Set up a DNS server in Linux (2)

Source: Internet
Author: User
Tags nameserver
Article Title: Set up a DNS server in Linux (2 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
2. Install the server software
  
2.1 obtain the bind package (the new version is 8.2.2 p5)
  
Get the three latest stable files from the bind home page http://www.isc.org:
  
Bind-contrib.tar.gz
  
Bind-doc.tar.gz
  
Bind-src.tar.gz
  
Or get three files from the http://www.redhat.com:
  
Bind-8.2.2-p5-9.i386.rpm
  
Bind-devel-8.2.2-p5-9.i386.rpm
  
Cache-nameserver-6.2-2.noarch.rpm
  
2.2 install the bind package
  
Install the tar package:
  
Decompress the package first
  
Tar zxpf bind-contrib.tar.gz
  
Tar zxpf bind-doc.tar.gz
  
Tar zxpf bind-src.tar.gz
  
Edit and modify the Makefile. set File
  
'Destlib =/usr/lib/bind/lib'
  
'Destinc = '/usr/lib/bind/include'
  
Compile and install
  
Make
  
Make install
  
Install the rpm package:
  
Rpm-Uhv bind-8.2.2-p5-9.i386.rpm
  
Rpm-Uhv bind-devel-8.2.2-p5-9.i386.rpm
  
Rpm-Uhv cache-nameserver-6.2-2.noarch.rpm
  
3. Let the Server Run --- basic
  
3.1
  
The BIND can be configured in several different running modes. The general BIND is configured as a pure parser system, pure Cache Server, master server, and auxiliary server.
  
A parser is a program code used by the Domain Name Server to query domain information. In unix systems, it is implemented in the form of Library Routines, rather than a separate client program. the pure parser system is easy to configure. Just set/etc/resolv. conf file. this method is usually used in systems where Domain Name Server software cannot be run locally due to some restrictions.
  
For example, the content of/etc/resolv. conf is similar:
  
Search test.com
  
Nameserver 127.0.0.1
  
Nameserver 172.16.0.1
  
When you configure the parser library to use the BIND name service for host search, you must also tell it which name server to use. There is an independent file called resolv. conf. If the file does not exist or is empty, the parser assumes that the name server is on your local host.
  
If you run a name server on your local host, you must set it separately.
  
The most important option in resolv. conf is nameserver, which provides the IP address of the name server to be used. If you specify several name servers by giving the nameserver option several times, they will be tried in the given order. Therefore, you should first provide the most reliable server. Currently, up to three name servers are supported.
  
If the nameserver option is not provided, the parser tries to connect to the name server on the local host.
  
The other two options: domain and search involve the default domain attached to the host name if BIND cannot be resolved with the first request. The search option specifies a list of domain names for trial use. List items are separated by spaces or tabs.
  
If the search option is not provided, a search list is created from the local domain name and from the root parent domain by using the domain name itself. The local domain name can be given using the domain statement. If neither of them is provided, the parser will obtain the domain name by calling getdomainname (2.
  
3.2 The other three configuration methods are used for domain name servers.
  
Pure Cache Server
  
The pure cache server runs the Domain Name Server software, but does not have a Domain Name Server database file. It records every data obtained from the remote Domain Name Server to answer future queries for the same information.
  
Three basic configuration files required for a pure Cache Server:
  
/Etc/named. conf
  
/Var/named. ca
  
/Var/named. local
  
Create or modify/etc/named. conf:
  
// Generated by named-bootconf.pl
  
Options {
  
Directory "/var/named ";
  
/*
  
* If there is a firewall between you and nameservers you want
  
* To talk to, you might need to uncomment the query-source
  
* Directive below. Previous versions of BIND always asked
  
* Questions using port 53, but BIND 8.1 uses an unprivileged
  
* Port by default.
  
