|
RHEL6 Forwarders DNS Bind howto |
|
LINUX RHEL 6 BIND DNS howto
Last Updated on :- Thu Mar 24 04:30:30 IST 2011
[root@desktop6 ~]# yum install bind*
Loaded plugins: refresh-packagekit, rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Package 32:bind-libs-9.7.0-5.P2.el6.x86_64 already installed and latest version
Package 32:bind-utils-9.7.0-5.P2.el6.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.7.0-5.P2.el6 set to be updated
---> Package bind-chroot.x86_64 32:9.7.0-5.P2.el6 set to be updated
---> Package bind-devel.x86_64 32:9.7.0-5.P2.el6 set to be updated
---> Package bind-dyndb-ldap.x86_64 0:0.1.0-0.9.b.el6 set to be updated
---> Package bind-sdb.x86_64 32:9.7.0-5.P2.el6 set to be updated
--> Processing Dependency: libpq.so.5()(64bit) for package: 32:bind-sdb-9.7.0-5.P2.el6.x86_64
--> Running transaction check
---> Package postgresql-libs.x86_64 0:8.4.4-2.el6 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
bind x86_64 32:9.7.0-5.P2.el6 base 3.5 M
bind-chroot x86_64 32:9.7.0-5.P2.el6 base 65 k
bind-devel x86_64 32:9.7.0-5.P2.el6 optional 362 k
bind-dyndb-ldap x86_64 0.1.0-0.9.b.el6 base 47 k
bind-sdb x86_64 32:9.7.0-5.P2.el6 optional 276 k
Installing for dependencies:
postgresql-libs x86_64 8.4.4-2.el6 base 188 k
Transaction Summary
================================================================================
Install 6 Package(s)
Upgrade 0 Package(s)
Total download size: 4.4 M
Installed size: 8.9 M
Is this ok [y/N]: y
Downloading Packages:
(1/6): bind-9.7.0-5.P2.el6.x86_64.rpm | 3.5 MB 00:00
(2/6): bind-chroot-9.7.0-5.P2.el6.x86_64.rpm | 65 kB 00:00
(3/6): bind-devel-9.7.0-5.P2.el6.x86_64.rpm | 362 kB 00:00
(4/6): bind-dyndb-ldap-0.1.0-0.9.b.el6.x86_64.rpm | 47 kB 00:00
(5/6): bind-sdb-9.7.0-5.P2.el6.x86_64.rpm | 276 kB 00:00
(6/6): postgresql-libs-8.4.4-2.el6.x86_64.rpm | 188 kB 00:00
--------------------------------------------------------------------------------
Total 31 MB/s | 4.4 MB 00:00
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
base/gpgkey | 6.3 kB 00:00 ...
Importing GPG key 0xFD431D51 "Red Hat, Inc. (release key 2) " from /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Is this ok [y/N]: y
Importing GPG key 0x2FA658E0 "Red Hat, Inc. (auxiliary key) " from /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : 32:bind-9.7.0-5.P2.el6.x86_64 1/6
Installing : postgresql-libs-8.4.4-2.el6.x86_64 2/6
Installing : 32:bind-sdb-9.7.0-5.P2.el6.x86_64 3/6
Installing : bind-dyndb-ldap-0.1.0-0.9.b.el6.x86_64 4/6
Installing : 32:bind-chroot-9.7.0-5.P2.el6.x86_64 5/6
Installing : 32:bind-devel-9.7.0-5.P2.el6.x86_64 6/6
Installed:
bind.x86_64 32:9.7.0-5.P2.el6 bind-chroot.x86_64 32:9.7.0-5.P2.el6
bind-devel.x86_64 32:9.7.0-5.P2.el6 bind-dyndb-ldap.x86_64 0:0.1.0-0.9.b.el6
bind-sdb.x86_64 32:9.7.0-5.P2.el6
Dependency Installed:
postgresql-libs.x86_64 0:8.4.4-2.el6
Complete!
[root@desktop6 ~]# cd /var/named/chroot/etc/
[root@desktop6 etc]# ls
localtime named pki
[root@desktop6 etc]# cd named/
[root@desktop6 named]# ls
[root@desktop6 named]# cd ..
