Primary DNS configuration RHEL6

Assumptions :-
Internet address configured as below
eth0
 IP address - 192.168.1.254
 Subnet mask - 255.255.255.0
 Gateway - 192.168.1.1 
 DNS server - 192.168.1.1

Intranet address configured as below

eth1
 IP address – 16.10.1.21
 Subnet mask - 255.255.255.0
 DNS server – 16.10.1.21

DNS Server  srvprd1

Configuration :-

Packages required -
 bind-9.7.0-5.P2.el6.x86_64.rpm
 bind-chroot-9.7.0-5.P2.el6.x86_64.rpm

# yum install bind*

Configuration files -
/var/named/chroot/etc/named.conf

Configuration Steps :-

# vim /var/named/chroot/etc/named.conf
===========================================================================
// Red Hat BIND Configuration Tool
 // Default initial "Caching Only" name server configuration
 acl "example" { 16.10.1.0/16; };
 options {
 listen-on port 53 { 16.10.1.21; };
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 allow-recursion { example; };
 allow-transfer { none; };
 allow-query { any; };
 notify no;
 transfer-format many-answers;
 interface-interval 0;
 max-transfer-time-in 60;
 version "Not Available";
 /*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND 8.1 uses an unprivileged
 * port by default.
 */
 // query-source address * port 53;
 dnssec-enable yes;
 dnssec-validation yes;
 dnssec-lookaside . trust-anchor dlv.isc.org.;
 };
 // a caching only nameserver config
 controls {
 inet 127.0.0.1 allow { localhost; } keys { rndckey; rndc-key; };
 };
 server 16.10.1.21 {
 keys { rndckey; };
 };
 zone "." IN {
 type hint;
 file "named.root";
 };
 // Now register your domain name and database/zone file
 // record better before the line "include /etc/rndc.key"
 // You can include separate zone entry
 // file with "include /etc/myinternalzonefile.zones" within this named.conf file.
 //Name Zone Registration
 zone "example.com" IN {
 type master;
 file "example.for";
 allow-transfer { none; };
 };
 // Reverse Zone Rsegistration
zone "1.10.16.in-addr.arpa" IN {
 type master;
 file "example.rev";
 allow-transfer { none; };
 };
//include the rndc key like below (copy-past from rndc.key created earlier)
 key rndckey {
 algorithm hmac-md5;
 secret "Hi1V+y3WixmfEfGqrebKRA==";
 };
 key rndc-key {
 algorithm hmac-md5;
 secret "AoXEyjm6UUKu4cKqFoFMRg==";
 };
 trusted-keys {
 dlv.isc.org. 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URkY62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboMQKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VStTDN0YUuWrBNh";
 };
===========================================================================

# ln –s /var/named/chroot/etc/named.conf /etc/named.conf
# vim /var/named/chroot/var/named/example.for
===========================================================================

$TTL 86400
@       IN      SOA     srvprd1.example.com.    root.example.com (
                        2010041106 ; Serial
                        1H         ; Refresh
                        1M         ; Retry
                        1W         ; Expire
                        1D         ; Minimum time to TTL
                        )
@       IN      NS      srvprd1.example.com.
mail    IN      A       16.10.1.21
srvprd1 IN      A       16.10.1.21
lnxsrv1 IN      A       16.10.1.10
storage1 IN     A       16.10.1.15
==========================================================================

# ln –s /var/named/chroot/var/named/example.for /var/named/example.for
# vim /var/named/chroot/var/named/example.rev
=================================================================================
$TTL 86400
@       IN      SOA        srvprd1.example.com.   root.example.com (
                                        2010041102 ; Serial
                                        1H         ; Refresh
                                        1M         ; Retry
                                        1W         ; Expire
                                        1D         ; Minimum time to live
                                        )
@        IN     NS   srvprd1.example.com.
srvprd1  IN     A       16.10.1.21
21       IN     PTR     srvprd1.
10      IN      PTR     lnxsrv1.
15      IN      PTR     storage1.
==================================================================================
# ln –s /var/named/chroot/var/named/example.rev /var/named/example.rev
# mv /var/named/named.ca /var/named/chroot/var/named/named.root
# ln –s /var/named/chroot/var/named/named.root /var/named/named.root
# mv /var/named/named.ca /var/named/chroot/var/named/named.ca
# ln –s /var/named/chroot/var/named/named.ca /var/named/named.ca
# mv /var/named/named.empty /var/named/chroot/var/named/named.empty
# ln –s /var/named/chroot/var/named/named.empty /var/named/named.empty
# mv /var/named/named.localhost /var/named/chroot/var/named/named.localhost
# ln –s /var/named/chroot/var/named/named.localhost /var/named/named.localhost
# mv /var/named/named.loopback /var/named/chroot/var/named/named.loopback
# ln –s /var/named/chroot/var/named/named.loopback /var/named/named.loopback

