August, 1996

How I configured named on Mercury (aka planet.org)

This is (after all the hard work) rather simple, as it's a simple setup at the
moment.

The aim was to get DNS running on mercury so that it could serve the other
hosts on the clan partnership local net (192.168.1.0) with name
resolution.

First steps..
#############

The first thing to do is to get a stable running version of the named
binary (this will save you ALOT of time and debugging at later stages).

Also, read (buy/loan) the O'Reilly DNS & Bind book first, to get an
overall picture, or get the faqs from the Net (do a search on Yahoo should
suffice)

If you have a Lasermoon Linux CD distribution, opt for RedHat, as the
starting & stopping of the named and other network services are very
Solaris 2.5 like, rather than Slackware 3.2 (this may be different with
different releases of Slackware & distributions of Linux.)

Starting named..
################

If you are using Slackware,(used on mercury)

$ /usr/sbin/named (to start)
$ ps -ax | grep named
$ kill <pid> (to stop)

If you are using RedHat,Create a sym link like so.

$ cd /etc
$ ln -s rc.d/init.d init.d

This will enable you to mimic solaris's structure (and its also much
easier to start & stop services!)

$ /etc/init.d/named.init {stop|start}

Before you can start named, you will need to configure the files for the
domain you wish named/DNS to serve.

In our case, we were already using the FQDM 'planet.org', so it
makes sense to setup dns to act as a server for the domain
'planet.org'.

When named starts, it looks for the file /etc/named.boot ( named.conf in Bind8/9), which is
configured like so.

;
; boot file for name server
;
directory /var/named

; type domain source host/file backup file

cache . named.root
primary planet.orghippos.pz
primary 0.0.127.IN-ADDR.ARPA0.0.127.in-addr.arpa.db
primary 1.168.192.IN-ADDR.ARPA 1.168.192.in-addr.arpa.db

Each field in ALL named files must be TAB or SPACE delimited, not both,
otherwise named moans like hell when you start/reload it.

If you're setting up named for a unique domainname (e.g. planet.co.uk) it's a good
idea to call your main nameserver host ns0.planet.co.uk and call the that the machine
it is sitting on something meaningful like server or mercury, so that you have the
top level domain 'planet.co.uk' with the hostname ns0 as primary name server.

You will need to put the config files for named in /var/named, which is pretty
generic, unless you know that your domain will server other domainnames which could
grow quite large, then you might want to put them on a seperate partition and mount
it on /var.

Once you have deceided where you want to put these files, you'll need to create the
following files in /var/named (or where ever you put them) and list them with the
correct filenames in /etc/named.boot.


1.A primary zones file which is effectively your hosts file plus the
fqdm (host.domainname.co.uk) which you can call 'domain.db',
'domain.pz' (pz = primary zone) or the FQDM.db. Whatever makes
sense, this will list all host to IP addresses on your domain.
==================
hippos.pz
==================

@ IN SOA planet.org. daniel.planet.org. (
96082506 ; serial
3600; Refresh after 1 hours
600; Retry after 10 mins
3600000 ; Expire after 1000 hours
7200; Maximum time-to-live: 2hr
)

; define name servers
; domaininternetnameserverhost name

planet.org. IN NS mercury.planet.org.

; Internal Stuff
localhost.planet.org. IN A 127.0.0.1
jupiter.planet.org. IN A 192.168.1.100
venus.planet.org. IN A 192.168.1.101
mercury.planet.org. IN A 192.168.1.104
pluto.planet.org. IN A 192.168.1.105
sol.planet.org. IN A 192.168.1.106
uranus.planet.org. IN A 192.168.1.107
neptune.planet.org. IN A 192.168.1.108

2.A reverse lookups file which contains the reverse of (1), listing
all IP to hostname addresses on your domain.

If you know the network address of your lan (in our case
192.168.1.0), reverse the numbers, replace the 0 with
.in-addr.arpa.db, which becomes:

=========================================
1.168.192.in-addr.arpa.db
========================================
@ IN SOA planet.org. daniel.planet.org. (
96082507; serial
3600; Refresh after 1 hours
600; Retry after 10 mins
3600000 ; Expire after 1000 hours
7200; Maximum time-to-live: 2hr
)



; define name servers
; domaininternetnameserverhost name

planet.org IN NS mercury.planet.org.

; Internal Stuff

100.1.168.192.in-addr.arpa.IN PTR jupiter.planet.org.
101.1.168.192.in-addr.arpa.IN PTR venus.planet.org.
104.1.168.192.in-addr.arpa.IN PTR mercury.planet.org.
105.1.168.192.in-addr.arpa.IN PTR pluto.planet.org.
106.1.168.192.in-addr.arpa.IN PTR sol.planet.org.
107.1.168.192.in-addr.arpa.IN PTR uranus.planet.org.
108.1.168.192.in-addr.arpa.IN PTR neptune.planet.org.

