Thread: Setting up a DNS Server

Part 1 of (god knows how many, I don't know why, but I shouldn't decide to do stuff like this at 1am)

Crappy legal stuff: Copyright moi. Don't even consider holding me liable for anything that happens or doesn't happen by following this guide or anything else which might or might not happen when you are reading this howto.

e.g. If you are so engrossed in this guide and sitting in a chair with wheels when you push back and crush your cat and hear a very loud noise then swivel around to investigate it and in the process knock over a glass of some beverage you were consuming onto a already overloaded power extension and start a small electrical fire which then quickly spreads onto the giant magazine collection you have and sets fire to various other things in your room and eventually leads to the burning down of your house. Don't say I didn't warn you.

Also if you plan on publishing this somewhere else, it would be nice if you gave credit and left the entire article intact. So lets move onto the howto.

Due to multi platform madness I won't go into how to install bind (named) but you would be looking at doing one of the following commands

apt-get install bind9
yum install bind
rpm -ivh bind_package_name.rpm
emerge bind (Taking a stab at gentoo, never used it before)
./configure && make && make install (as root)


Depending on the package you've just installed, you could have a configuration that works mostly out of the box, or no configuration at all. I'll just assume you've got no configuration. You should be able to pick up later on.

Add a user which will not be used for anything else. This is a security thing so if someone does break/crack your DNS server, the damage they can do is limited.

You'll want to make a user now

adduser -h /var/named -s /bin/false named

The -h tells you where you want the home directory and the -s is what shell you want used for this account. We use /bin/false to stop anyone logging in.

And in part 2 we'll look at editing named.conf

Thanks for taking the time to start this off

i couldn't get bind working, but djb dns worked great. good guide to install here. DJBDNS Howto - The Planet Forums

named.conf - The file which holds it all together.

You'll normally find named.conf to be in /etc so we'll start there

Open up /etc/named.conf in your text editor of choice. (Personally I like nano, I'll use vim where nano isn't available)

We have to define some important things here

We'll set the options for named firstly

Code:

options {
directory "/var/named"; //Tell named where to find everything
allow-transfer { none; }; //Don't let anybody preform a zone transfer 
allow-recursion { localhost; }; //We don't want to be an open dns server
// Use your ISP's or run your own damnit
version "DNS Server"; //Set the version reply, so if anyone is profiling the //network, it makes it harder for them
};

Now you have the basic config for a DNS server but its pretty useless at the moment! It doesn't know where to look for DNS queries or what zones it is serving, we'll tell it where to find other DNS servers

Change directory so you are now in /var/named

We're going to have to download a little file here from the people who run the root dns servers

Run this to download that file:
wget http://www.internic.net/zones/named.root

You should now have a file called named.root in /var/named. Don't worry about keeping this up to date or anything, the last change was made in 2004

Just to be sure set the permissions of that file:

chown named:named named.root

Now head back into editing /etc/named.conf

Add this to the bottom of the configuration (outside of the options bracket)

Code:

zone "." {
type hint;
file "/var/named/named.root";
};

So you should now have a file looking like this

Code:

options {
directory "/var/named"; //Tell named where to find everything
allow-transfer { none; }; //Don't let anybody preform a zone transfer 
allow-recursion { localhost; }; //We don't want to be an open dns server
// Use your ISP's or run your own damnit
version "DNS Server"; //Set the version reply, so if anyone is profiling the //network, it makes it harder for them
};

zone "." {
type hint;
file "/var/named/named.root";
};

Now part 3 will show how to set up named so it serves zones.

Ok lets serve some domains

You want to add a section to your named.conf to tell it, that it is authoritative server for your domain

Lets say we want to host irishwebmasterforum.com and our nameserver is ns1.myserver.com (I should explain this bit) and our nice geographically diverse second nameserver (I'm looking at some hosts here ) is ns2.myserver.com

We'd add this to our named.conf

Code:

zone "irishwebmasterforum.com" {
type master;
file "/var/named/irishwebmasterforum.com.db";
};

I know updates have been a little sparse over the last week or two... or three... been busy with job hunting and other stuff.

Actually I should clear this up a bit more to avoid confusion.. that I've probably already caused.

The machine we are using *is* ns1.myserver.com

So lets open up the zone file for irishwebmasterforum.com

nano /var/named/irishwebmasterforum.com.db

And we should have a nice blank file to work with.