2. DNS BIND 9 ADMINISTRATION

Installing On CentOS 5

Note = Setting Up NS1 And NS2

      BIND 9 Chroot Conguration

Configuration Setup-  Pay Attention to named.conf NS1 and NS2

1

  Summary of BIND

Name          : bind
Arch            : x86_64
Summary   : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server.
URL            : http://www.isc.org/products/BIND/
License      : BSD-like
Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS
                   : (Domain Name System) protocols. BIND includes a DNS server (named),
                   : which resolves host names to IP addresses; a resolver library
                   : (routines for applications to use when interfacing with DNS); and
                   : tools for verifying that the DNS server is operating properly.


2

  Setup for NameServer

NS1.NOC.NET.MY = 202.190.85.53

NS2.NOC.NET.MY = 202.190.85.54

3

  Install with YUM same for Both Server

[root@ns2 ~]# yum install bind bind-chroot bind-utils


4

  Chmod And Configure FIle, or use DnsConfig c/w named.conf for EL5 and EL6

[root@ns2 ~]# chmod 755       /var/named/
[root@ns2 ~]# chmod 775       /var/named/chroot/
[root@ns2 ~]# chmod 775       /var/named/chroot/var/
[root@ns2 ~]# chmod 775       /var/named/chroot/var/named/
[root@ns2 ~]# chmod 775       /var/named/chroot/var/run/
[root@ns2 ~]# chmod 777       /var/named/chroot/var/run/named/
[root@ns2 ~]# cd /var/named/chroot/var/named/
[root@ns2 named]# ln -s       ../../ chroot
[root@ns2 named]# cp /usr/*/*/bind-9.*/sample/var/named/named.local .
[root@ns2 named]# cp /usr/*/*/bind-9.*/sample/var/named/localhost.zone .
[root@ns2 named]# dig @a.root-servers.net . ns > named.ca
[root@ns2 named]# nano -w /var/named/chroot/etc/named.conf
[root@ns2 named]# ln -s        /var/named/chroot/etc/named.conf /etc/named.conf
[root@ns2 named]# /etc/init.d/named start


5

  Primary named.conf

options    {
        directory "/var/named/chroot/var/named";
    version    "DNS-IPX";
    allow-recursion    { 202.190.85.48/28; 202.190.125.0/27; localhost; };
    allow-transfer { 202.190.85.54;    };
    transfer-format    many-answers;
};

//
// a caching only nameserver config
//
zone "." IN {
    type hint;
    file "named.ca";
};

zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "named.local";
    allow-update { none; };
};

zone "85.190.202.in-addr.arpa" {
    type master;
    file "pri.85.190.202.in-addr.arpa";
};

zone "noc.net.my" {
    type master;
    file "pri.noc.net.my";
};

Note: allow-transfer IP must be setted to dns Host IP, not dns IP.

6

  Secondary named.conf

options {
   directory "/var/named/chroot/var/named";
   allow-recursion { 202.190.85.48/28; localhost; };
   allow-notify    { 202.190.85.53; };
   allow-transfer { 202.190.85.53; };
   transfer-format many-answers;
   };

zone "." IN {
    type hint;
    file "named.ca";
};

zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "named.local";
    allow-update { none; };
};

zone "85.190.202.in-addr.arpa" in {
   type    slave;
   file    "pri.85.190.202.in-addr.arpa";
   masters { 202.190.85.53; };
};

zone "noc.net.my" {
    type slave;
    file "pri.noc.net.my";
   masters { 202.190.85.53; };
    notify no;
};


7

  Commond Issue with BIND (log file)

ns named[18155]: the working directory is not writable,
ns named[20153]: dumping master file: tmp-JUpznZAju9: open: permission denied

[root@ns var]# pwd
/var/named/chroot/var
[root@ns var]# chmod g+w named

8

  BIND



9

  BIND



Previous Section    BIND ADMINISTRATION Next Section