Thursday, May 1, 2008

Configure DNS Server with Forwarding

In this exercise, you work with a partner to configure a DNS master server and a DNS slave server for the domain digitalairlines.com. Both servers should be configured to make zone transfer.

The range of IP addresses is 10.0.0.2 to 10.0.0.12. The names of the computers in your network are da2 to da12.

The IP address of your forwarder is 10.0.0.254. Its name is da1.

In part V you configure a subdomain muc.digitalairlines.com. The master server for this subdomain is the slave server of digitalairlines.com.

The range of IP addresses in this subdomain is 10.0.1.100 to 10.0.1.102. The names of the computers is da100 to da102.

The master server of digitalairlines.com forwards requests concerning the subdomain to the slave server.

You need to work as a team on all parts of the exercise.
Do the following:

■ Part I - Switch to Static IP Addresses
■ Part II - Install BIND
■ Part III - Configure the DNS Master Server for the Domain
digitalairlines.com
■ Part IV - Configure the DNS Slave Server for the Domain
digitalairlines.com
■ Part V - Configure the DNS Master Server for the Domain
muc.digitalairlines.com
■ Part VI - Enable Forwarding

Part I - Switch to Static IP Addresses

To switch to static IP addresses, do the following:
1. From the GNOME desktop, open the main menu.
2. Select More Applications.
3. Enter term into the Filter text box.
4. Select the Gnome Terminal icon to start a terminal emulation.
5. Enter /sbin/ip address show to record the following information for your SUSE Linux Enterprise Server 10 server:
❑ IP address:
❑ Hostname:
6. Close the terminal window.
7. From the main menu, start YaST.
8. Enter the root password (novell) and select OK.
9. Select Network Card from the Network Devices YaST module.
10. Make sure that Traditional Method with ifup is selected and select Next.
Your network card is listed in the upper table.
11. Make sure your network card is selected; then select Edit.
12. Make sure that the Address tab is activated.
13. Switch the setup by selecting Static address setup.
14. In the IP Address field, enter the IP address from Part I.
15. In the Subnet mask field, enter 255.255.255.0.
16. Select Host name and name server.
17. (Conditional) If a dialog appears indicating that the resolv.conf
file has been temporarily modified, continue by selecting
Modify.
18. In the Hostname field, enter the hostname from Part I.
19. In the Domain Name field, enter digitalairlines.com.
20. Select OK.
21. Select Routing.
22. In the Default Gateway field, enter the IP address of your Internet
gateway (10.0.0.254).
23. Select OK.
24. Select Next.
25. Select Next.

Part II - Install BIND

To install BIND, do the following:
1. From the YaST Control Center, select
Software > Software Management
2. From the Filter drop-down menu, select Search.
3. In the Search field, enter bind; then select Search.
4. On the right, select the bind and the bind-chrootenv package.
5. Select Accept; then insert the requested SUSE Linux Enterprise Server 10 DVD.
6. When installation is complete, remove the DVD and close the YaST Control Center.

Part III - Configure the DNS Master Server for the Domain digitalairlines.com

Do the following to configure a DNS master server:
1. Open a terminal window and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To rename the file /etc/named.conf to /etc/named.conf.orig, enter
mv /etc/named.conf /etc/named.conf.orig
4. Create a new configuration file named /etc/named.conf with the following content:
# /etc/named.conf: Configuration of the master name server
options {
# Where are the files located?
directory "/var/lib/named";
# Forwarding requests to the classroom server
# forwarders { 192.0.2.1; 192.0.2.2; };
};
# Definition of root zone
zone "." in {
type hint;
file "root.hint";
};
# Definition of the zone localhost
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
5. Configure the forwarders line to match the following:
forwarders {10.0.0.254;};
Make sure that you delete the comment character from the beginning of the forwarders line.
6. Add the following two zone statements after the existing zone statements:
zone “digitalairlines.com” in {
type master;
file “master/digitalairlines.com.zone”;
};
zone “0.0.10.in-addr.arpa” in {
type master;
file “master/10.0.0.zone”;
};
7. Save and close the file.
8. Create a new file digitalairlines.com.zone in the directory
/var/lib/named/master/.
9. Enter the following zone configuration in the file:
$TTL 172800
digitalairlines.com. IN SOA your_FQDN. hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
digitalairlines.com. IN NS your_FQDN.
digitalairlines.com. IN NS slave_FQDN.
da1 IN A 10.0.0.254
da2 IN A 10.0.0.2
da10 IN A 10.0.0.10
da11 IN A 10.0.0.11
da12 IN A 10.0.0.12

