LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-27-2003, 06:12 PM   #1
little_ball
Member
 
Registered: Oct 2003
Location: teddy bears Land
Distribution: Slackware 10
Posts: 176

Rep: Reputation: 30
Bind DNS question


I, I'm very newbie in stuff about dns, networking and similar. I'm running mandrake Linux 9.1 whit Apache 2.0.47, and bind dns server 9.2 my doubt is about configuring bind. I have read a lot of manual and helps but i still don't understand very well. I don't whant to use my ISP dns to run my domain web servers, i whant to know when you configured /etc/named.conf it request something about zone, secundary, slave, dns, i supposed zone is where you put the register domain named, secundary and slave I'm still don't know what it is, and when it request my dns what i should put my local IP addres or what?? please I need a a big hand here.

Last edited by little_ball; 10-27-2003 at 06:14 PM.
 
Old 10-28-2003, 10:51 AM   #2
Robert0380
Guru
 
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280

Rep: Reputation: 47
ok lets say you have a domain name example.com taht you paid for. You must tell your registra that you domain name server is your box (if you have someone like godaddy you can add entries into the domain server list). Assuming u have all that worked out, you have to create a zone file for the domain and you'll have to add an entry in your named.conf file:

in your named.conf file, you'll need atleast the following:

Code:
zone "example.com" {
      type master;
      file example.com.zone;
};
the named.conf file is located usually in /etc/ or in my case /etc/bind/
and the zone files in /var/named/ or in my case /var/bind/pri and /var/bind/sec
(i use gentoo and it does things different )
if you are unsure about the location, there is an options block in the /etc/named.conf file that has a line that tells you where it looks for zone files


the 1st part of the zone file looks tricky at first but when you look at the finished product it starts to make sense.

the 1st line is usually a TTL statement (time to live). I think this tells servers that cache your servers responses how long to hold on to them before it should query your server again for the ip address of you domain name.

$TTL 3h ; (3 hours)


after that is the SOA recored (Statement of Authority i think).
This has a bunch of numbers (times and stuff, the comments here help out)

my SOA looks like this

Code:
gigahurts.net. IN SOA ns.gigahurts.org. hostmaster.gigahurts.net. (
                          1 ; serial
                         3h; refresh after 3 hours
                         1h; retry after 1 hour
                         1w; expire after 1 week
                         1h ; negative cachint TTL of 1  hour
                          )
the 1st line has the followin form your.domain. IN SOA master.name.server. email.address. (

the nameserver part will be the actual machine itself, i call mine ns.gigahurts.org.
because i own gigahurts.net and gigahurts.org but ns.gigahurts.org is an acutal registered domain name server. the email address part has to contain all "dots" ( . ) no @ symbols. The @ symbol is a special character in zone files. So if the email address is hostmaster@gigahurts.net then it would be hostmaster.gigahurts.net. in the SOA record.

Make usre you put those extra .'s on the end like i have them gigahurts.net.
if you dont, you'll end up with example.com.example.com . The dot tells bind not to append the domain name on the end. This is a common mistake (i've made it a few times).

the rest of the SOA record can be used verbatim. I wont go into what they mean but sometimes you'll see the times in seconds rather than in hours and days or weeks.


the very next thing after the SOA record should be NS records. This tells BIND what the name servers are for your domain. Usualy u want 2, a master (what u are createing) and a slave or secondary server incase your server crashes.

Code:
example.com.         IN  NS   ns.example.com.           ;NOTICE THE DOTS ON THE END
example.com.         IN  NS   secondary.server.com.   ; AGAIN NOTICE THE DOTS
this tells bind what your authoritative nameservers are. one should match what u put in the SOA record. the one in the SOA record is the master.

now you may look at that and say "ns.example.com doesnt exsist". Well just hold on, it's comming .

Address Records (A records). this is where you list hostnames and the IPs to give for them.

