DNS Server in RHEL 6.2 6.4 6.5 Using Bind

6/5/2016 RedHatCentosCommonStuffs/StepbyStephowtosetupaDNSServerinRHEL6.26.46.5UsingBind.
mdatmasterblackyboy/RedHatCentos
Personal Open source Business Explore Pricing Blog Support This repository Search Sign in Sign up
blackyboy / RedHatCentosCommonStuffs Watch 12 Star 35 Fork 28
Code Pullrequests 0 Pulse Graphs
Branch:master Findfile Copypath
RedHatCentosCommonStuffs/StepbyStephowtosetupaDNSServerinRHEL6.26.46.5UsingBind.md
blackyboychanges 510bc7aMar22,2015
1contributor
654lines(502sloc) 17.4KB Raw Blame History
StepbyStephowtosetupaDNSServerinRHEL6.2/6.4/6.5UsingBind
WhatisDNSServer?
DNS=DomainNamingService(or)DomainNameSystemDNSwillresolvethehostnamefortheparticularIPaddress.
HereImUsingRHELServertoSetuptheDNSServerusingBIND
[root@masterdns~]#lsb_releasea
LSBVersion::core4.0amd64:core4.0noarch:graphics4.0amd64:graphics4.0noarch:printing4.0amd64:printing4.0noarch
DistributorID:RedHatEnterpriseServer
Description:RedHatEnterpriseLinuxServerrelease6.2(Santiago)
Release:6.2
Codename:Santiago
PrimaryDNSServer(or)MasterDNSServer:
IPAddress:192.168.0.200
Hostname:masterdns.linuxzadmin.local
SecondaryDNSServer(or)SlaveDNSServer:
IPAddress:192.168.0.201
Hostname:slavedns.linuxzadmin.local
NodesMachines:
IPAddress:192.168.0.205##Hostname:node1.linuxzadmin.local
1.PrimaryDNSServer(or)MasterDNSServer:
[root@masterdns~]#yuminstallbind*y
1.ThenEdittheConfigurationofnameserver
https://github.com/blackyboy/RedHatCentosCommonStuffs/blob/master/StepbyStephowtosetupaDNSServerinRHEL6.26.46.5UsingBind.md 1/10
6/5/2016 RedHatCentosCommonStuffs/StepbyStephowtosetupaDNSServerinRHEL6.26.46.5UsingBind.mdatmasterblackyboy/RedHatCentos
[root@masterdns~]#vim/etc/named.conf
//
//named.conf
//
//ProvidedbyRedHatbindpackagetoconfiguretheISCBINDnamed(8)DNS
//serverasacachingonlynameserver(asalocalhostDNSresolveronly).
//
//See/usr/share/doc/bind*/sample/forexamplenamedconfigurationfiles.
//
options{
listenonport53{127.0.0.1;192.168.0.200;};#MasterDNSServersIP
listenonv6port53{::1;};
directory"/var/named";
dumpfile"/var/named/data/cache_dump.db";
statisticsfile"/var/named/data/named_stats.txt";
memstatisticsfile"/var/named/data/named_mem_stats.txt";
allowquery{localhost;192.168.0.0/24;};#IPRangeofHosts
allowtransfer{localhost;192.168.0.201;};#SlaveDNSServersIP
recursionyes;
dnssecenableyes;
dnssecvalidationyes;
dnsseclookasideauto;
/*PathtoISCDLVkey*/
bindkeysfile"/etc/named.iscdlv.key";
managedkeysdirectory"/var/named/dynamic";
};
logging{
channeldefault_debug{
file"data/named.run";
severitydynamic;
};
};
zone"."IN{
typehint;
file"named.ca";
};
zone"linuxzadmin.local"IN{
typemaster;
file"forward.linuxzadmin";
allowupdate{none;};
};
zone"0.168.192.inaddr.arpa"IN{
