Custom Search

Friday 7 October 2011

How to Install Bind 9

How to Install Bind 9.

apt-get install bind9

This should install and work ok. Note: Firewall rules are required. See Firewall section. In order to start using bind locally, edit /etc/resolv.conf

search domainname.com
nameserver 127.0.0.1

(The "search domainname.com" allows you to ping/access subdomain names without typing in the entire address. I.E. ping www will ping www.domainname.com )
Restart bind: - /etc/init.d/bind9 restart

Test and ping google etc. Bind should be resolving internet addresses. If not - Check Firewall.
Configing Bind (version 9):

Check to see if the following is referenced in /etc/bind/named.conf

include "/etc/bind/named.conf.local"; is in /etc/bind/named.conf

Edit the following file:

vi /etc/bind/named.conf.local
//This file contains all local and changable info.
//Begin File - by creating the following entry:
//----------- Begin Kartbuilding.net ------------
zone "kartbuilding.net" {
       type master;
       file "/etc/bind/zones/kartbuilding.net.zone";
       allow-transfer { 88.211.211.211; };   ; Note this line is only for a secondary nameserver, allowing for zone transfer.
};

//The next is the reverse DNS entry.
zone "1.201.136.in-addr.arpa" {
        type master;
        file "/etc/bind/zones/136.201.1.db";
};
//------------ End of kartbuilding.net ----------

Create the kartbuilding.net.zone file:

vi /etc/bind/zones/kartbuilding.net.zone
//Begin file --------------------------------
$TTL 3h

@       IN      SOA             ns.kartbuilding.net. root.kartbuilding.net. (
                2006120702      ; counter/ Serial    ; in the format YYYYMMDDCC where CC - counter 1 to 99
                20m             ; refresh
                15m             ; Retry Interval
                1w              ; Expire
                1h )            ; Negative Cache TTL

        IN      NS      ns.kartbuilding.net.        ; must the name of the name server used to register kartbuilding.net
;        IN      NS      ns1.secondary nameserver.  ; A semi-colon is used to comment out lines in bind configs.
        IN      MX      10      mail.burkesys.com.

ns      IN      A       136.201.1.250
mail    IN      A       88.198.194.194
wiki    IN      A       88.198.194.194
monitor IN      A       136.201.1.250
www     IN      A       88.198.194.194
@       IN      A       136.201.1.250   ; the @ is for the no www name. E.g. http://kartbuilding.net (without www's)
www.portal      IN      A       136.201.1.250
//End file ------------------------------------

Create Reverse DNS lookup file: This is just for reverse DNS lookups. Reverse DNS entries also have to be made with your ISP - as reverse DNS entries come from them.

vi /etc/bind/zones/136.201.1.db
//Start of file -------------------------
@       IN      SOA     kartbuilding.net. root.kartbuilding.net. (
                3       ; counter/ Serial
                15m     ; refresh
                15m     ; Retry Interval
                1w      ; Expire
                1h )    ; Negative Cache TTL

        IN      NS      ns.kartbuilding.net.

250     IN      PTR     servername.kartbuilding.net.
//End of file ---------------------------

Start bind and Test:

/etc/init.d/bind start
CHECK LOGS::
tail /var/log/daemon.log

Test with dig, nslookup and ping.
To test with nslookup, at the prompt type in "set type=mx" to query mx records. Similiarly, "set type=A" for A records.
Go to http://www.dnsstuff.com and carryout a DNS report.

If you don't have bind installed you wont have nslookup and you'll get:

-bash: nslookup: command not found

To solve this:

apt-get install dnsutils

Setting up A Secondary DNS

Having a secondary DNS is very important, especially if your services (web,mail,db etc) are running off different boxes. The www could be up, but if DNS goes down - no www traffic :-(

There is very little to setting up a secondary dns entry/server. It takes care of everything, e.g. updating etc. from master to slave itself.

Config Master To setup the master (main or primary DNS server) the following must be added:

vi /etc/bind/zones/kartbuilding.net.zone
allow-transfer { 88.211.211.211; };
//where the above ip is the secondary dns server's.

Config Slave Of course bind will have to be installed and it could be perhaps serving out dns for another domain! Edit the following file:

vi /etc/bind/named.conf.local
//add the following lines:

zone "kartbuilding.net" {
        type slave;
        file "/etc/bind/slaves/kartbuilding.net.zone";
        masters { 136.201.1.250; };
        allow-transfer { 136.201.1.250; };
};

The /etc/bind/slaves directory must be created, and also bind must be given permission to write to this slaves directory. This is because bind runs as user bind - and can only edit files it owns, or if the directory is chmod'd 775.

mkdir /etc/bind/slaves
chown bind:bind /etc/bind/slaves
//I chose to change ownership of this file rather than chmod it 775.

The allow-transfer should be included even for the slave zone files, otherwise anyone could do a zone transfer and lookup all your sub domains. See: DNS_-_Bind9#Prevent_DNS_lookup_of_sub_domains

Thats it! Secondary DNS setup. Restart/reload bind on both servers. Check /var/log/daemon.log for updates' Check also after the slave updates from the master. The slave will place dns files in /etc/bind/slaves/
Slow DNS lookup issues with bind9
Posted by Php and Mysql for better Money at 06:40
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)