- Ubuntu Server 10.04, the DNS server – 10.1.1.2 (hostname=dns)
- Ubuntu Server 10.04, the WEB server – 10.1.1.10 (hostname=web)
- /etc/bind/named.conf.local
- /etc/bind/named.conf.options
- /etc/resolv.conf
- /etc/bind/zones/mydomain.com.db
- /etc/bind/zones/rev.1.1.10.in-addr.arpa
- The TTL or time to live is set for 3 days
- The dns.kunkun.my nameserver is defined
- An alias of www is assigned to ubuntudesktop using CNAME
Instructions
1. Install the DNS server, we need to install Bind 9.
sudo apt-get install bind9
2. Configure Bind. We need to touch 5 files.
We will edit 3 files.
We will create 2 files.
Domain zone – kunkun.my
sudo vi /etc/bind/named.conf.local
# Domain zone
zone "kunkun.my" {
type master;
file "/etc/bind/zones/kunkun.my.db";
};
# Reverse DNS
zone "1.1.10.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.1.1.10.in-addr.arpa";
};
Save file. Exit.
We just created a new domain. Please note: later we will create two files named mydomain.com.db and rev.1.1.10.in-addr.arpa files. Also, notice the reverse IP address sequence in the reverse DNS section.
Add the DNS servers from your ISP. You can place the primary and secondary DNS servers here separated by semicolons.
sudo vi /etc/bind/named.conf.options
We need to modify the named.conf global options to allow our internal clients to query the nameserver.
Modify the existing global options block to the following:
acl kunkun-lan { 10.1.1.0/24; 127.0/8; };
options { directory "/var/cache/bind";
allow-query { kunkun-lan; };
forwarders { 202.188.0.133; 202.188.1.5; }; # ISP primary/secondary
forward-only; # Rely completely on ISP for cache misses
};
The acl statement above sets up a range of IP addresses we can reference throughout the named.conf file. The allow-query specifies IP addresses of hosts that can query our nameserver. The forwarders statement tells our nameserver to forward any unresolvable queries to our upstream nameservers. The forward-only statement restricts our nameserver to only rely on our ISP nameservers and not contact other nameservers to find information that our ISP can not provide. It's very rare for a primary and secondary ISP nameserver to be down at the same time but you can comment forward-only if you want your nameserver to try the root nameservers when the upstream ISP nameservers cannot resolve a hostname.
Save file. Exit.
Modify the resolv.conf file found in /etc and place the IP address of our DNS server which is set to 10.1.1.2.
sudo vi /etc/resolv.conf
search kunkun.my
nameserver 10.1.1.2
Define the zones.
sudo mkdir /etc/bind/zones sudo vi /etc/bind/zones/kunkun.my.db
$TTL 3D
@ IN SOA dns.kunkun.my. root.kunkun.my. (
2
28800
3600
604800
38400 );
kunkun.my. IN NS dns.kunkun.my.
web IN A 10.1.1.10
www IN CNAME web.kunkun.my.
dns IN A 10.1.1.2
Create a “rev.1.1.10.in-addr.arpa” file for reverse lookup.
sudo vi /etc/bind/zones/rev.1.1.10.in-addr.arpa
$TTL 3D
@ IN SOA dns.kunkun.my. root.kunkun.my. (
2
28800
604800
604800
86400 )
IN NS dns.kunkun.my.
10 IN PTR web.kunkun.my.
Restart Bind to activate our latest changes.
sudo /etc/init.d/bind9 restart
4. Test our new domain and DNS entries.
Dig
dig kunkun.my
dig -x 10.1.1.10
Nslookup
nslookup web
Enjoy ubuntu... ;)
No comments:
Post a Comment