old-www/LDP/LG/issue44/pollman/dns.html

<!--startcut ==========================================================-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<title>TitleOfArticle LG #44</title>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
ALINK="#FF0000">
<!--endcut ============================================================-->

<H4>
"Linux Gazette...<I>making Linux just a little more fun!</I>"
</H4>

<P> <HR> <P> 
<!--===================================================================-->

<center>
<H1><font color="maroon">DNS for the Home Network</font></H1>
<H4>By <a href="mailto:jpollman@bigfoot.com">JC Pollman</a>
and <a href="mailto:bill.mote@bigfoot.com">Bill Mote</a></H4>
</center>
<P> <HR> <P>  

<p><b>Disclaimer: </b>This article provides information we have gleaned
from reading the books, the HOWTOs, man pages, usenet news groups, and
countless hours banging on the keyboard. It is not meant to be an all-inclusive
exhaustive study on the topic, but rather, a stepping stone from the novice
to the intermediate user.&nbsp; All the examples are taken directly from
our home networks so we know they work.
<p><b>How to use this guide:</b>
<ul>
<li>
Words encapsulated by square brackets like [Enter] indicate the depression
of a key on the keyboard or a mouse button [Mouse1]</li>

<li>
Words encapsulated by squiggly brackets like {your name here} indicate
data that will/should be substituted with "real" data</li>

<li>
Text depicted in italics are commands you, the user, should type at a prompt</li>
</ul>
<b>Prerequisites:</b> This guide assumes that you have bind v8.2 installed,
that you have selected a legal domain name, and that you're using IP Masquerade
to "hide" your machine from the internet. If you're running bind v4.x&nbsp;
either upgrade (there are some security concerns with 4.x) or do not use
this article as it will not work. Note - most distributions have three
packages of bind - the only one you do not want is the "caching-only" version.
<p><b>What is DNS?&nbsp; </b>DNS stands for: Domain Name System and is
actually a protocol. Bind, which is the program you will use, (Berkeley
Internet Name Domain) is an implementation of DNS, both server and client.&nbsp;
DNS translates alpha-numeric names, which we humans use, to ip addresses,
which computers programs use, and vice versa.&nbsp; In other words, it
translates www.netscape.com to 207.200.75.200.
<p><b>Why have your own DNS server?&nbsp; </b>You can survive without your
own DNS server by using your ISP's DNS server. Using your own server helps
to speed up name lookup, minimize the amount of admin time spent configuring
your network when you add a new computer, allows sendmail to work better
for your home network, and will give you a good weekend project.
<p><b>Who is providing your DNS now? </b>Odds are your local ISP is providing
you DNS. Follow along with this example as it will validate our assumption
and provide you with the basis to test your DNS setup after the installation.
Connect to your ISP and then, from a terminal window, type the following
command(s):
<dir>
<dir><i>nslookup[Enter]</i>
<p><i>Default Server: {your ISP's DNS name will show here}</i>
<br><i>Address: {your ISP's DNS server IP address here}</i>
<p><i>Now type this in to see dns work:</i>
<br><i>>www.tux.org</i>
<p><i>Non-authoritative answer:</i>
<br><i>Name: gwyn.tux.org</i>
<br><i>Address: 207.96.122.8</i>
<br><i>Aliases: <a href="http://www.tux.org/">www.tux.org</a></i>
<br><i>>exit [Enter]</i></dir>
</dir>

<p><br><b><i>Important Note - </i></b>Masquerading, do NOT even think of
setting up your own private DNS unless you have set up masquerading (or
have real ip addresses and have registered your network name)!&nbsp; Otherwise
you will confuse the system and probably get some nasty emails from the
owners of the real ip addresses.&nbsp; Masquerading allows you to use whatever
ip addresses and name you want for your own private network and then masquerades
requests from that network through your internet connection using the valid
ip address for that connection.
<p><b>Install DNS: </b>You have to install the bind program to get DNS
working.&nbsp; In my home setup, kulai.org is my domain.&nbsp; Since I
use masquerade, kulai.org is not listed anywhere, nor did I register it
with anyone. When you choose your domain name, make sure it is not already
registered or you could end up making a mess of things.&nbsp; You use the
whois program to check if your domain has been legally registered. Example,
while connected to the net:
<blockquote>
<blockquote><i>whois&nbsp; kulai.org [Enter]</i></blockquote>
</blockquote>
and I get back a lot of stuff that ends with:
<blockquote>
<blockquote>No match for "KULAI.ORG".</blockquote>
</blockquote>
For the rest of this article I will be using my computers. They are:
<br><b></b>&nbsp;
<br><b></b>&nbsp;
<table BORDER=4 COLS=3 WIDTH="90%" NOSAVE >
<tr>
<td>master.kulai.org</td>

