dns-setup.doc

早期freebsd实现

Path: vixie!decwrl!spool.mu.edu!howland.reston.ans.net!xlink.net!fauern!rrze.uni-erlangen.de!not-for-mail
From: fhn019@cd4680fs.rrze.uni-erlangen.de (Franziska Staedtler)
Newsgroups: comp.protocols.tcp-ip.domains
Subject: Setup a nameserver -- corrected version (long)
Date: Tue, 19 Oct 1993 14:41:03 +0100
Organization: Regionales Rechenzentrum Erlangen, Germany
Distribution: inet
Message-ID: <2a0qpfEfj2@uni-erlangen.de>
NNTP-Posting-Host: cd4680fs.rrze.uni-erlangen.de
Lines: 757
Summary: How to setup a nameserver


Hello netters,

this is the second (corrected) version of my little description to 
setup a nameserver. Thanks to Ruediger Volk for his comments 
which pointed out some errors to me. The alterations to the 
first version are marked with ! marks at the beginning of the 
lines.

For a more detailed review on the subject I should recommend the really
excellent book
       DNS and BIND
by
   P. Albitz and C.Liu (O'Reilly & Associates, Inc)

Thank you, Paul and Cricket, for that book. It helped me no end.

Well, since I don't want to spread all the details of our local setup
all over the world (i.e. hostnames and addresses) I wiped these 
details out by using

a.b.c.d  to refer to an ip address in dotted notation
host.dep.secdom.topdom  to refer to a full domainname of a host
     ("dep" is standing for one or more subdomain labels in the 
      secondlevel domain "secdom" which in turn is part of the 
      toplevel domain "topdom")

Any comments and suggestions are welcome.
Please use my email address fhn019@cd4680fs.rrze.uni-erlangen.de
to contact me.

Regards,
Franziska

-----------------------------------------------------------------------
 Setting up a primary master nameserver for a non-internet host 
 ============================================================== 

General comments:
=================
We use EP/IX for the examples. EP/IX is the system used by the CD4000
systems of Control Data Systems, Inc.

For all the files we have to setup for named to work, except
/etc/init.d/netdaemons, the ";" indicates the beginning of a *comment*.
        
All the datafiles of named contain entries that are called
       resource records (RR)
The RRs follow the general syntax
 domainname  ttl  class   type  record-data
where
domainname   gives the object the record is for; if domainname is blank
             named assumes that the record is for the object of the 
             record before this record.
ttl          gives the maximum time the record data is considered valid;
             if ttl is blank than "minimum ttl" in the SOA-Record is used.
class        gives the class to which the record belongs. Valid classes
             are IN (internet) and ANY (any class)
type         gives the type of the record. There a many record types
             but we will use only
             SOA --> Start Of Authority
             NS  --> Name Server
             A   --> Address
             PTR --> PoinTeR
             MX  --> Mail eXchanger
             HINFO --> Host INFO
             The records of these types are described when first used.
data         gives the data belonging to this record. If "data" contains
             parentheses (), the record can span multiple lines.

There are two directives that can be used in datafiles:

$ORIGIN domain.
    Indicates the origin for the domainnames in the following RRs.
    "domain." is appended to the domainnames given in the RRs.
    I.e  $ORIGIN secdom.topdom.
         ==> "secdom.topdom." is appended to the domainnames of the 
             following RRs in the datafile.
             If there is a RR like this
             host IN A address-of-host
             than named reads "host" as "host.secdom.topdom.".

$INCLUDE filename
    Tells named to include the RRs in the specified file here.
    

What we need:
=============
 * BIND running on our unix box (/etc/named)
 * bootfile for named (/etc/named.boot)
 * internal root nameserver data file (root.cache)
 * data file for the mapping of 127.0.0.1 to the name "localhost"
   (named.local)
 * data file for the hosts in the domain (named.hosts)
 * data file for the mapping if the ip addresses to the hostnames
   for the local domain (named.rev)
 * directory to put the data files in 


What we do:
===========

1. First we look for a file /etc/named which indicates the presence
   of BIND (= Berkeley Internet Domain Name Service). If /etc/named
   exists we check the system startup files (i.e. in /etc/init.d)
   whether named is started when the system goes multiuser.
   The script /etc/init.d/netdaemons is shipped with EP/IX and
   starts named if the bootfile is present.

