A first stab at DNS config, very useful for dialup users.
A caching only name server will find the answer to name queries and remember the answer the next time you need it.
First you need a file called /etc/named.boot
. This is
read when named starts. For now it should simply contain:
; Boot file for nicolais caching name server ; directory /var/named ; ; type domain source file or host cache . root.cache
The `directory
' line tells named where to look for files. All
files named subsequently will be relative to this.
/var/named
is the right directory according to the Linux
Filesystem Standard.
The file named /var/named/root.cache
is named in this.
/var/named/root.cache
should contain this:
; ---- Root hint cache dump ---- . IN NS A.ROOT-SERVERS.NET . IN NS B.ROOT-SERVERS.NET . IN NS C.ROOT-SERVERS.NET . IN NS D.ROOT-SERVERS.NET . IN NS E.ROOT-SERVERS.NET . IN NS F.ROOT-SERVERS.NET . IN NS G.ROOT-SERVERS.NET . IN NS H.ROOT-SERVERS.NET . IN NS I.ROOT-SERVERS.NET ; ; Prep the cache (hardwire the addresses). Order does not matter ; A.ROOT-SERVERS.NET. IN A 198.41.0.4 B.ROOT-SERVERS.NET. IN A 128.9.0.107 C.ROOT-SERVERS.NET. IN A 192.33.4.12 D.ROOT-SERVERS.NET. IN A 128.8.10.90 E.ROOT-SERVERS.NET. IN A 192.203.230.10 F.ROOT-SERVERS.NET. IN A 39.13.229.241 G.ROOT-SERVERS.NET. IN A 192.112.36.4 H.ROOT-SERVERS.NET. IN A 128.63.2.53 I.ROOT-SERVERS.NET. IN A 192.36.148.17
The file describes the root name servers in the world. This changes over time, see the maintenance section for how to update it. This file is described in the named man page, but is, HMHO, best suited for people that already understand named.
Next, you need a /etc/resolv.conf
looking something like
this:
search subdomain.your-domain.edu your-domain.edu nameserver 127.0.0.1
The `search
' line specifies what domains should be searched
for any hostnames you want to connect to. The `nameserver
'
line specifies what address your machine can reach a nameserver at, in
this case your own machine since that is where your named runs. (Note:
Named never reads this file, the resolver that uses named does.)
To illustrate what this file does: If a client tries to look up
foo
, foo.subdomain.your-domain.edu
is tried first,
then foo.your-fomain.edu
, finally foo
. If a client
tries to look up sunsite.unc.edu
,
sunsite.unc.edu.subdomain.your-domain.edu
is tried first,
then sunsite.unc.edu.your-domain.edu
, and finally
sunsite.unc.edu
. You may not want to put in too many domains
in the search line, it takes time to search all the domains.
The example assumes you belong in the domain
subdomain.your-domain.edu
, your machine then, is probably
called your-machine.subdomain.your-domain.edu
. The search
line should not contain your TLD (Top Level Domain, `edu
' in this
case). If you frequently need to connect to hosts in another domain
you can add that domain to the search line like this:
search subdomain.your-domain.edu. your-domain.edu. other-domain.com.
and so on. Obviosly you need to put real domain names in instead.
The last file you have to fix is /etc/host.conf
. It will
probably contain several lines, one should starting with order
and
it should look like this:
order hosts,bind
If there is no `order
' line you should stick one in. It tells
the host name resolving routines to first look in /etc/hosts
,
then ask the name server (which you in resolve.conf
said is at
127.0.0.1) These two latest files are documented in the resolv(8)
manpage (do `man 8 resolv
'). That man page is IMHO readable, and
everyone, especially DNS admins, should read it. Do it now, if you
say to yourself "I'll do it later" you'll never get around to it.
After all this it's time to start named. Type
`/usr/sbin/named
', and press return, no options. If you're
using a dialup connection connect first. Now you can test your setup.
If you view your syslog message file (usualy called
/var/adm/messages
) while starting named (tail -f
/var/adm/messages
) you should see something like:
Mar 6 23:44:21 roke named[31426]: starting. named 4.9.3-P1 Sat Jan 27 00:36:2
9 MET 1996 janl@roke.slip.ifi.uio.no:/home/janl/bind-4.9.3/named
Mar 6 23:44:21 roke named[31426]: cache zone "" loaded (serial 0)
Mar 6 23:44:21 roke named[31427]: Ready to answer queries.
If there are any messages about errors then there is a mistake named will name the file it is in (one of named.boot and root.cache I hope :-) Kill named and go back and check the named file.
At this point we're at a cross roads. If you're using a very recent
bind distribution the setup might not work entierly yet. We'll find
out when we try to start query it. The program designed for this is
nslookup. Start it by giving linux the command `nslookup
':
$ nslookup
Default Server: localhost
Address: 127.0.0.1
>
If that's what you get it's working. If you get this instead:
$ nslookup
*** Can't find server name for address 127.0.0.1: Non-existent host/domain
*** Default servers are not available
you need to skip ahead to section the section called
`A Simple domain.' and read until you've got two
`primary
' lines in named.boot
, a file named
pz/127.0.0
and a file pz/localhost
. Then return
here.
Now you can enter a query. Try looking up some machine close to you. pat.uio.no is close to me, at the University of Oslo:
> pat.uio.no
Server: localhost
Address: 127.0.0.1
Name: pat.uio.no
Address: 129.240.2.50
nslookup now asked your named to look for the machine
pat.uio.no
. It then contacted one of the name server
machines named in your root.cache
file, and asked it's way
from there. It might take tiny while before you get the result as it
searches all the domains you named in /etc/resolve.conf
. If
you try again you get this:
> pat.uio.no
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
Name: pat.uio.no
Address: 129.240.2.50
Note the 'Non-authoritative answer:' line we got this time around.
That means that named did not go out on the network to ask this time,
it instead looked in it's cache and found it there. But the cached
information might be out of date (stale). So you are
informed of this (very slight) danger by it saying `Non-authorative
answer:'. When nslookup
says this the second time you ask for a
host it's a sign it caches the information and that it's working. You
exit nslookup
by giving the command `exit
'.
If you're a dialup (ppp, slip) user please read the section on dialup connections, there is some advice there for you.
Now you know how to set up minimal configuration files for named.