MASTER-SLAVE DNS
Primary Or
Master DNS Server details:
IP Address: 192.168.1.4
HostName: masterdns.arun.com
Secondary
Or Slave DNS Server details:
IP Address: 192.168.1.2
HostName: slavedns.arun.com
Primary DNS Configuration
(1)
[root@masterdns ~]# yum install bind* -y
(2)
[root@masterdns ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC
BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS
resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named
configuration files.
//
options {
listen-on port
53 { 192.168.1.4; 127.0.0.1; };
listen-on-v6
port 53 { ::1; };
directory "/var/named";
dump-file
"/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost;
192.168.1.0/24; }; # IP Range of allow Hosts
allow-transfer { localhost;
192.168.1.2; }; # Slave IP
recursion yes;
dnssec-enable
yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC
DLV key */
bindkeys-file
"/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel
default_debug {
file
"data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file
"named.ca";
};
zone"arun.com" IN {
type master;
file "for";
allow-update { none; };
};
zone"1.168.192.in-addr.arpa" IN {
type master;
file "rev";
allow-update { none; };
};
zone"google.com" IN {
type master;
file "for";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key"
(3) Creat
the For and Rev Zone files as mentioned in named.conf
[root@masterdns ~]# cd /var/named/
[root@masterdns named]# ll
total 40
drwxr-x--- 6 root
named 4096 Jun 18 10:18 chroot
drwxrwx--- 2 named named 4096 Aug 10 17:34 data
drwxrwx--- 2 named named 4096 Aug 11 16:46 dynamic
-rw-r----- 1 root
named 1892 Feb 18 2008 named.ca
-rw-r----- 1 root
named 152 Dec 15 2009 named.empty
-rw-r----- 1 root
named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root
named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Jun 4 2012
slaves
[root@masterdns named]#
FORWARD ZONE :
[root@masterdns named]# cp named.localhost for
[root@masterdns named]# vim for
$TTL 86400
@ IN SOA masterdns.arun.com. root.arun.com. (
201506187 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
@
IN NS masterdns.arun.com.
@
IN NS slavedns.arun.com.
@
IN NS mail.google.com.
@
IN NS chat.google.com.
masterdns
IN A 192.168.1.4
slavedns
IN A 192.168.1.2
www
IN A 192.168.1.4
mail IN
A 192.168.1.3
chat
IN A 192.168.1.3
RESERVE ZONE:
[root@masterdns named]# cp named.loopback rev
[root@masterdns named]# vim rev
$TTL 864000
@ IN SOA masterdns.arun.com. root.arun.com. (
201506187 ; serial
3600 ; refresh
1800 ; retry
604800 ; expire
86400 ; minimum
)
@
IN NS masterdns.arun.com.
@
IN NS slavedns.arun.com.
@
IN PTR arun.com.
@
IN PTR google.com.
masterdns
IN A 192.168.1.4
slavedns
IN A
192.168.1.2
www
IN A 192.168.1.4
mail
IN A 192.168.1.3
chat
IN A 192.168.1.3
4 IN PTR
masterdns.arun.com.
2 IN PTR
slavedns.arun.com.
4 IN PTR
www.arun.com.
3
IN PTR mail.google.com.
3
IN PTR chat.google.com.
(4)
Change the group to the named
[root@masterdns named]# chgrp named rev
[root@masterdns named]# chgrp named for
[root@masterdns named]# ls -l
total 40
drwxr-x--- 6 root
named 4096 Jun 18 10:18 chroot
drwxrwx--- 2 named named 4096 Aug 10 17:34 data
drwxrwx--- 2 named named 4096 Aug 11 16:46 dynamic
-rw-r-----
1 root named 718 Aug 11 01:45 for
-rw-r----- 1 root
named 1892 Feb 18 2008 named.ca
-rw-r----- 1 root
named 152 Dec 15 2009 named.empty
-rw-r----- 1 root
named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root
named 168 Dec 15 2009 named.loopback
-rw-r-----
1 root named 932 Aug 11 01:45 rev
drwxrwx--- 2 named named 4096 Jun 4 2012
slaves
[root@masterdns named]#
(5)
Then we need to check the Context of the files
under
[root@masterdns ~]# ls -lZd /etc/named.conf
-rw-r-----. root named system_u:object_r:named_conf_t:s0
/etc/named.conf
/etc/named.conf
(6)
If its Different than this then we need to
restore the context using
[root@masterdns named]#
restorecon /etc/named.conf
(7)
Now we need to Check for the Error in the conf
file and Zone file
[root@masterdns named]# named-checkzone arun.com
/var/named/for
zone arun.com/IN: loaded serial 201506187
OK
root@masterdns named]# named-checkzone
1.168.192.in-addr.arpa /var/named/rev
zone 1.168.192.in-addr.arpa/IN: loaded serial 201506187
OK
(8)
Start the DNS Service
[root@masterdns named]# /etc/init.d/named restart
Stopping named: .