The SOA record (including hostmaster.digitalairlines.com) must be on a single line.

Make sure you enter your FQDN (such as da50.digitalairlines.com) in the SOA and NS records.

Use the current date and “01” as the serial number (such as 2006071501).

Add an A record for your own host, such as
da50 IN A 10.0.0.50
10. Save and close the file.
11. Create a new file 10.0.0.zone in the directory /var/lib/named/master/.
12. Enter the following zone configuration in the file:
$TTL 172800
0.0.10.in-addr.arpa. IN SOA your_FQDN. hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
0.0.10.in-addr.arpa. IN NS your_FQDN.
0.0.10.in-addr.arpa. IN NS slave_FQDN.
254 IN PTR da1.digitalairlines.com.
2 IN PTR da2.digitalairlines.com.
10 IN PTR da10.digitalairlines.com.
11 IN PTR da11.digitalairlines.com.
12 IN PTR da12.digitalairlines.com.
13. Save and close the file.
14. Open a second terminal window and enter su - to get root permissions.
15. When prompted, enter the root password novell.
16. Enter the command
tail -f /var/log/messages
17. Switch to the first terminal window and start bind by entering
rcnamed start
18. From the second terminal window, watch the log output of bind
for any messages such as Unknown RR Type or File Not Found.
If any errors occur, fix them and restart bind.
19. From the first terminal window, start bind automatically when the system is booted by entering
insserv named
20. Open the file /etc/resolv.conf in a text editor.
21. Delete all existing nameserver entries.
22. Add the following entry:
nameserver your_ip_address
23. Save and close the file.
24. Verify that your DNS server works by entering
host da10.digitalairlines.com
This should display the IP address of 10.0.0.10.

Part IV - Configure the DNS Slave Server for the Domain digitalairlines.com

To configure the DNS slave server, do the following on the DNS slave server:
1. Open a terminal window and and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To rename the file /etc/named.conf to /etc/named.conf.orig, enter
mv /etc/named.conf /etc/named.conf.orig
4. Create a new configuration file named /etc/named.conf with the
following settings:
# /etc/named.conf: Configuration of the slave name server
options {
# Where are the files located?
directory "/var/lib/named";
# Forwarding requests to the classroom server
# forwarders { 192.0.2.1; 192.0.2.2; };
};
# Definition of root zone
zone "." in {
type hint;
file "root.hint";
};
# Definition of the zone localhost
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
5. Configure the forwarders line to match the following:
forwarders {10.0.0.254;};
Make sure that you delete the comment character from the beginning of the forwarders line.
6. Enter the following two zone statements after the existing statements:
zone “digitalairlines.com” in {
type slave;
file “slave/digitalairlines.com.zone”;
masters {
master_server_ip_address;
};
};
zone “0.0.10.in-addr.arpa” in {
type slave;
file “slave/10.0.0.zone”;
masters {
master_server_ip_address;
};
};
7. Save the changes and close the editor.
8. Open a second terminal window and enter su - to get root permissions.
9. When prompted, enter the root password novell.
10. Enter the command
tail -f /var/log/messages
11. Switch to the first terminal window and start bind by entering
rcnamed start
12. From the second terminal window, watch the log output of bind for any messages such as Unknown RR Type or File Not
Found.
13. If any errors occur, try to fix them and restart bind.
14. Start bind automatically when the system boots by entering
insserv named
15. From the first terminal window, open the /etc/resolv.conf file in a text editor.
16. Delete all existing nameserver entries.
17. Add the following entry:
nameserver server_ip_address
18. Save and close the file.
19. Verify that your DNS server works by entering
host da10.digitalairlines.com

