DNS 1 : First, Install and Config

Install BindConfigure DNS server which resolves domain name or IP address

[root@dlp ~]# yum -y install bind bind-utils

Configure

Configure BIND This example is done with grobal IP address [172.16.0.80/29], Private IP address [10.0.0.0/24], Domain name [server.world]. However, Please use your own IPs and domain name when you set config on your server. ( Actually, [172.16.0.80/29] is for private IP address, though. )

[root@dlp ~]# nano  /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {

# make it comment ( listen all interfaces on the server )
#

listen-on port 53 { 127.0.0.1; };

# change ( if you not use IPv6 )

listen-on-v6

{ none; };
directory
“/var/named”;
dump-file
“/var/named/data/cache_dump.db”;
statistics-file
“/var/named/data/named_stats.txt”;
memstatistics-file
“/var/named/data/named_mem_stats.txt”;
# query range ( set internal server and so on )
allow-query

{ localhost;

10.0.0.0/24;

};

# transfer range ( set it if you have secondary DNS )
allow-transfer { localhost; 10.0.0.0/24; };   #NOTE THIS !!!!!
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file “/etc/named.iscdlv.key”;
managed-keys-directory “/var/named/dynamic”;

};

logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
# change all from here <—————-NOTE
view “internal” {
match-clients {
localhost;
10.0.0.0/24;
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “server.world” IN {
type master;
file “server.world.lan”;
allow-update { none; };
};
zone “0.0.10.in-addr.arpa” IN {
type master;
file “0.0.10.db”;
allow-update { none; };
};
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;
};
view “external” {
match-clients { any; };
allow-query { any; };
recursion no;
zone “server.world” IN {
type master;
file “server.world.wan”;
allow-update { none; };
};
zone “80.0.16.172.in-addr.arpa” IN {
type master;
file “80.0.16.172.db”;
allow-update { none; };
};
};

# allow-query ⇒ query range you permit

# allow-transfer ⇒ the range you permit to transfer zone info

# recursion ⇒ allow or not to search recursively

# view “internal” { *** }; ⇒ write for internal definition

# view “external” { *** }; ⇒ write for external definition

# For How to write for reverse resolving, Write network address reversely like below.
# 10.0.0.0/24
# network address ⇒ 10.0.0.0

# range of network ⇒ 10.0.0.0 – 10.0.0.255

# how to write ⇒ 0.0.10.in-addr.arpa

# 172.16.0.80/29

# network address ⇒ 172.16.0.80

# range of network ⇒ 172.16.0.80 – 172.16.0.87

# how to write ⇒ 80.0.16.172.in-addr.arpa


For internal zone ———————————————————–Create zone files that servers resolve IP address from domain name.

This example uses internal address[10.0.0.0/24], domain name[server.world], but please use your own one when you set config on your server.

[root@dlp ~]# nano /var/named/server.world.lan

$TTL 86400
@ IN SOA dlp.server.world. root.server.world. (
2011110901 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS dlp.server.world.

# internal IP address of name server
IN A 10.0.0.30
# define Mail exchanger
IN MX 10 dlp.server.world.
# define IP address and hostname
dlp IN A 10.0.0.30

For external zone ———————————————————–
This example uses external address[172.16.0.80/29], domain name[server.world], but please use your own one when you set config on your server.

[root@dlp ~]# nano /var/named/server.world.wan

$TTL 86400
@ IN SOA dlp.server.world. root.server.world. (
2011110901 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS dlp.server.world.

# internal IP address of name server
IN A 172.16.0.82

# define Mail exchanger
IN MX 10 dlp.server.world.
# define IP address and hostname

dlp IN A 172.16.0.82

REVERSE RESOLUTION : Create zone files that servers resolve domain names from IP address. For internal zone This example uses internal address[10.0.0.0/24], domain name[server.world], but please use your own one when you set config on your server.

[root@dlp ~]# nano /var/named/0.0.10.db

$TTL 86400
@ IN SOA dlp.server.world. root.server.world. (
2011110901 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS dlp.server.world.
# define range that this domain name is in
IN PTR server.world.
IN A 255.255.255.0
# define IP address and hostname
30 IN PTR dlp.server.world.
[root@dlp ~]# vi /var/named/80.0.16.172.db
$TTL 86400
@ IN SOA dlp.server.world. root.server.world. (
2011110901 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS dlp.server.world.
# define range that this domain name is in
IN PTR server.world.
IN A 255.255.255.248
# define IP address and hostname
82 IN PTR dlp.server.world.


For external zone

This example uses external address[172.16.0.80/29], domain name[server.world], but please use your own one when you set config on your server.

[root@dlp ~]# nano /var/named/80.0.16.172.db

$TTL 86400
@ IN SOA dlp.server.world. root.server.world. (
2011110901 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS dlp.server.world.

# define range that this domain name is in
IN PTR server.world.
IN A 255.255.255.248

# define IP address and hostname
82 IN PTR dlp.server.world.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s