Tuesday, September 25, 2012

                                  DNS configuration in linux


Here i am giving you a basic idea about DNS (bind) configuration in linux server's . I have configured the bind package in Cent OS 5.4 version .

1. First we will check main packages required for bind configuration. I am listing the package names below
     a. bind-9.3.4-10.pl.el5
     b.bind-libs-9.3.4-10.pl.el5
     c.bind-chroot-9.3.4.-10.pl.el5


2. Once you install these packages you can see the main configuration file for the DNS server called named.conf. The purpose of this file to define the zone files to be used for each of your websites . Default location of this file will be /etc and you have to keep the copy of the same in /var/named/chroot/etc also for security purpose . Sample configuration is given below for reference .


3.  Details of the main configuration files for DNS and its locations are given below

FilePurposeBIND chroot LocationRegular BIND Location
named.confTells the names of the zone files to be used for each of your website domains./var/named/chroot/etc/etc
rndc.key
rndc.conf
Files used in named authentication/var/named/chroot/etc/etc
zone filesLinks all the IP addresses in your domain to their corresponding server/var/named/chroot/var/named/var/named

















4.  Here as per our configuration zone files are vm.linux.com.zone ( forward lookup zone) and 0.1.168.192.in.addr.arpa (reverse lookup zone).



















As per this configuration you can see the TTL ( time to leave ) value is 86400 seconds . This value indicates the time where the caching name server's will keep the answer from authority server , so the load to the authority server will be reduced .

Details of the forward look up zone file configuration is given bellow


FieldDescription
NameThe root name of the zone. The “@” sign is a shorthand reference to the current origin (zone) in the /etc/named.conf file for that particular database file.
ClassThere are a number of different DNS classes. Home/SOHO will be limited to the IN or Internet class used when defining IP address mapping information for BIND. Other classes exist for non Internet protocols and functions but are very rarely used.
TypeThe type of DNS resource record. In the example, this is an SOA resource record. Other types of records exist, which I’ll cover later.
Name-serverFully qualified name of your primary name server. Must be followed by a period.
Email-addressThe e-mail address of the name server administrator. The regular @ in the e-mail address must be replaced with a period instead. The e-mail address must also be followed by a period.
Serial-noA serial number for the current configuration. You can use the date format YYYYMMDD with an incremented single digit number tagged to the end. This will allow you to do multiple edits each day with a serial number that both increments and reflects the date on which the change was made.
RefreshTells the slave DNS server how often it should check the master DNS server. Slaves aren’t usually used in home / SOHO environments.
RetryThe slave’s retry interval to connect the master in the event of a connection failure. Slaves aren’t usually used in home / SOHO environments.
ExpiryTotal amount of time a slave should retry to contact the master before expiring the data it contains. Future references will be directed towards the root servers. Slaves aren’t usually used in home/SOHO environments.
Minimum-TTLThere are times when remote clients will make queries for subdomains that don’t exist. Your DNS server will respond with a no domain or NXDOMAIN response that the remote client caches. This value defines the caching duration your DNS includes in this response.


Different types of records on forward look up zone file is given bellow

Record TypeName FieldClass Field2Type FieldData Field
NSUsually blank1INNSIP address or CNAME of the name server
MXDomain to be used for mail. Usually the same as the domain of the zone file itself.INMXMail server DNS name
AName of a server in the domainINAIP address of server
CNAMEServer name aliasINCNAME"A" record name for the server
PTRLast octet of server’s IP addressINPTRFully qualified server name

5. Same way reverse look up configuration file is also located in the same location ( in our case it will be 0.1.168.192.in.addr.arpa which is located at /var/named/chroot/var/named )


















6.    After configuring these zone files we can restart the named service as given below





















7.     Login to the different server which is located at the same network and add the name server details in /etc/resolve.conf file . Format is given below



















8.   After configuring the name server details you can test the DNS with below mentioned command

#dig FQDN ( Fully Qualified Domain Name) SOA

Sample output is given below















                                       

Your DNS configuration is successful .