typemaster;
file"reverse.linuxzadmin";
allowupdate{none;};
};
include"/etc/named.rfc1912.zones";
include"/etc/named.root.key";
SaveandExitthenamed.confusingwq!
1.CreattheForwardandReserveZonefilesasmentionedinnamed.conf
FORWARDZONE:
a.)CreateaForwardZonefileunder/var/namedinthenameofforward.linuxzadmin
ThereareSamplefilesunderthe/var/named/Directory,JustmakeaCopyofthatfileandmodifyitasourneed
b.)MakeaCopyofsamplefileasbelow
[root@masterdns~]#cp/var/named/named.localhost/var/named/forward.linuxzadmin
c.)Editthefileforward.linuxzadmin
[root@masterdns~]#vim/var/named/forward.linuxzadmin
$TTL86400
@INSOAmasterdns.linuxzadmin.local.root.linuxzadmin.local.(
2014051001;serial
3600;refresh
1800;retry
604800;expire
86400;minimum
)
@INNSmasterdns.linuxzadmin.local.
@INNSslavedns.linuxzadmin.local.
@INA192.168.0.200
@INA192.168.0.201
@INA192.168.0.205
@INA192.168.0.206
@INA192.168.0.207
@INA192.168.0.208
masterdnsINA192.168.0.200
slavednsINA192.168.0.201
node1INA192.168.0.205
node2INA192.168.0.206
node3INA192.168.0.207
node4INA192.168.0.208
RESERVEZONE:
a.)CreateaReserverZonefileunder/var/namedinthenameofreverse.linuxzadmin
ThereareSamplefilesunderthe/var/named/Directory,JustmakeaCopyofthatfileandmodifyitasourneed
b.)MakeaCopyofsamplefileasbelow
[root@masterdns~]#cp/var/named/named.loopback/var/named/reverse.linuxzadmin
c.)Editthefilereverse.linuxzadmin
[root@masterdns~]#vim/var/named/reverse.linuxzadmin
$TTL86400
@INSOAmasterdns.linuxzadmin.local.root.linuxzadmin.local.(
2014051001;serial
3600;refresh
1800;retry
604800;expire
86400;minimum
)
@INNSmasterdns.linuxzadmin.local.
@INNSslavedns.linuxzadmin.local.
@INPTRlinuxzadmin.local.
masterdnsINA192.168.0.200
slavednsINA192.168.0.201
node1INA192.168.0.205
node2INA192.168.0.206
node3INA192.168.0.207
node4INA192.168.0.208
200INPTRmasterdns.linuxzadmin.local.
201INPTRslavedns.linuxzadmin.local.
205INPTRnode1.linuxzadmin.local.
1.ThefileswecreatedwasinrootgroupWeneedtochangethosefilestonamedgroup
Herewecanseethefileswhichhavetherootgroup
a.)Listthefilesandseethepermissionsandgroupofthosecreatedzonefiles
[root@masterdns~]#lsl/var/named/
total40
drwxrx.6rootnamed4096May1019:33chroot
drwxrwx.2namednamed4096Nov162011data
drwxrwx.2namednamed4096Nov162011dynamic
rwr.1rootroot550May1020:19forward.linuxzadmin
rwr.1rootnamed1892Feb182008named.ca
rwr.1rootnamed152Dec152009named.empty
rwr.1rootnamed152Jun212007named.localhost
rwr.1rootnamed168Dec152009named.loopback
rwr.1rootroot676May1020:35reverse.linuxzadmin
drwxrwx.2namednamed4096Nov162011slaves
b.)ChangethegrouptonamedusingbelowCommand
[root@masterdns~]#chgrpnamed/var/named/forward.linuxzadmin
[root@masterdns~]#chgrpnamed/var/named/reverse.linuxzadmin
HerewecanseetheOutputnowwhichchangedtonamedgroup