[ OK ]
Starting named:
[ OK ]
[root@masterdns named]#
(9)
Make Changes in /etc/resolv.conf
[root@masterdns named]# vim /etc/resolv.conf
nameserver 192.168.1.4
(10) Check the working og DNS
server
[root@masterdns named]# nslookup slavedns.arun.com
Server: 192.168.1.4
Address: 192.168.1.4#53
Name: slavedns.arun.com
Address: 192.168.1.2
[root@masterdns named]# nslookup masterdns.arun.com
Server: 192.168.1.4
Address: 192.168.1.4#53
Name: masterdns.arun.com
Address: 192.168.1.4
Secondary DNS Configuration
(1)
[root@slavedns ~]# yum install bind* -y
(2)
[root@slavedns ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC
BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS
resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named
configuration files.
//
options {
listen-on port
53 { 127.0.0.1; 192.168.1.2; }; #slave DNS IP
listen-on-v6
port 53 { ::1; };
directory "/var/named";
dump-file
"/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost;
192.168.1.0/24; };
recursion yes;
dnssec-enable
yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC
DLV key */
bindkeys-file
"/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel
default_debug {
file
"data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file
"named.ca";
};
zone"arun.com" IN {
type slave;
file "slaves/for";
masters { 192.168.1.4; }; # master DNS IP
};
zone"1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/rev";
masters { 192.168.1.4; }; # master DNS IP
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
(3)
Start the named Service
root@slavedns ~]# /etc/init.d/named restart
Stopping named:
[ OK ]
Starting named:
[ OK ]
(4)
We Don't need to Create the Zone file here, If
will be resolved from Master Server While we Start the Named Service
[root@slavedns ~]# cd /var/named/slaves/
[root@slavedns slaves]# ll
total 8
-rw-r--r-- 1 named named 475 Aug 11 17:45 for
-rw-r--r-- 1 named named 626 Aug 11 17:45 rev
[root@slavedns slaves]#
[root@slavedns slaves]# cat for
$ORIGIN .
$TTL 86400 ; 1
day
arun.com
IN SOA masterdns.arun.com. root.arun.com.
(
201506187 ; serial
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS masterdns.arun.com.
NS slavedns.arun.com.
NS mail.google.com.
NS chat.google.com.
$ORIGIN arun.com.
chat
A 192.168.1.3
mail
A 192.168.1.3
masterdns
A 192.168.1.4
slavedns
A 192.168.1.2
www A
192.168.1.4
[root@slavedns slaves]# cat rev
$ORIGIN .
$TTL 864000 ; 1
week 3 days
1.168.192.in-addr.arpa
IN SOA masterdns.arun.com.
root.arun.com. (
201506187 ; serial
3600 ;
refresh (1 hour)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS masterdns.arun.com.
NS slavedns.arun.com.
PTR arun.com.
PTR google.com.
$ORIGIN 1.168.192.in-addr.arpa.
2
PTR slavedns.arun.com.
3
PTR mail.google.com.
PTR chat.google.com.
4
PTR masterdns.arun.com.
PTR www.arun.com.
chat A 192.168.1.3
mail
A 192.168.1.3
masterdns
A 192.168.1.4
slavedns
A 192.168.1.2
www
A 192.168.1.4
~
(5)
Make Changes in /etc/resolv.conf
[root@masterdns named]# vim /etc/resolv.conf
nameserver 192.168.1.2
(6)
Now check the Slave DNS Working
[root@slavedns slaves]# nslookup slavedns.arun.com
Server: 192.168.1.2
Address: 192.168.1.2#53
Name: slavedns.arun.com
Address: 192.168.1.2
[root@slavedns slaves]# nslookup masterdns.arun.com
Server: 192.168.1.2
Address: 192.168.1.2#53
Name: masterdns.arun.com
Address: 192.168.1.4
[root@slavedns slaves]#
No comments:
Post a Comment