|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Monday, 16 April 2001||Author: Josh Boudreau|
|Published to: featured_articles/Featured Articles||Page: 1/1 - [Printable]|
Getting Started with Networking for Linux; Part 2: Configuring DNS for your network with BIND.
In the second part of Josh Boudreau's Getting Started with Linux Networking series Josh takes a look at DNS, the Internet's Domain Name System and walks us through configuring our own LANs to use DNS.
|Page 1 of 1|
Welcome to the second installment of the Getting Started with Networking for Linux series. In the first article we saw how to choose and install networking hardware and how to get started with the basics of TCP/IP configuration. If you're new to networking, I suggest you start there; in this article I assume you have the skills needed to get a network up and running.
Today we will see how to configure and setup DNS (Domain Name System) on your network, so you can refer to your computers as hostnames instead of boring IP addresses. If some of you following this series have experimented with the basic network services offered by your default Linux installation, you may have noticed that some services take a long time to respond, or might not work in a proper manner. This may be because many services work better when you have a working DNS server on your network. DNS offers hostname and IP address resolution, which some application require to work correctly.
DNS works by setting up a machine on your network to act as a DNS server. Other computers query the DNS server's database to resolve hostnames into IP addresses, and IP addresses into hostnames. DNS on Linux is usually handled by the BIND DNS server found at http://www.isc.org/products/BIND/. Most Linux distributions come with this package already installed. We will use BIND to setup our DNS server. The information you will gather from this article is applicable to other DNS server software, however, if you wish to experiment with other DNS software, you probably won't have too much trouble following along.
A Bit of Theory
In the old days, when the Arpanet was being developed, hostname
lookups were handled by the file
This arcane system was replaced by the Domain Name System, which we still use today. In the DNS system you have one server on the network that holds the hostname/IP database for all hosts on that network. Computers query this DNS database to do the translations. As you probably know, the Internet is composed of multiple networks connected together and each network is responsible for handling the task of setting up its own DNS server for each domain. With this system, changing the IP addresses on a network requires only changing the information on the network's DNS server, other machines on remote networks are not required to change anything and the next time they query information from the updated DNS server they'll get the new information.
How it Works
DNS is implemented in a hierarchical system. If you look at a domain name you'll notice that it has several parts separated by dots:
When a machine requests a DNS lookup on a particular hostname, the request first goes to the root DNS server handling the top level domain. The root server will then redirect the request to the DNS server handling the database for the particular domain requested. When our request reaches that DNS server, we might get our answer right away or we may be redirected to yet another DNS server if the hostname we requested has multiple levels. A hostname with multiple levels is when a network administrator divides his network into subnets and follows a naming convention for the machines on those subnets. This naming convention is not required but is often very usefull for helping users find machines on a network. As an example, a company might have two subnets and each has a DNS server handling the DNS information for a subnet.
The diagram below
show how a request for
Most distributions of Linux come with BIND already installed, but if your system doesn't already have it you can probably find a precompiled version that's packaged for your Linux distribution. If you can't find a precompiled package you can always download the source code and compile it yourself. Follow the example below to extract the source, and build it.
When running the
When you have BIND installed, there are a few configuration files
we should edit before starting the server. The first file we will look at
is the BIND configuration file, which is by default installed in
Note: An important thing to understand at this point is that the domain
you choose will not be used on the Internet. This article aims at setting
up BIND for a private network, and therefore our BIND configuration will
not serve DNS requests to or from the Internet. Domain names on the
Internet must be registered with the registrar selling domain names for a
particular top level domain. Since in future articles we will learn how to
get your network connected to the Internet, I advise you not to choose a
real domain. In our example configuration we'll use a domain name ending
So let's have a look at
There are few things to look at here, the option entry has one
subentry which is the directory where we will be storing our domain
configuration files. The
The next zone entry is for the root servers responsible for the top level domains. The two last zone entries are for reverse lookups. Reverse lookups are when we lookup which hostname is associated with an IP address. One entry is for our loopback addresses which are 127.0.0.* and the other is for our network's IP addresses, which are 192.168.1.*. If your network doesn't use those addresses change the zone entry to reflect your network's setup. Note that in the zone entry lists the IP range in reverse order, that is 192.168.1.* is 1.168.192. The reverse zone entry for loopback addresses should be left alone because it's the same for every network.