check the syntax error of your current configuration
# named-checkzone example.com /var/named/chroot/var/named/example.for
# named-checkzone example.com /var/named/chroot/var/named/example.rev
Client side configuration
Check  “/etc/resolv.conf” file
# vim /etc/resolv.conf

 ==========================================================================
 # Generated by NetworkManager
 search example.com
 nameserver 172.16.0.1
 nameserver 192.168.1.1
 ==========================================================================
check “/etc/hosts” file
# vim /etc/hosts

 ==========================================================================
 192.168.1.254   server.example.com      server  # Added by NetworkManager
 127.0.0.1        localhost.localdomain   localhost
 ::1             localhost6.localdomain6 localhost6
 172.16.0.1      server.example.com      server
 ==========================================================================
also check “/etc/sysconfig/network” file
# vim /etc/sysconfig/network

 ==========================================================================
 NETWORKING=yes
 NETWORKING_IPV6=no
 HOSTNAME=server.example.com
 ==========================================================================
IP tables and Selinux configuration  Either disable or configure accordingly for Iptables and Selinux. Here I disabled those.
# service iptables stop
# chkconfig iptables off
# setenforce 0     <To set Selinux Permissive temporarily.>
# vi /etc/sysconfig/selinux
SELINUX=permissive     <save and quit for permanent change>
Now start the service bind.
# service named start
# chkconfig named on


Verify that  dns server is answer queries using “nslookup” and “dig” tools.
[root@srvprd1 ~]# dig example.com NS

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> example.com NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62009
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;example.com.                   IN      NS

;; ANSWER SECTION:
example.com.            86400   IN      NS      srvprd1.example.com.

;; ADDITIONAL SECTION:
srvprd1.example.com.    86400   IN      A       16.10.1.21

;; Query time: 6 msec
;; SERVER: 16.10.1.21#53(16.10.1.21)
;; WHEN: Mon Jun 11 20:35:21 2012
;; MSG SIZE  rcvd: 67


[root@srvprd1 ~]# nslookup mail.example.com
Server:         16.10.1.21
Address:        16.10.1.21#53

Name:   mail.example.com
Address: 16.10.1.21

 [root@srvprd1 ~]# nslookup lnxsrv1.example.com
Server:         16.10.1.21
Address:        16.10.1.21#53

Name:   lnxsrv1.example.com
Address: 16.10.1.10

Thus the DNS Primary server configured. Good Luck J .....



Other Useful Links:

  1. Apache Configuration - RHEL 7 & CentOS 7
  2. Primary DNS Configuration - RHEL6 & CentOS 6
  3. Apache with Open SSL (HTTPS) - RHEL7 & CentOS 7
  4. Host Name Configuration - RHEL 8, CentOS 8, RHEL 7 & CentOS 7

Comments

Post a comment

Popular posts from this blog

AIX Firefox Installation

Overview           Mozilla Firefox for AIX is an Open Source Web Browser. It delivers helpful new features and continues to lead the way in on-line security. It implements technologies like the Gecko layout engine, and supports Web standards or draft standards like HTML, XHTML, XML, CSS, DOM, and many more . Version of Firefox Mozilla Firefox with version 3.5.13.1 can be installed in AIX 5.3 and later. Installation Procedure The following rpm s are the pre requisites for Firefox(64 bit). These packages will be available from the AIX Toolbox for Linux Applications CD/DVD. Before installing the prerequisites check the availability of 150MB free space on the /opt file system. atk-1.12.3-2.aix5.2.ppc.rpm cairo-1.8.8-1.aix5.2.ppc.rpm expat-2.0.1-1.aix5.2.ppc.rpm fontconfig-2.4.2-1.aix5.2.ppc.rpm freetype2-2.3.9-1.aix5.2.ppc.rpm gettext-0.10.40-6.aix5.1.ppc.rpm glib2-2.12.4-2.aix5.2.ppc.rpm gtk2-2.10.6-4.aix5.2.ppc.rpm libjpeg-6b-6.aix5.1.ppc.rpm libpng
Read more

