{"id":975,"date":"2012-08-04T08:35:22","date_gmt":"2012-08-04T00:35:22","guid":{"rendered":"http:\/\/rmohan.com\/?p=975"},"modified":"2012-08-04T08:56:11","modified_gmt":"2012-08-04T00:56:11","slug":"bind-chroot","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=975","title":{"rendered":"BIND CHROOT"},"content":{"rendered":"<div dir=\"ltr\">\n<div>########################\u00a0 DNS CONFIGURATION ########<\/div>\n<div><\/div>\n<div><\/div>\n<div><\/div>\n<div>1. DNS Server Name: rhel5test.linux.com (192.168.1.21) ;\u00a0 domain: linux.com<\/div>\n<div><\/div>\n<div>2.\u00a0 Download and Install Packages related to bind:<\/div>\n<div><\/div>\n<div>\u00a0 \u00a0 \u00a0 yum install bind*<\/div>\n<div><\/div>\n<div>\u00a0 \u00a0 \u00a0 bind-utils, bind-sdb, bind-libs, bind-9.3, bind-chroot, bind-libbind-devel<\/div>\n<div><\/div>\n<div>\u00a0 \u00a0 \u00a0 yum install caching-nameserver<\/div>\n<div><\/div>\n<div><\/div>\n<div>3.\u00a0 Configure : name.conf file\u00a0 ( main configuration file )<\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 cd \/var\/named\/chroot\/etc\/<\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 cp\u00a0 named.caching-nameserver.conf\u00a0 named.conf<\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 vi named.conf<\/div>\n<div><\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 options\u00a0 {<br \/>\nlisten\u00adon port 53 {\u00a0 127.0.0.1; 192.168.1.21; \u00a0 };<br \/>\nlisten\u00adon\u00adv6 port 53 { ::1; };<br \/>\ndirectory &#8220;\/var\/named&#8221;;<br \/>\ndump\u00adfile &#8220;\/var\/named\/data\/cache_dump.db&#8221;;<br \/>\nstatistics\u00adfile &#8220;\/var\/named\/data\/named_stats.txt&#8221;;<\/div>\n<div>memstatistics\u00adfile &#8220;\/var\/named\/data\/<\/div>\n<div>named_mem_stats.txt&#8221;;<\/div>\n<div>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 query\u00adsource port 53;<\/div>\n<div>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 allow-query {\u00a0 127.0.0.1; 192.168.1.0\/24;\u00a0 };<\/div>\n<div><\/div>\n<div>allow\u00adquery {\u00a0 127.0.0.1;\u00a0 192.168.1.0\/24;\u00a0 };<\/div>\n<div>\u00a0 allow\u00adtransfer {\u00a0 127.0.0.1; 192.168.1.21; \u00a0 };<\/div>\n<div>forwarders { \u00a0 127.0.0.1; 192.168.1.21; \u00a0 };<br \/>\nforward only;<br \/>\n};<\/div>\n<div>logging {<br \/>\nchannel default_debug {<br \/>\nfile &#8220;data\/named.run&#8221;;<br \/>\nseverity dynamic;<br \/>\n};<\/div>\n<div>};<\/div>\n<div>view localhost_resolver {<br \/>\nmatch\u00adclients { localhost; 192.168.1.0\/24; };<\/div>\n<div>match\u00addestinations { localhost; 192.168.1.0\/24;\u00a0 };<\/div>\n<div>recursion yes;<br \/>\ninclude &#8220;\/etc\/named.rfc1912.zones&#8221;;<br \/>\n};<\/div>\n<div><\/div>\n<div><\/div>\n<div>==&gt;\u00a0 Copy named.conf to \/etc\/ dir<\/div>\n<div><\/div>\n<div><\/div>\n<div>4.