<td>192.168.124.10</td>

<td>linux only, the server</td>
</tr>

<tr>
<td>jc.kulai.org</td>

<td>192.168.124.1</td>

<td>linux and win98</td>
</tr>

<tr>
<td>fserver.kulai.org</td>

<td>192.168.124.11</td>

<td>freebsd only</td>
</tr>

<tr>
<td>phillip.kulai.org</td>

<td>192.168.124.20</td>

<td>win98 only</td>
</tr>
</table>
<b></b><b></b>
<p><b>Setup your DNS: </b>There are five files you have to create. These
are ordinary text files you create with your favorite editor. You can copy
and paste the examples provided - just make sure to change the names and
ip addresses to yours!&nbsp; These files are very particular about the
syntax - be very careful when you type/edit them!
<dir>
<dir><a href="name_conf.html">/etc/named.conf</a>
<br><a href="db_cache.html">/var/named/db.cache</a>
<br><a href="db_kulai.html">/var/named/db.kulai.org&nbsp;</a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
(where kulai.org is my domain)
<br><a href="db_124.html">/var/named/db.124.168.192&nbsp;</a>&nbsp;&nbsp;
(where my network is 192.168.124.0)
<br><a href="db_127.html">/var/named/db.127.0.0</a></dir>
</dir>
<b></b>
<table BORDER COLS=1 WIDTH="100%" NOSAVE >
<tr>
<td>WARNING: While your DNS is being set up, never reboot your server without
renaming /etc/resolv.conf. When the boot completes, rename it back to /etc/resolv.conf.
A bad reverse DNS can prevent booting, requiring a boot and rescue bust-in.
Save yourself the trouble - rename.

<P> Also, check your /etc/nsswitch.cnf file.  The "hosts" line should say
"<CODE>hosts:&nbsp;files&nbsp;dns</CODE>".  This will make the system resolve hostnames by first 
looking at /etc/hosts before consulting a possibly non-functioning DNS.  If
you have the Network Information System, the line may be 
"<CODE>hosts:&nbsp;files&nbsp;nis&nbsp;dns</CODE>".</td>
</tr>
</table>
<b></b>
<br><b></b>&nbsp;<b></b>
<p><b>Start it Up:</b> Create the files above and then edit your /etc/resolv.conf
to list only your own name server:
<dir>
<dir>search kulai.org
<br>nameserver 192.168.124.10</dir>
</dir>
Note: /etc/resolv.conf is manditory for bind 8.*&nbsp; then type:
<dir>
<dir><i>tail -f /var/log/messages[Enter]</i></dir>
</dir>
so you can monitor any error messages when named starts.&nbsp; Open another
window/console and type:
<dir>
<dir><i>/usr/sbin/ndc start [Enter]</i>
<br>(or for Redhat users: /etc/rc.d/init.d/named start )</dir>
</dir>
Your /var/log/messages should have a number of entries about named and
end with:
<dir>
<dir>Jul 10 15:54:26 master named: named startup succeeded
<br>Jul 10 15:54:26 master named[3523]: Ready to answer queries.</dir>
</dir>
To test it, connect to the internet and repeat the process in section "Who
is providing your DNS now?"&nbsp; It should give <b>your</b> server's name
as the name server.&nbsp; Type in a place you often go to and see if it
gives you the ip address.
<p>If this does not work:
<br>&nbsp;&nbsp;&nbsp; 1. Check to see if named is running:
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <i>ps ax|grep named [Enter]</i><i></i>
<p>&nbsp;&nbsp;&nbsp; 2. Ping the server from a different machine, both
by ip address and name:
<br><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ping 192.168.124.10 [Enter]</i>
<br><i>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ping&nbsp; master.kulai.org
[Enter]</i><i></i>
<p>&nbsp;&nbsp;&nbsp; 3. Telnet to the server. A long time to connect will
indicate a problem.
<p>If all goes well, point the rest of the computers on your home network
to your new name server.
<p><b>Final thoughts</b>: We have given you a cookie-cutter recipe for
setting up a simple dns server.&nbsp; Since success usually creates greater
interest, here are some places to learn more:
<p><a href="http://howto.linuxberg.com/ptHOWTO/DNS-HOWTO">The DNS HOWTO</a>
<br><a href="http://www.ora.com/catalog/dns3/">DNS and Bind by O'Reilly</a>
<br><a href="http://www.zdwebopedia.com/TERM/D/DNS.html">DNS - ZDNet Webopedia
Definition and Links</a>
<br><a href="http://www.troubleshooters.com/linux/dns.htm">Troubeshooters.com:
DNS</a> -- also includes hints for those who have used an old version of bind
<br>
<p>Get your dns working as we will be using it in the months to come. Next
month we tackle mail for the home network.

<!--===================================================================-->
<P> <hr> <P> 
<center><H5>Copyright &copy; 1999, JC Pollman and Bill Mote<BR> 
Published in Issue 44 of <i>Linux Gazette</i>, August 1999</H5></center>

<!--===================================================================-->
<!--startcut ==========================================================-->
<P> <hr> <P> 
<A HREF="../index.html"><IMG ALIGN=BOTTOM SRC="../../gx/indexnew.gif" 
ALT="[ TABLE OF CONTENTS ]"></A>
<A HREF="../../index.html"><IMG ALIGN=BOTTOM SRC="../../gx/homenew.gif"
ALT="[ FRONT PAGE ]"></A>
<A HREF="../oneill.html"><IMG SRC="../../gx/back2.gif"
ALT=" Back "></A>
<A HREF="../severinghaus.html"><IMG SRC="../../gx/fwd.gif" ALT=" Next "></A>
<P> <hr> <P> 
</BODY>
</HTML>
<!--endcut ============================================================-->