Configure Domain Name Service (DNS)

This section is only necessary if this monitoring node is intended to be used as a naming (DNS) service by the rest of the GNW network. Currently claranet, theplanet, and mail2 are the only DNS servers in use.


Install DNS Software

Install the latest DNS server software using the following command. This requires an active internet connection.

Here is the complete install dialog.


Configure DNS Server

Setup permissions on configuration files.

Bind will eventually run in a chroot jail under /var/named/chroot/var/named/.

DNS servers can be configured in a master or slave configuration. If configured in a slave mode the DNS server will download it's zone file from the master server. The advantage of this setup is that changes to DNS settings only have to be made on the master and the slave configuration will automatically update with new zone data the next time it downloads zone files from the master. The disadvantage with this configuration is that if something happens to the master and it is not fixed by the time the slaves try to make their next zone file download the DNS lookup service for those domains will all fail.

For the sake of increased avaialability and redundancy we have elected to set up all of our DNS servers in a master configuration. There is no problem associated with running multiple masters other than the increased amount of work when making updates since each master will have to be updated separately.

Edit the named.conf file

In this file you will specify zone statements for each domain. Each zone statement refers to a file called a zone file. The zone files are located in /var/named/chroot/var/named. Details of these files are discussed later in this document.

Below is the named.conf file for Claranet.

/var/named/chroot/etc/named.conf

Verify Other Configuration Files

These files contain the root server hints file and the domain information for the localhost, and are typically created when BIND is installed. You usually don't have to make any changes to these files but check that they are where they should be.

The root.hints file is a list of root name servers. This file must be updated periodically with the dig utility. A current copy of root.hints can be obtained from ftp://rs.internic.net/domain/named.root. Copy the contents of this file into /var/named/chroot/var/named/named.ca.

Also check that the /etc/nsswitch.conf includes the following line:

Create Zone Files

Now create the zone files that are referenced by the /var/named/chroot/etc/named.conf file.

You will need to create a separate file for each zone specified in the named.conf file. GNW currently maintains the following domains: globalnetwatch.com, globalnetwatch.net. compare10.com, compare10.net

Below is the zone file for globalnetwatch.com Located at /var/named/chroot/var/named/globalnetwatch.com

If a reverse lookup file was specified in named.conf then this will also need to be created

Below is the reverse lookup file /var/named/chroot/var/named/gnw.rev (specified in the above named.conf file)

Ensure that all the newly created files are owned by named and are read/write-able.

Now start BIND with the new settings:


Testing DNS Server

Test out the new BIND 9 installation. First query the local host address with dig:

To check a GNW nameserver: dig @localhost www.globalnetwatch.com (Assumes being run from one of the 3 GNW DNS server)

dig @mail2.globalnetwatch.com www.globalnetwatch.com (substitute mail2 with wichever nameserver you are testing)

Now try an external name lookup to verify that it is not operating as an open resolver


Global Netwatch dns servers are listed through Network Solutions. http://networksolutions.com

Our current DNS servers are:

theplanet

216.234.235.190

densitron

217.148.32.102

nsoma01prd

184.185.80.116


References

Configure DNS (last edited 2013-08-09 21:21:55 by Eric)