Running a DNS Server
Linux comes with BIND, the best DNS server that money can buy. BIND is an extremely powerful program. Some people make entire careers of setting up and configuring BIND. In these few short pages, touch on the very basics of setting up a DNS server on your network.
Installing BIND
You can quickly find out whether BIND is installed on your system by entering the following command from a shell prompt:
rpm -q bind
If BIND has been installed, the package version is displayed. If not, the message package bind is not installed is displayed.
BIND is usually installed by default when you install Linux as a network server. If it isn't, you can easily install it by following these steps:
- Choose System → Administration → Add/Remove Software.
This summons the Add/Remove Software program. - Type Bind in the text box and click the Find button.
The BIND package will be located. - Select the Berkeley Internet Name Domain (BIND) DNS (Domain Name Server) package.
- Click Apply.
The Add/Remove Software program grinds and whirs for a moment and then installs the package you selected. - Close the Add/Remove Software program.
You're done! BIND is now installed.
Looking at BIND configuration files
Although Fedora Linux includes a handy BIND configuration tool, you still need to know the location and purpose of each of BIND's basic configuration files. These files are described in the following sections.
named.confThis file, found in the /etc directory, is the basic BIND configuration file. This file contains global properties and links to the other configuration files.
Because the Fedora BIND configuration tool edits this file, you shouldn't edit this file directly. If you need to set your own configuration options, use named.custom instead.
Here's a typical named.conf file:
## named.conf - configuration for bind # # Generated automatically by redhat-config-bind, alchemist et al. # Any changes not supported by redhat-config-bind should be put # in /etc/named.custom # controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; include "/etc/named.custom"; include "/etc/rndc.key"; zone "0.0.127.in-addr.arpa" { type master; file "0.0.127.in-addr.arpa.zone"; }; zone "localhost" { type master; file "localhost.zone"; }; zone "lowewriter.com" { type master; file "lowewriter.com.zone"; };
The line include "/etc/named.custom"; is what causes the named. custom file to be read in. The zone lines name the zone files for each domain for which the server is responsible.
By default, this file always includes two zones: 0.0.127.in-addr.arpa, which is the reverse-lookup zone for localhost, and localhost, the zone file for the local computer. Any other zones that you've added through the Fedora BIND configuration tool appear in this file as well.
named.customThis file, also found in /etc, lets you add information to the named.conf file. Here's a typical named.custom file:
## named.custom - custom configuration for bind # # Any changes not currently supported by redhat-config-bind should be put # in this file. # zone "." { type hint; file "named.ca"; }; options { directory "/var/named/"; };
One reason to use this file is if you want to include zone files that you create yourself without the aid of the Fedora BIND configuration program. If you want to include your own zone file, just add a zone statement that names the zone file. For example, suppose that you want to add a zone named cleaver.com, and you've manually created the cleaver.com.zone. To include this zone, add these lines to the named.custom file:
zone "cleaver.com" { type master; file "cleaver.com.zone"; };named.ca
This file, located in the /var/named directory, lists the names and addresses of the Internet's root servers. It's a fascinating file to look at because it helps to unveil the mystery of how the Internet really works. You shouldn't change it, however, unless, of course, you happen to be the administrator of one of the Internet's root servers.
Here's the named.ca file that ships with Fedora 12:
; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC ; under anonymous FTP as ; file /domain/named.cache ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; ; last update: Jan 29, 2004 ; related version of root zone: 2004012900 ; ; ; formerly NS.INTERNIC.NET ; . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 ; ; formerly NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 ; ; formerly C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 ; ; formerly TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 ; ; formerly NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; ; formerly NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 ; ; formerly NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; ; formerly AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 ; ; formerly NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 ; ; operated by VeriSign, Inc. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 ; ; operated by RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 ; ; operated by ICANN ; . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 ; ; operated by WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 ; End of File
An organization named InterNIC keeps the named.ca file up to date. You can download the most current version of named.ca from InterNIC's FTP site at ftp.internic.net. Every once in awhile, InterNIC publishes a new version of this file, so you should check now and then to make sure that your file is current.named.local
This file, located in /var/named, is a zone file for your local computer - that is, for the localhost domain. Rarely (if ever) do you need to modify it. It typically looks like this:
$TTL 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost.Zone files
Each zone for which your DNS server is authoritative should have a zone file, named domain.zone and located in the /var/named directory. If you like to edit DNS records directly, you can create this file yourself. Or you can use the point-and-click interface of the Fedora BIND configuration tool to automatically create the file.
Here's a typical zone file, named lowewriter.com.zone:
$TTL 86400 @ IN SOA ns207.pair.com. root.localhost ( 2 ; serial 28800 ; refresh 7200 ; retry 604800 ; expire 86400 ; ttl ) IN NS ns000.ns0.com. IN NS ns207.pair.com. @ IN MX 1 sasi.pair.com. www IN A 209.68.34.15
Table-1 lists the most common types of records that appear in zone files.
Table-1 Common Resource Record TypesType | Name | Description |
---|---|---|
SOA | Start Of Authority | Identifies a zone. |
NS | Name Server | Identifies a name server that is authoritative for the zone. |
A | Address | Maps a fully qualified domain name to an IP address. |
CNAME | Canonical Name | Creates an alias for a fully qualified domain name. |
MX | Mail Exchange | Identifies the mail server for a domain. |
PTR | Pointer | Maps an IP address to a fully qualified domain name for reverse lookups. |
Restarting BIND
BIND runs as a service called named. As a result, when you make changes to your DNS configuration, you have to restart the named service to apply the changes. To do that, use this command:
service named restart
You can also restart the named service from the Service Configuration tool. Choose Main Menu → System Settings → Server Settings → Services. This brings up a dialog box that lists all of the running services. Scroll down the list to find named, select it, and then click the Restart button.
In this tutorial:
- Managing Linux Systems
- Planning a Linux Server Installation
- Partitions
- Installing Fedora 7
- Getting Used to Linux
- Understanding the file system
- On Again, Off Again
- Using GNOME
- Managing User Accounts
- Linux Network Configuration
- Restarting Your Network
- Working with Network Configuration Files
- The ifcfg files
- The resolv.conf file
- DHCP and DNS
- Configuring DHCP
- Running a DNS Server
- Running Apache
- Starting and Stopping Apache
- Confirming that Apache Is Running
- Using the HTTP Configuration Tool
- Restricting Access to an Apache Server
- Configuring Virtual Hosts
- Setting the Apache User Account
- Running Sendmail
- Installing Sendmail
- Modifying sendmail.mc
- Using SpamAssassin
- Using the Mail Console Client
- Running FTP
- Starting the vsftpd Service
- Configuring FTP