<---------------------------->
Promemoria di come settare i DNS di un generico Server Centos:
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server01.localdomain
2) vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
3) vim /etc/host.conf
order hosts,bind
4) cd /etc/resolv.conf
5) system-config-network-tui
hostname = server01.localdomain
dns = IP
Search = localdomain
<---------------------------->
vim /etc/sysconfig/network
Di seguito gli step da eseguire per settare un DNS locale in una rete
=== file: /etc/sysconfig/network ===
...
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server01.localdomain
BOOTPROTO=static
DOMAINNAME=instyle.locale
vim /etc/hosts
=== file: /etc/hosts ===
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.32.10 server01.instyle.locale server01
192.168.32.10 server01.instyle.locale relay
vim /etc/host.conf
=== file: /etc/host.conf ===
order bind, hosts
vim /etc/resolv.conf
=== file: resolv.conf ===
nameserver 192.168.32.10
nameserver 110.23.12.23 #DNS scelto esterno
search localdomain
domain instyle.locale
<---------------------------->
1) yum -y install bind caching-nameserver
2) vim named.conf
#create new
options {
directory "/var/named";
allow-query { localhost; 192.168.32.0/24; };
allow-transfer { localhost; 192.168.32.0/24; };
recursion yes;
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
view "internal" {
match-clients {
localhost;
192.168.32.0/24;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "instyle.locale" IN {
type master;
file "instyle.locale.lan";
allow-update { none; };
};
zone "32.168.192.in-addr.arpa" IN {
type master;
file "32.168.192.db";
allow-update { none; };
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
};
view "external" {
match-clients { any; };
allow-query { any; };
recursion no;
zone "instyle.locale" IN {
type master;
file "instyle.locale.wan";
allow-update { none; };
};
zone "92.169.13.62.in-addr.arpa" IN {
type master;
file "92.169.13.62.db";
allow-update { none; };
};
};
include "/etc/rndc.key";
# allow-query . query range you permit
# allow-transfer . the range you permit to transfer zone info
# recursion . allow or not to search recursively
# view "internal" { *** }; . write for internal definition
# view "external" { *** }; . write for external definition
# For How to write for reverse resolving, Write network address reversely like below.
# 10.0.0.0/24
# network address. 10.0.0.0
# range of network. 10.0.0.0 - 10.0.0.255
# how to write. 0.0.10.in-addr.arpa
# 172.16.0.80/29
# network address. 172.16.0.80
# range of network. 172.16.0.80 - 172.16.0.87
# how to write. 80.0.16.172.in-addr.arpa
#create new
options {
directory "/var/named";
allow-query { localhost; 192.168.32.0/24; };
allow-transfer { localhost; 192.168.32.0/24; };
recursion yes;
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
view "internal" {
match-clients {
localhost;
192.168.32.0/24;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "instyle.locale" IN {
type master;
file "instyle.locale.lan";
allow-update { none; };
};
zone "32.168.192.in-addr.arpa" IN {
type master;
file "32.168.192.db";
allow-update { none; };
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
};
view "external" {
match-clients { any; };
allow-query { any; };
recursion no;
zone "instyle.locale" IN {
type master;
file "instyle.locale.wan";
allow-update { none; };
};
zone "92.169.13.62.in-addr.arpa" IN {
type master;
file "92.169.13.62.db";
allow-update { none; };
};
};
include "/etc/rndc.key";
# allow-query . query range you permit
# allow-transfer . the range you permit to transfer zone info
# recursion . allow or not to search recursively
# view "internal" { *** }; . write for internal definition
# view "external" { *** }; . write for external definition
# For How to write for reverse resolving, Write network address reversely like below.
# 10.0.0.0/24
# network address. 10.0.0.0
# range of network. 10.0.0.0 - 10.0.0.255
# how to write. 0.0.10.in-addr.arpa
# 172.16.0.80/29
# network address. 172.16.0.80
# range of network. 172.16.0.80 - 172.16.0.87
# how to write. 80.0.16.172.in-addr.arpa
3) For internal use:
vim /var/named/instyle.locale.lan
$TTL 86400
@ IN SOA i server01.instyle.locale. root. instyle.locale. (
2007041501 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS ns. instyle.locale.
# internal IP address of name server
IN A 192.168.32.10
# define Mail exchanger
IN MX 10 server01. instyle.locale.
# define IP address and hostname
server01 IN A 192.168.0.10
www.instyle.locale. IN A 192.168.32.10
mail.instyle.locale. IN A 192.168.32.10
instyle.locale. IN NS server01.instyle.locale
instyle.locale. IN MX 10 mail
mail.instyle.locale. IN A 192.168.32.10
instyle.locale. IN NS server01.instyle.locale
instyle.locale. IN MX 10 mail
4) Sulla falsariga del precedente file si può creare un altro per la parte .wan: (vedere http://www.server-world.info/en/note?os=CentOS_5&p=dns&f=2) usando il dns di prova 62.13.169.92
vim /var/named/instyle.locale.wan
5) Per la risoluzione inverse:
vim /var/named/32.168.192.db
$TTL 86400
@ IN SOA server01.instyle.locale. root.instyle.locale. (
2007041501 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS server01.instyle.locale.
