1) Disable firewall
service iptables stop
service ip6tables stop
2) Install following rpms
bind-libs
bind
bind-utils
2) edit /etc/named.conf file (Make sure that dns name server name and scan name is different and scan ips are not being already used)
[root@linuxdns named]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 10.10.20.6; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
#allow-query { localhost; };
allow-query { any; };
query-source port 53;
query-source-v6 port 53;
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "kmccorp.com" IN {
type master;
file "kmccorp.com.zone";
allow-update { none; };
};
zone "20.10.10.in-addr.arpa." IN {
type master;
file "20.10.10.in-addr.arpa";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
[root@linuxdns named]#
3)
In the zone definitions we defined the file containing the zone configuration. These files are located in the "/var/named/" directory.
For a RAC installation create/edit the file associated with your zone its look like bellow (/var/named/kmccorp.zone )
[root@linuxdns named]# pwd
/var/named
[root@linuxdns named]# cat kmccorp.com.zone
$TTL 86400
@ IN SOA localhost root.localhost (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
linuxrac IN A 10.10.20.1
linuxrac-priv IN A 192.168.70.1
linuxrac-vip IN A 10.10.20.3
linuxdns-scan IN A 10.10.20.10
linuxdns-scan IN A 10.10.20.11
linuxdns-scan IN A 10.10.20.12
[root@linuxdns named]#
4) Next I need to create the "/var/named/20.10.10.in-addr.arpa" file for my public network reverse lookups.
This file has the following contents, where "linuxdns.kmccorp.com" is the name of the DNS server
[root@linuxdns named]# cat 20.10.10.in-addr.arpa
$ORIGIN 20.10.10.in-addr.arpa.
$TTL 1H
@ IN SOA linuxdns.kmccorp.com. root.linuxdns.kmccorp.com. ( 2
3H
1H
1W
1H )
20.10.10.in-addr.arpa. IN NS linuxdns.kmccorp.com.
1 IN PTR linuxrac.kmccorp.com
3 IN PTR linuxrac-vip.kmccorp.com
10 IN PTR linuxdns-scan.kmccorp.com
11 IN PTR linuxdns-scan.kmccorp.com
12 IN PTR linuxdns-scan.kmccorp.com
[root@linuxdns named]#
[root@linuxdns named]#
[root@linuxdns named]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.10.20.6 linuxdns.kmccorp.com linuxdns
[root@linuxdns named]#
5) Start the dns service
[root@linuxdns named]#service named start
checkconfig named on
6) On the client side include following content in file /etc/resolv.conf
nameserver 10.10.20.6
search kmccorp.com
7) Test it
# nslookup linuxdns-scan.kmccorp.com
Server: 10.10.20.6
Address: 10.10.20.6#53
Name: linuxdns-scan.kmccorp.com
Address: 10.10.20.10
Name: linuxdns-scan.kmccorp.com
Address: 10.10.20.11
Name: linuxdns-scan.kmccorp.com
Address: 10.10.20.12
service iptables stop
service ip6tables stop
2) Install following rpms
bind-libs
bind
bind-utils
2) edit /etc/named.conf file (Make sure that dns name server name and scan name is different and scan ips are not being already used)
[root@linuxdns named]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 10.10.20.6; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
#allow-query { localhost; };
allow-query { any; };
query-source port 53;
query-source-v6 port 53;
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "kmccorp.com" IN {
type master;
file "kmccorp.com.zone";
allow-update { none; };
};
zone "20.10.10.in-addr.arpa." IN {
type master;
file "20.10.10.in-addr.arpa";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
[root@linuxdns named]#
3)
In the zone definitions we defined the file containing the zone configuration. These files are located in the "/var/named/" directory.
For a RAC installation create/edit the file associated with your zone its look like bellow (/var/named/kmccorp.zone )
[root@linuxdns named]# pwd
/var/named
[root@linuxdns named]# cat kmccorp.com.zone
$TTL 86400
@ IN SOA localhost root.localhost (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
linuxrac IN A 10.10.20.1
linuxrac-priv IN A 192.168.70.1
linuxrac-vip IN A 10.10.20.3
linuxdns-scan IN A 10.10.20.10
linuxdns-scan IN A 10.10.20.11
linuxdns-scan IN A 10.10.20.12
[root@linuxdns named]#
4) Next I need to create the "/var/named/20.10.10.in-addr.arpa" file for my public network reverse lookups.
This file has the following contents, where "linuxdns.kmccorp.com" is the name of the DNS server
[root@linuxdns named]# cat 20.10.10.in-addr.arpa
$ORIGIN 20.10.10.in-addr.arpa.
$TTL 1H
@ IN SOA linuxdns.kmccorp.com. root.linuxdns.kmccorp.com. ( 2
3H
1H
1W
1H )
20.10.10.in-addr.arpa. IN NS linuxdns.kmccorp.com.
1 IN PTR linuxrac.kmccorp.com
3 IN PTR linuxrac-vip.kmccorp.com
10 IN PTR linuxdns-scan.kmccorp.com
11 IN PTR linuxdns-scan.kmccorp.com
12 IN PTR linuxdns-scan.kmccorp.com
[root@linuxdns named]#
[root@linuxdns named]#
[root@linuxdns named]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.10.20.6 linuxdns.kmccorp.com linuxdns
[root@linuxdns named]#
5) Start the dns service
[root@linuxdns named]#service named start
checkconfig named on
6) On the client side include following content in file /etc/resolv.conf
nameserver 10.10.20.6
search kmccorp.com
7) Test it
# nslookup linuxdns-scan.kmccorp.com
Server: 10.10.20.6
Address: 10.10.20.6#53
Name: linuxdns-scan.kmccorp.com
Address: 10.10.20.10
Name: linuxdns-scan.kmccorp.com
Address: 10.10.20.11
Name: linuxdns-scan.kmccorp.com
Address: 10.10.20.12
No comments:
Post a Comment