AIX Commands

Usefull Commands for AIX =================== bootinfo –r     shows available RAM in KB lsattr –E l sys0 –a realmem    shows available RAM in KB rmss -c 512    To change the memory size to 512 MB rmss -r          resets the memory size to the original value lsattr  -El  en0     shows en0 driver params lsattr  -El  ent0     shows ent0 HW params lsattr -El rmt0     shows tape params lscfg -vpl rmt0     shows information about the tape drive lsattr  -El  sys0     shows system type, firmware, etc  driver params lscfg –v     lists all system HW configuration lsdev –C sscsi     list all scsi devices lsdev –C spci     list all pci devices lsparent –Ck scsi     list all scsi adapters cfgmgr     To onfigure devices lsdev –Cc disk      Shows all disks lsdev –Cc tape               Shows all tapes cfgmgr -vl < device > –v    Specifies verbose output. The cfgmgr command shows information about what it is doing. cfgmgr -vl < device >      Here <device> is a particular dev
Read more

How to increase swap size on CentOS 8 / RHEL 8

Swap space is the second type of memory in modern Linux systems. The primary function of swap space is to substitute disk space for RAM memory when real RAM fills up and more space is needed. Linux uses swap space to increase the amount of virtual memory available to a host. It can use one or more dedicated swap partitions or a swap file on a regular filesystem or logical volume. Now we are going to check: •              Current swap space in the system. •              How to identify swap volumes in the system. •              How to increase the size of swap volume. •              How to add one more swap device to system. This documentation is based on the test done in a CentOS 4.18.0-80.el8.x86_64 machine. The same procedure can be applied on RHEL 8 as well. We follow the LVM method to manage the volumes here though a normal partition also can be used for swap. We will see both the options here when we add another device as a swap volume. How to check the cu
Read more

How to configure NTP in RHEL8 or CentOS 8 by chronyd.

Network Time Protocol is used in systems to get the clock synced between them. All systems will sync their clock with NTP server is they are configured to do so. In RHEL8 or CentOS 8 it is achieved through “ chronyd ”. The “ chronyd ” daemon can be managed by the command “ chronyc ”. Below steps involve in configuring NTP through chronyd in linux systems. ·         Install the necessary packages. ·         Configure chrony service to sync with NTP server. ·         Set NTP synchronization. ·         Enable necessary firewall rules. ·         Enable and start chronyd service. Installation of chrony on RHEL8 or CentOS8. The below command helps to install chronyd in RHEL/CentOS 8. [root@system1 ~]# yum install chrony -y Chrony (NTP) server configuration The main configuration file for “ chronyd ” is /etc/chrony.conf . [root@system1 ~]# vim /etc/chrony.conf Below the minimum details to be set in the chrony.conf file. ·         pool 2.centos.pool.ntp.org iburst   # The name of the pool wh
Read more

How to find big files in Linux, Unix, AIX

      Most often we see that the utilization of file systems grows up and we need to do some sort of housekeeping in the file system. Mainly we identify which file consumes more space in the file systems. Sometimes we see chunk of files with small size of single file with more size consume more space in the file systems. In either situation our goal is to find out what is consuming more space, identify the necessity of those files in the file system and decide to housekeep the file system by removing the unwanted files. Here are some ways to find the big files in a directory. People mostly use the below steps to identify the big files in a directory. 1.        By using “ du ” command. 2.        By using “ find ” command By using “du” command. Eg .   # du -a / Here “ du ” command will look for all the files in the directory including filesystems mounted on directories under “ / ” directory and list them with their size on kilo bites (KB). If you want to sort
Read more

How to enable VNC server (get GUI remotely) in CentOS 7, RHEL 7, CentOS 8 and RHEL 8 servers.

