1. The document describes how to install and configure a DNS server with a master-slave configuration.
2. It involves installing bind on two servers, configuring one as the master that hosts the DNS zone files, and the other as the slave that retrieves zone files from the master.
3. The process also includes adding a subdomain configuration to the slave server to host additional records. Zone transfers are secured using DNSSEC keys generated on the master.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
1. The document describes how to install and configure a DNS server with a master-slave configuration.
2. It involves installing bind on two servers, configuring one as the master that hosts the DNS zone files, and the other as the slave that retrieves zone files from the master.
3. The process also includes adding a subdomain configuration to the slave server to host additional records. Zone transfers are secured using DNSSEC keys generated on the master.
1. The document describes how to install and configure a DNS server with a master-slave configuration.
2. It involves installing bind on two servers, configuring one as the master that hosts the DNS zone files, and the other as the slave that retrieves zone files from the master.
3. The process also includes adding a subdomain configuration to the slave server to host additional records. Zone transfers are secured using DNSSEC keys generated on the master.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
1. The document describes how to install and configure a DNS server with a master-slave configuration.
2. It involves installing bind on two servers, configuring one as the master that hosts the DNS zone files, and the other as the slave that retrieves zone files from the master.
3. The process also includes adding a subdomain configuration to the slave server to host additional records. Zone transfers are secured using DNSSEC keys generated on the master.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
Download as doc, pdf, or txt
You are on page 1/ 14
Install DNS
1. install bind a. package for install bind i. bind ii. bind-chrootenv b. config ip address and domain name i. ip address 1. 10.0.0.50 2. subnetmask 255.0.0.0 ( yast -> networkcard )
ii. domain name : digitalairlines.com ( vi /etc/resolv.conf or yast )
2. Install and configure Master server (1 computer ):
a. Hostname : da50
b. Ip address : 10.0.0.50
c. Domain name : digitalairlines.com
d. To rename the file /etc/named.conf to /etc/named.conf.orig, by enter: mv
/etc/named.conf /etc/named.conf.orig e. Create new file in /etc/named.conf
f. See configure in named.conf :
# /etc/named.conf: Configuration of the master name server
# # # Definition of options # options { # # Where are the files located? # directory "/var/lib/named";
# # Forwarding requests to the classroom server # # forwarders { 10.0.0.51; };
};
# # Definition of root zone # zone "." in { type hint; file "root.hint"; };
# # Definition of the zone localhost # zone "localhost" in { NOTe : the red color type master; must copy file "localhost.zone"; };
zone "0.0.127.in-addr.arpa" in { type master; file "127.0.0.zone"; };
zone "digitalairlines.com" in { type master; file "master/digitalairlines.com.zone"; }; };
zone "0.0.10.in-addr.arpa" in { type master; file "master/10.0.0.zone"; }; };
g. Create a new file digitalairlines.com.zone in /var/lib/named/master
; ; SOA record ; digitalairlines.com. IN SOA da50.digitalairlines.com. hostmaster.digitalairlines.com. ( 2005060301 ; serial 3H ; refresh 1H ; retry 1W ; expiry 1D ) ; negative validity
; ; List of name servers ; digitalairlines.com. IN NS da50.digitalairlines.com. digitalairlines.com. IN NS da51.digitalairlines.com.
; ; Addresse records ; da1 IN A 10.0.0.254 da2 IN A 10.0.0.2 da10 IN A 10.0.0.10 da49 IN A 10.0.0.49 da50 IN A 10.0.0.50 da51 IN A 10.0.0.51
h. Create a new file 10.0.0.zone in the directory /var/lib/named/master/ :
; /var/lib/named/10.0.0.zone ; ; ; Default time to live: 2 days ; $TTL 172800
; ; SOA record ; 0.0.10.in-addr.arpa. IN SOA da50.digitalairlines.com. hostmaster.digitalairlines.com. ( 2005060301 ; serial 3H ; refresh 1H ; retry 1W ; expiry 1D ) ; negative validity
; ; List of name servers ; 0.0.10.in-addr.arpa. IN NS da50.digitalairlines.com. 0.0.10.in-addr.arpa. IN NS da51.digitalairlines.com.
