Open main menu

CDOT Wiki β

Changes

SRT210 Lab 4

404 bytes added, 01:16, 29 January 2019
PART 3: YOUR OWN DNS SERVER
Each of you will set up your own DNS server. We'll set up Bind on lin2 to do the work. The domains you configure will work for you or anyone who explicitly sets up their systems to use your DNS server. They will not work on the internet, because you'd have to pay a registrar to have your domain/server globally registered.
 
== Installation ==
Install Bind on your '''lin2'''.
 
== Configuration ==
An [https://en.wikipedia.org/wiki/Domain_Name_System#Authoritative_name_server authoritative] Bind server has a global configuration file (named.conf) and at least one zone file for the zone it's authoritative for.
=== Set up /etc/named.conf ===
When you install Bind you'll get a default '''/etc/named.conf'''. Copy this file over to a backup location and empty the original (do not delete or move it as that will cause SELinux not to trust it). We will be writing one from scratch with only the following contents, but use your own X value where applicable.
The "ls -lZ" command lists the file context.
=== Zone Set up the zone file ===
Now edit '''/var/named/mydb-for-yoursenecaid-ops''' and enter the following:
# Once you are certain that the ''named'' service had started and runs without errors, then set it to '''start automatically''' (i.e. enable the named service) when this virtual machine boots.
# Now that you know the service works, '''add the resource records necessary for it to provide forward lookups of the other machines in your virtual network''' (hint: You should only need two more records) and restart the service.
# Test the server on lin2 using the dig command, for example:<source>dig c7host.andrew.ops @192.168.210.12</source
 
== Configure the firewall ==
 
The DNS server on lin2 won't be accessible by default even if it's working perfectly because the firewall will not allow access to it.
 
Add a rule to the appropriate chain to allow access to the service. You'll need to first figure out the protocol and port that is used by DNS queries.
=== DNS Client Configuration ===
* Configure c7host to use lin2 as the DNS server. You can always change that back if you need internet access and your DNS server is broken: