Submitter: Matthew Carpenter Color Conventions in this document: Configuration Files in this document have been color-coded to better

ease in reading. Red Blue Dark Green Dark Purple Items you must change Various Filenames and Paths Comments and Record Description Optional Records

How this document is organized: B S!C "#S $H%&'( )%$$!#) "#S $& *&'+ ,)eneralC CH!#) &#.( C&#F!)/' $!&# ,and appropriate filesS$ #" '" C&#F!)/' $!&# ,and appropriate filesF!.%S C&MM&# $& .. C&#F!)/' $!&#S

"Above all else, know thyself"

0%'( B S!C ,and loosel1 correct- $H%&'(

!f 1ou don2t understand "#S !2ll cover it 0%'( briefl1. !f 1ou need more information3 see the man pages for named and the DNS-HowTo. "#S is a 4.566 compliant3 hierarchical distributed data s1stem. $hat means the information is spread all over the world with several 78nown7 points of origin 8nown and a 7tree-li8e7 organization. $hese points of origins are 8nown as 'oot #ame Servers. %ver1 "#S client ,9ni:3 *in;:3 #$3 #etware3 etc..- is given one or more 7local7 servers. ,for dialup !S<2s the1 are generall1 located at the !S< and 1ou are given the address when 1ou dial in- !n general3 when a re=uest is made for a name-loo8up3 the 7local7 "#S server is as8ed to resolve the name. !f that server,s- doesn2t have an answer3 it as8s the 7'oot #ame Servers7 for the "#S server,s- responsible for the given domain. &ne of those is re=uested to resolve the host name to an !< address.

$here is much more to this3 such as caching3 local host files3 etc.. but this is the basic information about "#S server protocol.

)%$$!#) "#S $& *&'+ ,)eneralDirections: >-%dit Configuration Files ?-Start ,or restart- "#S Commands: $o Start "#S,as root-: ndc start,@usr@sbin@ndc is the filename$o 'estart "#S: ndc restart $o Stop "#S: ndc stop

C CH!#)-&#.( C&#F!)/' $!&#

7caching onl17 "#S server is one which is configured without an1 domains for which to be responsible for.

Configuration Files for DNS proper /etc/named.conf "DN ROO#$/root.hints "DN ROO#$/()*.+.+ this defines a directory to store the DN confi! files Contains %pointers% to the Root er&ers'' Contains confi! for the local host/su,net'' ''note- the files in "DN ROO#$ may ,e named somethin! else. #his is defined in /etc/named.conf

Configuration Files for the Local Host Name Resolution (important for testing) /etc/resol&.conf /etc/nss.itch /etc/host.conf Only to make this computer use itself for DN Only to make this computer check /etc/hosts and DN ' Only to make this computer check /etc/hosts and DN ' 'note- .hich of these t.o is important depends on your li,c &ersion / usually chan!e ,oth

CONFIGURING DNS: $he following section shows wor8ing configuration files complete with comments /etc/named.conf,Caching &nl1 Configuration---------------------------------------------$his file must be named named.conf and be in @etc A!t is used b1 the 7named7 daemon to determine the basic configuration and what files contain the details

options { #Global DNS settings directory "/var/named"; #tells DNS to use the listed directory for other config files #forward first; #chec the "forwarders" before doing any resolution #forwarders { # list of domain servers the chec !"local" DNS" ##$%#&$%''%(; #internal DNS server for company #); ); *one "%" { #Settings for the +,,- .,N/ type hint; #Specifies this as the +,,- .,N/ type file "root%hints"; #0ile that containing lin s to the +,,S/+1/+S !/var/named/root.hints" ); *one "$%$%#'(%in2addr%arpa" { #3sed for reverse loo up !ie 45 6ddress to Name" #notice it is your networ address bac wards7"in2addr%arpa" #So this is for #'(%$%$ networ type master; #Specifies this as a 86S-/+ .,N/ file "p*/#'(%$%$"; #0ile that contains the details for this *one !/var/named/pz/127.0.0" );
----------------------------------------------

#otice the structure for each section of the file. *hen troubleshooting 8eep this in mind:

sectiontype { optiontype setting; optiontype setting; optiontype setting; BC

/etc/reso!".conf#Cachin$ On!% Confi$&ration'

---------------------------------------------Achange the domain info to fit 1ours. "on2t change the nameserver entr1

search subdomain%e2i2s%cc e2i2s%cc ;where subdomain%e2i2s%cc is the subdomain the DNS server is in ;and e2i2s%cc is your domain nameserver #'(%$%$%#
----------------------------------------------

