installation DNS Server (Bind)

DNS Server là the first basic service and most important of the internet.

DNS is important because if it malfunction or not work, the entire section concerning the internet will completely paralyzed.

Understanding DNS, it is very importand with administrator. It will help administrators quickly find the causes of network problems.

So the first step, a computer connected to the internet. It doesn't depend on whether it have run or not run DNS Server. It must be configured Resolver. Meaning, how to action when required address resolution. Resolver is configured via the file: /etc/host.conf

[root@priser tuanql]# more /etc/host.conf [1]

order hosts,bind [2]

multi on

[1] It said: The name resolution request, Resolver will first consider the file /ect/hosts then to use the DNS Server (Bind).

[2] It allowing a host with multiple IP Address in the file ect/hosts.

The file /ect/hosts was the predecessor of the DNS Server. Currently, the /ect/hosts only typically save the address of the internal network which they most use for a Server. When the resolution of the requirement beyond the capacity reply of /ect/hosts, the keywords bind will points out that you need to use the DNS Service. BIND is stands of the Berkeley Internet Name and one of the most widely deployed DNS Service today.

Meanwhile, The resolver need further information about the DNS Server. This information is stored in the file /ect/resolv.conf.

This file will checked the ways resolver using  DNS to address resolution. It determines the specific DNS Server should query and the way add the domain part of the name for the server.

Example a file of server:  /etc/resolv.conf

[root@Priser root]# more /etc/resolv.conf [1]

search hcmutrans.edu.vn [2]

nameserver 192.168.2.10

[root@priser root]#

[1]: Allows Resolver not only name resolution as the client program request. But in cases the resolution is not successful, continue to try to resolve the domain name with the continuation later. For example, you want to find address ITdep. If the resolution process fails, Resolver will try resolution ITdep.hcmutrans.edu.vn

[2]: It is address of name server need query. Remember that address of the name server is the Ip number rather than a name, because if otherwise, who will name resolution for server duty name resolution.

Now you will move to consider the configuration of the name server itself. Program server of DNS name server is a progam deamon named. 

Named usually start at the beginning with the launch of the system. Often named is run through a script in /ect/rc.d/rc3.d/named. During process startup named reads the data file and wait the required resolution via identified port  in the file /ect/service (typically port 53).

Named first use is the UDP protocol to name resolution, if the resolution by UDP will no result, then named will use TCP.

The first file is /etc/named.conf named reference. The contents of this file are installed Linux Redhat 7.3 default:

{options

directory "/ var / named";

};

zone "." {

type hint;

File "root.hints";

};

zone "0.0.127.in-addr.arpa" {

type master;

File "pz / 127.0.0";

};

The Opening is Options keyword, it allows import options dlobally. Directory "/var/named", said the following files will be relative to the directory present.

You can add in the command line options 

forwaders {203.162.4.1 ; 203.162.0.11;};

Meanwhile, your DNS Server will reference  the name server 203.162.4.1; 203.162.0.11. When it could not find the answers in the data it has. After the global parameter options, you find the zone block "ten_zone" {type master (or slave or hint); File "filename";}; consecutively.

For each domain, you need two data files. 

- The first file storing data relating to resolution "xuoi" from the name to the IP.

- The second file to resolve "backwards" form the name IP. Unless domain "." nature's help with special cache file.

; There might be opening comments here if you already have this file.

; If not don't worry.

;

. 6D IN NS G.ROOT-SERVERS.NET.

. 6D IN NS J.ROOT-SERVERS.NET.

. 6D IN NS K.ROOT-SERVERS.NET.

. 6D IN NS L.ROOT-SERVERS.NET.

. 6D IN NS M.ROOT-SERVERS.NET.

. 6D IN NS A.ROOT-SERVERS.NET.

. 6D IN NS H.ROOT-SERVERS.NET.

. 6D IN NS B.ROOT-SERVERS.NET.

. 6D IN NS C.ROOT-SERVERS.NET.

. 6D IN NS D.ROOT-SERVERS.NET.

. 6D IN NS E.ROOT-SERVERS.NET.

. 6D IN NS I.ROOT-SERVERS.NET.

. 6D IN NS F.ROOT-SERVERS.NET.