Code:
example.com.       IN  A  192.168.1.1   ; put your ip address here
ns.example.com.   IN  A  192.168.1.1   ; put your ip address here

ftp.example.com.   IN A   192.168.1.1  ;again , your ip here NOTICE THE DOTS ON THE END

www.example.com.  IN A 192.168.1.1  ; ....you get it now
this is really all you need unless u want to do some email stuff. I dont use CNAMES because those cause double lookups and for my small zone, it isnt necessary but a CNAME record is an alias for something that already has an A record like...

pimp.example.com. IN CNAME www.example.com.

when someone on the net tries to get the ip address for pimp.example.com it will cause a lookup of the ip address of www.exmple.com. I just go ahead and give pimp the same IP as www and make it an A record but in some cases a CNAME is better, especially if the IP address changes a lot of you dont know what the ip is (maybe the CNAME is for a computer not owned by u or something).

like you may be able to do this...

yahoo.example.com IN CNAME www.yahoo.com.

but, why the hell would u wanna do that?

anyway, the finished product:

Code:
example.com. IN SOA ns.example.com. hostmaster.example.com. (
                          1 ; serial
                         3h; refresh after 3 hours
                         1h; retry after 1 hour
                         1w; expire after 1 week
                         1h ; negative cachint TTL of 1  hour
                          )


example.com.         IN  NS   ns.example.com.           ;NOTICE THE DOTS ON THE END
example.com.         IN  NS   secondary.server.com.   ; AGAIN NOTICE THE DOTS

ns.example.com.   IN  A  192.168.1.1   ; put your ip address here

ftp.example.com.   IN A   192.168.1.1  ;again , your ip here NOTICE THE DOTS ON THE END

www.example.com.  IN A 192.168.1.1  ; ....you get it now

how to clean up the file....

remeber how leaving off the "DOTS" will append "example.com", well this is actally helpful. You can create your records by doing this....


www IN A 192.168.1.1 ; by leaving off the dot, it becomes www.example.com
ftp IN A 192.168.1.23; same here, it becomes ftp.example.com

but if you put www.example.com and leave off the " . " you'll get www.example.com.example.com so becarefule.

also everytime you change your zone file you MUST add 1 to the serial number in the SOA and reload the zone files (i use killall -1 named ) -1 re-reads in the config file.

If you dont increment the serial number, your slaves wont be notified of the changes.

if you want to run a mail server, you'll need MX records:

i usually make 2 MX records ... mail.examle.com and exmaple.com
my mail server is setup to recieve mail for the domain mail.gigahurts.net but my DNS will take anything that is gigahurts.net or mail.gigahurts.net here is the setup.

mail.example.com. IN A 192.168.1.234
mail.example.com. IN MX 10 mail.example.com.
example.com. IN MX 20 mail.example.com.

so if email is sent to root@example.com , it is sent to [email]root@mail.example.com
and if mail is sent to root@mail.examle.com , same thing, this way you can get
email from both names but your mail server gets it's own hostname (mail)

any questions, ask and i'll try to explain more. i get all this from the book DNS and BIND by Paul Albitz and Cricket Liu (4th Edition covers bind 9).

Last edited by Robert0380; 10-28-2003 at 10:56 AM.
 
Old 10-28-2003, 11:39 AM   #3
Robert0380
Guru
 
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280

Rep: Reputation: 47
oh, unless you own the ip address you are using, dont worry about the PTR records. You ISP already handles that. The reverse look-up only works if you own the IP.
 
Old 10-28-2003, 09:05 PM   #4
spooge
Member
 
Registered: Nov 2001
Location: n chicago, IL. USA
Distribution: Slackware
Posts: 307

Rep: Reputation: 31
Robert0380

Like that was was a nice reply. Thanks!