#&$%: (ou must also see the configuration files common to all configurations here CH(NGING TH) CONFIGUR(TION s the Caching &nl1 "#S simpl1 retrieves and stores the !< information as new host resolutions are re=uested3 there is not a whole lot of configuration change involved. !t Dust wor8s. , nd hopefull1 !2ve done a good enough Dob showing 1ou so that it "&%S- $here is one thing 1ou can change3 and that is to ma8e the server chec8 with one or more "#S servers before going to the '&&$ S%'0%'S. $hese are 8nown as Forwarders. (ou can configure forwarding b1 uncommenting ,removing the 7A7 from the beginning of- the purple lines in @etc@named.conf.

S$ #" '" C&#F!)/' $!&#

7standard configuration7 "#S server is one which is configured to be responsible to resolve names to !< ddresses ,and vice versa- for a domain.

Configuration Files for DNS proper /etc/named.conf "DN ROO#$/root.hints "DN ROO#$/()*.+.+ "DN ROO#$/"domain$ "DN ROO#$/"in0 addr.arpa file$ this defines a directory to store the DN confi! files Contains %pointers% to the Root er&ers'' Confi! for re&erse0lookup to the local host/su,net'' Confi! for domain'' Confi! for re&erse lookup for your domain

''note- the files in "DN ROO#$ may ,e named somethin! else. #his is defined in /etc/named.conf

Configuration Files for the Local Host Name Resolution (important for testing) /etc/resol&.conf /etc/nss.itch /etc/host.conf Only to make this computer use itself for DN Only to make this computer check /etc/hosts and DN ' Only to make this computer check /etc/hosts and DN ' 'note- .hich of these t.o is important depends on your li,c &ersion / usually chan!e ,oth

CONFIGURING DNS: $he following section shows wor8ing configuration files complete with comments /etc/named.conf#Standard Confi$&ration'
---------------------------------------------$his file must be named named.conf and be in @etc A!t is used b1 the 7named7 daemon to determine the basic configuration and what files contain the details

options { #Global DNS settings directory "/var/named"; #tells named where to find the rest of the config files #forward first; #chec the "forwarders" before doing any resolution #forwarders {# list of domain servers the chec !"local" DNS" ##$%#&$%''%(; #internal DNS server for company #); ); *one "%" { #Settings for the +,,- .,N/ type hint; #Specifies this as the +,,- .,N/ type file "root%hints"; #0ile that containing lin s to the +,,S/+1/+S !/var/named/root.hints"

); *one "$%$%#'(%in2addr%arpa" { #3sed for reverse loo up !ie 45 6ddress to Name" #notice it is your networ address bac wards7"in2addr%arpa" #So this is for #'(%$%$ networ type master; #Specifies this as a 86S-/+ .,N/ file "p*/#'(%$%$"; #0ile that contains the details for this *one !/var/named/pz/127.0.0" ); *one "e2i2s%cc" { #9our *one name !domain name" notify no; # notify is used with master/slave DNS servers% Not necessary for one DNS svr% type master; # Specify this as a 86S-/+ .,N/ file "p*/e2i2s%cc"; #0ile that contains details for this *one !/var/named/pz/e-i-s.cc" ); *one "#$%#::%#$%in2addr%arpa" { #6gain2+everse ;oo up type master; #6gain286S-/+ .,N/ file "p*/#$%#::%#$"; #6gain2Details file% !/var/named/pz/10.133.10" );
----------------------------------------------

#otice the structure for each section of the file. *hen troubleshooting 8eep this in mind:
sectiontype { optiontype setting; optiontype setting; optiontype setting; );

#otice the use of a trailing 7.7 on hostnames. !n zone files3 the use of a trailing 7.7 is to signif1 that the address is the distinguished name. #ames without the trailing7.7 are assumed to be relative names and will have the zone name added to the end3 thus .. names in reverse-loo8up zones use the trailing 7. 7 ,! would H $% to have a machine named 7carp1.e-i-s.cc.6.6.>?E.in-addr.arpa7 (c8F /etc/reso!".conf#Standard Confi$&ration'
---------------------------------------------Achange the domain info to fit 1ours. "on2t change the nameserver entr1

domain e2i2s%cc

search subdomain%e2i2s%cc e2i2s%cc ;where subdomain%e2i2s%cc is the subdomain the DNS server is in ;and e2i2s%cc is your domain nameserver #$%#::%#$%:<
----------------------------------------------

N,-/= 9ou must also see the configuration files common to all configurations here