[root@masterdns~]#lsl/var/named/
total40
drwxrx.6rootnamed4096May1019:33chroot
drwxrwx.2namednamed4096Nov162011data
drwxrwx.2namednamed4096Nov162011dynamic
rwr.1rootnamed550May1020:19forward.linuxzadmin
rwr.1rootnamed1892Feb182008named.ca
rwr.1rootnamed152Dec152009named.empty
rwr.1rootnamed152Jun212007named.localhost
rwr.1rootnamed168Dec152009named.loopback
rwr.1rootnamed676May1020:35reverse.linuxzadmin
drwxrwx.2namednamed4096Nov162011slaves
c.)ThenweneedtochecktheContextofthefilesunder
[root@masterdns~]#lslZd/etc/named.conf
rwr.rootnamedsystem_u:object_r:named_conf_t:s0/etc/named.conf
/etc/named.conf
/var/named/forward.linuxzadmin
/var/named/reverse.linuxzadmin
Itwanttobeinthecontextofnamed_conf_t
IfitsDifferentthanthisthenweneedtorestorethecontextusing
#restorecon/etc/named.conf
1.NowweneedtoCheckfortheErrorintheconffileandZonefile
[root@masterdns~]#namedcheckconf/etc/named.conf
[root@masterdns~]#namedcheckzonelinuxzadmin.local/var/named/forward.linuxzadmin
zonelinuxzadmin.local/IN:loadedserial2014051001
OK
[root@masterdns~]#namedcheckzone0.168.192.inaddr.arpa/var/named/reverse.linuxzadmin
zone0.168.192.inaddr.arpa/IN:loadedserial2014051001
OK
1.StarttheDNSService
[root@masterdns~]#servicenamedrestart
Stoppingnamed:[OK]
Startingnamed:[OK]
1.MakethenamedServiceinrunlevels
[root@masterdns~]#chkconfignamedon
[root@masterdns~]#chkconfiglistnamed
named0:off1:off2:on3:on4:on5:on6:off
1.DeployiptablesRulestoallowDNSservice
Addtheiptablesrules
iptablesAINPUTilojACCEPT
iptablesAINPUTmstatestateESTABLISHED,RELATEDjACCEPT
iptablesAINPUTptcpmstatestateNEWmtcpdport22jACCEPT
iptablesAINPUTptcpmstatestateNEWmtcpdport53jACCEPT
iptablesAINPUTpudpmstatestateNEWmudpdport53jACCEPT
iptablesAINPUTjDROP
SavetheiptablesUsing
[root@masterdns~]#serviceiptablessave
iptables:Savingfirewallrulesto/etc/sysconfig/iptables:[OK]
RestarttheiptablesServiceUsing
[root@masterdns~]#serviceiptablesrestart
iptables:Flushingfirewallrules:[OK]
iptables:SettingchainstopolicyACCEPT:filter[OK]
iptables:Unloadingmodules:[OK]
iptables:Applyingfirewallrules:[OK]
Makeittoruninmultirunlevels
[root@masterdns~]#chkconfigiptableson
[root@masterdns~]#chkconfiglistiptables
iptables0:off1:off2:on3:on4:on5:on6:off
1.ChecktheDNSserverusingDigCommand
[root@masterdns~]#digmasterdns.linuxzadmin.local
;<<>>DiG9.7.3P3RedHat9.7.38.P3.el6<<>>masterdns.linuxzadmin.local
;;globaloptions:+cmd
;;Gotanswer:
;;>>HEADER<<opcode:QUERY,status:NOERROR,id:41316
;;flags:qraardra;QUERY:1,ANSWER:1,AUTHORITY:2,ADDITIONAL:1
;;QUESTIONSECTION:
;masterdns.linuxzadmin.local.INA
;;ANSWERSECTION:
masterdns.linuxzadmin.local.86400INA192.168.0.200
;;AUTHORITYSECTION:
linuxzadmin.local.86400INNSmasterdns.linuxzadmin.local.
