A couple of tips for Red Hat sendmail users

named

Named? DNS? What is it and why do I need it? Well, you know everything has an IP address like 192.168.0.1. Well, some system needs to translate that into www.zen-data.com. That system is called DNS (Domain Naming System) and the daemon is called bind or named. It listens on a port for incoming name requests (UDP) from other machines, then the daemon performs the look up the request, either by name or number. So, if you do a nslookup on 209.249.185.20 you will get www.zen-data.com. If you nslookup www.zen-data.com, you get 209.249.185.20. To accomplish this, a DNS server has two structured files. One for the lookup, the other for reverse lookups. Both are somewhat complex, yet relatively simple to set up.

There are two types of servers. You can have a standard caching name server, or an actual domain server. I will explain how to create both.

First edit /etc/resolv.conf to look like this:

search mydomain.com
nameserver 0
nameserver x.x.x.x
nameserver y.y.y.y

The search line allows you to host name lookups within a default domain. It is not required.
'nameserver 0' instructs the system to use itself for DNS lookups. The other two lines allow alternate nameservers to be used for the lookup.

Ok, now you have to install the named binaries and get them to launch at boot time.

rpm -i /mnt/cdrom/RedHat/RPMS/bind-8.x.x.i386.rpm
chkconfig --level 345 named on
/etc/rc.d/init.d/named start

The last command starts the service. Substitute 'stop' to halt the service.

At this point, if your firewall rules allow DNS queries, you are done for the caching name server portion. You can check your server with the following command:

nslookup 209.249.185.20 ; nslookup www.zen-data.com

You should get this output:

Server: localhost
Address: 127.0.0.1

Name: www.zen-data.com
Address: 209.249.185.20

Server: localhost
Address: 127.0.0.1

Name: www.zen-data.com
Address: 3209.249.185.20

At this point, your machine is using the root DNS servers (not your ISPs) to determine DNS entries. Your ISP may trap DNS requests, providing its own root level servers.

Now, lets say you have the domain foo.com and the class C address 192.168.0.x. You have set up this Linux box with address 192.168.0.10 and told internic that foo.com is hosted by your 192.168.0.10 nameserver. How do you serve that domain? By following this template.

Go to the directory /var/named and make two new files. db.192.168.0, and db.foo.

db.192.168.0 should look like this:

@               IN      SOA     ns1.foo.com. root.ns1.foo.com. (
                        1999020100      ; Serial
                        7200            ; Refresh 2 hours
                        3600            ; Retry   1 hour
                        3600000         ; Expire  1000 hours (42 days)
                        3600 )          ; Minimum 1/2 day

                IN      NS      ns1.foo.com.
                IN      NS      ns2.foo.com.

5               IN      PTR     ftp.foo.com.
10              IN      PTR     ns1.foo.com.
11              IN      PTR     ns2.foo.com.
15              IN      PTR     mail.foo.com.
50              IN      PTR     www.foo.com.

db.foo should look like this:

@               IN      SOA     ns1.foo.com. root.ns1.foo.com. (
                        1999020100      ; Serial
                        7200            ; Refresh 2 hours
                        3600            ; Retry   1 hour
                        3600000         ; Expire  1000 hours (42 days)
                        3600 )          ; Minimum 1/2 day

                IN      NS      ns1.foo.com.
                IN      NS      ns2.foo.com.
                IN      MX      15 ns1.foo.com.

ftp             IN      A       192.168.0.5
ns1             IN      A       192.168.0.10
ns2             IN      A       192.168.0.11
mail            IN      A       192.168.0.15
www             IN      A       192.168.0.50

In both files formatting is very important. Pay special attention to where you see periods, and where you do not see periods! This example assumes two DNS servers (NS1 and NS2), plus ftp, web and mail. The MX line instructs that all mail be delivered to the specified server. The number 15 is a weight - you can have several mail servers for a domain, chosen by the weight of the reference. Every time you update these records, you must advance the serial and restart named. The serial is 1999020100 in this example, which means Feb 1, 1999. If you update the record more than once in a day, advance the last 2 digits of the serial. Think of it more as 02/01/1999 #00. DNS is y2k compliant ;-)

Next you must create the named.conf file. This is the standard for bind verion 8. It has replaced named.boot in bind 4. named.conf lives in /etc, and will follow this standard :

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
zone "." {
type hint;
file "named.ca";
};

zone "foo.com" {
type master;
file "db.foo.com";
};

zone "0.168.192-in-addr.arpa" {
type master;
file "db.192.168.0";
};

Now type

/etc/rc.d/init.d/named restart

This kills named and restarts it. Do an nslookup on your local machine to verify that your changes worked. Also - keep an eye on the syslog (/var/log/messages) for major errors.