DNS master server configuration:-
- yum install bind bind-utils bind-libs caching-nameserver
- dont just install bind*
- cat /etc/named.caching-nameserver.conf > /etc/named.conf
- cat /etc/named.rfc1912.zones >> /etc/named.conf
- chown root.named /et c/named.conf
6) vim /etc/named.conf
options {
listen-on port 53 { 127.0.0.1; 192.168.1.5; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
# forwarders { 203.145.184.32; 203.145.184.13; };
#forward only;
allow-query { localhost; 192.168.1.0/24; };
};
//example.com can be your domain.com
zone "example.com" IN {
type master;
file "forward.zone";
};
// 1.168.192 can be your network ip
zone "1.168.192.in-addr.arpa" IN {
type master;
file "reverse.zone";
};
7)this is time to create forword zone(forword.zone)
8)cp /var/named/localdomain.zone /var/named/forward.zone
9)chown root.named /var/named/forward.zone
$TTL 86400
@ IN SOA server1.example.com. root.server1.example.com. (
45 ; serial (d. adams)
1 ; refresh
1 ; retry
1W ; expiry
1D ) ; minimum
IN NS server1.example.com.
server1 IN A 192.168.1.5
server2 IN A 192.168.1.7
- cp /var/named/named.local /var/named/reverse.zone
- chown root.named /var/named/reverse.zone
$TTL 86400
@ IN SOA server1.example.com. root.server1.example.com. (
1997022703 ; Serial
1 ; Refresh
1 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS server1.example.com.
5 IN PTR server1.example.com.
7 IN PTR server2.example.com.
- vim /etc/resolve.conf
- search example.com
nameserver 192.168.0.254
slave server:
- yum install bind bind-utils bind-libs caching-nameserver
- dont just install bind*
- cat /etc/named.caching-nameserver.conf > /etc/named.conf
- cat /etc/named.rfc1912.zones >> /etc/named.conf
- chown root.named /et c/named.conf
- vim /etc/named.conf
options {
listen-on port 53 { 127.0.0.1; 192.168.1.254; };
// 192.168.0.254 is master server's ip address
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
// every query forwarded to specified ip(master)
forwarders { 192.168.0.254; };
forward only;
allow-query { localhost; 192.168.1.0/24; };
recursion yes;
//recursion forwarders querys to master while client try to get a lookup which is not in the slave
};
//example.com can be your domain.com
zone "example.com" IN {
type slave;
file "slave/forward.zone";
masters { 192.168.0.254; };
};
// 1.168.192 can be your network ip
zone "1.168.192.in-addr.arpa" IN {
type slave;
file "slave/reverse.zone";
masters { 192.168.0.254; };
};
- service named restart
- after you restart dns, slave DNS get the zone files from master DNS
- (or) /etc/init.d/named restart
- if you have firewall turned on, do the following
iptables -A INPUT -p tcp –dport 53 -s 192.168.1.0/24 -j ACCEPT
service iptables save
11) vim /etc/resolve.conf
search example.com
nameserver 192.168.0.254