Part V - Configure the DNS Master Server for the Domain muc.digitalairlines.com

In the following, the slave server will also be configured as master server of the subdomain. To configure the DNS Master Server for the Domain muc.digitalairlines.com, do the following on the slave server:

1. Open a terminal window and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To stop the DNS server, enter
rcnamed stop
4. Open the file /etc/named.conf with your favorite editor.
5. Add the following two zone statements after the existing zone statements:
zone “muc.digitalairlines.com” in {
type master;
file “master/muc.digitalairlines.com.zone”;
};
zone “1.0.10.in-addr.arpa” in {
type master;
file “master/10.0.1.zone”;
};
6. Save and close the file.
7. Create a new file muc.digitalairlines.com.zone in the directory
/var/lib/named/master/.
8. Enter the following zone configuration in the file:
$TTL 172800
muc.digitalairlines.com. IN SOA your_FQDN.
hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
muc.digitalairlines.com. IN NS your_FQDN.
muc.digitalairlines.com. IN MX 1 da1.digitalairlines.com.
da100 IN A 10.0.1.100
da101 IN A 10.0.1.101
da102 IN A 10.0.1.102
9. Save and close the file.
10. Create a new file 10.0.1.zone in the directory
/var/lib/named/master/.
11. Enter the following zone configuration in the file:
$TTL 172800
1.0.10.in-addr.arpa. IN SOA your_FQDN.
hostmaster.digitalairlines.com. (
serial_number
1D
2H
1W
3H
)
IN NS your_FQDN.
100 IN PTR da100.muc.digitalairlines.com.
101 IN PTR da101.muc.digitalairlines.com.
102 IN PTR da102.muc.digitalairlines.com.
12. Save and close the file.
13. Open a second terminal window and enter su - to get root permissions.
14. When prompted, enter the root password novell.
15. Enter the command
tail -f /var/log/messages
16. Switch to the first terminal window and start bind by entering
rcnamed start
17. From the second terminal window, watch the log output of bind for any messages such as Unknown RR Type or File Not
Found.
18. If any errors occur, fix them and restart bind.
19. Open the file /etc/resolv.conf in a text editor.
20. Modify the search entry to:
search digitalairlines.com muc.digitalairlines.com
21. Save and close the file.
22. Verify that your DNS server works by entering
host da100.muc.digitalairlines.com
This should display the IP address of 10.0.1.100.

Part VI - Enable Forwarding

To forward requests concerning a subdomain to the master server of the subdomain server, do the following on the master server for digitalairlines.com:
1. Open a terminal window and enter su - to get root permissions.
2. When prompted, enter the root password novell.
3. To stop the DNS server, enter
rcnamed stop
4. Open the /etc/named.conf file with a text editor.
5. Add the following zone after the other zone definitions:
zone “muc.digitalairlines.com” in
{
type forward;
forward only;
forwarders {
IP_address_of_the_slave_server;
};
};
zone “1.0.10.in-addr.arpa” in
{
type forward;
forward only;
forwarders {
IP_address_of_the_slave_server;
};
};
6. Save and close the file.
7. Open a second terminal window and enter su - to get root
permissions.
8. When prompted, enter the root password novell.
9. Enter the command
tail -f /var/log/messages
10. Switch to the first terminal window and start bind by entering
rcnamed start
11. From the second terminal window, watch the log output of bind for any messages such as Unknown RR Type or File Not
Found.
12. If any errors occur, fix them and restart bind.
13. Verify that your DNS server works by entering
host da100.muc.digitalairlines.com
This should display the IP address of 10.0.1.100
Posted by at 5/01/2008 02:24:00 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)