DNS (bind)


Install DNS

Retrieve bind from http://www.isc.org/software/bind/ Use the latest 9.7 release.

We split bind into the following directory structure to keep the configuration and log files seperate from the software package:
  • /opt/services/named/bind-<version> this is where the bins, libs, ... go
  • /opt/services/named/[etc, var, ...] this is where our configurations go
and make the symlink
  • /opt/services/named/named -> bind-<version>
I cannot make /opt/service/bind and /opt/service/bind-local like we do with other packages because we run bind with the -t flag which puts it in chroot mode. So I need everything in one directory.

I don't yet know how to setup the name server on the infrastructure nodes. The compute nodes will probably only use the infrastructure nodes as a name server and that nameserver doesn't need to know anything outside the cluster. The infrastructure nodes will need access to a nameserver with root zones. I doubt it will have any slave zones as that would require the USNO folk to change their name servers.

In order to resolve the cluster nodes like "node1", the local DNS server will have to be first in /etc/resolv.conf otherwise some other server will return an NXDOMAIN and the host will stop looking at that point. However, if the local DNS server is first in /etc/resolv.conf then it had better be able to resolve other hosts via forwarding or caching otherwise there will be a few second timeout for each name resolution which will make everything very slow. Since I don't know if the server will be able to get out to root nameservers I had better configure it to forward requests to some usno nameserver. This will be a difference between our cluster and the usno cluster as each nameserver will forward to a different local nameserver.

  • Root zone
    • Caching if the inf nodes are allowed to reach the root nameservers (e.g. a.root-servers.net)
    • Forwarding if the inf nodes are not allowed to reach to root nameservers. I will need to know what nameserver, probably an existing usno server, to use as the desitation of the forward.

  • Cluster zone
    • Master if there will be a namespace for just the cluster then the inf servers can be masters for that zone.
    • Slave if the namespace for the cluster will be shared with other non-cluster names then the inf servers can be a slave for that zone. *

Retrieve BIND-9.7.x from http://www.isc.org/software/bind/ and save it in /tmp/root

Set a variable for the version of bind to use
VERSION="9.7.6-P1"

Compile
mkdir -p /opt/services/named/bind-${VERSION}
mkdir /tmp/root
cd /tmp/root
tar xfvz bind-${VERSION}.tar.gz
cd bind-${VERSION}
./configure --disable-openssl-version-check --prefix=/opt/services/named/bind-${VERSION} --sysconfdir=/etc --localstatedir=/var --disable-ipv6 --with-openssl=yes
make

Install
This shouldn't overwrite anything important in etc or var. In fact it usually just makes a new etc/bind.keys file which is rarley different then the previous version.
make install -e sysconfdir=/opt/services/named/etc -e localstatedir=/opt/services/named/var

Final touches
(cd /opt/services/named ; ln -s bind-${VERSION} named)

mkdir /opt/services/named/dev
mknod /opt/services/named/dev/null c 1 3
mknod /opt/services/named/dev/random c 1 8
mknod /opt/services/named/dev/zero c 1 5

mkdir -p /opt/services/named/var/run /opt/services/named/var/log
mkdir /opt/services/named/master
mkdir /opt/services/named/slave

chown -R named.named /opt/services/named/var /opt/services/named/master /opt/services/named/slave

Create rndc.conf
ln -s /opt/services/named/etc/rndc.key /etc
/opt/services/named/named/sbin/rndc-confgen -a -c /opt/services/named/etc/rndc.key -r keyboard
Now randomly type on the keyboard until it tells you to stop.
chown -R named.named /opt/services/named/etc/rndc.key


Configure DNS

Create loopback zone
Save attached loopback file for DNS as /opt/services/named/master/127.0.0

Create reverse zone
Save the attached reverse file for DNS as /opt/services/named/master/10.1.34

Create reverse zone
Save the attached reverse file for DNS as /opt/services/named/master/10.1.35

Create forward zone
Save the attached forward file for DNS as /opt/services/named/master/usno.nrao.edu

Create root zone file
download named.cache and save it as /opt/services/named/etc/named.cache
This is really only necessary if the inf servers will be able to reach root name servers. I am assuming they won't.

Create startup script
Save the attached named startup script as /opt/services/named/etc/nrao-named
chmod 755 /opt/services/named/etc/nrao-named
(cd /etc/init.d ; ln -s /opt/services/named/etc/nrao-named)
chkconfig --add nrao-named

Create config file
Save the attached named configuration file as /opt/services/named/etc/named.conf
edit /opt/services/named/etc/named.conf
set the forwarders to a nameserver that can reach root zones. e.g.
forwarders { 146.88.1.4; 8.8.8.8; };

Configure resolv.conf
Production cluster usno-serv-1
cat > /etc/resolv.conf << EOM
domain usno.nrao.edu
search usno.nrao.edu aoc.nrao.edu
nameserver 127.0.0.1
nameserver 146.88.1.4
nameserver 8.8.8.8
EOM
Production cluster usno-serv-2
cat > /etc/resolv.conf << EOM
domain usno.nrao.edu
search usno.nrao.edu aoc.nrao.edu
nameserver 10.1.34.2
nameserver 146.88.1.4
nameserver 8.8.8.8
EOM
Test cluster usno-serv-1
cat > /etc/resolv.conf << EOM
domain usno.nrao.edu
search usno.nrao.edu aoc.nrao.edu
nameserver 127.0.0.1
nameserver 146.88.1.14
EOM
Test cluster usno-serv-2
cat > /etc/resolv.conf << EOM
domain usno.nrao.edu
search usno.nrao.edu aoc.nrao.edu
nameserver 10.64.1.31
nameserver 146.88.1.14
EOM


Start

Start
/etc/init.d/nrao-named start


Topic attachments
I Attachment Action Size Date Who Comment
10.1.3434 10.1.34 manage 2 K 2014-03-05 - 15:20 KScottRowe reverse file for DNS
10.1.3535 10.1.35 manage 2 K 2012-08-27 - 15:20 KScottRowe reverse file for DNS for 10.1.35
127.0.00 127.0.0 manage 474 bytes 2012-06-29 - 11:06 KScottRowe loopback file for DNS
named.confconf named.conf manage 3 K 2012-08-27 - 15:24 KScottRowe named configuration file
nrao-namedEXT nrao-named manage 3 K 2012-07-19 - 10:43 KScottRowe named startup script
usno.nrao.eduedu usno.nrao.edu manage 4 K 2014-03-05 - 15:20 KScottRowe forward file for DNS
Topic revision: r21 - 2015-08-04, KScottRowe
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding NRAO Public Wiki? Send feedback