Tuesday, September 9, 2014

[Linux Servers] : DNS : How to configure BIND-9.2 DNS server in linux



How to configure BIND-9.2 DNS server in linux
NOTE: Please take a copy of the original configuration file before making any changes to it.
Using this method you will be able to configure your machine as master DNS server for forward and reverse lookups.

Few things you need to check before starting with configuration:

For explanation I am using 192.168.0.100 (you need to give your machine's IP instead) and all other conventions will vary as per your scenario. So make sure to change them.
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.0.100 (will vary accordingly)

# vi /etc/resolv.conf
nameserver 192.168.0.100

# vi /etc/hosts
192.168.0.100 server.example.com server (make sure this line is present)
# vi /etc/sysconfig/network
HOSTNAME=server.example.com
you can use yum to install the binary packages. These are the packages you will be needing for the same
# yum -y install bind
# yum -y install caching-nameserver
All the files required for the configuration of nameserver are installed in the below mentioned locatoion.These are the steps you need to follow
/usr/share/doc/bind-9.3.3/sample/
you can verify the location of installed files using this command
# rpm -ql bind
So copy all the files to the new location i.e
# cp /usr/share/doc/bind-9.3.3/sample/etc/*  /var/named/chroot/etc/
# cp /usr/share/doc/bind-9.3.3/sample/var/named/*  /var/named/chroot/var/named/
# cp /usr/share/doc/bind-9.3.3/sample/var/named/slaves/*  /var/named/chroot/var/named/slaves/
# cp /etc/named.caching-nameserver  /var/named/chroot/etc/named.conf
# cd /var/named/chroot/etc/

Now edit the following files as mentioned below
# vi named.conf (check the entries in the red lines)
options {
     listen-on port 53 { 127.0.0.1; };
     listen-on-v6 port 53 { ::1; };
     directory "/var/named";
     dump-file "/var/named/data/cache_dump.db";
     statistics-file "/var/named/data/named_stats.txt";
     memstatistics-file "/var/named/data/named_mem_stats.txt";
     query-source port 53;
     query-source-v6 port 53;
     allow-query { localhost; 192.168.0.0/24;};
};

logging {
     channel default_debug {
     file "data/named.run";
     severity dynamic;
}; 
}; 
view localhost_resolver {
     match-clients { localhost; 192.168.0.0/24; };
     match-destinations { localhost; 192.168.0.0/24; };
     recursion yes;
     include "/etc/named.rfc1912.zones";
} ;

# vi named.rfc1912.zones
(add these two zones)
zone "example.com" IN {
type master;
file "example.com.zone";
allow-update {none;};
};  

zone "0.168.192.in-addr.arpa" IN {
type master;
file "192.168.0.zone";
allow-update{none;};
}; 
# cd /var/named/chroot/var/named/
# cp named.local 192.168.0.zone
# cp localhost.zone example.com.zone
# vi example.com.zone
$TTL 86400 @ IN SOA server.example.com. root.example.com. (
52 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

        IN  NS   server.example.com.
        IN  MX   10 server.example.com.
server  IN  A    192.168.0.100
www     IN  CNAME    server.example.com. 
# vi 192.168.0.zone
$TTL 86400
@ IN SOA server.example.com. root.server.example.com. (
1997022703 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum 

    IN NS server.example.com.
100 IN PTR server.example.com.
Restart the named server once you are done with all the configuration.
# service named restart
If you get any error message and your service ends up with a failed status then check the log messages for troubleshooting. I will guide with few of the problems I came up with and the way I overcome those errors at the end of the configuration

check your DNS
# ping google.com
PING google.com (74.125.236.195) 56(84) bytes of data. 
64 bytes from maa03s17-in-f3.1e100.net (74.125.236.195): icmp_seq=1 ttl=53 time=48.6 ms 
64 bytes from maa03s17-in-f3.1e100.net (74.125.236.195): icmp_seq=2 ttl=53 time=54.1 ms 
64 bytes from maa03s17-in-f3.1e100.net (74.125.236.195): icmp_seq=3 ttl=53 time=50.7 ms 
64 bytes from maa03s17-in-f3.1e100.net (74.125.236.195): icmp_seq=4 ttl=53 time=50.5 ms 
# dig -x 192.168.0.100
; <<>> DiG 9.3.3rc2 <<>> -x 192.168.0.100 
;; global options: printcmd 
;; Got answer: 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45439 
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1,  ADDITIONAL: 1 
;; QUESTION SECTION: 
;100.0.168.192.in-addr.arpa. IN PTR 
;; ANSWER SECTION: 
100.0.168.192.in-addr.arpa. 86400 IN PTR server.example.com. 
;; AUTHORITY SECTION: 
0.168.192.in-addr.arpa. 86400 IN NS server.example.com. 
;; ADDITIONAL SECTION: 
server.example.com. 86400 IN A 192.168.0.100 
;; Query time: 1 msec 
;; SERVER: 192.168.0.100#53(192.168.0.100) 
;; WHEN: Thu Nov 10 07:55:59 2011 
;; MSG SIZE rcvd: 107 
# nslookup server.example.com 
Server: 192.168.0.100 
Address: 192.168.0.100#53 

Name: server.example.com 
Address: 192.168.0.100


DNS server related errors
These are some of the issues which I had faced while working on the DNS server along with their solution. Kindly update me in the comment box with any other errors or problem you face while working with DNS servers.

Error 1:
# service named restart
Starting named:
Error in named configuration: /etc/named.rfc1912.zones:10: zone '.': already exists previous definition: /etc/named.root.hints:12
Solution:
There is a double entry of zone'.' section in named.rfc.1912.zones and named.root.hints

So remove the zone'.' section from any one of the both i.e. named.rfc.1912.zones ornamed.root.hints

Error 2:
Unable to ping the network or internet after configuring DNS server

Solution:

This means that you have not configured your DNS server properly and the error is no where related to zone files. So check your named.conf and named.rfc.1912.zones file.

Check the permissions on these files as we donot check the permission on these files once we copy it from the default location.

The permission on these files should look like this
# ls -l /var/named/chroot/etc/named*
-rw-r--r--. 1 root named 7731 May 16 10:11 named.conf
-rw-r--r--. 1 root named 2544 Jan 10 14:36 named.iscdlv.key
-rw-r--r--. 1 root named 1159 May 16 10:09 named.rfc1912.zones
-rw-r--r--. 1 root named 487 Jan 10 14:36 named.root.key
Error 3:
This is quite unusual problem and hopefully you won't get this issue but still in case face this problem when it happens that your DNS server is configured properly but still your are unable to connect to internet.

Solution:
This generally happens due to difference in the default time zone selected and the date or time of the local machine is different. So update the date and time of your local machine as per the time zone selected (for eg in INDIA we select Asia/Calcutta).

Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)