# define range that this domain name in
IN PTR instyle.locale.
# define IP address and hostname
IN A 255.255.255.0
10 IN PTR server01.instyle.locale.
6) Sulla falsarica si crea la zona wan esterna
vim /var/named/92.169.13.62.db
7) Avviamo il servizio
/etc/rc.d/init.d/named start
chkconfig named on
vi resolv.conf
search instyle.locale
nameserver 62.13.169.92
vi resolv.conf
search instyle.locale
nameserver 62.13.169.92
N.B. se appare l'errore /var/log/messages
named[1284]: starting BIND 9.4.3-P1 -t /var/named -u bind
named[1284]: command channel listening on 127.0.0.1#953
named[1284]: the working directory is not writable
named[1284]: running
E' sufficiente dare il comando
chown -R bind /var/named
8) Usare i comandi seguenti per vedere se funziona tutto:
dig server01.instyle.locale.
dig –x 192.168.32.10
host www.instyle.locale localhost
host -t mx example.org localhost
7) Per settare un cname:
/var/named/instyle.locale.
# update serial
2007041501 ;Serial
# aliase IN CNAME server's name
ftp IN CNAME ns.instyle.locale.
Per ricaricare le impostazioni:
rndc reload
8) Se uno invece vuole settare un DNS secondario è necessario sul server DNS master:
vim /var/named/instyle.locale.lan
$TTL 86400
@ IN SOA ns.instyle.locale. root. instyle.locale. (
2007041501 ;Serial
3601 ;Refresh
1801 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
# define name server
IN NS ns. instyle.locale.
#si aggiunge qui la riga per il dns secondario
IN NS ns.instyle2.locale.
# internal IP address of name server
IN A 192.168.0.17
# define Mail exchanger
IN MX 10 ns. instyle.locale.
# define IP address and hostname
Ns IN A 192.168.0.17
rndc reload
Sul DNS secondario aggiungere la seguente riga:
vi /etc/named.conf
# add these lines below
zone "instyle.locale" IN {
type slave;
masters { 172.16.0.17; };
file "slaves/instyle.locale.lan";
};
rndc reload
server reload successful
ls /var/named/slaves
instyle.locale.lan
- A Records
An A record is probably the most common and easiest of all records to understand. Quite
simply, whatever is placed on the left will resolve to the IP address provided on the right.
Here’s an example of an A record:
www IN A 192.168.1.1
Here, www (expanded to include the full domain name) would resolve to 192.168.1.1.
If this were the zone file for example.org, www would be expanded to www.example.org. You could choose to be specific in your zone file and use something like this:
www.example.org. IN A 192.168.1.1
The final period (or dot) after .org is very important. If you left this out, the record
would be expanded to create www.example.org.example.org.
www IN A 192.168.1.1
- CNAME
Cname collega due voci dns.
ftp IN CNAME www
The benefit with using CNAME is that if you change the IP address of the server (perhaps
you’re running this particular machine on an Internet connection that has a dynamic
IP address), you have to update only one IP address instead of two.
- MX Records
mailserver.example.org. IN A 192.168.1.1
example.org. IN MX 10 mailserver
Remember, though, that the MX record must point to an existing hostname; in other words, it requires an A record. This doesn’t have to be in the same domain, as we’ll see in one of the following examples.
Se uno avesse due mail Server:
mailserver.example.org. IN A 192.168.1.1
mailserver2.example.org. IN A 192.168.1.2
example.org. IN MX 10 mailserver
example.org. IN MX 20 mailserver2
- NS Records
An NS record looks like this:
example.org. IN NS dns0.example.com.
the authoritative name servers for our domain by creating to NS records.
Generally speaking, you should have at least two DNS servers. This is good practice
because if your DNS server goes down, people won’t be able to find your web site or your
e-mail servers. Because many people host their web sites in the same place they host their
DNS, this won’t help much, but it will ensure that e-mail is properly routed to the backup
e-mail server. Multiple NS records look like this:
example.org. IN NS dns0.example.com.
example.org. IN NS ns1.example.net.
- Esempio di configurazione DNS
www.example.org. IN A 192.168.1.1
ftp.example.org. IN CNAME www
mail.example.org. IN A 192.168.1.2
mail2.example.org. IN A 10.0.0.1
example.org. IN NS dns0.example.com.
example.org. IN NS ns1.example.net.
example.org. IN MX 10 mail
example.org. IN MX 20 mail