Logo Page Web Française
Accueil Association BSD Linux Dev Reseau Infologisme Mac OSX
tl tr
Subject Domain Date 2011-02-02
Title BIND Domain Name System - Arch Linux Section Dev Reseau
Article

BIND – DNS Server

BIND (Berkeley Internet Name Domain) is an implementation of the DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System, including :

    * Domain Name System server
    * Domain Name System resolver library
    * Tools for managing and verifying the proper operation of the DNS server

The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization‘s naming architecture can be built.

The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service.

BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND architecture. Some of the important features of BIND 9 are DNS Security (DNSSEC, TSIG), IPv6, DNS Protocol Enhancements (IXFR, DDNS, DNS Notify, EDNS0), Views, Multiprocessor Support, and an Improved Portability Architecture.

Today, BIND version 4 is officially deprecated and BIND version 8 development is considered maintenance-only in favor of BIND version 9. No additional development will be done on BIND version 4 or BIND version 8 other than for security related patches. Internet Systems Consortium encourages all BIND users to upgrade to version 9 at their earliest convenience.

DNS – Domain Name System

Domain Name System or DNS is one fundamental module for the functioning of the Internet. This is the global database, hierarchical and distributed of the information from Domain Name System which is responsible for translating the Names of domain into IP Public addresses and vice versa, by leading at the appropriate destinations many Internet services.

To understand how operates one DNS Server, seize in one Web browser the public IP address below :

http://193.252.173.102

We arrive on a Website, it is certain, but which one ?

This public IP address serves for hosting www.c-extra.com and other Web sites.

Remarque : The redirection is made on the first line of the file hosts of the Machine Name or Hostname of this Server and on the first Virtual Site of the Apache Web Server. These two parameters are confidentially connected for the Resolution of the Domain Name and for the correct functioning of the Bind Server.

Extract from hosts file

#
192.168.1.1 c-extra.com www.c-extra.com ftp.c-extra.com mail.c-extra.com
192.168.1.1 c-extra.fr www.c-extra.fr ftp.c-extra.fr mail.c-extra.fr
192.168.1.1 c-extra.net www.c-extra.net ftp.c-extra.net mail.c-extra.net
192.168.1.1 c-expresso.com www.c-expresso.com ftp.c-expresso.com mail.c-expresso.com
192.168.1.1 c-expresso.fr www.c-expresso.fr ftp.c-expresso.fr mail.c-expresso.fr
192.168.1.1 cextra.com www.cextra.com ftp.cextra.com mail.cextra.com Forward c-extra.com
192.168.1.1 impress.fr www.impress.fr ftp.impress.fr mail.impress.fr Idem
#


After having examined this Web site, the Web browser has to discover the Public IP address from www.c-extra.com of the DNS Server. it is asked one question at the DNS local resolver, which asks alternately the local Server and at the DNS Server. The DNS Server makes an essential work, it promptly discovers the Public IP address corresponding at the Domain Name and sends back this request at the resolver from local DNS which transfers this answer at the Web browser.

In DNS jargon, this consultation is called a question for « one registration ». This registration describes the relation between one hostname with one Public IP address corresponding at the DNS.

Naturally, the complete process of resolution of the DNS is slightly more complex. The original DNS protocol is described in the RFC 1034 and the RFC 1035.

Prerequisites

Server and Software version required :

Operating System : Arch Linux, or another Linux
Server : Bind
Server Administration : Webmin


Components or Packages necessary
Arch Linux
bind 9.7.2.P3-3 Berkeley Internet Name Daemon (BIND) the reference Domain Name System DNS
It is evident that site-name.com represents for example : c-extra.com

Firstly to have the first network interface in 192.168.1.1 this goes without saying.
The TCP/IP parameters to supply in one network operating system are thus the IP address of the machine, its mask of sub-network (Netmask), one or several DNS addresses and the address of the gateway by default.
Manual addressing TCP/IP for one Domain Name Server – DNS
IP address 192.168.1.1
Netmask 255.255.255.0
Gateway 192.168.1.254
Primary DNS 192.168.1.1
Secondary DNS 80.10.246.2
Tertiary DNS 80.10.246.129
Remark : The IP addresses of the DNS servers primary and secondary from Orange.fr – 80.10.246.2 – 80.10.246.129
Machine name or hostname : product.site-name.com
Example : product.c-extra.com

Domain Name : site-name.com
Example : c-extra.com

Domain Name : site-name2.com
Example : c-expresso.fr

site-name.com is the Domain Name for this example, replace site-name.com by the desired domain which will be the Domain Name from Server. It is necessary to differentiate the main Domain Name, which must be identical at the hostname of the material Server or translates literally by the « Host name », but we use more frequently the expression the « Machine name ».

site-name.fr, site-name.net, site-name2.com, site-name2.fr, site-name2.net in this example are not, the main Domain Name of the physical machine from the Server or the Bind Server of Domain Name is installed.


The file /etc/hosts


#
# /etc/hosts : static lookup table for host names
#
# <ip-address>    <hostname.domain.org>    <hostname>
#
127.0.0.1       product.site-name.com product localhost.localdomain localhost
::1             product.site-name.com product localhost.localdomain localhost
#
192.168.1.1     site-name.com www.site-name.com ftp.site-name.com mail.site-name.com
192.168.1.1     site-name.fr www.site-name.fr ftp.site-name.fr mail.site-name.fr
192.168.1.1     site-name.net www.site-name.net ftp.site-name.net mail.site-name.net
192.168.1.1     site-name2.com www.site-name2.com ftp.site-name2.com mail.site-name2.com
192.168.1.1     site-name2.net www.site-name2.net ftp.site-name2.net mail.site-name2.net
192.168.1.1     site-name3.com www.site-name3.com ftp.site-name3.com mail.site-name3.com
192.168.1.1     site-name3.net www.site-name3.net ftp.site-name3.net mail.site-name3.net



The file /etc/resolv.conf

nameserver 192.168.1.1
nameserver 80.10.246.2
nameserver 80.10.246.129
domain site-name.com
List of the opened Ports with their protocols to serve the Domain Names and the Web sites.
Server Port Protocol
Bind 53 TCP
Bind 53 UDP
Apache 80 TCP
Apache 443 TCP
Configure the Firewall IPTables from Linux to host one Website : Webmin - IPTables Linux Firewall Configuration

BIND – Installation and implementation

It is necessary to configure /etc/named.conf of Bind 9.7.2.P3-3 from Arch Linux


The file named.conf


// $ Arch Linux: /etc/named.conf 2010/12/10 12:00:00
//

options {
        directory "/var/named";
        pid-file "/var/run/named/named.pid";
        auth-nxdomain yes;
        datasize default;
        allow-recursion { 127.0.0.1; };
        listen-on { any; };
        };


zone "." { type hint; file "root.hint"; };



Remark : This is one basic syntax, which must be adapted for each situation.

With Webmin click on icon or section Servers then BIND DNS Server and then on the Module Config label and parametrize the following line :

Full path to the rndc.conf file        /etc/rndc.conf

Start with the label Start Bind

We can then generate the RNDC key with the icon Setup RNDC.

That adds this syntax type at the file named.conf


key rndc-key {
        algorithm hmac-md5;
        secret "Ezz+EiLjQLP+SVwzPh3b+g==";
        };

controls {
        inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
        };



Click on the tab Apply Configuration


Create one primary zone

DNS – Primary zone

With Webmin click on the icon Servers then BIND DNS Server then from the section Existing DNS Zones then click on the following link : Create master zone.
Create master zone
 New master zone options
Zone type Forward (Names -> Addresses) Reverse (Addresses -> Names)
Domain name / Network
Records file Automatic
Master server Add NS record for master server?
Email address
Use zone template? Yes No IP address for template records
Add reverses for template addresses? Yes No
Refresh time Transfer retry time
Expiry time Negative cache time
That adds this syntax type at the file named.conf


zone "localhost" {
        type master;
        file "/var/named/localhost.hosts";
        };


Click on the Master zone localhost then on the link Address under the icon of  A
Address Records
Add Address Record
Name Time-To-Live Default
Address
Update reverse? Yes Yes (and replace existing) No
What gives one file /var/named/localhost.hosts as this :


$ttl 38400
localhost.       IN        SOA   localhost.site-name.com.    root.localhost (
                           1234454420
                           10800
                           3600
                           604800
                           38400 )
localhost.                 IN    NS    localhost.site-name.com.
localhost.                 IN    A     127.0.0.1



Now, create the primary zone for the Domain site-name.com
Create master zone
 New master zone options
Zone type Forward (Names -> Addresses) Reverse (Addresses -> Names)
Domain name / Network
Records file Automatic
Master server Add NS record for master server?
Email address
Use zone template? Yes No IP address for template records
Add reverses for template addresses? Yes No
Refresh time Transfer retry time
Expiry time Negative cache time
That adds this syntax type at the file named.conf


zone "site-name.com" {
        type master;
        file "/var/named/site-name.com.hosts";
        };



Click on the Master zone site-name.com then on the link Edit Records File as below.


The file /var/named/site-name.com.hosts


$ttl 38400
site-name.com.     IN      SOA   product.site-name.com.    root.site-name.com (
                           1234476834
                           10800
                           3600
                           604800
                           38400 )
@                          IN    NS    site-name.com.
site-name.com.             IN    A     192.168.1.1
www.site-name.com.         IN    A     192.168.1.1
ftp.site-name.com.         IN    A     192.168.1.1
mail.site-name.com.        IN    A     192.168.1.1
product.site-name.com.     IN    A     127.0.0.1



Remark :

The second Zone DNS and the following ones have a somewhat different syntax. That seems to me normal because the first Domain Name is the Server Name.

The device for to verify if everything is OK, this is made possible by stopping and by starting of the Bind Server, with another workstation by Webmin. The Server for to make one test has to be into console mode, solely in this manner we really look the parameter errors.

For one correct syntax of the configuration, the log file /var/log/messages indicates the following informations, as below for example :

Jun 2 16:00:00 product named[946]: starting 9.7.2.P3 -t /var/named -u bind
Jan 2 16:00:00 product named[946]: command channel listening on 127.0.0.1#953
Jan 2 16:00:00 product named[946]: the working directory is not writable
Jan 2 16:00:00 product named[946]: running

DNS – Zone Second and next ones

Create one new Master Zone as indicated above, that adds this syntax type at the file named.conf


zone "site-name.fr" {
        type master;
        file "/var/named/site-name.fr.hosts";
        };



Click on the Master zone site-name.fr then on the link Edit Records File as below.


The file /var/named/site-name.fr.hosts


$ttl 38400
site-name.fr.      IN      SOA   product.site-name.fr.    root.site-name.fr (
                           1234454420
                           10800
                           3600
                           604800
                           38400 )
@                          IN    NS    product.site-name.fr.
site-name.fr.              IN    A     192.168.1.1
www.site-name.fr.          IN    A     192.168.1.1
ftp.site-name.fr.          IN    A     192.168.1.1
mail.site-name.fr.         IN    A     192.168.1.1



The BIND server is configured, it is the end of the moment of pleasure, normally this should well take place !

DNS – Forwarding

The forwarding to GANDI for example, click on the Domain Name link, then on the Manage your zone file link, then choose the expert interface for personalized one DNS.

Syntax :

@ 3600 IN A 000.000.000.000
ftp 3600 IN A 000.000.000.000
www 3600 IN A 000.000.000.000


Warning : With an only IP address, the mail Server will not operate.


Related article about the subject

BIND Domain Name System - FreeBSD
BIND Domain Name System - Mac OSX Leopard
Configure Oracle VM VirtualBox for Arch Linux
DNS Resolving Hostname and hosts File - Apache name based hosting
Webmin - Server and System Administration

Author
Eric Douzet
Début de page
bl br
C-extra.com v. 1.2.0 © 2000-2014, all rights reserved  -  Updated April 12, 2014 Infologism.com