linux-nameserver.html

Linus guide, Linus guide, Linus guide,

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<HTML>
<HEAD>
<TITLE>Josh's Linux Guide - Setting Up a Nameserver</TITLE>
	<META NAME="Description" CONTENT="Instructions on installing and configuring BIND 8.">
</HEAD>

<LINK REL="stylesheet" TYPE="text/css" HREF="default.css">

<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#7F007F">

<H2><A NAME="0">Setting Up a Nameserver</A></H2>
<FONT SIZE="-1"><B>Created on July 24, 1998</B></FONT><BR>
<FONT SIZE="-1"><B>Last updated: October 20, 1999</B></FONT><BR>
<FONT SIZE="-1"><B>Development stage: Alpha</B></FONT><BR>

<P>A nameserver is a server that resolves hostnames to IP addresses.
Instead of having to type in &quot;209.81.10.250&quot;, I can just type in
&quot;www.penguincomputing.com&quot; to get to a site. <A
HREF="http://www.isc.org/bind.html" TARGET="_top">BIND</A> is nameserver
software that runs on many types of machines, originally written by Paul
Vixie and now maintained by the <A HREF="http://www.isc.org/"
TARGET="_top">Internet Software Consortium (ISC)</A>.</P>

<P>This was one of the trickiest things I've had to try to figure out so
far. I didn't talk to anybody as to how to go about this, unlike PPP
setup. But I finally found the Linux DNS HOWTO and used that. Hopefully
this will save you some trouble. Here I have instructions for BIND 8,
which is newer and more advanced than BIND 4 (which some distributions
still use).</P>

<OL>
<LI><A HREF="#remove">Removing Old Nameserver (BIND 4)</A>
<LI><A HREF="#install">Installing New Nameserver (BIND 8)</A>
<LI><A HREF="#config">Configuration: /etc/named.conf</A>
<LI><A HREF="#cache">Caching Nameserver</A>
<LI><A HREF="#zones">Zone Files in /var/named</A>
<LI><A HREF="#examples">Examples of Zone Files</A>
	<UL>
	<LI><A HREF="#domains">Domains</A>
	<LI><A HREF="localhost">Localhost</A>
	<LI><A HREF="#reverse">Reverse Mapping</A>
	</UL>
<LI><A HREF="#resources">Resources</A>
</OL>

<A NAME="remove"></A>
<H3><A NAME="1">Removing Old Nameserver (BIND 4)</A></H3>

<P>In the event that your distribution already comes with BIND 8, then all
you need to do is find out how the configuration works, and/or put in
entries for machines that the Linux box will be the nameserver for. I
think Slackware comes with BIND 8. I don't know about Debian. Most new
distributions (including Red Hat 5.2) will already have BIND 8 so you'll
probably have to look for the configuration file and how it has been
pre-configured.</P>

<P>I had to remove the old nameserver first, so it wouldn't get in the way
of the new one. It's fine to remove it and replace it with a new one;
there aren't any other packages that <I>really</I> depend on it.</P>

<P>Using Red Hat 5.1, I typed <B><TT>rpm -e bind bind-utils
caching-nameserver</TT></B>. That removed all the old packages. Be careful
about this, especially about bind-utils, because bind-utils contains the
tools such as <B>dnsquery</B> and <B>nslookup</B> that you might be using
fairly often. Red Hat 5.2 already has BIND 8.</P>

<A NAME="install"></A>
<H3><A NAME="2">Installing New Nameserver (BIND 8)</A></H3>

<P>First, download BIND from <A
HREF="ftp://ftp.isc.org/">ftp.isc.org</A></TT>. If you've got it on your
system already, then you don't need to get BIND 8 unless you want to make
a minor upgrade. The filename is something like bind-8.1.2-src.tar.gz,
which says that it's BIND version 8.1.2 in source format (which you have
to compile on your system). I'll work with the source version since that's
what I usually do anyway.</P>

<P>After you have it on your system, type <B><TT>tar -zxvf
bind-8.1.2.tar.gz</TT></B>. It will extract a directory called
<TT>src/</TT> and that's where you go into. Simply type &quot;make&quot;
and have it compiled for you. If you need anything to be tweaked then read
the INSTALL file (<B><TT>less INSTALL</TT></B>) and find what you need.
After it finishes compiling, type <B><TT>make install</TT></B>.</P>