G.ROOT-SERVERS.NET. 5w6d16h IN A 192.112.36.4

J.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.10

K.ROOT-SERVERS.NET. 5w6d16h IN A 193.0.14.129

L.ROOT-SERVERS.NET. 5w6d16h IN A 198.32.64.12

M.ROOT-SERVERS.NET. 5w6d16h IN A 202.12.27.33

A.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.4

H.ROOT-SERVERS.NET. 5w6d16h IN A 128.63.2.53

B.ROOT-SERVERS.NET. 5w6d16h IN A 128.9.0.107

C.ROOT-SERVERS.NET. 5w6d16h IN A 192.33.4.12

D.ROOT-SERVERS.NET. 5w6d16h IN A 128.8.10.90

E.ROOT-SERVERS.NET. 5w6d16h IN A 192.203.230.10

I.ROOT-SERVERS.NET. 5w6d16h IN A 192.36.148.17

F.ROOT-SERVERS.NET. 5w6d16h IN A 192.5.5.241

This is essentially the IP Address of the root name server (root) of the Internet.

For Example, for our domain hcmutrans.edu.vn you need:

zone "hcmutrans.edu.vn" {

type master;

file "db.hcmutrans.edu.vn";

};

zone "1.16.172.in-addr.arpa" {

type master;

file "db.172.16.1";

Note: The syntax write 1.16.172.in-addr.arpa for domain name resolution IP reverse the name.

Now you will look at the file structure /var/named/db.hcmutrans.edu.vn

@ IN SOA hcmutrans.edu.vn. root.hcmutrans.edu.vn. (

199609206 ; serial, todays date + todays serial #

8H ; refresh, seconds

2H ; retry, seconds

1W ; expire, seconds

1D ) ; minimum, seconds

NS hcmutrans.edu.vn.

MX 10 hcmutrans.edu.vn. ; Primary Mail Exchanger

TXT "MCSEVIETNAM Corporation"

localhost A 127.0.0.1

hcmutrans.edu.vn. A 172.16.1.1

linuxsrv A 172.16.1.1

www A 172.16.1.1

ftp CNAME hcmutrans.edu.vn.

mail CNAME hcmutrans.edu.vn.

news CNAME hcmutrans.edu.vn.

The first character "@" you instead for hcmutrans.edu.vn domain name.

IN: Internet

SOA: Start of Authority

It is serial by domain and address of the person responsible. 

Note: In the email address of the person responsible, character "@" is instead for ".".

After the domain name with a dot "." in the end. In all of the DNS data file, the name does not end with a dot will be added to the DNS server add by domain name corresponding that file. 

For example, this file corresponding with hcmutrans.edu.vn. ITdep will be added into ITdep.hcmutrans.edu.vn

After the brackets with 5 numbers describe the series and time parameters of information, starting the line (record) data. White space at the top line of the equivalent domain name (such as @ sign), NS nameserver refers record format. MX is a mail exchange, used to indicate the server is responsible for insurance email this domain. Number 10 is the priority level for the mail server. Priority will be higher if the smaller number. A stands for Address, will be followed by an IP address. CNAME the canonical name.

With CNAME can assign nicknames arbitrary machine for the use of convenient. The line starts; is the caption.

Example files used for reverse resolution /var/named/db.172.16.1

@ IN SOA hcmutrans.edu.vn. root.hcmutrans.edu.vn. (

199609206 ; Serial

28800 ; Refresh

7200 ; Retry

604800 ; Expire

86400) ; Minimum TTL

NS hcmutrans.edu.vn.

;

; Servers

;

1 PTR simbahcm.hcmutrans.edu.vn.

2 PTR trantungbtre.hcmutrans.edu.vn.

3 PTR hungden.hcmutrans.edu.vn.

;

File Structure /var/named/db.172.16.1 have identical headers resolution files down. Only the keyword PTR = Pointer is different.

The configuration data of name server, you need be very careful because the fault of it very hard to find. Every time you change the data, you need to restart named by the use kill-9 named_PID to stop name, then restart by tyoing the command named.

File /var/log/messages can help a lot to find fault if named inactive discretion your want.  To test the operation of the name resolution process, Linux have nslookup command with more powerful features. See manpage of nslookup to know to use.