1. Skip to Menu
  2. Skip to Content
  3. Skip to Footer>
Thursday May 2nd     12:33 PM PDT                                  

Configuring DNS Server Part 2

Written by Greg King Saturday, 04 July 2009 18:28

We intentionally made this a two-article topic because most of the readers will not be able to run a true dns server.  If you are using cable modem or dsl, chances are pretty good that your provider is  'blocking ports' which prevent you from acting as a server on the internet.   However, we are going to proceed in any event with you knowing that while some of this stuff works great for you, calling your buddy to get his opinion may fail if you are using a consumer type broadband service.

 

In this article, we are going to configure our DNS to resolve for the network (or even the internet).  We are going to set up a master zone file for our domain.  We are going to set up the MX record for our domain, and then add two A records to help us when we get into the web server configuration.

For example purposes, we will use ourdomain.com as our domain,  www.ourdomain.com is our first website, www2.ourdomain.com is our second website. The freebsd server is called mail.ourdomain.com and resides on the ip address 192.168.1.100.

 Configure DNS to resolve for your network

In the first part of our DNS article, we created a cache only name server.  Let's expand that a little bit by getting it to act as a name server for the network.  If you are on a consumer type broadband service, this dns server can work for you on your internal network using your NAT addresses provided by your router.  I will not delve into those details as it is beyond the scope of what this article is about.   Don't worry about that for now, just play along like you understand!

Let's start by renaming our existing named.conf file to another file. (has alot of useful but unwanted information in it out of the box).

# mv /var/named/etc/namedb/named.conf named.conf.old

Then create a new file with

# nano /var/named/etc/namedb/named.conf

copy and paste the following into the nano edit screen

______________________________ Copy from below here

// $FreeBSD: src/etc/namedb/named.conf,v 1.26.2.2.2.1 2008/11/25 02:59:29 kensmith Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//


// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.
options {
        // Relative to the chroot directory, if any
        directory       "/etc/namedb";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";

         allow-recursion {192.168.1.0/24;};

         listen-on       { 192.168.1.100;};
};

zone "." {
        type hint;
        file "named.root";
};
zone "1.168.192.IN-ADDR.ARPA" {
        type master;
        file "master/localblock.rev";
};
zone "localhost"        { type master; file "master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "master/empty.db"; };

zone "ourdomain.com" {
        type master;
        file "master/ourdomain.com";            
};

------------------------------------------------------------- copy to above this line

 save the file.

Ok, now let's fix our local dns server because we just broke it when changing the listen statement above.

# nano /etc/resolv.conf

change the 127.0.0.1 to 

192.168.1.100

and save the file.

DNS is a little tricky sometimes.  If the dns request can not resolve the ip address of the dns server, it refuses to use it.  So, we have to make our ip address resolve to a name.  We accomplish this by using a reverse look up zone.  We defined it already in part of that big cut/paste we just did.  Now we need to create the file we told it to use.

# nano /var/named/etc/namedb/master/localblock.rev

paste the follwing into that screen:

$TTL    86400
@               IN SOA          ourdomain.com. root.ourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D)     ; minimum
@                IN NS            ns1.ourdomain.com.
100              IN PTR         mail.ourdomain.com.

Save the file.

Now finally, we want to create our the file for our domain that we included in the zone configuration above.

# nano /var/named/etc/namedb/master/ourdomain.com

copy the following and paste it into the nano screen:

$TTL 3600        ; 1 hour default TTL
ourdomain.com.    IN      SOA      ns1.ourdomain.com. root.ourdomain.com. (
                                2009070401      ; Serial
                                10800           ; Refresh
                                3600            ; Retry
                                604800          ; Expire
                                300             ; Negative Reponse TTL
                        )
; DNS Servers
                IN      NS      mail.ourdomain.com.
; MX Records
                IN      MX 10   mail.ourdomain.com.
; Machine/Service Names
ns               IN      A       192.168.1.100
ns1             IN      A       192.168.1.100
mx              IN      A       192.168.1.100
mail           IN      A       192.168.1.100
www          IN      A       192.168.1.100
www2        IN      A       192.168.1.100
 

Save the file.

Now restart the dsn server with:

# rndc reload

check to make sure there are no errors:

# tail -f /var/log/messages

if all is well, there should be no errors at the end of that report. (Hit CTRL-C to get back to your prompt).

Let's test it out locally first!

# nslookup www.xerox.com 

Should output something like this:

Server:         192.168.1.100

Address:        192.168.1.100#53

Non-authoritative answer:
www.xerox.com   canonical name = www.xerox.com.edgekey.net.
www.xerox.com.edgekey.net       canonical name = e82.c.akamaiedge.net.
Name:   e82.c.akamaiedge.net
Address: 69.192.32.108

Notice the first two lines show our IP address which is what we expected to see.  Our server is now responding correctly.

if you notice, we included the MX 10 record, and an A record for our www.ourdomain.com and www2.ourdomain.com as we said we would at the beginning of this article. Let's verify it works.

# nslookup www.ourdomain.com

should output this:                                                 

Server:         192.168.1.100

Address:        192.168.1.100#53

Name:   www.ourdomain.com

Address: 192.168.1.100

Likewise, 

# nslookup www2.ourdomain.com

should output this:

Server:         192.168.1.100

Address:        192.168.1.100#53

Name:   www2.ourdomain.com
Address: 192.168.1.100
 

Our work is complete on setting up DNS on FreeBSD.  You can now use this dns server from your network as well.  Point your other systems to this box for dns and as long as they are in the network range we put for the allow-recursion way up top, our freebsd dns server should assist them.

You may have to reboot your other systems to get it to work though as some operating systems cache alot of dns lookups.

That's all for this article!

  FreeBSD Configuration
eXTReMe Tracker
Content View Hits : 404990