Nasser Heidari

2008-11-09

Bind 9 Configuration

Filed under: Linux — Nasser Heidari @ 19:40

After installing bind , now it’s time to configure it :

# rndc-confgen -a -c /etc/namedb/rndc.conf -k rndc-key -b 256

# cat /etc/namedb/rndc.conf
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};

key "rndc-key" {
algorithm hmac-md5;
secret "nqA/Qb5tdgT5sOZdbFP5n9zwL98aQ3Z30MAcEXKAa70=";
};

# cp /etc/namedb/named.conf /etc/namedb/named.conf.bak

# cat > /etc/namedb/named.conf 

options {
directory "/etc/namedb";
pid-file "/var/run/named.pid";
allow-query { any; };
};

logging {
channel systemlog {
file "log/named.log";
severity debug;
print-time yes;
};
channel audit_log {
file "log/security.log";
severity debug;
print-time yes;
};
channel xfer_log {
file "log/xfer.log";
severity debug;
print-time yes;
};
category default { systemlog; };
category security { audit_log; systemlog; };
category config { systemlog; };
category xfer-in { xfer_log; };
category xfer-out { xfer_log; };
category notify { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};

zone "." {
type hint;
file "named.root";
};

zone "localhost" {
type master;
file "localhost.zone";
};

zone "1.0.0.127.in-addr.arpa" {
type master;
file "127.0.0.1.zone";
};

controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};

key "rndc-key" {
algorithm hmac-md5;
secret "nqA/Qb5tdgT5sOZdbFP5n9zwL98aQ3Z30MAcEXKAa70=";
};

# cd /etc/namedb/

# wget ftp://ftp.internic.net/domain/named.root

it’s time to edit /etc/rc.conf and add line's below to make sure BIND will start at reboot.
named_enable="YES"
named_program="/usr/local/sbin/named"
named_flags="-c /etc/namedb/named.conf"
named_pidfile="/var/run/named.pid"

and now you can start bind :

# /etc/rc.d/named start

*** Make sure you check the log files after starting named, to make sure it works without any problem .

------

if you want to host your own domain, you need to add the domain in named.conf, and create the zone file in /etc/namedb. The entry in your named config may look like this:

zone "nasser.net" {
type master;
file "nasser.net";
};

after this step , we need to create a file for this zone :

# cat > /etc/namedb/nasser.net

$ORIGIN .
$TTL 43200       ; 12 hours
@               IN               SOA               ns.nasser.net. info.nasser.net. (
2008110901               ; serial
28400                          ; refresh
14400                          ; retry
3600000                     ; expire
86400                          ; minimum
)
NS      ns.nasser.net.
@               IN               A               192.168.1.1
ns              IN               A               192.168.1.2

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: