DNS

Resolving errors

> network unreachable resolving 'NS3.NIC.FR/AAAA/IN': 2001:610:240:0:53::4#53

These messages will go away if you add OPTIONS="-4" to /etc/sysconfig/named and restart named (service named restart). It needs the restart to pick up the new option. The messages appear because bind-9.3.6 insists on trying to use IPv6 even when it isn't properly configured.

> connection refused resolving '10.162.37.114.plus.bondedsender.org/A/IN': 84.243.213.38#53

These messages will go away if you edit /etc/named.conf and set the allow-query-cache option appropriately. By default the RHEL 5.4 version of bind is shipped with allow-query-cache { localhost; }; which means that Linux itself can do lookups, but no other client can. Changing that to allow-query-cache { localnets; }; will allow named to respond to queries from clients on your local network. This new option is mentioned (briefly) in the Release Notes.

Again you need to restart bind for the change to take effect.

Install a DNS caching server

yum install caching-nameserver

chkconfig named on

/etc/init.d/named start

Install Local DNS server

To install a local DNS server we ust need to install the bind packages, create a configuration file specifying the zone(s) and update the resolv.conf.

yum install bind bind-chroot bind-utils

Samples can be copied from the installation docs:

cp /usr/share/doc/bind-9.3.6/sample/etc/named.conf

The configuration file

[root@gaxgw ~]# cat /var/named/chroot/etc/named.conf

options

{

directory "/var/named"; // the default

};

zone "localhost" {

type master;

file "localhost.zone";

};

zone "ifaxyou.int" {

type master;

file "ifaxyou.int.zone";

};

zone "1.168.192.in-addr.arpa" IN {

type master;

file "rev-ifaxyou.int.zone";

};

The localhost zone file

[root@gaxgw ~]# cat /var/named/chroot/var/named/localhost.zone

$TTL 86400

@ IN SOA @ root (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS @

IN A 127.0.0.1

IN AAAA ::1

The zone file

[root@gaxgw ~]# cat /var/named/chroot/var/named/ifaxyou.int.zone

$TTL 1H

@ IN SOA localhost. root (

2010062700 ; serial

1H ; refresh

15M ; retry

4W ; expire

1H ; Negative caching TTL of 1 hour

)

; Name servers

IN NS ns1.ifaxyou.int.

ns1 IN A 192.168.1.103

www IN A 192.168.1.100

ftp IN A 192.168.1.100

gaxmail IN A 192.168.1.102

gaxgw IN A 192.168.1.103

gaxweb IN A 192.168.1.100

gaxdb IN A 192.168.1.101

The reverse zone file

[root@gaxgw ~]# cat /var/named/chroot/var/named/rev-ifaxyou.int.zone

$TTL 1H

@ IN SOA localhost. root (

2010062700 ; serial

1H ; refresh

15M ; retry

4W ; expire

1H ; Negative caching TTL of 1 hour

)

; Name servers

IN NS ns1.ifaxyou.int.

103 IN PTR ns1.

100 IN PTR www.

100 IN PTR ftp.

102 IN PTR gaxmail.

103 IN PTR gaxgw.

100 IN PTR gaxweb.

101 IN PTR gaxdb.

On each server in /etc/resolv.conf:

search ifaxyou.int

nameserver 192.168.1.103

nameserver 83.222.226.9

Test

host gaxmail / dig gaxmail / ping gaxmail / nslookup gaxmail

Start at boot

chkconfig named on

chkconfig --list | grep named

Add 127.0.0.1 as the primary nameserver in vi /etc/resolv.conf