[root@desktop6 etc]# ls
localtime named pki
[root@desktop6 etc]# updatedb
[root@desktop6 etc]# cd /usr/share/doc/
Display all 751 possibilities? (y or n)
[root@desktop6 etc]# cd /usr/share/doc/bind-9.7.0/
arm/ Copyright draft/ named.conf.default rfc/ sample/
CHANGES COPYRIGHT misc/ README rfc1912.txt
[root@desktop6 etc]# cd /usr/share/doc/bind-9.7.0/sample/
etc/ var/
[root@desktop6 etc]# ls /usr/share/doc/bind-9.7.0/sample/etc/named.conf
localtime named/ pki/
[root@desktop6 etc]# ls
localtime named pki
[root@desktop6 etc]# cd named/
[root@desktop6 named]# ls
[root@desktop6 named]# pwd
/var/named/chroot/etc/named
[root@desktop6 named]#
[root@desktop6 named]# man named.conf
[root@desktop6 named]#
[root@desktop6 named]# man named
[root@desktop6 named]#
[root@desktop6 named]# pwd
/var/named/chroot/etc/named
[root@desktop6 named]# cd ..
[root@desktop6 etc]# vim named.conf
i[root@desktop6 etc]# cp /usr/share/doc/bind-9.7.0/named.conf.default named.conf
cp: overwrite `named.conf'? y
[root@desktop6 etc]# vim named.conf
[root@desktop6 etc]# cat /usr/share/doc/bind-9.7.0/named.conf.default
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; }; #<============== you need to add your ip address
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; }; ###<============= add all the network which will be client to this dns
recursion yes;
dnssec-enable yes; ###<============ remove this lines for basic config
dnssec-validation yes; ###<============ remove this lines for basic config
dnssec-lookaside auto; ###<============ remove this lines for basic config
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key"; ###<============ remove this lines for basic config
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
[root@desktop6 etc]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
NOW LET US MAKE SOME BASIC CHANGES FOR FORWARDER DNS.
[root@desktop6 etc]# vim named.conf
AFTER CHANGES THE named.conf look likes as below
[root@desktop6 etc]# cat named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.0.6; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.0.0/24; };
recursion yes;
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
[root@desktop6 etc]#
NOTE : BEFORE TESTING YOUR DNS PLEASE CHECK TO PING ANY SITE ON INTERNET, CHECK YOUR GATEWAY PROPERLY.
NOW GIVE FOLLOWING COMMAND FOR TESTING THE BASIC DNS
[root@desktop6 etc]# dig @localhost www.google.com
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> @localhost www.google.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41729
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 604800 IN CNAME www.l.google.com.
www.l.google.com. 300 IN A 209.85.231.104
;; AUTHORITY SECTION:
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns4.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns1.google.com.
;; Query time: 116 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Mar 24 03:46:47 2011
;; MSG SIZE rcvd: 140
[root@desktop6 etc]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 br0
0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 br0
LET US NOW ADD CONFIGURATION FOR FORWARDER
[root@desktop6 etc]# vim named.conf
[root@desktop6 etc]# cat named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.0.6; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.0.0/24; };
recursion yes;
forward only;
forwarders { 192.168.0.254; };
};
###
###zone "." IN {
### type hint;
### file "named.ca";
###};
###
###include "/etc/named.rfc1912.zones";
[root@desktop6 etc]#
[root@desktop6 etc]# /etc/init.d/named restart
Stopping named: [ OK ]
Starting named: [ OK ]
NOW RECORDS ON MASTER DNS ON 192.168.0.254 CAN BE QUERY AND TEST
[root@desktop6 etc]# dig desktop9.example.com
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> desktop9.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16311
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;desktop9.example.com. IN A
;; ANSWER SECTION:
desktop9.example.com. 86400 IN A 192.168.0.9
;; AUTHORITY SECTION:
example.com. 86400 IN NS instructor.example.com.
;; ADDITIONAL SECTION:
instructor.example.com. 86400 IN A 192.168.0.254
;; Query time: 0 msec
;; SERVER: 192.168.0.254#53(192.168.0.254)
;; WHEN: Thu Mar 24 03:49:08 2011
;; MSG SIZE rcvd: 95
IF MASTER DNS 192.18.0.254 WILL NOT ALLOWED OUR FORWARDER DNS IT CAN NOT CHECK THE ADDRESSES ON INTERNET
[root@desktop6 etc]# dig www.google.com
WAITING ONLY ...
Thats it.
Imprtant reference
1. man named.conf
2. man named
3. directory /usr/share/doc/bind-******/
4. /usr/share/doc/bind-9.7.0/arm/Bv9ARM.pdf
5. /usr/share/doc/bind-9.7.0/sample/
6. /usr/share/doc/bind-9.7.0/sample/etc/
7. /usr/share/doc/bind-9.7.0/sample/var/
Created by ElectroMech Corporation,Nilesh Vaghela
|
Exam Schedule
RHCE Exam For Feb-2011
RHCE Exam :- 24-02-2011
RH423 Exam :- 25-02-2011
RHCVA Exam :- 25-02-2011
Latest Update
Powered by Electromech Corporation.
Linux Howtos (Exercises)