Configuring DNS:
Domain Name System (DNS) converts the name of a Web site (www.example.com) to an IP address (203.200.192.133).
BIND: Berkeley Internet Name Domain project, which is a group that maintains the DNS-related software suite that runs under Linux. The most well known program in BIND is named, the daemon that responds to DNS queries from remote machines.
DNS Clients: Does not store DNS Info instead it shld always refer to DNS server to get it. Config file is /etc/resolv.conf.
Authoritative DNS Servers: Actual guy to tell your website and name of the server.
Below are my config files:
[root@lava chroot]# pwd
/var/named/chroot
[root@lava chroot]# less etc/named.conf
options
{
query-source port 53;
//query-source-v6 port 53;
// Put files that named is allowed to write in the data/ directory:
listen-on port 53 { 127.0.0.1; 192.168.1.9; };
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory (/var/named).
* By default, SELinux policy does not allow named to modify the /var/named directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view "external"
{
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN interface subnets:
*/
match-clients { any; };
match-destinations { any; };
allow-transfer { 192.168.1.10; };
recursion no;
include "/etc/named.root.hints";
zone "lol200.com" {
type master;
allow-query { any; };
file "lava.lol200.zone.db";
};
zone "1.168.192.in-addr.arpa" {
type master;
allow-query { any; };
file "1.168.192.lol200.zone";
};
};
=============*******************============******************=====================
[root@lava chroot]# cat var/named/lava.lol200.zone.db
;
; Zone file for lol200.com
;
; The full zone file
;
$TTL 3D
@ IN SOA ns1.lol200.com. hostmaster.lol200.com. (
2010011710 ; serial#
3600 ; refresh, seconds
3600 ; retry, seconds
3600 ; expire, seconds
3600 ) ; minimum, seconds
IN NS ns1.lol200.com.
IN NS ns2.lol200.com.
IN MX 5 mail.lol200.com.
IN A 192.168.1.9
IN A 192.168.1.10
ns1 IN A 192.168.1.9
ns2 IN A 192.168.1.10
www IN CNAME lol200.com.
mail IN A 192.168.1.70
=============*******************============******************=====================
[root@lava chroot]# cat var/named/1.168.192.lol200.zone
;
; Rev Zone file for lol200.com
;
; The full zone file
;
$TTL 3D
@ IN SOA ns1.lol200.com. hostmaster.lol200.com. (
2010011710 ; serial#
3600 ; refresh, seconds
3600 ; retry, seconds
3600 ; expire, seconds
3600 ) ; minimum, seconds
IN NS ns1.lol200.com.
IN NS ns2.lol200.com.
9 IN PTR ns1.lol200.com.
10 IN PTR ns2.lol200.com.
70 IN PTR mail.lol200.com.
NOTE: Initial setup Run [root@lava chroot]# /etc/init.d/named restart ... But later practise using #rndc reload
Observe : [root@lava chroot]# tail /var/log/messages
Jan 17 23:20:10 localhost named[7022]: loading configuration from '/etc/named.conf'
Jan 17 23:20:10 localhost named[7022]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 17 23:20:10 localhost named[7022]: listening on IPv4 interface eth0, 192.168.1.9#53
Jan 17 23:20:10 localhost named[7022]: command channel listening on 127.0.0.1#953
Jan 17 23:20:10 localhost named[7022]: command channel listening on ::1#953
Jan 17 23:20:10 localhost named[7022]: zone 1.168.192.in-addr.arpa/IN/external: loaded serial 2010011710
Jan 17 23:20:10 localhost named[7022]: zone lol200.com/IN/external: loaded serial 2010011710
Jan 17 23:20:10 localhost named[7022]: running
Jan 17 23:20:10 localhost named[7022]: zone lol200.com/IN/external: sending notifies (serial 2010011710)
Jan 17 23:20:10 localhost named[7022]: zone 1.168.192.in-addr.arpa/IN/external: sending notifies (serial 2010011710)
=============*******************============******************=====================
How to configure Secondary DNS server ?
In slave named.conf specify :
zone "lol200.com" {
type slave;
allow-query { any; };
masters { 192.168.1.9; };
file "lava.lol200.zone.db";
};
zone "1.168.192.in-addr.arpa" {
type slave;
allow-query { any; };
masters { 192.168.1.9; };
file "1.168.192.lol200.zone";
};
Reload named service & observe var log messages
Then are are the updated lines in Primary DNS Server:
zone "lol200.com" {
type master;
allow-query { any; };
allow-transfer { 192.168.1.7; };
notify yes;
file "lava.lol200.zone.db";
};
zone "1.168.192.in-addr.arpa" {
type master;
allow-query { any; };
allow-transfer { 192.168.1.7; };
notify yes;
file "1.168.192.lol200.zone";
};
Reload named service & observe var log messages
=============*******************============******************=====================
-
DoS Attack Detection In Linux You can simply use netstat command to print out a list of all open connection to your Linux box. The list ...
-
Bash scripts to scan and monitor network This article provides few simple scripts to scan and monitor network using combination of bash and...
-
Socket connection to IP address - port application Any client (e.g. your Web browser) goes through the following cycle when it communicates...
