Own DNS server

D

D1abloRUS2012-12-19 13:38:57

linux

D1abloRUS, 2012-12-19 13:38:57

Own DNS server

Comrades, help!

Condition: ubuntu server, bind9, static ip (via pppoe), domain (example.com, primer.ru)
Task: dns-server. So that when registering a new domain, you can specify ns1.example.com, ns2.example.com and everything works.
What I have:

/etc/bind/named.conf.example

zone "example.com" {
type master;
file "/etc/bind/sites/example.com";
};

zone "primer.ru" {
type master;
file "/etc/bind/sites/primer.ru";
};

sites/example.com

$ORIGIN .
$TTL 86400      ; 1 day
example.com IN SOA  ns1.example.com. root.example.com. (
 2012121900 ; serial
 3600       ; refresh (1 hour)
 1200       ; retry (20 minutes)
 1209600    ; expire (2 weeks)
 86400      ; minimum (1 day)
 )
 NS	ns1.example.com.
 NS	ns2.example.com.
 A	мой_статический_ип
$ORIGIN example.com.
ns1 A	мой_статический_ип
ns2 A	мой_статический_ип2

sites/example.ru

$ORIGIN .
$TTL 86400      ; 1 day
primer.ru IN SOA  ns1.example.com. root.example.com. (
 2012121900 ; serial
 3600       ; refresh (1 hour)
 1200       ; retry (20 minutes)
 1209600    ; expire (2 weeks)
 86400      ; minimum (1 day)
 )
 NS	ns1.example.com.
 NS	ns2.example.com.
 A	мой_статический_ип
$ORIGIN primer.ru.
ns1 A	мой_статический_ип
ns2 A	мой_статический_ип2

I am also aware that you need to have 2 external IPs for ns1 and ns2.
I would like to clarify whether the zones are configured correctly? Do I need to change anything in named.conf.options? Do you need a slave server? It would be great to see a ready-made example, or a good instruction.
Thank you!

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Alukardd, 2012-12-19
@D1abloRUS

Why is the ORIGIN variable defined 2 times? Why is the domain name not in the FQDN form (without the trailing dot) in the SOA record?

Do you need a slave server?

Yes, a slave server is always needed if you want fault tolerance - ns's are geographically and logically separated servers.

Do I need to change anything in named.conf.options?

Yes. On the master server, change the zone by adding this:

example.com-master

zone "example.com" {
type master;
file "/etc/bind/sites/example.com";
allow-transfer { ns2_ip_address ; };
allow-update { none; };
notify yes;
};

example.com-slave

zone «example.com» {
type slave;
file "/etc/bind/sites/example.com";
masters { ns1_ip_address; };
};

Something like this. Accordingly, do not touch the zone file on the slave with your hands, it will receive it from the master itself. When changing the zone on the master, do not forget to change the serial value in the SOA record.

@

@sledopit, 2012-12-19
_

Keeping both ns1 and ns2 on the same piece of hardware is fraught with the fact that if the server falls, then everything that is tied to these dns (mail, sites that are not hosted by other pieces of iron) will automatically become inaccessible too. Better 2 different pieces of iron. And even better and dts are different (:

D

D1abloRUS, 2012-12-19
@D1abloRUS

There is still a question,
I have a forwarders {} parameter in the named.conf.options file; Is it necessary to use it? To prescribe there dns operator, for example?