I just bought a new domain for me and I am going through the process of setting up my own DNS server. I want to share with you the experience and also the knowledge.
Package Requirements
bind
bind-libs
bind-utils
Install all packages
[root@centos63 named]yum install bind bind-libs bind-utils -y
Make sure Bind starts at boot time
[root@centos63 named]# chkconfig --level 2345 named on
Note: On Red Hat based systems Bind damon is called named.
Configuring Bind
My domain name is e-networks.co.uk and this is domain I will use as an example.
The Server IP address will be: 192.168.1.34
Configure /etc/named.cof
[root@centos63 named]# cd /etc
[root@centos63 named]# mv named.conf named.back
##################################################################################################
[root@centos63 named]# vi named.conf
Note: Add the lines below
# This file is the main config for e-networks.co.uk domain
options {
listen-on { 192.168.1.34; }; //Change it to your servers IP address
version "This is not a public Server";
directory "/var/named";
pid-file "/var/run/named/pid";
hostname "centos63.e-networks.co.uk"; //Change it to your Servers name and domain
notify yes;
forward first; // the default
fetch-glue no; // only fetches requested records, not everything
// DNS server for your ISP, its IP address should be set below,
// This will make you resolution faster by using its cache.
forwarders {
194.168.4.100; // this IP is for NTL resolver 1 (change it to your ISP Nameserver)
194.168.8.100; // This IP is for NTL resolver 2 (change it to your ISP Nameserver)
};
/*
* Uncomment the line below if you or the name servers are behind a firewall
*/
// query-source address * port 53;
/*
* If running in a chroot, you will need to specify a different
* folder to save the dump files.
*/
// dump-file "s/named_dump.db";
// SORT LIST
sortlist { { localhost; localnets; };
{ localnets; };
};
};
// SECONDARY ZONES
// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
zone "." {
type hint;
file "named.root";
};
zone "e-networks.co.uk" { // change it to your domain name
type master;
allow-update { 192.168.1.0/24; }; // change it to your IP range or any server you wish to allow updates
allow-transfer { 192.168.1.0/24; }; // change it to your IP range or any server you wish to allow transfers
notify yes;
file "e-networks.co.uk"; // change it to you domain name
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { localhost; };
notify no;
};
# reverse zones
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
zone "1.168.192.in-addr.arpa" { // Change it to to match your network or range assigned to you
type master;
file "1.168.192.in-addr.arpa"; // Change it to to match your network or range assigned to you
allow-update { 192.168.1.0/24; }; // change it to your IP range or any server you wish to allow updates
allow-transfer { 192.168.1.0/24; }; // change it to your IP range or any server you wish to allow transfers
};
###################################################################################
[root@centos63 named]# cd /var/named
[root@centos63 named]# mv named.localhost named.localhost.bak
[root@centos63 named]# vi e-network.co.uk
Note: Add the lines below
$TTL 3600
e-networks.co.uk. IN SOA centos63.e-networks.co.uk. root.centos63.e-networks.co.uk. (
2013051801 ; Serial YYYYMMDDnn
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL
; DNS Servers
@ IN NS centos63.e-networks.co.uk.
; Machine Names
localhost IN A 127.0.0.1
centos63 IN A 192.168.1.34
; mail server (use this if you have a mail server running)
mail IN A 192.168.1.34
@ IN A 192.168.1.34
; Aliases (use this if you have a web server here, www.e-networks.co.uk.)
www IN CNAME @
; MX Record (use this if you have a mail server running)
@ IN MX 10 mail.e-networks.co.uk.
#########################################################################################
[root@centos63 named]# vi named.localhost
Note: Add the lines below
$ORIGIN localhost.
$TTL 6h
@ IN SOA localhost. postmaster.localhost. (
1 ; serial
3600 ; refresh
1800 ; retry
604800 ; expiration
3600 ) ; minimum
IN NS localhost.
IN A 127.0.0.1
##########################################################################################
[root@centos63 named]# vi localhost.rev
Note: Add the lines below
$TTL 3600
@ IN SOA centos63.e-networks.co.uk. root.centos63.e-networks.co.uk. (
2013051801 ; Serial YYYYMMDDnn
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS centos63.e-networks.co.uk.
1 IN PTR localhost.e-networks.co.uk.
##########################################################################################
[root@centos63 named]# vi 1.168.192.in-addr.arpa
Note: Add the lines below
$TTL 3600
@ IN SOA centos63.e-networks.co.uk. root.centos63.e-networks.co.uk. (
2013051801 ; Serial YYYYMMDDnn
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS centos63.e-networks.co.uk.
1 IN PTR centos63.e-networks.co.uk.
##########################################################################################
[root@centos63 named]# vi named.root
Note: Add the lines below
# This is the named.root file for all Root Name Servers
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
;
; operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
;
; operated by ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
;
; operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
; End of File
##########################################################################################
Reminder:
1. Change the forwarders
2. Change the line: "listen on"
3. Change the line "hostname"
4. Change the zone "e-networks"
5. Change the line "Allow updates"
6. Change the line "Allow transfers"
7. Change the line "1.168.192.in-addr.arpa"
8. Change the line "Allow updates"
9. Change the line "Allow transfers"
Remember when Creating the files to represent the zones, make sure you also change the names
to suit your environment.
Review the whole configuration and double check for typos and names.
Starting DNS
[root@centos63 named]# service named start
Note: If the named service does not start check for errors on /var/log/messages
[root@centos63 named]# tail /var/log/messages
Check if the named service is running
[root@centos63 named]# ps -eaf | grep named
named 1061 1 0 07:49 ? 00:00:00 /usr/sbin/named -u named
root 1471 1415 0 08:23 pts/0 00:00:00 grep named
Last Note
When you start the named service for the first type the script will try and generate the rndc.key for your server. This will take some time.
I hope you enjoy folks
by Renato de Oliveira
No comments:
Post a Comment