*/
  
// Query-source address * port 53;
  
Forwarders {172.16.0.1; 172.16.0.11 ;};
  
};
  
//
  
// A caching only nameserver config
  
//
  
Zone "."{
  
Type hint;
  
File "named. ca ";
  
};
  
Zone "0.0.127.in-addr. arpa "{
  
Type master;
  
File "named. local ";
  
};
  
In the file "forwarders {172.16.0.1; 172.16.0.11 ;};" the IP address is the IP address of the master server and the secondary server in your network.
Create or modify/var/named. local
  
@ In soa localhost. root. localhost .(
  
1997022700; Serial
  
28800; Refresh
  
14400; Retry
  
3600000; Expire
  
86400); Minimum
  
In ns localhost.
  
1 in ptr localhost.
  
Create or modify/var/named. ca:
  
As for/var/named. ca, we need to get it from the redhat linux CD. We also use the command to get it from the Internet:
  
Dig @ .aroot-servers.net. ns>/var/named. ca
  
If the rpm package is used for installation, the three files will be generated automatically. We only need to modify/etc/named. conf. /var/named. ca generally does not need to be modified.
  
Master Server
  
The master server is the authorization source for all information of the given domain. The domain information it loads comes from the disk files created by the domain administrator and maintained locally.
  
We use "test.com" as an example. We need five basic configuration files:
  
/Etc/named. conf
  
/Var/named. ca
  
/Var/named. local
  
/Var/named/named.test.com
  
/Var/named/named.172.16.0
  
Create or modify/etc/named. conf:
  
// Generated by named-bootconf.pl
  
Options {
  
Directory "/var/named ";
  
/*
  
* If there is a firewall between you and nameservers you want
  
* To talk to, you might need to uncomment the query-source
  
* Directive below. Previous versions of BIND always asked
  
* Questions using port 53, but BIND 8.1 uses an unprivileged
  
* Port by default.
  
*/
  
// Query-source address * port 53;
  
};
  
//
  
// A PM nameserver config
  
//
  
Zone "."{
  
Type hint;
  
File "named. ca ";
  
};
  
Zone "0.0.127.in-addr. arpa "{
  
Type master;
  
File "named. local ";
  
};
  
// There are our primary zone files
  
Zone "test.com "{
  
Type master;
  
File "named.test.com ";
  
};
  
Zone "0.16.172.in-addr. arpa "{
  
Type master;
  
File "named.172.16.0 ";
  
};
  
The zone "test.com" section in the file declares that this is the master server used for the test.com domain and is used to load data in this domain from the/var/named/named.test.com file.
  
The zone "0.16.172.in-addr. arpa" section in the file directs to the file mapped to the IP address 172.16.0. * to the host name. It is used to load data in the domain from the/var/named/named.172.16.0 file.
  
Create or modify/var/named. local
  
@ In soa ns.test.com. root.ns.test.com .(
  
2000051500; Serial
  
28800; Refresh
  
14400; Retry
  
3600000; Expire
  
86400); Minimum
  
In ns ns.test.com.
  
1 in ptr localhost.
  
Note: When modifying the named. * file, you must add the Serial value each time you save the disk. If you use an absolute domain name, do not forget "."
  
The @ character IN the resource record is converted to the current domain test.com, IN indicates that the resource record uses the TCP/IP address, and SOA indicates that the jurisdiction begins to record .ns.test.com. is the standard name of the primary DNS server for this domain, followed by the contact EMAIL address, where the @ character must be ". "replace.
  
Create or modify/var/named/named.test.com
  
@ In soa ns.test.com. root.ns.test.com .(
  
2000051500; Serial
  
28800; Refresh
  
14400; Retry
  
3600000; Expire
  
86400); Minimum
  
In ns ns.test.com.
  
Ns A 172.16.0.1
  
NSA 172.16.0.11
  
Www A 172.16.0.2
  
Ftp CNAME www.test.com.
  
Mail A 172.16.0.3
  
MX 10 mail.test.com.
  
Create or modify/var/named/named.172.16.0
  
@ In soa ns.test.com. root.ns.test.com .(
  
2000051500; Serial
  
28800; Refresh
  
14400; Retry
  
3600000; Expi

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.