<A NAME="config"></A>
<H3><A NAME="3">Configuration: /etc/named.conf</A></H3>

<P>Configuring the nameserver was probably the hardest part of the process
that I had to go through. Hopefully, what I've written up about what I
learned will save the reader some trouble.</P>

<P>The main BIND 8 configuration file is in <TT>/etc/named.conf</TT>. The
configuration syntax for the file is documented at <A
HREF="http://www.isc.org/bind8/config.html"  
TARGET="_top">http://www.isc.org/bind8/config.html</A>. Here's a sample of
a configuration file (as /etc/named.conf), with an explanation below.</P>

<PRE>
/*
 * A simple BIND 8 configuration
 */

options {
        directory "/var/named";
};

zone "penguincomputing.com" in {
        type master;
        file "master/penguincomputing.com";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "zone/127.0.0";
};

zone "." in {
        type hint;
        file "named.cache";
};
</PRE>

<P>In &quot;options&quot; I only had one option: where the directory for
<B>zone files</B> were. Zone files are where information about domains is
stored, and each file has information about a zone. It's a section to
cover, I guess, so that's why they're called zones. I have
<TT>/var/named/</TT> as my named data directory.</P>

<P>The &quot;penguincomputing.com&quot; section is pretty straightforward.
It just indicates the location of the penguincomputing.com zone files and
tells <B>named</B> that this server is a master nameserver for the
penguincomputing.com zone.</P>

<P>The &quot;0.0.127.in-addr.arpa&quot; zone is for mapping localhost to
127.0.0.1, basically. It has its own zone file.</P>

<P>The &quot;.&quot; zone indicates a caching nameserver; that is, someone
can actually use your machine to resolve hostnames (including you). I've
heard that is is efficient especially when using PPP connections, but I
don't know for sure. Read the &quot;Caching Nameserver&quot; section to
read up on how to create one.</P>

<A NAME="cache"></A>
<H3><A NAME="4">Caching Nameserver</A></H3>

<P>First you need to get a &quot;named.cache&quot; file. I'm not sure if
you can name it anything else, but let's just use that filename. In
/var/named/ (or wherever you put your nameserver's data files), type
<B><TT>dig @a.root-servers.net > named.cache</TT></B>. This will ask for
the addresses of the main DNS servers of the Internet and direct them to a
file. I'm <I>guessing</I> that the purpose of this is to give your machine
an idea of which machines on the Internet to ask about hosts.</P>

<P>Periodically, like once a month, update the named.cache file by running
that command once in a while. You can use a cron job for that. If you
don't know what I'm talking about here, don't worry about it. Just be sure
to update it using <B>dig</B> once in a while, that's all you have to
do.</P>

<P>You have <TT>/etc/named.conf</TT> point to wherever your named.cache
file is under the &quot;.&quot; zone.</P>

<A NAME="zones"></A>
<H3><A NAME="5">Zone Files in /var/named/</A></H3>

<P>In <TT>/var/named/</TT>, I created directories for every type of zone I
had. The directories I have in there are: <TT>master</TT>,
<TT>slave/</TT>, and <TT>zone</TT>. With the domain name system, there is
a server for each domain that is the main server (the master). I suppose
that the slave server is there in case the main (master) server is down.
For each domain there should be <I>at least</I> 2 servers, one master and
one slave. That's just the way it goes.</P>

<P>While interning at <A HREF="http://www.penguincomputing.com/"  
TARGET="_top">Penguin Computing</A> I set up both the master and slave DNS
servers. The master's information should go in the <TT>master</TT>
directory. You should be able to figure out where the slave's information
goes. The information they store is the same, but since one machine is the
main one that keeps the information (master) and the other simply follows
the master's information (slave), you need to stay organized and make sure
you're configuring the right machine for its right place in the nameserver
system.</P>

<P>Note that the slave nameserver for one domain can also be the master
nameserver for another domain. There just can't be two masters for a
single domain, though I think there can be several slaves.</P>

<A NAME="examples"></A>
<H3><A NAME="6">Examples of Zone Files</A></H3>

<P>To figure something like this out, I was looking hard for examples. And
examples really help, so hopefully you won't be too confused by my
examples. Hey, I try.</P>

<A NAME="domains"></A>
<H4><A NAME="7">Domains</A></H4>

<P>The information for each domain is put in a single file. This file
contains valuable information for each domain, such as machines that are