LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   named.conf and named.caching-server.conf ? (http://www.linuxquestions.org/questions/linux-server-73/named-conf-and-named-caching-server-conf-550801/)

Ronin_tekorei 05-02-2007 07:07 PM

named.conf and named.caching-server.conf ?
 
Hello to all!!

I have a problem or more like a question about what is the file /etc/name.caching-server.conf

I have Fedora Core 6 that i recently installed to make a server, web server. I'm trying to make a DNS Server to atach the direction that i registered... "something.net" (example of corse)

In Fedora Core 5 i have allready configured it before.

In that case after i installed the bind packet over yum it allready created a file named /etc/named.conf

In FC6 after i installed the bind packet in the intallation of the system selecting it from the list the only files that was created for named was the file /etc/named.caching-server.conf and /etc/named.rc...something (i don't remember right now)

So... how do this work? it's the new bind 9.3.4 or is another mode of it? an only caching name server? and how can i create a /etc/named.conf ?

when i start the service named the command " grep named /var/log/messages " give me this:

Code:

May  2 20:49:44 server named[15639]: starting BIND 9.3.4 -u named -t /var/named/chroot
May  2 20:49:44 server named[15639]: found 1 CPU, using 1 worker thread
May  2 20:49:44 server named[15639]: loading configuration from '/etc/named.conf'
May  2 20:49:44 server named[15639]: listening on IPv4 interface lo, 127.0.0.1#53
May  2 20:49:44 server named[15639]: listening on IPv4 interface eth1, 192.168.1.254#53
May  2 20:49:44 server named[15639]: command channel listening on 127.0.0.1#953
May  2 20:49:44 server named[15639]: command channel listening on ::1#953
May  2 20:49:44 server named[15639]: zone 0.in-addr.arpa/IN: loaded serial 42
May  2 20:49:44 server named[15639]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42
May  2 20:49:44 server named[15639]: zone 255.in-addr.arpa/IN: loaded serial 42
May  2 20:49:44 server named[15639]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 42
May  2 20:49:44 server named[15639]: zone localdomain/IN: loaded serial 42
May  2 20:49:44 server named[15639]: zone localhost/IN: loaded serial 42
May  2 20:49:44 server named[15639]: running

the line:
Code:

May  2 20:49:44 server named[15639]: loading configuration from '/etc/named.conf'
say that it's getting the configuration from /etc/named.conf
how is this possible? the file does not exist.

If someone can help me please.

if you need more info just ask and i will post it here.

Thanks

rcase5 05-03-2007 03:41 AM

named confusion
 
As of Fedora Core 4 (it may have been earlier, I'm not sure), the default configuration for named is to run in what is called a "chroot jail". In other words, a special environment is set up specifically for named. In this configuration, named can only see it's own configuration stuff and nothing else. This is supposed to be a bit more secure.

In reality, everything related to named is actually running in /var/named/chroot. From there, as far as named is concerned, /var/named/chroot actually looks like /. You will notice that /var/named/chroot also has dev, etc, var, and proc. If you type "cd var/named", you will see all of your actual named configuration stuff, including zone files. The named.conf file it is referring to is actually in directory /var/named/chroot/etc. The log simply displays it as /etc/named because, as far as it's concerned, that's where it is because of the chroot jail.

As for your first question, what is the difference between named.conf and named.caching-server.conf, there are two different types of DNS resolution. There is authoritative DNS and recursive DNS.

Authoritative DNS is the DNS you have when you are hosting a domain. So if you are hosting "something.net" (to site your example), authoritative DNS has all of the records necessary for your domain to work. This will include your records to resolve different hostnames (A records), records so people can send you email (MX records), resolve records in your domain (NS records), etc.

Recursive DNS is the process of resolving a domain. So, if you type "linuxquestions.org" into your browser, your system (or a recursive DNS server) goes out and resolves the domain to an IP address. This is only one example of what recursive DNS does, but it illustrates the point. A caching DNS server caches all of the recursive DNS requests made on it, so that when another request comes in for the same record, it can simply spit out what it already has looked up, instead of going out and redoing the resolution process. The DNS entries you put into your IP stack that point to the DNS servers for your ISP are caching DNS servers (most likely). I run one myself here in my office, and boy does it speed things up!

Based on your initial question, it sounds like you want the former type of configuration, not the latter. You can run both types of services on one server, but it is not recommended, and is actually a very bad idea. If you want to do both services, run them on separate servers. It will reduce the chances you misconfigure your authoritative DNS server, and will also reduce the chances you will create a security risk for yourself.

Hope this helps.

Robert...

Ronin_tekorei 05-03-2007 04:09 AM

Another question
 
First of all thanks rcase5 for clearing out my doubts!

Now to my consequent question: What i want to do is to host my on website, i have already register my domain and have my public ip. So i need an Authoritative DNS, thats one doubt out :)
But i also have my internal network that access to the internet thanks to my server. then what i need is to make a DNS server that will work to serve my page to the world an to make my internal network get conection to the internet.

When i configured my Fedora Core 5 bind server i just put the internal domain (mydomain.home) in there and the zone for it, created the files for the zone and all..("mydomain.home.zone" and the "reverse.ip.zone") and learned about the chroot jail that was implemented to have more security.

It work without any problems, it resolves to the internal network (like machine1.mydomain.home) and to give internet to them.

The questions are: an Authoritative DNS will do that? and.. If i make changes to the /var/named/etc/named.conf it will aply to the named service when i start it?

rcase5 05-03-2007 04:42 AM

Hosting your public domain
 
Yes, you can do both. It's just another "zone" entry in your "named.conf" file, and another zone file in /var/named/chroot/var/named. I don't know what your named.conf file looks like exactly, but it sounds like you can simply copy and paste what you have for "mydomain.home.zone" and just change the domain-specific information to "mydomain.com.". (Don't forget to put the trailing '.' at the end of the zone spec).

Then you create a zone file (call it something like "db.mydomain.com", and then create all of the zone records you will need. At a minimum, you'll need an SOA record, a couple of A records, at least one NS record, and if you want to receive mail to your domain, an MX record. I'll leave it up to you to look up the formatting for those records and what specific requirements you might need (I can't do all of your homework. :) ).

Then you need to contact your registrar and make those records point to your public IP. Different registrars do it differently, so you'll have to read up on their specific requirements.

Ronin_tekorei 05-03-2007 07:34 AM

ok.. i got it :)

I have test making SOA, A, MX, CNAME, NS, and PTR Records in the internal domain and it work whitout a problem, the e-mail, ftp and www work internally.. as an intranet... :)

machine1.mydomain.home can put in the mozilla the direction "www.mydomain.home" and it opens the internal web page that i make (for testing) as well as the direction that is a CNAME for mail server "mail.mydomin.home" and open the squierlmail web page.

Now i have cleared out my doubts. thanks for all rcase5!


All times are GMT -5. The time now is 06:45 AM.