|
|
|
|
|||||||||||||
|
|||||||||||||||
|
|
|
There might be errors, so please report them and any comments to frank.
Danish version of this document / DanskThis english version of dnsbind.html is under construction
[an error occurred while processing this directive]This is for Bind version 8.2.2, and will not work with older versions as bind 4.9x. In these examples the main difference is the file named.conf. These data were in older bind versions often placed in several files. The syntax has changed in named.conf . The other files in /var/named are still the same.
I have used the domain name ".home", since it still is unused/non-existing. Any non-existing top-level domain may be used. If you have a registered domain name, substitute .home with your own domain.
[an error occurred while processing this directive]In this example the IP addresses 192.168.1.xxx from the class C network
is used. These addresses can be used for a local network.
More on this topic can be found in
rfc1597.
| Network Class | Netmask | Network Addresses | ||
|---|---|---|---|---|
| A | 255.0.0.0 | 10.0.0.0 | - | 10.255.255.255 |
| B | 255.255.0.0 | 172.16.0.0 | - | 172.31.255.255 |
| C | 255.255.255.0 | 192.168.0.0 | - | 192.168.255.255 |
This setup assumes a local network with two PC's, one is called tux, and the other win95. It is of course tux (192.168.1.1) that will be the nameserver. I will also add an name/alias ns.home. ns.home is not really needed, but is added if some day the nameserver is moved to another PC . On your local network you have to use the IP address of the nameserver not the name.
Diald needs a "dummy" IP address, and because diald uses/used "slip" I have named thes two addresses. This is acutuallt not nescesary, but the name will be shown when using programs like route.
// generated by named-bootconf.pl
options {
// debian 2.1, change path if your distribution uses
// something different :
directory "/var/named";
/* forward only; /* <-- try this option */
/* insert 1-3 forwarders (IP adresses for nameservers to use) */
forwarders {
NNN.NNN.NNN.NNN;
MMM.MMM.MMM.MMM;
};
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
listen-on { 192.168.1.1; 127.0.0.1 ; };
};
//
// Boot file for name server
//
zone "." {
type hint;
file "db.cache";
};
// Name server zone boot file
// See named(8) for syntax and further information
// Use `bindconfig' to automatically configure this file
// (bindconfig=Interactively configure BIND for Debian)
zone "local" {
type master;
file "named.local";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.rev-local";
};
zone "home" {
type master;
file "named.home";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "named.rev-home";
};
This file can be found at ftp://rs.internic.net/domain as named.cache, and is an initial cache file for bind. The file is sometimes also named named.root or as in my example db.cache, but the contents is the same.
; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC registration services ; under anonymous FTP as ; file /domain/named.root ; on server FTP.RS.INTERNIC.NET ; -OR- under Gopher at RS.INTERNIC.NET ; under menu InterNIC Registration Services (NSI) ; submenu InterNIC Registration Archives ; file named.root ; ; last update: Aug 22, 1997 ; related version of root zone: 1997082200 ; ; ; formerly NS.INTERNIC.NET ; . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 ; ; formerly NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 ; .... ... .. [an error occurred while processing this directive]etc.
;
; BIND data file for local loopback interface
; ** trailing periods are important!!
$TTL 24H
@ IN SOA localhost.local. root.localhost.local. (
199909221 ; Serial number, increase when file is changed
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Default TTL (Time To Live)
@ IN NS localhost.local.
localhost IN A 127.0.0.1
loopback IN CNAME localhost.local.
;
; BIND reverse data file for local loopback interface
; is it nescesary ?
;
$TTL 24H
@ IN SOA localhost.local. hostmaster.localhost.local. (
199909220 ; Serial #
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Default TTL (Time To Live)
@ IN NS localhost.local.
1 IN PTR localhost.local.
;
; Zone file for .home
;
; Mandatory minimum for a working domain
;
$TTL 24H
@ IN SOA tux.home. hostmaster.tux.home. (
199901121 ; serial, todays date + todays serial #
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Default TTL (Time To Live)
IN NS tux.home.
; local mail is distributed on tux
IN MX 10 tux ; Primary Mail Exchanger
; diald* only added for use with "diald" :
dialdl IN A 192.168.1.254
dialdr IN A 192.168.1.253
tux IN A 192.168.1.1
; some aliases for my machine
mail IN CNAME tux
ns IN CNAME tux
www IN CNAME tux
ftp IN CNAME tux
;
; Extras
;
@ TXT "home, your DNS"
; added some info on the second machine:
win95 IN A 192.168.1.2
MX 10 mail
HINFO "Pentium 100" "win95+Linux"
TXT "workstation"
; a shortcut for sslug => sslug.home :))
sslug IN A 192.38.71.98
;
; give "localhost.home" and "loopback.home" IP address 127.0.0.1
localhost IN A 127.0.0.1
loopback IN A 127.0.0.1
;
; BIND reverse data file for 192.168.1.x / .home eth0 interface
;
$TTL 24H
@ IN SOA tux.home. hostmaster.tux.home. (
199901121 ; serial, todays date + todays serial#
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Default TTL (Time To Live)
IN NS tux.home.
;
;@ NS ns.home.
