• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Thursday, March 13, 2014

    How to configure a caching only bind DNS server in Red Hat Linux

    caching-only nameserver won't allow references to internal clients by hostname, but it does allow clients to take advantage of frequently requested domains that are cached.

    Pre-requisites
    Make sure all the below packages are installed
    • bind (includes DNS server, named)
    • bind-utils (utilities for querying DNS servers about host information)
    • bind-libs (libraries used by the bind server and utils package)
    • bind-chroot (tree of files which can be used as a chroot jail for bind)
    # rpm -qa | grep bind
    bind-chroot-9.8.2-0.23.rc1.el6_5.1.i686
    bind-9.8.2-0.23.rc1.el6_5.1.i686
    bind-utils-9.8.2-0.23.rc1.el6_5.1.i686
    bind-libs-9.8.2-0.23.rc1.el6_5.1.i686

    Now follow the below steps
    Add a new entry in named.conf as shown in blue below
    # vi /etc/named.conf
    options {
            listen-on port 53 { 127.0.0.1; };
            listen-on-v6 port 53 { ::1; };
            directory       "/var/named";
            dump-file       "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            memstatistics-file "/var/named/data/named_mem_stats.txt";
            allow-query     { localhost; };
            recursion yes;
           
    forwarders { 192.168.1.10; };
            forward only;

            dnssec-enable yes;
            dnssec-validation yes;
            dnssec-lookaside auto;

            /* Path to ISC DLV key */
            bindkeys-file "/etc/named.iscdlv.key";

            managed-keys-directory "/var/named/dynamic";
    };

    logging {
            channel default_debug {
                    file "data/named.run";
                    severity dynamic;
            };
    };

    zone "." IN {
            type hint;
            file "named.ca";
    };

    include "/etc/named.rfc1912.zones";
    include "/etc/named.root.key";
    The block above will cause the caching name server to forward DNS requests it can't resolve to your DNS server. Here 192.168.1.10 is my DNS server.

    Check the permissions on named.conf
    -rw-r-----   1 root named     1056 Mar 13 09:32 named.conf
    Verify the named.conf file for any syntax errors
    # named-checkconf /etc/named.conf

    # echo $?
    0
    So it seems our named.conf is good to go.

    Edit your resolv.conf file and add the below entry
    # vi /etc/resolv.conf
    nameserver 127.0.0.1

    # service named restart
    Stopping named: .                                          
    [  OK  ]
    Starting named:                                            [  OK  ]

    Make the service auto start after reboot
    # chkconfig named on
    Verify your caching-nameserver
    # ping google.com
    PING google.com (74.125.236.64) 56(84) bytes of data.
    64 bytes from maa03s05-in-f0.1e100.net (74.125.236.64): icmp_seq=1 ttl=56 time=85.4 ms
    64 bytes from maa03s05-in-f0.1e100.net (74.125.236.64): icmp_seq=2 ttl=56 time=29.2 ms
    ^C
    --- google.com ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1281ms
    rtt min/avg/max/mdev = 29.298/57.350/85.402/28.052 ms

    # dig golinuxhub.com

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> golinuxhub.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59633
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;golinuxhub.com.                        IN      A

    ;; ANSWER SECTION:
    golinuxhub.com.         3102    IN      A       50.63.202.15

    ;; Query time: 26 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Thu Mar 13 09:45:38 2014
    ;; MSG SIZE  rcvd: 48

    Retry to query golinuxhub.com
    # dig golinuxhub.com

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> golinuxhub.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52632
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;golinuxhub.com.                        IN      A

    ;; ANSWER SECTION:
    golinuxhub.com.         3068    IN      A       50.63.202.15

    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Thu Mar 13 09:46:12 2014
    ;; MSG SIZE  rcvd: 48

    As you see our query time reduced from 26 msec to 0msec

    So everything is working as expected.

    Related Articles
    What is the difference between DNS A record and CNAME record?
    How does a DNS query works when you type a URL on your browser?
    DNS server related errors
    Configure your BIND DNS server on different port no.
    How to configure BIND-9.2 DNS server in Red Hat Linux
    How to configure BIND-9.8 DNS server in Red Hat Linux 6


    Follow the below links for more tutorials

    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    How to configure Samba 4 Secondary Domain Controller
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is kernel-PAE in Linux?
    What is swappiness and how do we change its value?
    How to log iptables messages in different log file
    What are the s and k scripts in the etc rcx.d directories
    How to check all the currently running services in Linux
    How to auto start service after reboot in Linux
    What is virtual memory, paging and swap space?

    0 comments:

    Post a Comment