DNS (Domain Name Server) RHEL 5

DNS (Domain Name Server) Works on UDP: Port 53
RNDC (Remote Name Daemon Control): Port 953

Daemons:- /usr/sbin/named, /usr/sbin/rndc
Script:- /etc/init.d/named

Configuration: (Under /var/named/chroot/) /etc/named.conf, /var/named/forward.zone & reverse.zone means (.zone) file.

To flush DNS cache:- rndc flush

A:- Configuring DNS Server:-

Red Hat Enterprise Linux uses BIND, the Berkely Internet Name Daemon.

BIND is the most widely used DNS server on the Internet.

A stable and reliable infrastructure on which to base a domain's name and IP address associations.

The reference implementation for DNS RFC's.

1) Install DNS RPM.

          # rpm -ivh bind-9.3.3-10el5.i386.rpm --->>> for core binaries.
          # rpm -ivh caching-nameserver-9.3.3-10el5.i386.rpm --->>> for security.
          # rpm -ivh bind-chroot-9.3.3-10el5.i386.rpm --->>> for an initial configuration.
                   bind -chroot-9.3.3-10el5.i386.rpm package will automatically create
# /var/named/chroot (Installs a chroot environment under chroot) its called chrooted     environment or Jail environment.
          # rpm –ivh system-config-bind -à>> for configuration file.

2) Run the Commands.

          # service named configtest --->>>to check the errors in DNS.
          # service named start --->>> to start the service in current session.
          # service named restart --->>> to restart the service in current session.
          # chkconfig named on --->>> to start the service permanently.
          # netstat -tunlp | grep named
          # ps -ef | grep named --->>> to verify startup options.

3) Go to /var/named/chroot/

# cp -p /usr/share/system-config-bind/profiles/default/named.conf   /var/named/chroot/etc/named.conf
                   -p for preserve permessions.

4) Now edit /var/named/chroot/etc/named.conf with vim for DNS Configuration.

          # vim /var/named/chroot/etc/named.conf

                   # listen on port 53    {;; };
                   # allow-query          {;; };
                   # allow-recursion      {;; };
                   # allow-transfer       {;; };
                   # forwarders           {; };
                   # forward only

                   zone "." IN {
                             type hint;
                             file "named.ca";

zone "example.com." IN {
                             type master;
                             file "forward.zone";
                             allow-update { none; };

                   zone "0.168.192.in-addr.arpa." IN {
                             type master;
                             file "reverse.zone";
                             allow-update { none; };

5) now copy localhost.zone to forward.zone and named.local to reverse.zone
    # cp –p /var/named/chroot/var/named/localhost.zone /var/named/chroot/var/named/forward.zone
    # cp –p /var.named/chroot/var/named/named.local /var/named/chroot/var/named/reverse.zone

6) Now edit /var/named/chroot/var/named/forward.zone with vim for forward lookup.
          #vim /var/named/chroot/var/named/forward.zone
          $TTL    5
@               IN SOA           ns1.example.com.       root.ns1.example.com. (
                                                                             50                ; serial (d. adams)
                                                                             3                  ; refresh
                                                                             15M             ; retry
                                                                             1W              ; expiry
                                                                             1D )            ; minimum

@                 IN NS           ns1.example.com. -à>> Name Server.
mail1            IN MX           mail1.example.com. -à>> Mail Server.
ns1               IN A    -à>> Name Server.
mail1            IN A    -à>> Mail Server.
www             IN A    -à>> Web Server.


7) Now edit /var/named/chroot/var/named/reverse.zone with vim for reverse lookup.
          # vim /var/named/chroot/var/named/reverse.zone
$TTL    5
@                 IN      SOA              ns1.example.com.      root.ns1.example.com.  (
                                                                   1997022701   ; Serial
                                                                   3                  ; Refresh
                                                                   14400           ; Retry
                                                                   3600000        ; Expire
                                                                   86400 )         ; Minimum

@                 IN       NS               ns1.example.com.    -à>> Name Server.
254              IN       PTR              ns1.example.com.    -à>> Name Server.
253              IN       PTR              mail1.example.com.  -à>> Mail Server.
252              IN       PTR              www.example.com.  -à>> Web Server.

8) Run the commands.

          # chown named /var/named/chroot/etc/named.conf
          # chown named /var/named/chroot/var/named/forward.zone
          # chown named /var/named/chroot/var/named/reverse.zone

          # chmod 664 /var/named/chroot/etc/named.conf
          # chmod 664 /var/named/chroot/var/named/forward.zone
          # chmod 664 /var/named/chroot/var/named/reverse.zone

          # service named configtest --->>>to check the errors in DNS.
          # service named start --->>> to start the service in current session.
          # service named restart --->>> to restart the service in current session.

          # dig example.com
          # dig –t mx example.com --->>> for mail exchanger record.
          # dig –t AAAA example.com --->>> for Ipv6 rdata.
          # dig +trace example.com
          # dig –x --->>> for reverse lookup.
          # dig –t soa example.com --->>> for authoritative nameservers for the domain.
          # dig -t axfr example.com. @
                   Use this command from a slave to test permissions on the master.
                   Response is too big for UDP, so transfers use TCP

·         For any of the following queries, add a -v option to see output in zone file format
·         Trace: not available
·         Delegation: host -rt ns redhat.com
·         Force iterative: host -r redhat.com
·         Reverse lookup: host
·         MX lookup: host -t mx redhat.com
·         SOA lookup: host -t soa redhat.com
·         Zone transfer: host -t axfr redhat.com or
·         host -t ixfr=serial example.com.

To know about the courses CLICK HERE..!!

Contact US CLICK HERE..!!

1 comment:

  1. Thanks for sharing this information You may also refer http://www.s4techno.com/linux-administration-training-online/ for more information…