configuring named in FreeBSD 8.2-RELEASE

############# named configuration in FreeBSD 8.2-RELEASE ###############
***********************************************************************************************
0x00
to configure a static ip address in freeBSD on em0 card at boot time you need to
[1] edit the file /etc/rc.conf and add the following entry


ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0"

where em0 happens to be your card and inet ip address of your choice and you should have a new interface
at boot time next time. or else "/etc/rc.d/netif restart" to restart the network
0x01
----
to configure a static ip on red hat and (family) at boot time edit /etc/sysconfig/network-scripts/ifcfg-eth0 file
and put your card infomation right there
i.e

DEVICE="eth0"
BOOTPROTO="none"
IPADDR="192.168.20.20"
NETMASK="255.255.255.0"
BROADCAST="192.168.20.255"
ONBOOT="yes"

then restart the network


#/etc/init.d/networking restart

thats all you should get an ip at boot time as well

0x02
----
WORD OF CAUTION:
================
***************************************************************************************************************
this was done with no security in mind not even the least it is just a working solution to my personal problem
please learn how DNS works,DNS security and all what is involved first in case of production deployment
*******************************************************************************************************

named/bind9 comes packaged in your freebsd installation DVD so there is no need to get it from FreeBSD ports

howto
-----
to start/restart/stop named in FreeBSD you need to run

/etc/rc.d/named [start|restart|stop|etc]

to do other small administrative jobs you use the rncd utility (comes with named installation)
to communicate to named securely

Example:
********

so lets say you want to set up your own domain call it "chimera.org"

step [1]
--------
you need to create a zone in named config file which is located in
"/etc/namedb/named.conf"
but before that lets backup our original .conf


# cp /etc/namedb/named.conf /etc/namedb/named.conf.bak

step[2]
-------

lets add our new zone entry

# vi /etc/namedb/named.conf

so we search for the word zone (in vi do escape /zone) pressing 'n' will go to the next match
and add our new entry e.g

zone "chimera.org"      { type master; file "/etc/namedb/master/chimera.org.db"; };

step[3]
-------
now we can populate our file "/etc/namedb/master/chimera.org.db" with records

# vi /etc/namedb/master/chimera.org.db

and put the following sample (you may change to fit your needs)

$TTL    1d
chimera.org.  IN    SOA   ns.chimera.org. support.chimera.org. (
    2010031500 ; se = serial number
    3h         ; ref = refresh
    15m        ; ret = update retry
    3w         ; ex = expiry
    3h         ; min = minimum
    )

    IN    NS    ns.chimera.org.

; private hosts
freebsd        IN    A    192.168.20.200
centos        IN    A    192.168.20.120
thinkpad      IN    A    192.168.20.100

step [4]
--------

finaly lets edit our "/etc/resolv.conf" to point to our local DNS server

# vi /etc/resolv.conf

edit it look something close to this

domain chimera.org
nameserver  192.168.20.200
nameserver 127.0.0.1

where 192.168.20.200 is the local machine we are working on (you replace your DNS server here)

then put the same value "192.168.20.200" in your "/etc/namedb/named.conf"

# vi /etc/namedb/named.conf

search for "listen-on" i.e (escape /listen-on)
and replace 127.0.0.1 with 192.168.20.200

step [5]
--------

thats all there is so finally lets restart our DNS server

# /etc/rc.d/named stop
# /etc/rc.d/named start

or just

# /etc/rc.d/named restart

if all went well your server should be up and running

client setup and testing
------------------------

if your clients use DHCP to get IP addresses the you need to feed your DHCP server with details
about your DNS server and domain.
if the clients get IP addresses manually then edit their individual "/etc/resolv.conf" to have an entry close to one below


domain chimera.org
nameserver 192.168.20.200

NB:wether you used DHCP or manual your clients should end up with this kind of entry
finaly from one of the clients you can use dig or nslookup to test your brand new DNS server
eg:

[root@centos ~]# dig any thinkpad.chimera.org

; <> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <> any thinkpad.chimera.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18658
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;thinkpad.chimera.org.		IN	ANY

;; ANSWER SECTION:
thinkpad.chimera.org.	86400	IN	A	192.168.20.100

;; AUTHORITY SECTION:
chimera.org.		86400	IN	NS	ns.chimera.org.

;; Query time: 5 msec
;; SERVER: 192.168.20.200#53(192.168.20.200)
;; WHEN: Thu Dec 15 20:12:08 2011
;; MSG SIZE  rcvd: 71




[root@centos ~]# nslookup freebsd.chimera.org
Server:		192.168.20.200
Address:	192.168.20.200#53

Name:	freebsd.chimera.org
Address: 192.168.20.200

very thing seems to be working fine at least for me or so i think finally lets make our server come up at boot time

simply add this line your "/etc/rc.conf";

named_enable="YES"

your named server will start next time you reboot
that's pretty much it or at least this is how i understand it for now

home:
jlug:
###################################END###########################################

Advertisements
  1. An outstanding share! I have just forwarded this onto a co-worker who has been conducting a little homework on this.
    And he in fact ordered me lunch due to the fact that I
    discovered it for him… lol. So allow me to reword this….
    Thank YOU for the meal!! But yeah, thanx for spending time to discuss this
    topic here on your web site.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s