A DNS server, or name server, is used to resolve an IP address
to a hostname or vice versa.
You can set up four different types of DNS servers:
You can set up four different types of DNS servers:
·
A master DNS server for your domain(s), which stores authoritative records for
your domain.
·
A slave DNS server, which relies on a master DNS server
for data.
·
A caching-only DNS server, which stores recent requests
like a proxy server. It otherwise refers to other DNS servers.
·
A forwarding-only DNS server, which refers all requests to other DNS
servers.
Before configuring BIND to create a DNS server, you must
understand some basic DNS concepts.
The entire hostname with its domain such as server.example.com is called a fully qualified domain
name (FQDN). The right-most part of the FQDN such as .com or .net is called the top
level domain, with
the remaining parts of the FQDN, which are separated by periods, being
sub-domains.
These sub-domains are used to divide FQDNs into zones, with the
DNS information for each zone being maintained by at least oneauthoritative name server.
The authoritative server that contains the master zone file,
which can be modified to update DNS information about the zone, is called the primary
master server, or
just master server.
The additional name servers for the zone are called secondary
servers or slave
servers. Secondary
servers retrieve information about the zone through a zone transfer from the
master server or from another secondary server. DNS information about a zone is
never modified directly on the secondary server
chroot features
chroot feature is run named as user named,
and it also limit the files named can see. When installed, named is fooled into thinking that the
directory /var/named/chroot is actually the root
or / directory.
Therefore, named files normally found in the /etc directory are found in /var/named/chroot/etc directory instead, and those you would
expect to find in /var/named are actually located in/var/named/chroot/var/named.
The advantage of the chroot feature is that if a hacker enters
your system via a BIND exploit, the hacker's access to the rest of your system
is isolated to the files under the chroot directory and nothing else. This type
of security is also known as a chroot jail.
Configure dns server
In this example we will configure a dns server and will test
from client side.
For this example we are using three systems one linux server one
linux clients and one window clients.
bind and caching-nameserver rpm is required to configure dns.
check them for install if not found install them.
set hostname to server.example.com and ip address to 192.168.0.254
set hostname to server.example.com and ip address to 192.168.0.254
main configuration file
for dns server is named.conf. By default this file is not created
in /var/named/chroot/etc/ directory.
Instead of named.conf a sample file /var/named/chroot/etc/named.caching-nameserver.conf is
created. This file is use to make a caching only name server. You can also do
editing in this file after changing its name
to named.conf to configure master dns server or you can manually create a new named.conf file.
to named.conf to configure master dns server or you can manually create a new named.conf file.
No comments:
Post a Comment