A first stab at DNS config, very useful for dialup users.
A caching only name server will find the answer to name queries and remember the answer the next time you need it.
First you need a file called /etc/named.boot. This is
read when named starts. For now it should simply contain:
; Boot file for nicolais caching name server ; directory /var/named ; ; type domain source file or host cache . root.cache primary 0.0.127.in-addr.arpa pz/127.0.0
The `directory' line tells named where to look for files. All
files named subsequently will be relative to this.
/var/named is the right directory according to the Linux
Filesystem Standard. Personaly, I use /local/named, but I'm
quirky.
The file named /var/named/root.cache is named in this.
/var/named/root.cache should contain this:
. 518400 NS D.ROOT-SERVERS.NET. . 518400 NS E.ROOT-SERVERS.NET. . 518400 NS I.ROOT-SERVERS.NET. . 518400 NS F.ROOT-SERVERS.NET. . 518400 NS G.ROOT-SERVERS.NET. . 518400 NS A.ROOT-SERVERS.NET. . 518400 NS H.ROOT-SERVERS.NET. . 518400 NS B.ROOT-SERVERS.NET. . 518400 NS C.ROOT-SERVERS.NET. ; D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
The file describes the root name servers in the world. This changes over time and must be maintained. See the maintenance section for how to keep it up to date. This file is described in the named man page, but it is, IMHO, best suited for people that already understand named.
The next line in named.boot is the primary line. I will
explain its use in a later chapter, for now just make this a file
named 127.0.0 in the subdirectory pz:
@ IN SOA linux.bogus. hostmaster.linux.bogus. (
1 ; Serial
28800 ; Refresh
7200 ; Retry
604800 ; Expire
86400) ; Minimum TTL
NS ns.linux.bogus.
1 PTR localhost.
Next, you need a /etc/resolv.conf looking something like
this:
search subdomain.your-domain.edu your-domain.edu nameserver 127.0.0.1
The `search' line specifies what domains should be
searched for any hostnames you want to connect to. The
`nameserver' line specifies what address your machine can
reach a nameserver at, in this case your own machine since that is
where your named runs. (Note: Named never reads this file, the
resolver that uses named does.)
To illustrate what this file does: If a client tries to look up
foo, foo.subdomain.your-domain.edu is tried first,
then foo.your-fomain.edu, finally foo. If a client
tries to look up sunsite.unc.edu,
sunsite.unc.edu.subdomain.your-domain.edu is tried first,
then sunsite.unc.edu.your-domain.edu, and finally
sunsite.unc.edu. You may not want to put in too many domains
in the search line, it takes time to search them.
The example assumes you belong in the domain
subdomain.your-domain.edu, your machine then, is probably
called your-machine.subdomain.your-domain.edu. The search
line should not contain your TLD (Top Level Domain, `edu' in this
case). If you frequently need to connect to hosts in another domain
you can add that domain to the search line like this:
search subdomain.your-domain.edu. your-domain.edu. other-domain.com.
and so on. Obviously you need to put real domain names in instead.
Next, depending on your libc version you either need to fix
/etc/nsswitch.conf or /etc/host.conf. If you
already have nsswitch.conf that's what we'll fix, if not, we'll
fix host.conf.
/etc/nsswitch.conf
This is a long file specifying where to get different kinds of data
types, from what file or database. It usually contains helpful
comments at the top. Find the line starting with `hosts:', it
should read
hosts: files dns
If there is no line starting with `hosts:' then put in the one
above. It says that programs should first look in the
/etc/hosts file, then check DNS according to
resolv.conf.
/etc/host.conf
It probably contains several lines, one should starting with
order and it should look like this:
order hosts,bind
If there is no `order' line you should stick one in. It tells
the host name resolving routines to first look in /etc/hosts,
then ask the name server (which you in resolv.conf said is at
127.0.0.1) These two latest files are documented in the resolv(8)
manpage (do `man 8 resolv') in most Linux distributions. That
man page is IMHO readable, and everyone, especially DNS admins, should
read it. Do it now, if you say to yourself "I'll do it later" you'll
never get around to it.
Starting named.
After all this it's time to start named. If you're using a dialup
connection connect first. Type `ndc start', and press return, no
options. If that back-fires try `/usr/sbin/ndc start' instead.
Now you can test your setup. If you view your syslog message file
(usually called /var/adm/messages) while starting named (do
tail -f /var/adm/messages) you should see something like:
Jun 30 21:50:55 roke named[2258]: starting. named 4.9.4-REL Sun Jun 30 21:29:0
3 MET DST 1996 janl@roke.slip.ifi.uio.no:/var/tmp/bind/named
Jun 30 21:50:55 roke named[2258]: cache zone "" loaded (serial 0)
Jun 30 21:50:55 roke named[2258]: primary zone "0.0.127.in-addr.arpa" loaded (s
erial 1)
If there are any messages about errors then there is a mistake named will name the file it is in (one of named.boot and root.cache I hope :-) Kill named and go back and check the named file.
$ nslookup
Default Server: localhost
Address: 127.0.0.1
>
If that's what you get it's working. We hope. Anything else, go
back and check everything. Each time you change the named.boot
file you need to restart named using the ndc restart command.
Now you can enter a query. Try looking up some machine close to
you. pat.uio.no is close to me, at the University of Oslo:
> pat.uio.no
Server: localhost
Address: 127.0.0.1
Name: pat.uio.no
Address: 129.240.2.50
nslookup now asked your named to look for the machine
pat.uio.no. It then contacted one of the name server machines
named in your root.cache file, and asked its way from there.
It might take tiny while before you get the result as it searches all
the domains you named in /etc/resolv.conf.
If you try again you get this:
> pat.uio.no
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
Name: pat.uio.no
Address: 129.240.2.50
Note the `Non-authoritative answer:' line we got this time
around. That means that named did not go out on the network to ask
this time, it instead looked in it's cache and found it there. But
the cached information might be out of date (stale). So you are
informed of this (very slight) danger by it saying
`Non-authorative answer:'. When nslookup says this the
second time you ask for a host it's a sure sign it named caches the
information and that it's working. You exit nslookup by giving
the command `exit'.
If you're a dialup (ppp, slip) user please read the section on dialup connections, there is some advice there for you.
Now you know how to set up a caching named. Take a beer, milk, or whatever you prefer to celebrate it.