 9.3.6-16.P1.el5.x86_64
    bind-chroot : 9.3.6-16.P1.el5.x86_64
    caching-nameserver : 9.3.6-16.P1.el5.x86_64
  • Settings
  1. Change root user
    $ su -
  2. Install Package
    # yum install bind
    # yum install bind-chroot
    # yum install caching-nameserver
  3. named.conf file setting
    # cd /var/named/chroot/etc
    # vi named.conf
    options {
            directory "/var/named";
            allow-query {
                    127.0.0.1;
                    192.168.1.0/24;
            };
            allow-transfer {
                    127.0.0.1;
                    192.168.1.0/24;
            };
            forwarders {
                    XXX.XXX.XXX.XXX;
                    XXX.XXX.XXX.XXX;
            };
            query-source address * port 53;
    };
    
    zone "." IN {
          type hint;
          file "named.ca";
    };
    
    zone "localhost" IN {
          type master;
          file "localhost.zone";
          allow-update { none; };
    };
    
    zone "0.0.127.in-addr.arpa" IN {
          type master;
          file "0.0.127.in-addr.arpa.zone";
          allow-update { none; };
    };
    
    zone "takase.local" IN {
          type master;
          file "takase.local.zone";
          allow-update { none; };
    };
    
    zone "1.168.192.in-addr.arpa" IN {
          type master;
          file "1.168.192.in-addr.arpa.zone";
          allow-update { none; };
    };
                      
    # named-checkconf named.conf
    # ln -s named.conf /etc/
  4. iptables file setting
    # cd /etc/sysconfig/
    # ci -u iptables
    # co -l iptables
    # vi iptables
     -A RH-Firewall-1-INPUT -p udp -m udp --dport 53 -j ACCEPT ← Add
    # rcsdiff -u iptables
    # ci -u iptables
    # /etc/init.d/iptables restart
  5. zone file settings
    # cd /var/named/chroot/var/named
     
    localhost.zone file setting
    # rm localhost.zone
    # rm /var/named/localhost.zone
    # vi localhost.zone
    $TTL    86400
    @       IN      SOA     linux.takase.local.     root.linux.takase.local. (
            2011041901
            3H
            15M
            1W
            1D )
    
                    IN      NS      linux.takase.local.
    localhost.      IN      A       127.0.0.1
                          
    # named-checkzone localhost localhost.zone
    # ln -s localhost.zone /var/named/
     
    0.0.127.in-addr.arpa.zone file setting
    # vi 0.0.127.in-addr.arpa.zone
    $TTL    86400
    @       IN      SOA     linux.takase.local.     root.linux.takase.local. (
            2011041902
            3H
            15M
            1W
            1D )
    
            IN      NS      linux.takase.local.
    1       IN      PTR     localhost.
                          
    # named-checkzone 0.0.127.in-addr.arpa 0.0.127.in-addr.arpa.zone
    # ln -s 0.0.127.in-addr.arpa.zone /var/named/
     
    takase.local.zone file setting
    # vi takase.local.zone
    $TTL    86400
    @       IN      SOA     linux.takase.local.     root.linux.takase.local. (
            2011041903
            3H
            15M
            1W
            1D )
    
                    IN      NS              linux.takase.local.
                    IN      MX      10      linux.takase.local.
    linux           IN      A               192.168.1.1
    takase.local    IN      A               192.168.1.1
    client1         IN      A               192.168.1.101
    client2         IN      A               192.168.1.102
    
    dns             IN      CNAME           linux
    www             IN      CNAME           linux
    smtp            IN      CNAME           linux
    pop             IN      CNAME           linux
    ftp             In      CNAME           linux
                          
    # named-checkzone takase.local takase.local.zone
    # ln -s takase.local.zone /var/named/
     
    1.168.192.in-addr.arpa.zone file setting
    # vi 1.168.192.in-addr.arpa.zone
    $TTL    86400
    @       IN      SOA     linux.takase.local.     root.linux.takase.local. (
            2011041904
            3H
            15M
            1W
            1D )
    
            IN      NS      linux.takase.local.
            IN      PTR     takase.local.
            In      A       255.255.255.0
    
    1       IN      PTR     linux.takase.local.
    101     IN      PTR     client1.takase.local.
    102     IN      PTR     client2.takase.local.
                          
    # named-checkzone 1.168.192.in-addr.arpa 1.168.192.in-addr.arpa.zone
    # ln -s 1.168.192.in-addr.arpa.zone /var/named/
  6. hosts file setting
    # cd /etc
    # ci -u hosts
    # co -l hosts
    # vi hosts
     127.0.0.1 localhost.localdomain localhost ← Add
    # rscdiff -u hosts
    # ci -u hosts
  7. resolv.conf file setting
    # cd /etc
    # ci -u resolv.conf
    # co -l resolv.conf
    # vi resolv.conf
    search takase.local
    nameserver 127.0.0.1
                      
    # rcsdiff -u resolv.conf
    # ci -u resolv.conf
  8. host.conf file setting
    # cd /etc
    # ci -u host.conf
    # co -l host.conf
    # vi host.conf
    order hosts,bind
    multi on
                      
    # rcsdiff -u host.conf
    # ci -u host.conf
  9. nsswitch.conf file setting
    # cd /etc
    # ci -u nsswitch.conf
    # co -l nsswitch.conf
    # vi nsswitch.conf
     hosts: files dns
      ↓ Modify
     hosts: files nisplus nis dns
    # rcsdiff -u nsswitch.conf
    # ci -u nsswitch.conf
  10. Restart network service
    # /etc/init.d/network restart
  11. ifcfg-eth0 file setting
    # cd /etc/sysconfig/network-scripts
    # ci -u ifcfg-eth0
    # co -l ifcfg-eth0
    # vi ifcfg-eth0
     PEERDNS=no ← Add
    # rcsdiff -u ifcfg-eth0
    # ci -u ifcfg-eth0
    # ifdown eth0
    # ifup eth0
  12. named file setting
    # cd /etc/sysconfig
    # ci -u named
    # co -l named
    # vi named
     OPTIONS="-4" ← Add
    # rcsdiff -u named
    # ci -u named
  13. Start named service
    # /etc/init.d/named start
  14. Confirm named service
    # ps aux | grep named
     named 5871 0.1 0.0 184872 4056 ? Ssl 14:55 0:00 /usr/sbin/named -u named -4 -t /var/named/chroot
    # less /var/log/message ← Check error
  15. Set named service run automatically
    # chkconfig --list named
     named 0:off 1:off 2:off 3:off 4:off 5:off 6:off
    # chkconfig named on
    # chkconfig --list named
     named 0:off 1:off 2:on 3:on 4:on 5:on 6:off
  16. Verify DNS server
     
    Verify from own server
    # host -a localhost
    # host -a 127.0.0.1
    # host -a linux.takase.local
    # host -a 192.168.1.1
    # host www.takase.local
     
    Veryfy from other host in takase.local network
    $ su -
    # ifconfig eth0
    eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
              inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
              inet6 addr: XXXX::XXX:XXXX:XXXX:XXXX/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:2363 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1866 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:213558 (208.5 KiB)  TX bytes:236746 (231.1 KiB)
                          
    # cat /etc/resolv.conf
     search takase.local
     nameserver 192.168.1.1
    # ping linux.takase.local
    # ping client1.takase.local