The DNS resolves hostname into ip address and vice versa. For example if we
type http://www.google.com in browser, the DNS server translates the domain
name into its corresponding ip address. So it makes us easy to remember the
domain names instead of its ip address.
Setup primary Master DNS Server
Step 1:
yum install bind* -y
Step 2:
Configure DNS Server
The main configuration of the DNS will look like below.
[root@ns1 ~]# vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.198.140;}; ## Master DNS IP ##
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; 192.168.198.0/24; }; ## IP Range ##
allow-transfer { localhost; 192.168.198.141; }; ## Slave DNS IP ##
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "fwd.example.com";
allow-update { none; };
};
zone "198.168.192.in-addr.arpa" IN {
type master;
file "rev.example.com";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Step 3:
Create Zone files
Now we should create forward and reverse zone files which we mentioned in the ‘/etc/named.conf’ file.
Create Forward Zone:
[root@masterdns ~]# vi /var/named/fwd.example.com
$TTL 86400
@ IN SOA ns1.example.com. root.example.com. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
ns1 IN A 192.168.198.140
ns2 IN A 192.168.198.141
Create Reverse Zone:
[root@masterdns ~]# vi /var/named/rev.example.com
$TTL 86400
@ IN SOA ns1.example.com. root.example.com. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
ns1 IN A 192.168.198.140
ns2 IN A 192.168.198.141
200 IN PTR ns1.example.com.
201 IN PTR ns2.example.com.
Step 4:
Start the bind service
[root@ns1 ~]# service named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[root@ns1 ~]# chkconfig named on
Step 5:
Allow DNS Server through iptables
Add the lines shown below in ‘/etc/sysconfig/iptables’ file. This will allow all clients to access the DNS server.
-A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
Then,
Restart iptables to save the changes
[root@ns1 ~]# service iptables restart
Test syntax errors of DNS configuration and zone files:
Checking DNS Config file
[root@ns1 ~]# named-checkconf /etc/named.conf
[root@ns2 ~]# named-checkconf /etc/named.rfc1912.zones
Checking zone files
[root@ns1 ~]# named-checkzone example.com /var/named/fwd.example.com
[root@ns2 ~]# named-checkzone example.com /var/named/rev.example.com
Test DNS Server
[root@ns1 ~]# dig ns1.example.com
[root@ns2 ~]# dig -x 192.168.198.140
Setup Secondary(Slave) DNS Server
Step 1:
[root@ns2 ~]# yum install bind* -y
Step 2:
Configure Slave DNS Server
[root@ns2 ~]# vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.198.141; }; ## NS2 DNS IP ##
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.198.0/24; }; ## IP Range ##
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type slave;
file "slaves/example.fwd";
masters { 192.168.1.140; };
};
zone "198.168.192.in-addr.arpa" IN {
type slave;
file "slaves/example.rev";
masters { 192.168.1.140; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Step 3:
Start the DNS Service
[root@ns2 ~]# service named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[root@ns2 ~]# chkconfig named on
Now the forward and reverse zones are automatically replicated from Master DNS server to Slave DNS server.
The forward and reverse zones are automatically replicated from Master DNS. Now check the zone files whether the correct zone files are replicated or not.
Step 4:
Add the DNS Server details to all systems
[root@slavedns ~]# vi /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.198.140
nameserver 192.168.198.141
nameserver 8.8.8.8
Step 5:
Test DNS Server
[root@ns2 ~]# dig ns2.example.com
[root@ns2 ~]# dig ns1.example.com
Setup primary Master DNS Server
Step 1:
yum install bind* -y
Step 2:
Configure DNS Server
The main configuration of the DNS will look like below.
[root@ns1 ~]# vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.198.140;}; ## Master DNS IP ##
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; 192.168.198.0/24; }; ## IP Range ##
allow-transfer { localhost; 192.168.198.141; }; ## Slave DNS IP ##
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "fwd.example.com";
allow-update { none; };
};
zone "198.168.192.in-addr.arpa" IN {
type master;
file "rev.example.com";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Step 3:
Create Zone files
Now we should create forward and reverse zone files which we mentioned in the ‘/etc/named.conf’ file.
Create Forward Zone:
[root@masterdns ~]# vi /var/named/fwd.example.com
$TTL 86400
@ IN SOA ns1.example.com. root.example.com. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
ns1 IN A 192.168.198.140
ns2 IN A 192.168.198.141
Create Reverse Zone:
[root@masterdns ~]# vi /var/named/rev.example.com
$TTL 86400
@ IN SOA ns1.example.com. root.example.com. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
ns1 IN A 192.168.198.140
ns2 IN A 192.168.198.141
200 IN PTR ns1.example.com.
201 IN PTR ns2.example.com.
Step 4:
Start the bind service
[root@ns1 ~]# service named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[root@ns1 ~]# chkconfig named on
Step 5:
Allow DNS Server through iptables
Add the lines shown below in ‘/etc/sysconfig/iptables’ file. This will allow all clients to access the DNS server.
-A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
Then,
Restart iptables to save the changes
[root@ns1 ~]# service iptables restart
Test syntax errors of DNS configuration and zone files:
Checking DNS Config file
[root@ns1 ~]# named-checkconf /etc/named.conf
[root@ns2 ~]# named-checkconf /etc/named.rfc1912.zones
Checking zone files
[root@ns1 ~]# named-checkzone example.com /var/named/fwd.example.com
[root@ns2 ~]# named-checkzone example.com /var/named/rev.example.com
Test DNS Server
[root@ns1 ~]# dig ns1.example.com
[root@ns2 ~]# dig -x 192.168.198.140
Setup Secondary(Slave) DNS Server
Step 1:
[root@ns2 ~]# yum install bind* -y
Step 2:
Configure Slave DNS Server
[root@ns2 ~]# vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.198.141; }; ## NS2 DNS IP ##
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.198.0/24; }; ## IP Range ##
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type slave;
file "slaves/example.fwd";
masters { 192.168.1.140; };
};
zone "198.168.192.in-addr.arpa" IN {
type slave;
file "slaves/example.rev";
masters { 192.168.1.140; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Step 3:
Start the DNS Service
[root@ns2 ~]# service named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[root@ns2 ~]# chkconfig named on
Now the forward and reverse zones are automatically replicated from Master DNS server to Slave DNS server.
The forward and reverse zones are automatically replicated from Master DNS. Now check the zone files whether the correct zone files are replicated or not.
Step 4:
Add the DNS Server details to all systems
[root@slavedns ~]# vi /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.198.140
nameserver 192.168.198.141
nameserver 8.8.8.8
Step 5:
Test DNS Server
[root@ns2 ~]# dig ns2.example.com
[root@ns2 ~]# dig ns1.example.com
No comments:
Post a Comment