REDHAT 7.2 DNS Server - Need Help Please 2

[mugs82]

Okay - I just installed REDHAT 7.2 with the intent of making it a Primary Nameserver for my domain (metzleresq.com). The installation went fine and I used the BIND configuration tool to add host records. Unfortunately, I seemed to have skipped a step or something because the server is not resolving names.

I've looked online and read a bunch of stuff about editing the named.conf file but REDHAT says to not do that in v7.2. So how do I get this thing running? I apologize for being so obtuse. Your help would be greatly appreciated.

 

[ifincham]

Hi,

Did you do the rndc setup ? Redhat 7.x startup scripts for BIND seem to assume use of rndc which is a secure control channel running on port 953 that uses crytographic keys for authenticity checking.

What you have to do is generate a key with the command 'dnssec-keygen' and then copy the value of that key from the keygen file to both /etc/named.conf and to /etc/rndc.conf . The details are given in -->

http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/s1-bind-rndc.html

Once you have that setup, the normal start/stop stuff should work and its a matter of editing the zone file for the domain. What you would have is a block in /etc/named.conf that points to the separate zone file which itself is in /var/named . Maybe what it means about not editing /etc/named.conf is not to put all the zone details in /etc/named.conf itself.

You can restart with :

# /usr/sbin/rndc reload

Also, you'd need to allow port 53 through the lokkit firewall before any external resolution will work. You can test locally with dig - for example :

$ dig @localhost

http://www.whatever.com

$ dig @localhost whatever.com NS
$ dig @localhost whatever.com MX
etc.

Hope this helps

 

[Nostradamus]

First of all. There's one book on the market that's of special interest. O'reillys "Dns and Bind". BUY IT!

Hard to know what your problem is.

Don't edit the named.conf they say?
sounds very strange. Do they say that because they want you to use some tool?

This is an example of a named.conf.

options {

directory "/var/named";
forwarders {
10.11.12.13;
10.10.10.10;
};
forward only;
};

zone "." {
type hint;
file "db.root";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "db.127.0.0";

zone "localhost" {
type master;
file "db.localhost";
};

zone "metzleresq.com" {
type master;
file "db.metzleresq.com";
};

zone "168.192.in-addr.arpa" {
type master;
file "db.192.168";
};
};


In db.metzleresq.com (/var/named) you should see something like this...

$TTL 86400
@ IN SOA nameserver.metzleresq.com. postmaster.liv.se
2002031901 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL

IN NS nameserver.metzleresq.com.
IN NS dns6.telia.com.

metzleresq.com. IN MX 5 mailserver.metzleresq.com.

nameserver IN A 192.168.0.5
mailserver IN A 192.168.1.54
another IN A 192.168.0.123
whatever IN A 192.168.0.23

This is under the circumstances that you have a 192.168 net and that the db-files are called what I've stated above.
Just some examples anyway.

Do you have you named process running?
do...
ps -ef | grep named
and see what happens.
if not... start it and add it to your startup-scripts.

Have you looked into the nslookup tool ?
read the manual pages (man nslookup) for it and start testing your setup.

Just some thoughts, examples. /Sören

 

[mugs82]

Thank you very much for your advice. Your tips were very helpful and I also got the Oreilly's book. It is a great help.