; ; Pointer records ; 254 IN PTR da1.digitalairlines.com. 2 IN PTR da2.digitalairlines.com. 10 IN PTR da10.digitalairlines.com. 11 IN PTR da11.digitalairlines.com. 12 IN PTR da12.digitalairlines.com. 48 IN PTR da48.digitalairlines.com. 49 IN PTR da49.digitalairlines.com. 50 IN PTR da50.digitalairlines.com. 51 IN PTR da51.digitalairlines.com. ~
i. Restart message by command : tail –f /var/log/messages
j. Restart bind : rcnamed start
k. Start automatically when boot by enter : insserv named
l. Test master work by enter : host da10.digitalairlines.com
3. Install and configure slave server (other computer ): a. Hostname : da51
b. Ip address : 10.0.0.51
c. Domain name : digitalairlines.com ( yast and vim /etc/resolve.conf )
d. To rename the file /etc/named.conf to /etc/named.conf.orig, by enter : mv
/etc/named.conf /etc/named.conf.orig e. Create a new file by enter /etc/named.conf :
# Definition of root zone
# zone "." in { type hint; file "root.hint"; };
# # Definition of the zone localhost # zone "localhost" in { type master; file "localhost.zone"; };
zone "0.0.127.in-addr.arpa" in { type master; file "127.0.0.zone"; }; zone "digitalairlines.com" in { type slave; file "slave/digitalairlines.com.zone"; masters { 10.0.0.50; }; };
zone "0.0.10.in-addr.arpa" in { type slave; file "slave/10.0.0.zone"; masters { 10.0.0.50; }; }; f. For see the message that update for master server to slave by enter : tail –f
/var/log/messages g. Restart bind : renamed restart
h. If work you will see two files ( 10.0.0.zone and digitalairlines.com.zone in
/var/lib/named/slave ) i. Start automatically when boot by enter : insserv named
j. Verify slave work by enter : host da10.digitalairlines.com ( if work it will see
10.0.0.10 ) 4. Install and configure Subdomain ( do it in slave PC ): a. Subdomain name : muc.digitalairlines.com
b. To stop DNS server : rcnamed stop
c. Open file /etc/named.conf and add some context for more ( see in subdomaia
folder ) : # # /etc/named.conf: Configuration of the slave name server # # # Definition of options # options { # # Where are the files located? # directory "/var/lib/named";
# # Forwarding requests to the classroom server # # forwarders { 10.0.0.254; };
};
# Definition of root zone
# zone "." in { type hint; file "root.hint"; };
# # Definition of the zone localhost # zone "localhost" in { type master; file "localhost.zone"; };
zone "0.0.127.in-addr.arpa" in { type master; file "127.0.0.zone"; };
zone "digitalairlines.com" in { type slave; file "slave/digitalairlines.com.zone"; masters { 10.0.0.50; }; };
zone "0.0.10.in-addr.arpa" in { type slave; file "slave/10.0.0.zone"; masters { 10.0.0.50; }; };
zone "muc.digitalairlines.com" in { type master; file "master/muc.digitalairlines.com.zone"; };
zone "1.0.10.in-addr.arpa" in { type master; file "master/10.0.1.zone"; }; ~ d. Create new file muc.digitalairlines.com.zone in /var/lib/named/master/ ( see how
; ; SOA record ; muc.digitalairlines.com. IN SOA da51.digitalairlines.com. hostmaster.digitalairlines.com. ( 2005060301 ; serial 3H ; refresh 1H ; retry 1W ; expiry 1D ) ; negative validity
; ; List of name servers ; muc.digitalairlines.com. IN NS da51.digitalairlines.com.
; ; List of mailservers ; muc.digitalairlines.com. IN MX 1 da1.digitalairlines.com.
; ; Address records ; da100 IN A 10.0.1.100 da101 IN A 10.0.1.101 da102 IN A 10.0.1.102 ~ e. Create a new file 10.0.1.zone in /var/lib/named/master ( see how to config file in
; ; SOA record ; 1.0.10.in-addr.arpa. IN SOA da51.digitalairlines.com. hostmaster.digitalairlines.com. ( 2005060301 ; serial 3H ; refresh 1H ; retry 1W ; expiry 1D ) ; negative validity
; ; List of nameservers ; 1.0.10.in-addr.arpa. IN NS da51.digitalairlines.com. ; ; Pointer records ; 100 IN PTR da100.muc.digitalairlines.com. 101 IN PTR da101.muc.digitalairlines.com. 102 IN PTR da102.muc.digitalairlines.com. ~ ~ f. Log message and resolve transfer : tail –f /var/log/messages
g. Restart bind : rcnamed start
h. Add subdomain name in file /etc/resolv.conf : search digitalairlines.com
muc.digitalairlines.com i. Verify by enter : host da100.muc.digitalairlines.com ,if right it will see :
10.0.1.100 5. Configure Zone Transfers from the Master Server to Slave server: a. Generate a key i. To stop DNS server : rcnamed stop
ii. Change the directory : dnssec-keygen –a HMAC-MD5 –b 128 –n HOST
zonetransfer (it will show : Knonetransfer. 157+12640 )
iii. Record key by enter : cat Knonetransfer .+157+12630.key ( it will show
by zonetransfer. IN KEY 512 3 157 JY2QUddMCdTzWL2SRSueog==),
so you have to copy (Y2QUddMCdTzWL2SRSueog==). b. Configure the Master Server ( in the Master server ) :
i. Create a new file /etc/named.key and add context file :
key zonetransfer { algorithm HMAC-MD5; secret "dHqLZjstCpVZYUv+YiQ0Xg=="; }; 1. Change the owner of the file to named by enter : chgrp named
/etc/named.key 2. Remove the read permission for others from the file by enter : chmod o-r /etc/named.key 3. Open /etc/named.conf , and add the following line at the beginng of files:
include “/etc/named.key”; 4. Change the content of file in /etc/named.conf : zone "digitalairlines.com" in { type master; file "master/digitalairlines.com.zone"; allow-transfer { key zonetransfer; }; };
zone "0.0.10.in-addr.arpa" in { type master; file "master/10.0.0.zone"; allow-transfer { key zonetransfer; }; }; 5. Enter for resolve transfer : tail –f /var/log/messages
6. restart bind : rcnamed start
C. Configure the Slave Server:
i. Copy file /etc/named.key from master to server to this server
ii. Change the owner of the file to named by enter: chgrp named
/etc/named.key iii. Remove the read permission for others from the file :
Chmod o-r /etc/named.key
IV. Open /etc/named.conf and add context :
Include “/etc/named.key”; V. Add the following lines after the option section : key zonetransfer { algorithm HMAC-MD5; secret "dHqLZjstCpVZYUv+YiQ0Xg=="; };
server 10.0.0.50 { keys { zonetransfer; }; VI. Remove the file in /var/lib/named/slave/ :
rm /var/lib/named/slave/* VII. Enter command for resolv transfer : tail –f /var/log/messages
VIII. Restart bind : rcnamed start
IX. Check files in /var/lib/named/slave/: if you see file 10.0.0.zone and