To get more
information on the different features you can specify in your
This file lists the root servers on the Internet. We are not responsible for this list, and if root servers ever change, an updated file will be distributed with the latest BIND distribution. The root server IP addresses will probably not change very often, so I would say you're safe using the example file I listed above. You might be wondering why we need this file if our domain is not going to be served on the Internet? The file is required because our DNS server will forward our computer's requests to a DNS server located on the Internet. Like we saw before, domain names on the Internet are handled by the root servers, and when we will see how to get your network connected to the Internet in future articles, your DNS server will probably get requests for valid domains that your computers will want to connect to.
Your DNS server only
handles the database for your domain and it will forward all your requests
for others to the Internet. If your network is already connected to the
Internet and you want to have your DNS server forward your requests to the
Internet, you can add a
Where 192.168.1.30 and 192.168.1.40 are the namesevers your ISP provided you.
The next file we should create is the zone file for the domain we
chose. In our
Take a look at the syntax line by line and I'll explain the structure of this zone file. Please note that the hostnames have a trailing dot and this is very important. Leave them out and your zone file won't work properly. The first line gives the DNS server some information about itself:, "ns.domain.lan" is the name of the DNS server, and "root.domain.lan" is the email address of the administrator. Instead of using the "@" sign in the email address it's just a dot, the address above would be translated to firstname.lastname@example.org. The numbers after the first line set a few parameter options like the time a DNS request expires and such. I won't explain those in details so just use the ones in the example because they are sufficient for a DNS server on a private network. The next line lets machines know which DNS server handles the zone for domain.lan, "ns.domain.lan" is the DNS server's name. The next line tells us which address handles mail for that domain. If your network doesn't have a mail server just leave this line out. All the lines with "IN A" assign hostnames to addresses.
In the example file we assigned
The only files we have left to configure now are the reverse zones
for 127.0.0.* and 192.168.1.*. These files are quite similar to the
As you can see, the top portion of the file is the same as our
Finally, we need the file for the reverse lookup of the loopback
addresses, which is
This file only maps one IP address (127.0.0.1) to localhost. This is the only entry you need for this file and is only needed by applications that use 127.0.0.1 to talk to the computer they are running on.
Getting Ready to Start the DNS Server
Before starting BIND, we should change a few settings to tell our
computers where to query our DNS server. On Linux this setting is in the
The search line tells applications which domain should be searched
if the domain.lan is omitted from the request. For example, if we do
"nslookup www", the request would be translated as
Once everything it configured correctly it's time to start up the
DNS server. Most DNS server programs are called '"named" and this is
correct for BIND's software distribution. Starting up the server is just a
matter of running named. Once named is run it probably won't output
anything to your terminal, it will just put itself in the background and
serve incoming DNS requests. Logging info will most likely be appended to
If you make any changes to your DNS server's configuration files,
you will need to restart named, you may do so by typing
Testing your Configuration
To test the configuration of DNS on your network we can use the
nslookup utility. Simply type
This output tells us that the server
Now that DNS is up and running on your network you can refer to
other computers by their hostnames instead of typing in their IP address.
DNS resolution works with every network utility, for example instead of
Adding more hostnames is just a simple task of adding more entries
in your domain zone files and restarting BIND. If you wish to add more
domain names to your DNS server you just need to add additional zone
entries in the
This article showed you the steps to configure a small and simple DNS server for a private network and this is usually sufficient for most people. Every aspect of the Domain Name System would be too lengthy too cover herebut if you wish to know more I suggest getting a book on the topic. Below are some additional online resources that you may help you to learn some more on how DNS and BIND works.
|Page 1 of 1|