CH(NGING TH) CONFIGUR(TION s a Standard ,Full- "#S Configuration3 there are man1 ,and probabl1 more all the time- changes that can be made to the configuration. ! will focus on two main changes 1ou need to 8now. Gust li8e a caching config3 1ou can ma8e the server chec8 with one or more "#S servers before going to the '&&$ S%'0%'S. $hese are 8nown as Forwarders. (ou can configure forwarding b1 uncommenting ,removing the 7A7 from the beginning of- the purple lines in @etc@named.conf. $he other changes 1ou need to be able to ma8e are to configure 1our "#S server to be responsible for resolving names for a new domain. $here are three main things needing to be done: Create the zone file for the domain ,@var@named@pz@somedomain.comCreate the in-addr.arpa zone file for the domain ,@var@named@pz@6.6.>6.inaddr.arpadd the two entries into @etc@named.conf,domain entr1 and in-addr.arpa entr1with appropriate values.

CONFIG FI*)S CO++ON FOR )(CH CONFIGUR(TION /"ar/named/root.hints#Common'

---------------------------------------------Anothing real interesting here. $hese don2t change much but when the1 do 1ou need to update the !< addresses

% % % % % % % % % % %

>D >D >D >D >D >D >D >D >D >D >D

4N 4N 4N 4N 4N 4N 4N 4N 4N 4N 4N

NS NS NS NS NS NS NS NS NS NS NS

G%+,,-2S/+1/+S%N/?%+,,-2S/+1/+S%N/@%+,,-2S/+1/+S%N/;%+,,-2S/+1/+S%N/8%+,,-2S/+1/+S%N/6%+,,-2S/+1/+S%N/A%+,,-2S/+1/+S%N/B%+,,-2S/+1/+S%N/C%+,,-2S/+1/+S%N/D%+,,-2S/+1/+S%N//%+,,-2S/+1/+S%N/-

% >D 4N NS 4%+,,-2S/+1/+S%N/% >D 4N NS 0%+,,-2S/+1/+S%N/G%+,,-2S/+1/+S%N/-% ?%+,,-2S/+1/+S%N/-% @%+,,-2S/+1/+S%N/-% ;%+,,-2S/+1/+S%N/-% 8%+,,-2S/+1/+S%N/-% 6%+,,-2S/+1/+S%N/-% A%+,,-2S/+1/+S%N/-% B%+,,-2S/+1/+S%N/-% C%+,,-2S/+1/+S%N/-% D%+,,-2S/+1/+S%N/-% /%+,,-2S/+1/+S%N/-% 4%+,,-2S/+1/+S%N/-% 0%+,,-2S/+1/+S%N/-%
----------------------------------------------

&w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h &w>d#>h

4N 4N 4N 4N 4N 4N 4N 4N 4N 4N 4N 4N 4N

6 6 6 6 6 6 6 6 6 6 6 6 6

#D'%##'%:>%E #D<%E#%$%#$ #D:%$%#E%#'D #D<%:'%>E%#' '$'%#'%'(%:: #D<%E#%$%E #'<%>:%'%&: #'<%D%$%#$( #D'%::%E%#' #'<%<%#$%D$ #D'%'$:%':$%#$ #D'%:>%#E<%#( #D'%&%&%'E#

#otice that each line in the first section begins with a 7.7 $he rest ! have #& !"% about. /"ar/named/,-/./0.1.1,Common2 ---------------------------------------------;Defines the local *one%Change

the various names to suit your networ

F 4N S,6 carpy%e2i2s%cc% netdude%e2i2s%cc% ! # ;Serial <A ;+efresh 'A ;+etry #G ;/Hpire #D" ;8inimum --; ; above is the Start,f6uthority !S,6" record% ; -he "F" means the origin !ie% $%$%#'(%in2addr%arpa" ; carpy%e2i2s%cc% specifies the authoritative nameserver !4 thin 2not documented" ; netdude%e2i2s%cc specifies !donIt cringe" the email address responsible for this% ; !+/5;6C/ "F" G4-A "%" 2donIt as J" NS carpy%e2i2s%cc% ; above is the NameServer record% # 5-+ localhost% ; above is a pointer record to the localhost
2 ----------------------------------------------

/etc/nsswitch.conf,CommonA snippit-ma8e sure this line e:ists and loo8s li8e this ----------------------------------------------

hosts= files dns

----------------------------------------------

/etc/host.conf,CommonA snippit - ma8e sure this line e:ists and loo8s li8e this ----------------------------------------------

order hostsKbind
----------------------------------------------

earch