DNS (Domain Name Server) Works on UDP: Port 53
RNDC (Remote Name Daemon Control): Port 953
Daemons:- /usr/sbin/named, /usr/sbin/rndc
Script:- /etc/init.d/named
Configuration: (Under /var/named/chroot/) /etc/named.conf, /var/named/forward.zone
& reverse.zone means (.zone) file.
To flush DNS cache:- rndc flush
A:- Configuring DNS Server:-
Red Hat Enterprise Linux uses BIND, the Berkely Internet Name Daemon.
BIND is the most widely used DNS server on the Internet.
A stable and reliable infrastructure on which to base a domain's name
and IP address associations.
The reference implementation for DNS RFC's.
1) Install DNS RPM.
# rpm -ivh
bind-9.3.3-10el5.i386.rpm --->>> for core binaries.
# rpm -ivh
caching-nameserver-9.3.3-10el5.i386.rpm --->>> for security.
# rpm -ivh bind-chroot-9.3.3-10el5.i386.rpm
--->>> for an initial configuration.
bind
-chroot-9.3.3-10el5.i386.rpm package will automatically create
#
/var/named/chroot (Installs a chroot environment under chroot) its called
chrooted environment or Jail
environment.
# rpm –ivh
system-config-bind -à>> for configuration file.
2) Run the Commands.
# service named
configtest --->>>to check the errors in DNS.
# service named start
--->>> to start the service in current session.
# service named restart
--->>> to restart the service in current session.
# chkconfig named on
--->>> to start the service permanently.
# netstat -tunlp | grep
named
# ps -ef | grep named
--->>> to verify startup options.
3) Go to /var/named/chroot/
# cp
-p /usr/share/system-config-bind/profiles/default/named.conf /var/named/chroot/etc/named.conf
-p for preserve
permessions.
4) Now edit /var/named/chroot/etc/named.conf with vim for DNS
Configuration.
# vim
/var/named/chroot/etc/named.conf
# listen on port 53 { 127.0.0.1; 192.168.0.254; };
# allow-query { 127.0.0.1; 192.168.0.0/24; };
# allow-recursion { 127.0.0.1; 192.168.0.0/24; };
# allow-transfer { 127.0.0.1; 192.168.0.0/24; };
# forwarders { 192.168.0.254; };
# forward only
zone
"." IN {
type hint;
file "named.ca";
};
zone
"example.com."
IN {
type master;
file "forward.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa."
IN {
type
master;
file "reverse.zone";
allow-update { none; };
};
esc
:wq
5) now copy localhost.zone to forward.zone and named.local to
reverse.zone
# cp –p
/var/named/chroot/var/named/localhost.zone /var/named/chroot/var/named/forward.zone
# cp –p
/var.named/chroot/var/named/named.local
/var/named/chroot/var/named/reverse.zone
6) Now edit /var/named/chroot/var/named/forward.zone with vim for
forward lookup.
#vim /var/named/chroot/var/named/forward.zone
$TTL 5
@ IN SOA ns1.example.com. root.ns1.example.com. (
50 ;
serial (d. adams)
3 ;
refresh
15M ;
retry
1W ;
expiry
1D
) ; minimum
@ IN NS ns1.example.com. -à>>
Name Server.
mail1 IN MX mail1.example.com. -à>>
Mail Server.
ns1 IN A 192.168.0.254 -à>>
Name Server.
mail1 IN A 192.168.0.253 -à>>
Mail Server.
www IN A 192.168.0.252 -à>>
Web Server.
esc
:wq
7) Now edit /var/named/chroot/var/named/reverse.zone with vim for
reverse lookup.
# vim /var/named/chroot/var/named/reverse.zone
$TTL 5
@ IN SOA ns1.example.com. root.ns1.example.com.
(
1997022701 ; Serial
3 ;
Refresh
14400 ;
Retry
3600000 ;
Expire
86400
) ;
Minimum
@ IN NS ns1.example.com. -à>> Name Server.
254 IN PTR ns1.example.com. -à>> Name Server.
253 IN PTR mail1.example.com. -à>> Mail Server.
252 IN PTR www.example.com. -à>> Web Server.
esc
:wq
8) Run the commands.
# chown named
/var/named/chroot/etc/named.conf
# chown named
/var/named/chroot/var/named/forward.zone
# chown named
/var/named/chroot/var/named/reverse.zone
# chmod 664
/var/named/chroot/etc/named.conf
# chmod 664
/var/named/chroot/var/named/forward.zone
# chmod 664
/var/named/chroot/var/named/reverse.zone
# service named
configtest --->>>to check the errors in DNS.
# service named start
--->>> to start the service in current session.
# service named restart
--->>> to restart the service in current session.
# dig example.com
# dig –t mx example.com
--->>> for mail exchanger record.
# dig –t AAAA
example.com --->>> for Ipv6 rdata.
# dig +trace example.com
# dig –x 192.168.0.254
--->>> for reverse lookup.
# dig –t soa example.com
--->>> for authoritative nameservers for the
domain.
# dig -t axfr example.com. @192.168.0.254
Use this command from a slave to
test permissions on the master.
Response is too big for UDP,
so transfers use TCP
·
For
any of the following queries, add a -v option to see output in
zone file format
·
Trace:
not available
·
Delegation:
host -rt ns
redhat.com
·
Force
iterative: host
-r redhat.com
·
Reverse
lookup: host
209.132.177.50
·
MX
lookup: host
-t mx redhat.com
·
SOA
lookup: host
-t soa redhat.com
·
Zone
transfer: host
-t axfr redhat.com 192.168.0.254 or
·
host -t ixfr=
To know about the courses CLICK HERE..!!
Contact US CLICK HERE..!!
serial example.com. 192.168.0.254To know about the courses CLICK HERE..!!
Contact US CLICK HERE..!!
Thanks for sharing this information You may also refer http://www.s4techno.com/linux-administration-training-online/ for more information…
ReplyDelete