Home » Install and configure linux servers

Linux DNS server setup - Install and configure BIND in Slackware

This tutorial is a complete guide for setting up bind as a dns server in Linux operating system. We'll setup bind version 9 in Slackware 12.2. Here are all the steps needed to setup bind dns server in Slackware Linux:

  1. Install or upgrade bind package to the latest package released.
  2. Configure dns server configuration file.
  3. Setup additional zones.
  4. Start dns service.
  5. Testing and troubleshooting dns server.
  6. Setup a private bind dns server

Install or upgrade bind package to the latest package released

To install dns server in Linux system, you need to install bind package which contains all dns configuration files and dns testing tools such as >dig and nslookup. The first step we need to do is, use slackpkg to check the latest update packages for Slackware Linux operating system. If you don't have slackpkg in your system, you can use pkgtool or manually check for bind package in /var/log/packages directory. If you need to update the bind package manually, get the latest stable version from Slackware official website.

Run slackpkg update command to get the latest packages list from Slackware mirror site:

root@slackware:~# slackpkg update

Updating the package lists...
        Downloading...
                        Downloading ChangeLog.txt...
--2009-03-24 18:36:08--  ftp://ftp.cerias.purdue.edu/pub/os/slackware/slackware-12.2/ChangeLog.tx...
           => `/tmp/slackpkg.qLFhaR/ChangeLog.txt'
Resolving ftp.cerias.purdue.edu...
...
...
...
        Formatting lists to slackpkg style...
                Package List
                Package descriptions

root@slackware:~#

Upgrade bind package if it is available. You can upgrade all packages to the latest version by running the slackpkg upgrade-all option. This step is necessary to make Slackware server patched to the latest security update.

root@slackware:~# slackpkg upgrade-all

Looking for packages to upgrade. Please wait...
...
...

Check Slackware bind package

root@slackware:~# slackpkg search bind

The list below shows all packages with the selected pattern.
[  upgrade  ] - bind-9.4.3_P1-i486-1_slack12.2 --> bind-9.4.2_P2-i486-1

So bind package has been upgraded to the latest package released. Good, that's what we need. If you didn't find bind in your system, then you have to install bind package. Here is the command syntax on how to install bind package using slackpkg:

root@slackware:~# slackpkg install bind

Looking for bind in package list. Please wait... DONE

Install bind screenshot image

Click OK to install bind.

If you didn't installed slackpkg, then you can use pgktool and install bind package from Slackware installation dvd. Here are the steps:

  1. Insert dvd into dvd-rom drive.
  2. Mount dvd with this command: mount /dev/cdrom /mnt/cdrom or mount /dev/sdc /mnt/cdrom. Change sdc with your cdrom drive name.
  3. Change directory to /mnt/cdrom/slackware/n.
  4. Open pkgtool by invoke pkgtool from the command line.
  5. Choose Current - Install package from current directory.
  6. Unmount and eject cd with umount /mnt/cdrom/ and eject command respectively.

Configure dns server configuration file

The dns master configuration file is named.conf. Its location is /etc/named.conf. We better backup this file first for safety reason if we screw up later.

root@slackware:/etc# cp named.conf named.conf.bac
root@slackware:/etc# ls -l | grep named.conf
-rw-r--r--  1 root root      681 2008-04-14 06:07 named.conf
-rw-r--r--  1 root root      681 2008-12-01 01:13 named.conf.bak
root@slackware:/etc#

Let's view the named.conf file with less command: 

options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;

        /*
         * ISP dns server ip address
         */
        forward first;
        forwarders {
        200.188.1.123;
        200.188.1.124;
        };

};

//
// a caching only nameserver config
//
zone "." IN {
        type hint;
        file "caching-example/named.root";
};

zone "localhost" IN {
        type master;
        file "caching-example/localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "caching-example/named.local";
        allow-update { none; };
};

This is the default named.conf configuration. By default, named.conf file only configured for localhost. So we need to edit or add our domain in this file later. We also need to create new dns zone files for our domain. We can see that all dns zone files were kept in /var/named/caching-example directory. So let's view /var/named/caching-example directory: 

root@slackware:/etc# ls -l /var/named/caching-example/
total 16
-rw-r--r-- 1 root root  195 2008-09-17 15:26 localhost.zone
-rw-r--r-- 1 root root 2878 2008-09-17 15:26 named.ca
-rw-r--r-- 1 root root  433 2008-09-17 15:26 named.local
-rw-r--r-- 1 root root 2878 2008-09-17 15:26 named.root
root@slackware:/etc#

Setup additional dns zones

You know that to setup dns you need a qualified domain name? That's true but not totally true. You can setup local BIND caching name server for your local network to speed up dns lookups, which in turn will speed up all of your Internet services. Here are examples of default configuration zone files for bind dns server:

This is localhost.zone file default configuration. It is configured for localhost:

$TTL    86400
$ORIGIN localhost.
@                       1D IN SOA       @ root (
                                        42              ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

                        1D IN NS        @
                        1D IN A         127.0.0.1

This is named.local file default configuration. As you can see in the /etc/named.conf file configuration above, this is the reverse dns configuration file, also configured for localhost:

$TTL    86400
@       IN      SOA     localhost. root.localhost.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS      localhost.

1       IN      PTR     localhost.

When we added our new domain, we'll just need to copy and configure these two files to setup bind dns server, for private dns or public dns. We leave alone the cache zone file, named.ca and the master list of the root name servers, named.root. Well, the named.root should be update from time to time though. Normally once a month because it does not change very often. Get latest update named.root from ftp.internic.net.