3. Reverse loopback interface loookups.

; /var/named/named.local: reverse mapping of 127.0.0
; origin is 0.0.127.in-addr.arpa. (see named.boot) - named.conf in bind8/9
;

@ IN SOA planet.org. justin.planet.org. (
96082506; serial
360000 ; refresh:100 hours
3600; retry:1 hour
3600000 ; expire:42 days (approx)
360000 ); minimum:100 hours

;
0.0.127.in-addr.arpa. IN NS mercury.planet.org.
1.0.0.127.in-addr.arpa. IN PTR localhost.

Whenever you make any significant changes to any of these 3 files, in
order for named to update itself next time you restart/reload it, you need
to increase the serial number of the files that you cange.

Also you must make sure that all the files, the nameserver (IN) & A/NS
record addresses tie up, so if we wanted mercury to be name server for
planet.org, we have to make sure that the entry in all the files
is the same, like so.

; domain name internetNameserverhost name
planet.org IN NS mercury.planet.org

You can change this for any other domain name.

The SOA is a rather important feature.

@ IN SOA planet.org.justin.planet.org. (
96082506 ; serial
360000 ; refresh: 100 hours
3600 ; retry: 1 hour
3600000 ; expire: 42 days (approx)
360000 ) ; TTL: 100 hours

It tells anyone outside your network (the internet) who the network/dns is
authoritive to. The first bit

@ IN SOA planet.org.

is saying that 'for the domain planet.org.', i want 'user.planet.org'
to be respobsible for it. (it's just a quickie to say email user@planet.org'
if I want to update my named tables.)

4.Caching named server.

In order for you to do lookups when your connection to the internet is not up, you
will neeed setup named to produce answers from a cache.

Setting this up is easier than it seems. In your /etc/named.boot file there is an
entry that reads,

cache .root.cache (or sometimes called named.root)
I go along with the former, as it speaks for itself. Make sure that you have this
file along with all the others, otherwise you might run into problems at a later
stage. This file contains a list of all the caching name servers on the net that
Internic knows about. (I wont list it here at it's a touch on the long side.)

To get an up-to-date named.cache file, connect to the net and type:

$ dig . @rs.internic.net > named.cache.new

You can then copy it as named.cache

That's just about it, for the setup of the name server. When you have started your
name server (started named) look at /var/adm/messages for any potential problems with
named.

$ tail /var/adm/named - will produce a debug list that will inform you of any
problems that named had when starting.

Common mistakes. (yes, that I made!)

1.Check your spacing between fields in your named files, use either TABS or
spaces, not both! Named will moan like hell

2. Check that all the serial numbers match up in all the named files (with exception
to named.root)

In order to use your name server, you will need to setup the /etc/resolv.conf file
on the machine running named to say what nameserver to look at when you want to use
dig/nslookup.

Here is the one that is on mercury.

================
/etc/resolv.conf
================

domain planet.org
search planet.org
nameserver 192.168.1.104 # mercury
nameserver 192.168.1.100 # jupiter, backup secondary

This file is configured with the domain set to planet.org because the machines
fully qualified domain name 'planet.org' is part of the demon network. So
when you run nslookup in interactive mode, and type 'hostname' at the '>' prompt,
named will look for 'hostname' as a host on demons network.

The order in which you list more than one nameserver is important. Say for arguments
sake we want to use two name servers incase the first is down, or busy,

If you want to configure other client machines on the network to use this machine for
name resolution, the the same file will need to be configured, but in a slighlty
different way.

CLIENTS.
########

If you want your clients to use the nameserver, you must setup the /etc/resolv.conf
file in the following way.

================
/etc/resolv.conf
================

domain planet.org
nameserver 192.168.1.104 # mercury

This tells the client machine that it is part of the domain 'planet.org' and
to use mercury as its name sever, also what domain to search for hosts when running
nslookup.

Getting the domain part of the resolv.conf file setup correctly on clients &
nameserver is important as it can cause mail programmes/sendmail to hang when
transporting mail from client -> server respectively, and cause sendmail to hang when
a client is booting up.

What to do when nslookup hangs on startup.

1.Check to see if named is running. (ps aux |grep named)

2.Look at /var/adm/messages for error messages produced by named
(this will usually tell you where you're going wrong)

3.Check that you've made the correct references to the named.db files in
/etc/named.boot

4.Make any changes based on error messages produced in (2)

5.If you get an error message in /var/adm/messages that says,

'hostname' out of scope for domainname, or there abouts, for a whole list of
hosts listed in domain.pz (primary domain file) you have probably made a
mistake with the domain in /etc/resolv.conf OR you have incorrectly listed your
hostname incorrectly in that particular file.

I hope that this all helps.

Daniel Cave.