7.0: BIND DNS: Difference between revisions
m (7.0: BIND DNS moved to 7.0. BIND DNS) |
No edit summary |
||
Line 1: | Line 1: | ||
[[1.0 |
[[1.0. Configuring Samba]] |
||
[[2.0 |
[[2.0. Configuring LDAP]] |
||
[[3.0 |
[[3.0. Initialization LDAP Database]] |
||
[[4.0 |
[[4.0. User Management]] |
||
[[5.0 |
[[5.0. Heartbeat HA Configuration]] |
||
[[6.0 |
[[6.0. DRBD]] |
||
[[7.0 |
[[7.0. BIND DNS]] |
||
---- |
---- |
||
Line 17: | Line 17: | ||
== [[7.0 |
== [[7.0. BIND DNS]] == |
||
Line 38: | Line 38: | ||
== [[7.1 Configuration]] == |
== [[7.1. Configuration]] == |
||
'''Step1''' |
'''Step1.''' |
||
We will now create a directory on our DRBD drive /data/dnszones. |
We will now create a directory on our DRBD drive /data/dnszones. |
||
Line 49: | Line 49: | ||
'''Step2''' |
'''Step2.''' |
||
Change the location of the zone files to our replicated drive |
Change the location of the zone files to our replicated drive |
||
Line 63: | Line 63: | ||
'''Step3''' |
'''Step3.''' |
||
Copy the default zone files to our new location and set the permissions. |
Copy the default zone files to our new location and set the permissions. |
||
Line 73: | Line 73: | ||
== [[7.1.1 named.conf]] == |
== [[7.1.1. named.conf]] == |
||
Line 168: | Line 168: | ||
== [[7.1.2 zone file]] == |
== [[7.1.2. zone file]] == |
||
Revision as of 02:29, 26 January 2007
3.0. Initialization LDAP Database
5.0. Heartbeat HA Configuration
7.0. BIND DNS
We can use BIND – The Berkley Internet Name Domain in a high availability configuration. We can make 2 nodes appear as one, zone files will we stored on a DRBD drive, if node1 fails node2 can take over and automatically start NAMED.
BIND is able to have its /var/named directory relocated to a more appropriate location such as /data/dnszones; this enables us to provide real time replication of the zone files; the standby node2 will have to have its default directory modified to /data/dnszones.
We have 2 servers, and we will refer to the cluster as cluster.differentialdesign.org. It is assumed that these machines are behind a firewall with NAT and port forwarding to the appropriate ports.
When setting up Domain Names through a registrar you would want 2 separate name servers. It is recommended to setup an additional slave DNS server.
An example may be
Name Server:CLUSTER.DIFFERENTIALDESIGN.ORG <- Primary Name Server(s)
Name Server:NS1.DIFFERENTIALDESIGN.ORG
Name Server:NS2.DIFFERENTIALDESIGN.ORG
7.1. Configuration
Step1.
We will now create a directory on our DRBD drive /data/dnszones.
[root@node1 ~]# mkdir /data/dnszones
Step2.
Change the location of the zone files to our replicated drive
[root@node1 ~]# named ? usage: named [-4|-6] [-c conffile] [-d debuglevel] [-f|-g] [-n number_of_cpus] [-p port] [-s] [-t chrootdir] [-u username] [-m {usage|trace|record}] [-D ] named: extra command line arguments [root@node1 ~]# named -t /data/dnszones/
Step3.
Copy the default zone files to our new location and set the permissions.
[root@node1 ~]# rsync -avz /var/named/ /data/dnszones/
[root@node1 ~]# chown –R named.named /data/dnszones/
7.1.1. named.conf
It is important that all machines on the network use cluster.differentialdesign.org or its local IP address address as DNS servers. This way we can assure correct name resolution.
We will now edit the /etc/named.conf
Take note of the below file, you can see highlighted in red our secondary DNS servers, these are the IP addresses of ns1.differentialdesign.org and ns2.differentialdesign.org
The named.conf needs to be the same on both node1 and node2; you could manually copy the file over using SCP, or link it to the /data/dnszones directory using a symbolic link.
[root@node1 ~]# vi /etc/named.conf
// // named.conf for Red Hat caching-nameserver // options { directory "/data/dnszones"; dump-file "/data/dnszones/data/cache_dump.db"; statistics-file "/data/dnszones/data/named_stats.txt"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; allow-transfer { 127.0.0.1; // localhost 202.161.90.250; // secondary DNS server for my zone 202.161.90.251; // secondary DNS server for my zone }; }; // // a caching only nameserver config // controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localdomain" IN { type master; file "localdomain.zone"; allow-update { none; }; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { type master; file "named.ip6.local"; allow-update { none; }; }; zone "255.in-addr.arpa" IN { type master; file "named.broadcast"; allow-update { none; }; }; zone "0.in-addr.arpa" IN { type master; file "named.zero"; allow-update { none; }; }; zone "differentialdesign.org" { type master; file "/data/dnszones/differentialdesign.org/named.differentialdesign.org.hosts"; allow-update { none; }; };
7.1.2. zone file
In our named.conf file we have the following zone defined;
zone "differentialdesign.org" { type master; file "/data/dnszones/differentialdesign.org/named.differentialdesign.org.hosts"; allow-update { none; };
We can see the zone file located in /data/dnszones/
Step1.
Create a sub folder where we will store our zone files.
[root@node1 ~]# mkdir /data/dnszones/differentialdesign.org/
Step2.
Create a new file called named.differentialdesign.org.hosts.
[root@node1 ~]# vi /data/dnszones/differentialdesign.org/named.differentialdesign.org.hosts
You will see below that nodes.differentialdesign.org. IN 192.168.0.4 is an “A record” which points us to the virtual IP address of the cluster. When setting up mapped drives it is best to use the name instead of IP address.
$TTL 8h differentialdesign.org. IN SOA cluster.differentialdesign.org. asender.mail.samba.org. ( 2006211201 10800 3600 3600000 86400 ) differentialdesign.org. IN NS cluster.differentialdesign.org. differentialdesign.org. IN NS ns1.differentialdesign.org. differentialdesign.org. IN NS ns2.differentialdesign.org. differentialdesign.org. IN MX 50 mail.differentialdesign.org. mail.differentialdesign.org. IN A 202.161.90.245 www.differentialdesign.org. IN A 202.161.90.245 cluster.differentialdesign.org. IN A 202.161.90.241 node1.differentialdesign.org. IN A 192.168.0.2 node2.differentialdesign.org. IN A 192.168.0.3 nodes.differentialdesign.org. IN A 192.168.0.4