A first stab at DNS config, very useful for dialup users.
A caching only name server will find the answer to name queries and remember the answer the next time you need it. This will shorten the waiting time the next time significantly, especially if you're on a slow connection.
First you need a file called /etc/named.conf. This is
read when named starts. For now it should simply contain:
// Config file for caching only name server
options {
directory "/var/named";
// Uncommenting this might help if you have to go through a
// firewall and things are not working out:
// query-source port 53;
};
zone "." {
type hint;
file "root.hints";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "pz/127.0.0";
};
The `directory' line tells named where to look for files. All
files named subsequently will be relative to this. Thus pz
is a directory under /var/named, i.e.,
/var/named/pz. /var/named is the right directory
according to the Linux File system Standard.
The file named /var/named/root.hints is named in this.
/var/named/root.hints should contain this:
; ; There might be opening comments here if you already have this file. ; If not don't worry. ; . 6D IN NS G.ROOT-SERVERS.NET. . 6D IN NS J.ROOT-SERVERS.NET. . 6D IN NS K.ROOT-SERVERS.NET. . 6D IN NS L.ROOT-SERVERS.NET. . 6D IN NS M.ROOT-SERVERS.NET. . 6D IN NS A.ROOT-SERVERS.NET. . 6D IN NS H.ROOT-SERVERS.NET. . 6D IN NS B.ROOT-SERVERS.NET. . 6D IN NS C.ROOT-SERVERS.NET. . 6D IN NS D.ROOT-SERVERS.NET. . 6D IN NS E.ROOT-SERVERS.NET. . 6D IN NS I.ROOT-SERVERS.NET. . 6D IN NS F.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 5w6d16h IN A 192.112.36.4 J.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.10 K.ROOT-SERVERS.NET. 5w6d16h IN A 193.0.14.129 L.ROOT-SERVERS.NET. 5w6d16h IN A 198.32.64.12 M.ROOT-SERVERS.NET. 5w6d16h IN A 202.12.27.33 A.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.4 H.ROOT-SERVERS.NET. 5w6d16h IN A 128.63.2.53 B.ROOT-SERVERS.NET. 5w6d16h IN A 128.9.0.107 C.ROOT-SERVERS.NET. 5w6d16h IN A 192.33.4.12 D.ROOT-SERVERS.NET. 5w6d16h IN A 128.8.10.90 E.ROOT-SERVERS.NET. 5w6d16h IN A 192.203.230.10 I.ROOT-SERVERS.NET. 5w6d16h IN A 192.36.148.17 F.ROOT-SERVERS.NET. 5w6d16h IN A 192.5.5.241
The file describes the root name servers in the world. This changes over time and must be maintained. See the maintenance section for how to keep it up to date.
The next section in named.conf is the last zone. I will
explain its use in a later chapter, for now just make this a file
named 127.0.0 in the subdirectory pz:
@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. (
1 ; Serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D) ; Minimum TTL
NS ns.linux.bogus.
1 PTR localhost.
Next, you need a /etc/resolv.conf looking something like
this:
search subdomain.your-domain.edu your-domain.edu nameserver 127.0.0.1
The `search' line specifies what domains should be searched
for any host names you want to connect to. The `nameserver' line
specifies the address of your nameserver, in this case your own
machine since that is where your named runs (127.0.0.1 is right, no
matter if your machine has an other address too). If you want to list
several name servers put in one `nameserver' line for
each. (Note: Named never reads this file, the resolver that uses named
does.)
To illustrate what this file does: If a client tries to look up
foo, then foo.subdomain.your-domain.edu is tried
first, then foo.your-fomain.edu, finally foo. If a
client tries to look up sunsite.unc.edu,
sunsite.unc.edu.subdomain.your-domain.edu is tried first
(yes, it's silly, but that's the way it works), then
sunsite.unc.edu.your-domain.edu, and finally
sunsite.unc.edu. You may not want to put in too many domains
in the search line, it takes time to search them all.
The example assumes you belong in the domain
subdomain.your-domain.edu, your machine then, is probably
called your-machine.subdomain.your-domain.edu. The search
line should not contain your TLD (Top Level Domain, `edu' in this
case). If you frequently need to connect to hosts in another domain
you can add that domain to the search line like this:
search subdomain.your-domain.edu your-domain.edu other-domain.com
and so on. Obviously you need to put real domain names in instead. Please note the lack of periods at the end of the domain names. This is important, please note the lack of periods at the end of the domain names.
Next, depending on your libc version you either need to fix
/etc/nsswitch.conf or /etc/host.conf. If you
already have nsswitch.conf that's what we'll fix, if not, we'll
fix host.conf.
/etc/nsswitch.conf
This is a long file specifying where to get different kinds of data
types, from what file or database. It usually contains helpful
comments at the top, which you should consider reading. After that
find the line starting with `hosts:', it should read
hosts: files dns
If there is no line starting with `hosts:' then put in the one
above. It says that programs should first look in the
/etc/hosts file, then check DNS according to
resolv.conf.
/etc/host.conf
It probably contains several lines, one should start with
order and it should look like this:
order hosts,bind
If there is no `order' line you should add one. It tells the
host name resolving routines to first look in /etc/hosts,
then ask the name server (which you in resolv.conf said is at
127.0.0.1).
After all this it's time to start named. If you're using a dialup
connection connect first. Type `ndc start', and press return, no
options. If that does not work try `/usr/sbin/ndc start'
instead. If that back-fires see the
QnA
section. If you view your syslog message file (usually called
/var/adm/messages, but another directory to look in is
/var/log and another file to look in is syslog) while
starting named (do tail -f /var/log/messages) you should see
something like:
(the lines ending in \ continue on the next line)
Feb 15 01:26:17 roke named[6091]: starting. named 8.1.1 Sat Feb 14 \
00:18:20 MET 1998 ^Ijanl@roke.uio.no:/var/tmp/bind-8.1.1/src/bin/named
Feb 15 01:26:17 roke named[6091]: cache zone "" (IN) loaded (serial 0)
Feb 15 01:26:17 roke named[6091]: master zone "0.0.127.in-addr.arpa" \
(IN) loaded (serial 1)
Feb 15 01:26:17 roke named[6091]: listening [127.0.0.1].53 (lo)
Feb 15 01:26:17 roke named[6091]: listening [129.240.230.92].53 (ippp0)
Feb 15 01:26:17 roke named[6091]: Forwarding source address is [0.0.0.0].1040
Feb 15 01:26:17 roke named[6092]: Ready to answer queries.
If there are any messages about errors then there is a mistake. Named will name the file it is in (one of named.conf and root.hints I hope :-) Kill named and go back and check the file.
Now you can test your setup. Start nslookup to examine your work.
$ nslookup
Default Server: localhost
Address: 127.0.0.1
>
If that's what you get it's working. We hope. Anything else, go
back and check everything. Each time you change the named.conf
file you need to restart named using the ndc restart command.
Now you can enter a query. Try looking up some machine close to
you. pat.uio.no is close to me, at the University of Oslo:
> pat.uio.no
Server: localhost
Address: 127.0.0.1
Name: pat.uio.no
Address: 129.240.130.16
nslookup now asked your named to look for the machine
pat.uio.no. It then contacted one of the name server machines
named in your root.hints file, and asked its way from there.
It might take tiny while before you get the result as it may need to
search all the domains you named in /etc/resolv.conf.
If you ask the same again you get this:
> pat.uio.no
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
Name: pat.uio.no
Address: 129.240.2.50
Note the ``Non-authoritative answer:'' line we got this time
around. That means that named did not go out on the network to ask
this time, the information is in the cache now. But the cached
information might be out of date (stale). So you are informed of
this (very slight) possibility by it saying `Non-authorative
answer:'. When nslookup says this the second time you ask for a
host it's a sure sign that named caches the information and that it's
working. You exit nslookup by giving the command `exit'.
In large, well organized, academic or ISP (Internet Service
Provider) networks you will sometimes find that the network people has
set up a forwarder hierarchy of DNS servers which helps lighten the
internal network load and on the outside servers as well. It's not
easy to know if you're inside such a network or not. It is however
not important and by using the DNS server of your network provider as
a ``forwarder'' you can make the responses to queries faster and less
of a load on your network. If you use a modem this can be quite a
win. For the sake of this example we assume that your network
provider has two name servers they want you to use, with IP numbers
10.0.0.1 and 10.1.0.1. Then, in your named.conf file,
inside the opening section called ``options'' insert these lines:
forward first;
forwarders {
10.0.0.1;
10.1.0.1;
};
Restart your nameserver and test it with nslookup. Should work fine.
Now you know how to set up a caching named. Take a beer, milk, or whatever you prefer to celebrate it.