Minimum requirements to connect a server remotely to access GUI are: 1.        Display server running in your workstation (I used MobaXterm. Software like Xming and VNC clients are also can be used.) 2.        Server running with GNOM workstation and VNC server. As I mentioned above, I have “MobaXterm” installed in my laptop that will work as a display server to connect my CentOS or RHEL server remotely. You may download it from here . It is very easy to use. If you have restrictions to install it in your laptop, then you can use the portable version of it. It can be just executed like PuTTy. To make sure my CentOS or RHEL server running with Desktop software, I use below commands to install them. In CentOS 7 or RHEL 7: [root@labsrv1 ~]# yum groupinstall “GNOME Desktop” In CentOS 8 or RHEL 8: [root@labsrv1 ~]#   yum groupinstall "Server with GUI To install the VNC server, use the below command. Install its dependencies as well, if it prompts for the same.
Read more

Remote X11 forwarding for AIX in command line.

Most of the Unix administrators love to work with command line and it is the most convenient way to work with Unix systems. There were occasions where we had to invoke the GUI for some applications to work with it like, invoke a Firefox browser to browse the internet through Unix systems, install an application in GUI mode etc. Here I am going to describe how can we address such situations by invoking GUI over CLI. Assumptions:           You have an AIX system with remote connection through ssh.           You need to invoke the GUI of an application through Xming or MobaXterm – a DISPLAY server. X Window in AIX server Minimum installation for X Window includes below filesets: X11.base.lib X11.base.rte X11.apps.config X11.apps.clients   (optional to run xclock program – in this case, just for testing purpose) Install the above-mentioned packages to invoke the GUI remotely through command line. Connect through SSH X11 port forwarding On the
Read more

How to manage Linux systems through web browser (cockpit for Linux): CentOS 7, CentOS 8, RHEL 7, RHEL 8, Fedora, Ubuntu and Debian systems.

    Cockpit is a web accessible interactive admin interface for Linux machines. Cockpit can usually be accessed on port 9090 of the machine it's installed on.     The cockpit-ws web service listens on port 9090 and is started on demand by systemd . The Cockpit web service authenticates the user, loads Cockpit into the browser, and starts cockpit-bridge in a Linux user session. The cockpit-bridge provides Cockpit in the web browser with access to the system APIs. It does this over its standard in and standard out.     Cockpit can be installed in the following Operating systems. Please not that this list is where I installed and tested, that does not mean that it will not work on other Operating Systems. RHEL 7 & RHEL 8 CentOS 7 & CentOS 8 Ubuntu Debian     Cockpit is a very helpful tool which can be used to access the Linux servers through a web browser and do all kind of administration tasks. Some of the main features of Cockpit are:
Read more

YUM configuration in AIX.

    In earlier days all RPM packages in AIX were installed by the command “rpm”. The limitation for RPM command is that the difficulty to resolve the dependent packages.   Like other Linux operating system like RedHat, CentOS etc. there is a possibility to setup YUM to install packages in AIX. The below procedure will take you through the steps of configuring YUM in AIX (7.1) systems.     After having many trial and error experiments, the final solution came up with YUM configuration on the system, which is already installed with any RPM packages, we may need to follow the steps like: 1.        Take a backup of system (mksysb) 2.        Have the list of currently installed RPM packages. 3.        Remove the existing RPM packages. 4.        Configure YUM as described below. 5.        Install the previous packages again. Let’s start with the configuration now. Assuming that all required backups are in place to do a roll-back in case of any worst-case scenario.
Read more

Upgrade curl 7.29 to 7.69 in CentOS 7 or RedHat 7

By default we can see 7.29 as the latest version of curl in CentOS or RHEL7. Here we are going to see how we can upgrade it to version 7.69. We use city-fan.org repo for the upgrade of curl. Lets see how to install and enable this repo and upgrade the curl package. Install the "city-fan.org" repo # rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/city-fan.org-release-2-1.rhel7.noarch.rpm Enable the repo "city-fan.org" in configuration file. Open the file /etc/yum.repos.d/city-fan.org.repo and enable the repo "city-fan.org" # vim /etc/yum.repos.d/city-fan.org.repo Upgrade the "curl" package from this repo. # yum update curl -y Once the update is done you can check the version of curl package by "rpm" command. # rpm -qa |grep curl libcurl-devel-7.69.1-1.1.cf.rhel7.x86_64 python-pycurl-7.19.0-19.el7.x86_64 libcurl-7.69.1-1.1.cf.rhel7.x86_64 curl-7.69.1-1.1.cf.rhel7.x86_64 #
Read more