linuxzadmin.local.86400INNSslavedns.linuxzadmin.local.
;;ADDITIONALSECTION:
slavedns.linuxzadmin.local.86400INA192.168.0.201
;;Querytime:0msec
;;SERVER:192.168.0.200#53(192.168.0.200)
;;WHEN:SatMay1023:07:102014
;;MSGSIZErcvd:114
1.CheckfortheAvailableHostsinDNS
[root@masterdns~]#nslookuplinuxzadmin.local
Server:192.168.0.200
Address:192.168.0.200#53
Name:linuxzadmin.local
Address:192.168.0.207
Address:192.168.0.208
Address:192.168.0.200
Address:192.168.0.201
Address:192.168.0.205
Address:192.168.0.206
NowweNeedtoSetuptheSlaveDNSserver
SecondaryDNSserver(or)SlaveDNSServer
1.HostDeployedwithRHELServer
[root@slavedns~]#lsb_releasea
LSBVersion::core4.0amd64:core4.0noarch:graphics4.0amd64:graphics4.0noarch:printing4.0amd64:printing4.0noarch
DistributorID:RedHatEnterpriseServer
Description:RedHatEnterpriseLinuxServerrelease6.2(Santiago)
Release:6.2
Codename:Santiago
1.InsatalltheBINDpackageinServer
[root@slavedns~]#yuminstallbind*y
1.Editthenamed.conftoaddtheconfiguration
[root@slavedns~]#vim/etc/named.conf
//
//named.conf
//
//ProvidedbyRedHatbindpackagetoconfiguretheISCBINDnamed(8)DNS
//serverasacachingonlynameserver(asalocalhostDNSresolveronly).
//
//See/usr/share/doc/bind*/sample/forexamplenamedconfigurationfiles.
//
options{
listenonport53{127.0.0.1;192.168.0.201;};#SlaveDNSserver'sIP
listenonv6port53{::1;};
directory"/var/named";
dumpfile"/var/named/data/cache_dump.db";
statisticsfile"/var/named/data/named_stats.txt";
memstatisticsfile"/var/named/data/named_mem_stats.txt";
allowquery{localhost;192.168.0.0/24;};
recursionyes;
dnssecenableyes;
dnssecvalidationyes;
dnsseclookasideauto;
/*PathtoISCDLVkey*/
bindkeysfile"/etc/named.iscdlv.key";
managedkeysdirectory"/var/named/dynamic";
};
logging{
channeldefault_debug{
file"data/named.run";
severitydynamic;
};
};
zone"."IN{
typehint;
file"named.ca";
};
zone"linuxzadmin.local"IN{
typeslave;
file"slaves/linuxzadmin.fwd";
masters{192.168.0.200;};
};
zone"0.168.192.inaddr.arpa"IN{
typeslave;
file"slaves/linuxzadmin.rev";
masters{192.168.0.200;};
};
include"/etc/named.rfc1912.zones";
include"/etc/named.root.key";
1.StartthenamedServiceandmakeittoRuninMultiRunlevels
[root@slavedns~]#servicenamedstart
Startingnamed:[OK]
[root@slavedns~]#chkconfignamedon
[root@slavedns~]#chkconfiglistnamed
named0:off1:off2:on3:on4:on5:on6:off
1.WeDon'tneedtoCreatetheZonefilehere,IfwillberesolvedfromMasterServerWhileweStarttheNamedService
[root@slavedns~]#lsl/var/named/slaves/
total8
rwrr.1namednamed634May1023:35linuxzadmin.fwd
rwrr.1namednamed773May1023:35linuxzadmin.rev
1.HerewecanChecktheBothFile's
[root@slavedns~]#cat/var/named/slaves/linuxzadmin.fwd
$ORIGIN.
$TTL86400;1day
linuxzadmin.localINSOAmasterdns.linuxzadmin.local.root.linuxzadmin.local.(
2014051001;serial