1 IN PTR tux.home.
2 IN PTR win95.home.
253 IN PTR dialdr.home.
254 IN PTR dialdl.home.
# /etc/hosts # IP-addr. fully-qual.-domain-name" "alias" #local : 127.0.0.1 localhost loopback # 192.168.1.1 tux.home tux 192.168.1.2 win95.home win95 # some often used: (beware: IP numbers might change) 192.38.71.98 sslug.dk sslug sslug.home
I resolv.conf angives bl.a. de nameservere der skal slås op i. Til hjemmenettet bør kun den lokale nameserver angives, da den er sat op som forwarder, hvilket betyder at den slår op på de nameservere som er angivet i named.conf. Samtidig havner gamle opslag i cache på nameserveren, så man slipper for at slå dem op over PPP forbindelsen. Cachen holder indtil bind genstarters. Så vidt jeg ved gemmes cache kke i en fil så de kan anvendes næste gang bind startes.
Anvendes ikke diald, men en manuel PPP forbindelse, så kan man overveje at undlade anvendelsen af forwarders i named.conf, og så i stedet lade ip-up scriptet ændre resolv.conf til at anvende de andre nameservere. Det nemmeste her er at have to sæt filer, resolv.conf.pppoff og resolv.conf.pppon, og blot lave et link til den rigtige:
ln -sf /etc/resolv.conf.pppXX /etc/resolv.conf
# resolv.conf : domain home nameserver 192.168.1.1 # ved manuelle PPP lad ip-up/ip-down ændre følgende: #nameserver NNN.NNN.NNN.NNN #nameserver MMM.MMM.MMM.MMM #Udkommenter hvis .home skal tlføjes "korte adresser": #search home
Denne logfil kan være navngivet lidt forskelligt i linux distributionerne, check eventuelt med /etc/syslog.conf. Et lille udpluk fra log filen vises her.
03:12:49 named[187]: starting. named 8.1.2-T3B Fri Sep 4 00:35:37 MDT 1998 ^Ibdale@rover:/home/bdale/debian/bind-8.1.2/target/bin/named 03:12:50 named[187]: cache zone "" (IN) loaded (serial 0) 03:12:50 named[187]: master zone "localhost" (IN) loaded (serial 199901101) 03:12:50 named[187]: master zone "127.in-addr.arpa" (IN) loaded (serial 199901101) 03:12:50 named[187]: named.home:29: data "p2.f15.n236.z2.fidonet.ftn" outside zone "home" (ignored) 03:12:50 named[187]: master zone "home" (IN) loaded (serial 199901301) 03:12:50 named[187]: master zone "1.168.192.in-addr.arpa" (IN) loaded (serial 199901101) 03:12:50 named[187]: listening on [127.0.0.1].53 (lo) 03:12:50 named[187]: listening on [192.168.1.1].53 (eth0) 03:12:50 named[187]: Forwarding source address is [0.0.0.0].1034 03:12:50 named[188]: Ready to answer queries. 03:12:50 named[188]: sysquery: sendto([193.162.146.9].53): Network is unreachable ... 04:12:50 named[188]: Cleaned cache of 1 RR 04:12:50 named[188]: listening on [192.168.1.254].53 (sl0) 04:12:50 named[188]: USAGE 916801970 916798370 CPU=0.02u/0.02s CHILDCPU=0u/0s 04:12:50 named[188]: NSTATS 916801970 916798370 A=51 PTR=14 04:12:50 named[188]: XSTATS 916801970 916798370 RR=9 RNXD=1 RFwdR=6 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=2 SAns=59 SFwdQ=7 SDupQ=2 SErr=1 RQ=65 RIQ=0 RFwdQ=7 RDupQ=0 RTCP=0 SFwdR=6 SFail=0 SFErr=0 SNaAns=7 SNXD=3
>> route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface dialdr.home * 255.255.255.255 UH 1 0 0 sl0 192.168.1.0 * 255.255.255.0 U 0 0 60 eth0 127.0.0.0 * 255.0.0.0 U 0 0 195 lo default * 0.0.0.0 U 1 0 61 sl0og med forbindelsen "oppe":
>> route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface dialdr.home * 255.255.255.255 UH 1 0 0 sl0 ip1.banxr1.ras. * 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 * 255.255.255.0 U 0 0 60 eth0 127.0.0.0 * 255.0.0.0 U 0 0 195 lo default * 0.0.0.0 U 0 0 0 ppp0 default * 0.0.0.0 U 1 0 61 sl0
Er man i tvivl om DNS virker, så bør man først teste nameserveren med nslookup. Nslookup anvendes til opslag i nameservere, begge veje, så følgende opslag burde alle give et fornuftigt resultat:
nslookup tux.home
nslookup localhost.local
nslookup localhost
nslookup 192.168.1.1
nslookup 127.0.0.1
Vil man teste andre nameservere, f.eks. sin internetudbyderes, eller blot finde en IP adresse for et domæne, så sættes denne server navn/IP på som det andet argument:
nslookup www.sslug.dk NNN.NNN.NNN.NNN
|
|
|
||||||||||||
|
||||||||||||||
| ||||||||||||||
|
||||||||||||||
|
|
|
||||||||||||