I've been diigin around and playing with this...............

the one question i haven't found an answer for is..
my hostname on my main server, should be ( dumbshat.com ) the same as my
domain name ? or like ns.dumbshat.com ?

sorry for the lame question lq

THANKS
 
Old 10-28-2003, 10:55 PM   #5
beatlelane
Member
 
Registered: Jun 2003
Location: Manila
Distribution: Bayanihan+RH9+FC1
Posts: 68

Rep: Reputation: 15
hi guys!

also need some info about dns, we have a working microsoft dns server and want to migrate this to linux, its a master domain and without slave (secondary) nameserver...we are hosting lot of subdomain with an MX entries.

for example i have this domain "mydomain.com" and want to add a subdomain "subdomain.mydomain.com" with MX record on that with corresponding PTR records, where should i put the entries?

i read lots of documents regarding this and am little bit confuse, and got no information about subdomains in one server, all i have here are flat domain examples.

another thing is, according to what i have read, all ns entries will be notified by the server (in this case my server in "mydomain.com) if there are new entries added....if i included my isp nameserver (adding their nameserver as ns record), changes in my server will be relected on their server...it should be that way right? so why should i need another (slave) server just to resolve destination by my private network, or people looking for us from outside?

hope someone with a big heart will help me on this...a good link would be enough anyway...thanks
 
Old 10-29-2003, 02:26 AM   #6
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Only put your ISP's name servers in your zone file if you know with 100% certainty that they agreed to act as slaves for you (this is extremely rare). You cannot just send unsolicited zone updates to another name server--it won't accept them unless it's specifically configured to do so.

You can delegate subdomains to a different name server, but a more simple approach (it only scales to a point, so don't use it for a huge zone) would be to add them to your base zone. For instance if you have mydomain.tld and also support.mydomain.tld, you can add an IN MX record for mydomain.tld and for support.mydomain.tld in the same zone.
Code:
mydomain.tld. IN MX 10 mail.mydomain.tld
support.mydomain.tld IN MX 10 mail2.mydomain.tld
You should be able to abbreviate that like
Code:
        IN MX 10 mail.mydomain.tld
support IN MX 10 mail2.mydomain.tld
 
Old 10-30-2003, 12:16 AM   #7
beatlelane
Member
 
Registered: Jun 2003
Location: Manila
Distribution: Bayanihan+RH9+FC1
Posts: 68

Rep: Reputation: 15
thanks so much chort!
 
Old 10-30-2003, 12:34 PM   #8
phowarth
LQ Newbie
 
Registered: Oct 2003
Location: Ontario
Posts: 3

Rep: Reputation: 0
BIND 9 DNS Issue

We have a small internal DNS server set up that is working great for both forward and reverse lookups of our machine names with one exception. We decided recently to move our Web and email to an external hosting service and now we can not access the URL because the local DNS server thinks that it is the SOA for that domain.

i.e when we enter our web site into the browser "www.domain.com" it searches the internal DNS and can't resolve the name. Since our internal DNS is the SOA for domain.com.

I have tried using an A record to point to the IP I get when pinging www.domain.com from an external DNS server , but that does not work.

Is there a way to make DNS lookup www.domain.com on an external (ie ISP) DNS server, but do all othe rlookups for the domain on the intrnal server?

I have tried putting the ISP's DNS as a second entry in the resolv.conf file but that does not seem to work. It appears to stop seaching after the failure to locate the record on the internal DNS.

Any help is appreciated.

Thanks
Paul
 
Old 02-23-2004, 04:33 AM   #9
beatlelane
Member
 
Registered: Jun 2003
Location: Manila
Distribution: Bayanihan+RH9+FC1
Posts: 68

Rep: Reputation: 15
hi guys!

at last, i have configured a working dns, but still got a minor problem. i need to allow my localnet to use this dns server.

Localnetwork ---> DNS (with to ipa) --->Internet

in MS Windblows it was easy but unfortunately i'm having a hard time in BIND with this kind of configuration, i got an rndc error.

again, any help will be appreciated. ;-)

Last edited by beatlelane; 02-23-2004 at 04:38 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
bind caching dns question FunkyRes Linux - Software 4 05-04-2005 01:33 PM
DNS and bind amjad General 0 02-17-2005 09:19 AM
DNS Bind question phowarth Linux - Networking 1 10-31-2003 01:31 AM
??? DNS or Bind Question ??? Viper Slackware 23 08-10-2002 11:01 AM
DNS Bind Question 360 Linux - Networking 1 08-13-2001 11:51 PM


All times are GMT -5. The time now is 12:17 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration