Resources:
Hostname
|
NAT
|
Host-only
|
Host-only
|
Role
|
rac5.example.com
|
1.0.9.5
|
1.0.1.5
|
1.0.2.5
|
Master
|
rac6.example.com
|
1.0.9.6
|
1.0.1.6
|
1.0.2.6
|
Slave
|
######### DNS Master Server configuration #############
yum install -y bind bind-libs bind-utils system-config-bind vim-*
system-config-bind # to generate configuration files just run one time
### Edit main DNS file "named.conf"
vim /etc/named.conf
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
};
zone "." IN {
type hint;
file "named.root";
};
zone "example.com." IN {
type master;
file "example.fwd";
allow-update { none; };
allow-transfer { 1.0.1.6; };
};
zone "1.0.1.in-addr.arpa." IN {
type master;
file "example.rev";
allow-update { none; };
allow-transfer { 1.0.1.6; };
};
include "/etc/rndc.key";
### Create "example.fwd" and "example.rev" files:
cd /var/named/
cp -v localdomain.zone example.fwd
cp -v named.local example.rev
vim /var/named/example.fwd
$TTL 86400
@ IN SOA rac5.example.com. root.rac5.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS rac5.example.com.
IN NS rac6.example.com.
rac5 IN A 1.0.1.5
rac6 IN A 1.0.1.6
rac5-vip IN A 1.0.1.11
rac2-vip IN A 1.0.1.12
rac-scan IN A 1.0.1.15
rac-scan IN A 1.0.1.16
rac-scan IN A 1.0.1.17
vim /var/named/example.rev
$TTL 86400
@ IN SOA rac5.example.com. root.rac5.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS rac5.example.com.
IN NS rac6.example.com.
5 IN PTR rac5.example.com.
6 IN PTR rac5.example.com.
11 IN PTR rac5-vip.example.com.
12 IN PTR rac6-vip.example.com.
15 IN PTR rac-scan.example.com.
16 IN PTR rac-scan.example.com.
17 IN PTR rac-scan.example.com.
### change chroot permission to "named" group
chgrp named /etc/named.conf
chgrp named /var/named/example.fwd
chgrp named /var/named/example.rev
### Test DNS configuration and zone files for any syntax errors
named-checkconf /etc/named.conf
named-checkzone example.com /var/named/example.fwd
named-checkzone example.com /var/named/example.rev
### Edit "/etc/sysconfig/network" file
vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=rac5.example.com
hostname rac5.example.com
########### Configure Slave DNS Server ##############
yum install -y bind bind-libs bind-utils system-config-bind vim
### Edit main DNS file "named.conf"
vim /var/named.conf
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
};
zone "." IN {
type hint;
file "named.root";
};
zone "example.com." IN {
type slave;
file "slaves/example.fwd";
allow-update { none; };
masters { 1.0.1.5; };
};
zone "1.0.1.in-addr.arpa." IN {
type slave;
file "slaves/example.rev";
allow-update { none; };
masters { 1.0.1.5; };
};
include "/etc/rndc.key";
- update serial number or add new record then restart named service in master & slave DNS server to force sync in both server
vim /var/named/example.fwd - add new record to forward zone
nas IN A 1.0.1.21
vim /var/named/example.rev - add new record to reverse zone
21 IN PTR nas.example.com
- restart DNS server in rac5, rac6
/etc/init.d/named restart
### Edit "/etc/sysconfig/network" file
vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=rac6.example.com
hostname rac6.example.com
### Adjust iptables to allow DNS server from outside of the network in rac5, rac6
vim /etc/sysconfig/iptables
-A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
/etc/init.d/iptables restart
### for fast reply add entries to "/etc/hosts" file in rac5, rac6
vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
# Public
1.0.9.5 rac5.example.com rac5
1.0.9.6 rac6.example.com rac6
# Private 1
1.0.1.5 rac5.example.com rac5
1.0.1.6 rac6.example.com rac6
# Private 2
1.0.2.5 rac5-priv.example.com rac5-priv
1.0.2.6 rac6-priv.example.com rac6-priv
# Virtual
1.0.1.11 rac5-vip.example.com rac5-vip
1.0.1.12 rac6-vip.example.com rac6-vip
# SCAN
1.0.1.15 rac-scan.example.com rac-scan
1.0.1.16 rac-scan.example.com rac-scan
1.0.1.17 rac-scan.example.com rac-scan
### Edit "/etc/resolv.conf" file in clients in rac5, rac6
vim /etc/resolv.conf
nameserver 1.0.1.5
nameserver 1.0.1.6
nameserver 8.8.8.8
search example.com
### Network Additions for DNS Server in rac5, rac6
vim /etc/sysconfig/network-scripts/ifcfg-eth0 >> PEERDNS=no
vim /etc/sysconfig/network-scripts/ifcfg-eth1 >> PEERDNS=no
vim /etc/sysconfig/network-scripts/ifcfg-eth2 >> PEERDNS=no
### Start DNS Server in rac5, rac6
chkconfig named on
/etc/init.d/named restart
### Verify DNS Server working in rac5, rac6
dig rac5.example.com
dig rac6.example.com
dig -x 1.0.1.5
dig -x 1.0.1.6
nslookup rac5
nslookup rac6
nslookup rac5-vip
nslookup rac6-vip
nslookup rac-scan
BIND DNS Master & Slave installation and configuration - part 1/2
BIND DNS Master & Slave installation and configuration - part 2/2
Install and Configure Secondary (Master) BIND DNS Server - RHEL 6
Install and Configure Secondary (Slave) BIND DNS Server - RHEL 6
Install and Configure Caching Only BIND DNS Server - RHEL 6
No comments:
Post a Comment