These are normal terms or jargon that we should know to understand bind configuration files:

  • $TTL - sets a default time-to-live.
  • w - For week
  • d - For day
  • h - For hour
  • m - For minute
  • s - For second
  • @ - same as $ORIGIN.
  • IN - Defines the address class; IN = Internet.
  • SOA - Start of Authority - Indicates authority for this zone.
  • Serial number - Serial number in YYYYMMDDSS, where SS is number the file changed.
  • Refresh - Tells dns slave, or secondary servers how often to check for updates.
  • Retry - Tells the secondary server how often it should resend the request if fails.
  • Expire - Period of time the secondary server can use its existing data.
  • Minimum, or Negative-caching TTL - Cached on non-authoritative servers.
  • A - Alias record - Name-to-address mapping.
  • PTR - Address-to-name mapping.
  • CNAME - (canonical name) alias to an A record.
  • NS - Lists a nameserver for this zone.

Setup local caching name server(cache dns)

In Slackware, we don't have to edit anything to setup local caching name server. As you can see above, the localhost already configured! What we have to do is just enable bind daemon and run the service. Let's see if what I say is true.

Start dns service

Bind uses standalone server which means it's not included in inetd master server. So we have to make it executable to start the service. Here are the steps you need to do:

Change bind daemon's permission and make it executable. Here is an example:

root@slackware:~# ls -l /etc/rc.d/rc.bind
-rw-r--r-- 1 root root 3116 2008-04-14 05:48 /etc/rc.d/rc.bind
root@slackware:~# chmod 755 /etc/rc.d/rc.bind
root@slackware:~# ls -l /etc/rc.d/rc.bind
-rwxr-xr-x 1 root root 3116 2008-04-14 05:48 /etc/rc.d/rc.bind*
root@slackware:~#

Now we can start the service. Here is an example command to start bind service(dns service) in Slackware:

root@slackware:~# /etc/rc.d/rc.bind start
Starting BIND:  /usr/sbin/named
root@slackware:~#

The bind service has been started and it should be running now. But how do we now that our local caching name server is running ok?

Testing and troubleshooting dns server

To check named.conf configuration file, we can use named-checkconf tool:

root@slackware:~# named-checkconf /etc/named.conf

To check zone configuration file, we can use named-checkzone tool:

root@slackware:~# named-checkzone localhost /var/named/caching-example/localhost.zone

Use dig command to query reverse lookup.

root@slackware:~# dig -x 127.0.0.1

; <<>> DiG 9.4.2-P2 <<>> -x 127.0.0.1
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43254
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa.                IN      PTR

;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 10000   IN      PTR     localhost.

;; Query time: 7 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Dec  1 22:59:54 2008
;; MSG SIZE  rcvd: 63

Run dig hostname command to query server response.

root@slackware:~# dig localhost

; <<>> DiG 9.4.2-P2 <<>> localhost
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55450
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;localhost.                     IN      A

;; ANSWER SECTION:
localhost.              10000   IN      A       127.0.0.1

;; Query time: 3 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Dec  1 23:01:09 2008
;; MSG SIZE  rcvd: 43

root@slackware:~#

We got response there, didn't we? At the answer section there we got localhost respond to our query.

Setup a private bind dns server

To setup a private bind dns server, we need to add a new zone in the /etc/named.conf file and configure a new zone in /var/named/caching-example. This is an example of a new zone and it's reversed name resolution zone that you can add in /etc/named.conf for private dns server:

zone "example.com" in {
allow-transfer { any; };
file "caching-example/zone.example.com";
type master;
};

// Set up reversed name resolution
zone "1.168.192.in-addr.arpa" {
type master;
file "caching-example/192.zone";
};

Make a copy of localhost.zone file and named it zone.example.com (name it zone.yourdomain.com). Below is my zone.example.com configuration. You can edit this file, add other servers you have in your network and just change names and ip addresses to your own.

;
; Data for private bind dns server
;
$TTL    1D
@             1D   IN  SOA  slackware.example.com.  root.example.com. (
                        2008120101              ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

;

@           IN NS           slackware.example.com.
@           IN A             192.168.1.3
slackware  IN A             192.168.1.3
web        IN CNAME    slackware.example.com.

This is the reversed name resolution zone configuration:

;
; Reverse lookup dns zone file for private bind dns server
;
$TTL    1D
@   IN   SOA   slackware.example.com.  root.example.com. (
             2008112302         ; Serial
                 604800         ; Refresh
                  86400         ; Retry
                2419200         ; Expire
                  86400 )       ; Negative Cache TTL

@       IN NS           slackware.
3       IN CNAME        slackware.example.com.

You need to restart the bind service before your new dns takes effect. Before you restart the service, make sure you check /etc/named.conf and zone files syntax as mentioned in the testing dns section above. If you encounter problems, you can always check log file in /var/log/messages.

Setting up a private and a public dns server is the same except for a public bind dns server you need a qualified domain name and ip address. So you can practice create a private bind dns server for your LAN first before implement the real public bind dns setup. That's all. Good luck!


Bookmark/Search this post with:

nice post on dns

Submitted by sam hans (not verified) on Fri, 07/17/2009 - 05:58.

nice post on dns server.....but i have found some gr8 screenshots on this link

http://www.techviolation.com/how-to-confiure-a-dns-server/

»

Terima kasih atas artikelnya

Submitted by Fesyah (not verified) on Sat, 10/10/2009 - 15:20.

Terima kasih atas artikelnya

»

thanks brother buat artikel

Submitted by fung_men (not verified) on Tue, 02/16/2010 - 10:57.

thanks brother buat artikel nya it's nice

»

Post new comment

The content of this field is kept private and will not be shown publicly.
This blog uses the CommentLuv Drupal plugin which will try and parse your sites feed and display a link to your last post, please be patient while it tries to find it for you.

Custom Search