Redhat Linux DNS

 


Configuration

     

  1. Set up /etc/rndc.conf
  2. rndc uses port 953 to communicate with named; for authentication, it uses cryptographic keys to digitally sign commands before sending them over the network. The default configuration file is /etc/rndc.conf.

    The only authentication mechanism currently supported is HMAC-MD5. To generate a key run:

    dnssec-keygen -a hmac-md5 -b 128 -n user rndc
    A file with a suffix of *.private is generated. Inside there is a key. Use that for the "secret" parameter in the /etc/rndc.conf and /etc/named.conf files.

    Here is /etc/rndc.conf from www.setgetweb.com

     

  3. Configure /etc/named.conf
    1. named.conf on www.setgetweb.com

     

  4. Configure Zone files
  5. Zone files generally reside under /var/named. Your file will probably be called something like hostname.com.zone

     

  6. Start named
  7. Start named either by running:

    /etc/init.d/named start

    or

    /usr/sbin/named

    Log messages can be found under /tmp

     

  8. Test your setup
  9. Traditionally nslookup has been used to test DNS. These days dig is also recommended.

    $ dig @www.setgetweb.com host5.domain.com A +norec

     

  10. Configure the Resolver
  11. Verify /etc/resolv.conf has something like the following.

    search domain.com
    nameserver 127.0.0.1

    The `nameserver' line specifies the address of your nameserver, in this case your own machine since that is where your named runs (127.0.0.1 is right, no matter if your machine has another address too). If you want to list several name servers put in one `nameserver' line for each.

    The `search' line specifies what domains should be searched for any host names you want to connect to. If a client tries to look up hostname, then hostname.domain.com is tried.

    Note that named never reads this file, the resolver that uses named does. Also note that in some resolv.conf files you find a line saying "domain". That's fine, but don't use both "search" and "domain", only one of them will work).

     

  12. Verify DNS is turned on
  13. In /etc/nsswitch.conf you should have a line reading something like:

    hosts: files dns


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


audio = true; //$MTC->notify = 'michael.pareene@gmail.com'; $MTC->init('my page'); ?>

There are currently comment_count();?> comments