\u00a0 Configure Zone files<\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 \u00a0 vi\u00a0 \/etc\/named.rfc1912.zones<\/div>\n<div><\/div>\n<div>zone &#8220;linux.com&#8221; IN \u00a0 {<\/div>\n<div><\/div>\n<div>type master;<\/div>\n<div>file &#8220;linux.com.fzone&#8221;;<\/div>\n<div>allow-update\u00a0 {\u00a0 none;\u00a0 };<\/div>\n<div>allow-query\u00a0 \u00a0 { \u00a0 any;\u00a0 };<\/div>\n<div><\/div>\n<div>};<\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 zone\u00a0 &#8220;1.168.192.in-addr.arpa&#8221;\u00a0 IN\u00a0 {<\/div>\n<div><\/div>\n<div>type master;<\/div>\n<div>file &#8220;linux.come.reverse&#8221;;<\/div>\n<div>allow-update\u00a0 {\u00a0 none;\u00a0 };<\/div>\n<div>allow-query\u00a0 \u00a0 { \u00a0 any;\u00a0 };<\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 };<\/div>\n<div><\/div>\n<div><\/div>\n<div>5. \u00a0 \u00a0 cd \/var\/named\/chroot\/var\/named \u00a0 ;; \u00a0 cp localhost.zone\u00a0 linux.com.fzone ;;\u00a0 cp named.local linux.come.reverse<\/div>\n<div><\/div>\n<div>6. \u00a0 \u00a0 Change ownership to root:named and permission to 755 for following files<\/div>\n<div><\/div>\n<div>\u00a0 \u00a0 \u00a0 \u00a0 Both zone files ,\u00a0 named.conf\u00a0 (both at \/etc\/ and \/var\/named\/chroot\/etc\/)<\/div>\n<div>\u00a0 \u00a0 \u00a0 \u00a0 \/etc\/named.rfc1912.zones<\/div>\n<div><\/div>\n<div><\/div>\n<div>7.\u00a0 \u00a0 Edit Forward zone file ( Take care of dots after fqdns )<\/div>\n<div><\/div>\n<div><\/div>\n<div>\u00a0\u00a0 \u00a0 $TTL 86400<br \/>\n@ IN SOA rhel5test.linux.com. root. rhel5test.linux.com. ( 42 ; serial (d. adams)<br \/>\n3H ; refresh<br \/>\n15M ; retry<br \/>\n1W ; expiry<br \/>\n1D ) ; minimum<br \/>\n@ IN NS rhel5test.linux.com<\/div>\n<div>.<br \/>\nrhel5test.linux.com. IN A 192.168.1.21<\/div>\n<div>rhel6test.linux.com. IN A 192.168.1.22 # Client<\/div>\n<div><\/div>\n<div><\/div>\n<div>8. \u00a0 Edit Reverse Zone file\u00a0 (Take care of dots after fqdns )<\/div>\n<div><\/div>\n<div>\u00a0 \u00a0 \u00a0 $TTL 86400<br \/>\n@ IN SOA rhel5test.linux.com. rhel5test.linux.com. ( 1997022700 ; Serial<\/div>\n<div>28800 ; Refresh<br \/>\n14400 ; Retry<br \/>\n3600000 ; Expire<br \/>\n86400 ) ; Minimum<br \/>\n@ IN NS rhel5test.linux.com.<br \/>\n21 IN PTR rhel5test.linux.com.<br \/>\n22 IN PTR rhel6test.linux.com. # Client<\/div>\n<div><\/div>\n<div>9.. \u00a0 Check config file :\u00a0 service named configtest<\/div>\n<div><\/div>\n<div>10.\u00a0 Restart named services<\/div>\n<div><\/div>\n<div>11.\u00a0 Test DNS using\u00a0 dig server name ;\u00a0 dig -x\u00a0 server IP , nslookup<\/div>\n<div><\/div>\n<div>12\u00a0 Client SIDE :: Make changes in \/etc\/resolv.conf ::: \u00a0 search\u00a0 linux.com<\/div>\n<div>\u00a0 \u00a0 nameserver\u00a0 192.178.1.21<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p> ######################## DNS CONFIGURATION ######## 1. DNS Server Name: rhel5test.linux.com (192.168.1.21) ; domain: linux.com 2. Download and Install Packages related to bind: yum install bind* bind-utils, bind-sdb, bind-libs, bind-9.3, bind-chroot, bind-libbind-devel yum install caching-nameserver 3. Configure : name.conf file ( main configuration file ) cd \/var\/named\/chroot\/etc\/ cp named.caching-nameserver.conf named.conf vi named.conf options { listen\u00adon port [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/975"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=975"}],"version-history":[{"count":3,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/975\/revisions"}],"predecessor-version":[{"id":978,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/975\/revisions\/978"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}