   Example:
   In /etc/init.d/netdaemons we can find the lines

   if [ -x /etc/named -a -r /etc/named.boot ]; then
	/etc/named /etc/named.boot;		echo " named\c"
   fi
   
   which start named if /etc/named.boot exists.


2. For named to start we have to generate a file /etc/named.boot. This
   is an ASCII file we can edit with our favorite editor.

   /etc/named.boot may look like the following:


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;   Nameserver bootfile for secdom.topdom       
;   last change 93/01/27
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;
;  @(#)named.boot.master 1.11 of 93/01/25             
;
; bootfile for master server fh-nuernberg
;
directory /confdir  
;
; type        domain           source host/file      backup file
;
primary       secdom.topdom  named.hosts 
primary       b.a.IN-ADDR.ARPA  named.rev
primary       0.0.127.IN-ADDR.ARPA  named.local
primary       .                root.cache

! In the above file I deleted the line with the domain statement.

   Let's have a look on this file. The lines start at column one. The line
       directory /confdir  
   tells named where to look for the data files. The line
       primary       secdom.topdom  named.hosts 
   tells named that it is a *primary master* for the domain "secdom.topdom"
   and the data for this domain is in "named.hosts". The next line
       primary       b.a.IN-ADDR.ARPA  named.rev
   tells named that it is a *primary master* for the domain 
   "b.a.IN-ADDR.ARPA" which is used to map the addresses to the names
   and the data for this domain is in "named.rev". The line
       primary       0.0.127.IN-ADDR.ARPA  named.local
   tells named that it is a *primary master* for the domain 
   "0.0.127.IN-ADDR.ARPA" which is used to map the address127.0.0.1
    to the name localhost and the data for this is in "named.local".
    The last line
       primary       .                root.cache
    tells named that it is a *root nameserver* (= primary master for 
    the root domain) and the data is in "root.cache".

    The general syntax of the "domain" lines is 
       type   domain   source   backup
    where
    type   determines which *type* of service named should provide for
           the specified domain. *type* may be
           primary     primary master server; holds the zone data on disk
                       This server is authoritative for the specified domain.
           secondary   secondary master server; gets the zone data off a
                       primary server and stores it for a specified time
                       (see also "SOA Resource Record" later)
           cache       caching server; holds no zone data on disk,caches
                       only addresses and hints (i.e. root servers) it
                       learnt by queries.
           ("zone" data means data of the domain the nameserver serves;
           "zones" are parts of the overall address space of the Internet
           for which  authoritative servers (= servers that hold
           the data for this part of the address space) exist.)

   domain  gives the domain named serves; 
                secdom.topdom --> subdomain of the toplevel domain "de"
                                    (see also "the internet address space")
                                --> *map names to addresses*
                a.b.IN-ADDR.ARPA --> special domain to map *addresses to 
                                     names*

   source  gives the filename or the hostaddress that holds the zone data 
           
   backup  gives the name of a backup file (only used for secondary servers)

   The filenames (named.hosts, etc) used above are the names of the 
   example files shipped with BIND. We can change these names if we like.

   The named bootfile (standard: /etc/named.boot) may be changed too
   but then we have to change the section in /etc/init.d/netdaemons
   where named is started too.


3. Since our host is a non-internet host (= has no connnection to the 
   Internet) we have to setup a *root nameserver* for named to work
   correctly.

   In the above bootfile we told named to be a primary server for 
   the root domain (indicated be a period (.) in the domain field)
   and look for the domain data in a file named root.cache in the 
   data file directory /confdir.

   This file looks like the following


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; temporary root name server is host.dep.secdom.topdom.
; only to verify our mail configuration and until
; we are directly connected to the internet
; FS 08/12/93
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;
;      
.   IN  SOA  host.dep.secdom.topdom.  dnsadm.host.dep.secdom.topdom. (
             930813001 ; Serial
             28800     ; Refresh
             7200      ; Retry 
             6044800   ; Expire
             172800 )  ; Minimum
     IN  NS host.dep.secdom.topdom.
;
; make hase root name server
;
secdom.topdom. 172800 IN NS host.dep.secdom.topdom.
b.a.IN-ADDR.ARPA. 172800 IN NS host.dep.secdom.topdom.
;
; address records for hase
;
host.dep.secdom.topdom. 172800 IN A a.b.c.d
;
; adding mx records for sendmail to function properly
;
*          IN  MX  5 host.dep.secdom.topdom.
*.topdom.  IN  MX 10 host.dep.secdom.topdom.


   This file has four types of RRs in it. Let's have a look on them.