Bind Server
Mar 25, 2018 18:37 · 529 words · 3 minute read
Bind Server Setup with Slave
Install bind
yum update -y; yum install bind bind-utils -y
First we’ll have to modify our named.conf file. In the example below I have
placed ‘##’ to indicate lines that should change. 2.2.2.2 is the IP address of
the second droplet. Open up /etc/named.conf
options {
##listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
##allow-query { any; };
##allow-transfer { localhost; 2.2.2.2; };
##recursion no;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
Add the following to named.conf
below the existing zones:
zone "mydomain.com" IN {
type master;
file "mydomain.com.zone";
allow-update { none; };
};
Now we can create our first zone file. Use the following as a template for
/var/named/mydomain.com.zone
:
$TTL 300
@ IN SOA ns1.mydomain.com. root.mydomain.com. (
2013042201 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
; Specify our two nameservers
IN NS ns1.mydomain.com.
IN NS ns2.mydomain.com.
; Resolve nameserver hostnames to IP, replace with your two droplet IP addresses.
ns1 IN A 1.1.1.1
ns2 IN A 2.2.2.2
; Define hostname -> IP pairs which you wish to resolve
@ IN A 3.3.3.3
www IN A 3.3.3.3
Make sure that you actually change the IP addresses to the your IP Addresses. Now you can start the service as well as make sure that it is enabled as a startup service
service named restart; chkconfig named on
That will take a bit of time to complete while bind generates the rndc.key file After it is done you can confirm that everything is working by issuing the following command from your local computer
dig @1.1.1.1 mydomain.com
Secondary Nameserver Setup
Start off by updating and installing bind
$ yum update -y; yum -y install bind bind-utils
Now we need to configure our /etc/named.conf
, again I use ‘##’ to indicate
lines that will need to change. The only difference from the primary name
server is we omit the “Allow transfer”:
options {
##listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
##allow-query { any; };
##recursion no;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
We will also add our zone to /etc/named.conf
below the existing zones except
it will be set up as a slave. Make sure that you point it to the correct IP
address.
zone "mydomain.com" IN {
type slave;
masters { 104.236.41.201; };
file "mydomain.com.zone";
};
Now we start the server as well as make sure that the service is set to run on startup
service named start; chkconfig named on
After any changes you make to the master zone files, you will need to instruct Bind to reload. Remember, you must also increment the “serial” directive to ensure synchronicity between the master and slave. Serial can be any number but a common theme is to use current date followed by 2 digit placeholder for the day. For example, 2014110504 would mean Nov 5, 2014 and it’s the 4th time it’s been edited.
rndc reload