3600;refresh(1hour)
1800;retry(30minutes)
604800;expire(1week)
86400;minimum(1day)
)
NSslavedns.linuxzadmin.local.
NSmasterdns.linuxzadmin.local.
A192.168.0.200
A192.168.0.201
A192.168.0.205
A192.168.0.206
A192.168.0.207
A192.168.0.208
$ORIGINlinuxzadmin.local.
masterdnsA192.168.0.200
node1A192.168.0.205
node2A192.168.0.206
node3A192.168.0.207
node4A192.168.0.208
slavednsA192.168.0.201
ThisistheOutputoflinuxzadmin.rev
[root@slavedns~]#cat/var/named/slaves/linuxzadmin.rev
$ORIGIN.
$TTL86400;1day
0.168.192.inaddr.arpaINSOAmasterdns.linuxzadmin.local.root.linuxzadmin.local.(
2014051001;serial
3600;refresh(1hour)
1800;retry(30minutes)
604800;expire(1week)
86400;minimum(1day)
)
NSslavedns.linuxzadmin.local.
NSmasterdns.linuxzadmin.local.
PTRlinuxzadmin.local.
$ORIGIN0.168.192.inaddr.arpa.
200PTRmasterdns.linuxzadmin.local.
201PTRslavedns.linuxzadmin.local.
205PTRnode1.linuxzadmin.local.
masterdnsA192.168.0.200
node1A192.168.0.205
node2A192.168.0.206
node3A192.168.0.207
node4A192.168.0.208
slavednsA192.168.0.201
1.ChecktheDNSServerusingdigfromSlaveServer
[root@slavedns~]#digmasterdns.linuxzadmin.local
;;Gotanswer:
;;QUESTIONSECTION:
;;ANSWERSECTION:
;;AUTHORITYSECTION:
;;Querytime:2msec
;;SERVER:192.168.0.200#53(192.168.0.200)
;;WHEN:SatMay1023:42:032014
;;MSGSIZErcvd:114
ClientSide:
1.NowweNeedtoAssigntheNameServerfortheNode'sinournetworktogetassignedahostnamefromDNSserver.
UsetheSetupCommandandassignthePrimaryandSecondaryDNSserver'sWeDon'tneedtoAssingthehostname
a.)JustAssigntheIP,Subnet,Gateway,PDNS,SDNS
b.)RestarttheNetworkandCheckthehostname
c.)Hereihavenotchangedthehostname
[root@node1~]#cat/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
d.)HerewecanseethehostnameAssignedfromtheDNSserver
[root@node1~]#hostname
node1.linuxzadmin.local
e.)IfweneedtochecktheDNSjustdoaDig
[root@node1~]#digmasterdns.linuxzadmin.local
;;Gotanswer:
;;QUESTIONSECTION:
;;ANSWERSECTION:
;;AUTHORITYSECTION:
;;Querytime:1msec
;;SERVER:192.168.0.200#53(192.168.0.200)
;;WHEN:SatMay1023:58:322014
;;MSGSIZErcvd:114
1.IfweneedtoflushtheDNSServerCachesUseBelowCommand
#yuminstallnscd
#nscdihosts
That'sitwehaveaDNSservernowinRHELServer
2016GitHub,Inc. Terms Privacy Security Contact Help Status API Training Shop Blog About

DNS Server in RHEL 6.2 6.4 6.5 Using Bind

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

DNS Server in RHEL 6.2 6.4 6.5 Using Bind

Hochgeladen von

Copyright:

Verfügbare Formate

6/5/2016 RedHatCentosCommonStuffs/StepbyStephowtosetupaDNSServerinRHEL6.26.46.5UsingBind.

blackyboy / RedHatCentosCommonStuffs Watch 12 Star 35 Fork 28

Code Pullrequests 0 Pulse Graphs

Branch:master Findfile Copypath

654lines(502sloc) 17.4KB Raw Blame History

Das könnte Ihnen auch gefallen