Wednesday, December 2, 2009

Redhat 9 Domain Name System for Begginer

Redhat 9 Domain Name System for Begginer
----------------------------------------

alhamdulillah,first i wanna thanks god for life today,because i felt happy this morning,my girls sent me message, wow that's great for beggining my day.ok in this chance i wanna share about Domain System On Redhat 9 system,actually there are many pacth object on my redhat system that i must be update, but that's just virtual,i dont need to worry about the intruder and hacker or whatever :D but if your redhat system used as server and connect to the internet directly that's your duty as a system administrator to update them all.it's my new project, and insya Allah i will make a simple script from C to make easier in configuring bind, but i have'nt finished that yet. ok go ahead .. check your bind's packages and if you install the redhat system in server packages mode,the meaning that bind has been installed in your system. do the command bellow :



login as root :

#rpm -qa || grep bind

and if nothing install with the command bellow :
( i use the bind software and the bind utility software on redhat's 1st cd )
load cd into your cd drive or cd image if you use the virtualization

#mount /mnt/cdrom
#cd /mnt/cdrom/Redhat/RPMS | ls -al | grep bind
#rpm -ivh bind-9.2.1-16.i386.rpm
#rpm -ivh bind-utils-9.2.1-16.i386.rpm

after everything has been installed.then you need to configure of that.

note :

we will work with some files bellow :

/etc/named.conf ( that's your main configuration files)
/var/named/yourdomain.com/*.db ( path of both forward and reverse lookup zones of yours )
( dont forget to make "yourdomain.com" folder with 775 permision with named as owner )

contain of my named.conf

zone "yourdomain.com" {
type master;
file "yourdomain.com/yourdomain.com.zone";
allow-update { none; };
};
zone "1.134.202.in-addr.arpa" {
type master;
file "taz-it.org/1.134.202.in-addr.arpa";
allow-update { none; };
};

include "/etc/rndc.key";



contain of my forward lookup zone :

$TTL 86400
$ORIGIN yourdomain.com.
@ IN SOA ns.yourdomain.com. support.yourdomain.com. (
2009120108 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

IN NS ns.yourdomain.com.
IN MX 10 mail.yourdomain.com.

IN A 202.134.1.1

ns IN A 202.134.1.1

www IN CNAME ns

contains of my reverse lookup zone :

$TTL 86400
$ORIGIN 1.134.202.in-addr.arpa.
@ IN SOA ns.yourdomain.com. support.yourdomain.com. (
2009120108 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

IN NS ns.yourdomain.com.

1 IN PTR ns.yourdomain.com.

after you have finisihed all task above, you just need to restart the bind services,but dont forget.to
allow permition all request from outside to access your named's services, as default redhat are blocked
tcp and udp to port 53 from outside so we have to allow all, if we want to serve access to other with
these command bellow :

#iptables -I INPUT -p tcp --dport 53 -j ACCEPT
#iptables -I INPUT -p udp --dport 53 -j ACCEPT

and dont forget to save our iptables's configuration :

#iptables-save > /usr/local/etc/iptables-boot-up.script

we have make and generate the iptables configuration into the file and we will be parsing that when system
boot up. and we need to restore the iptables's configuration and replace the default configuration with
our configuration in the files that saved before :

#iptables-restore < /usr/local/etc/iptables-boot-up.script

but,if you wanna run the command above automatically when your system boot up. you need to put the command
above in /etc/rc.local with the command bellow :

#echo "iptables-restore < /usr/local/etc/iptables-boot-up.script" > /etc/rc.local

or you can edit manually with your favorite editor ex : vi,pico,vim

let's start the service :

#/etc/init.d/named start

but the services just can run if we perform the command above, ok use the command bellow in order the named
services can run automatically on startup :

#chkconfig named on

now you just need to check with nslookup command :

#nslookup

> set type=any
> taz-it.org
Server: ns.yourdomain.com
Address: 202.134.1.1

yourdomain.com
primary name server = ns.yourdomain.com
responsible mail addr = support.yourdomain.com
serial = 2009120108
refresh = 10800 (3 hours)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
yourdomain.com nameserver = ns.yourdomain.com
yourdomain.com MX preference = 10, mail exchanger = main.yourdomain.com
yourdomain.com internet address = 202.134.1.1
ns.yourdomain.com internet address = 202.134.1.1
>

ok, i hope this short article will be benefical for you. in a next opportunity i'll tell you how to make
secondary dns and advance configuration.
Posted By : at

2 comments:

Subscribe to: Post Comments (Atom)