239 lines
9.8 KiB
HTML
239 lines
9.8 KiB
HTML
<!--startcut ==========================================================-->
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<title>TitleOfArticle LG #44</title>
|
|
</HEAD>
|
|
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
|
|
ALINK="#FF0000">
|
|
<!--endcut ============================================================-->
|
|
|
|
<H4>
|
|
"Linux Gazette...<I>making Linux just a little more fun!</I>"
|
|
</H4>
|
|
|
|
<P> <HR> <P>
|
|
<!--===================================================================-->
|
|
|
|
<center>
|
|
<H1><font color="maroon">DNS for the Home Network</font></H1>
|
|
<H4>By <a href="mailto:jpollman@bigfoot.com">JC Pollman</a>
|
|
and <a href="mailto:bill.mote@bigfoot.com">Bill Mote</a></H4>
|
|
</center>
|
|
<P> <HR> <P>
|
|
|
|
<p><b>Disclaimer: </b>This article provides information we have gleaned
|
|
from reading the books, the HOWTOs, man pages, usenet news groups, and
|
|
countless hours banging on the keyboard. It is not meant to be an all-inclusive
|
|
exhaustive study on the topic, but rather, a stepping stone from the novice
|
|
to the intermediate user. All the examples are taken directly from
|
|
our home networks so we know they work.
|
|
<p><b>How to use this guide:</b>
|
|
<ul>
|
|
<li>
|
|
Words encapsulated by square brackets like [Enter] indicate the depression
|
|
of a key on the keyboard or a mouse button [Mouse1]</li>
|
|
|
|
<li>
|
|
Words encapsulated by squiggly brackets like {your name here} indicate
|
|
data that will/should be substituted with "real" data</li>
|
|
|
|
<li>
|
|
Text depicted in italics are commands you, the user, should type at a prompt</li>
|
|
</ul>
|
|
<b>Prerequisites:</b> This guide assumes that you have bind v8.2 installed,
|
|
that you have selected a legal domain name, and that you're using IP Masquerade
|
|
to "hide" your machine from the internet. If you're running bind v4.x
|
|
either upgrade (there are some security concerns with 4.x) or do not use
|
|
this article as it will not work. Note - most distributions have three
|
|
packages of bind - the only one you do not want is the "caching-only" version.
|
|
<p><b>What is DNS? </b>DNS stands for: Domain Name System and is
|
|
actually a protocol. Bind, which is the program you will use, (Berkeley
|
|
Internet Name Domain) is an implementation of DNS, both server and client.
|
|
DNS translates alpha-numeric names, which we humans use, to ip addresses,
|
|
which computers programs use, and vice versa. In other words, it
|
|
translates www.netscape.com to 207.200.75.200.
|
|
<p><b>Why have your own DNS server? </b>You can survive without your
|
|
own DNS server by using your ISP's DNS server. Using your own server helps
|
|
to speed up name lookup, minimize the amount of admin time spent configuring
|
|
your network when you add a new computer, allows sendmail to work better
|
|
for your home network, and will give you a good weekend project.
|
|
<p><b>Who is providing your DNS now? </b>Odds are your local ISP is providing
|
|
you DNS. Follow along with this example as it will validate our assumption
|
|
and provide you with the basis to test your DNS setup after the installation.
|
|
Connect to your ISP and then, from a terminal window, type the following
|
|
command(s):
|
|
<dir>
|
|
<dir><i>nslookup[Enter]</i>
|
|
<p><i>Default Server: {your ISP's DNS name will show here}</i>
|
|
<br><i>Address: {your ISP's DNS server IP address here}</i>
|
|
<p><i>Now type this in to see dns work:</i>
|
|
<br><i>>www.tux.org</i>
|
|
<p><i>Non-authoritative answer:</i>
|
|
<br><i>Name: gwyn.tux.org</i>
|
|
<br><i>Address: 207.96.122.8</i>
|
|
<br><i>Aliases: <a href="http://www.tux.org/">www.tux.org</a></i>
|
|
<br><i>>exit [Enter]</i></dir>
|
|
</dir>
|
|
|
|
<p><br><b><i>Important Note - </i></b>Masquerading, do NOT even think of
|
|
setting up your own private DNS unless you have set up masquerading (or
|
|
have real ip addresses and have registered your network name)! Otherwise
|
|
you will confuse the system and probably get some nasty emails from the
|
|
owners of the real ip addresses. Masquerading allows you to use whatever
|
|
ip addresses and name you want for your own private network and then masquerades
|
|
requests from that network through your internet connection using the valid
|
|
ip address for that connection.
|
|
<p><b>Install DNS: </b>You have to install the bind program to get DNS
|
|
working. In my home setup, kulai.org is my domain. Since I
|
|
use masquerade, kulai.org is not listed anywhere, nor did I register it
|
|
with anyone. When you choose your domain name, make sure it is not already
|
|
registered or you could end up making a mess of things. You use the
|
|
whois program to check if your domain has been legally registered. Example,
|
|
while connected to the net:
|
|
<blockquote>
|
|
<blockquote><i>whois kulai.org [Enter]</i></blockquote>
|
|
</blockquote>
|
|
and I get back a lot of stuff that ends with:
|
|
<blockquote>
|
|
<blockquote>No match for "KULAI.ORG".</blockquote>
|
|
</blockquote>
|
|
For the rest of this article I will be using my computers. They are:
|
|
<br><b></b>
|
|
<br><b></b>
|
|
<table BORDER=4 COLS=3 WIDTH="90%" NOSAVE >
|
|
<tr>
|
|
<td>master.kulai.org</td>
|
|
|
|
<td>192.168.124.10</td>
|
|
|
|
<td>linux only, the server</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>jc.kulai.org</td>
|
|
|
|
<td>192.168.124.1</td>
|
|
|
|
<td>linux and win98</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>fserver.kulai.org</td>
|
|
|
|
<td>192.168.124.11</td>
|
|
|
|
<td>freebsd only</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>phillip.kulai.org</td>
|
|
|
|
<td>192.168.124.20</td>
|
|
|
|
<td>win98 only</td>
|
|
</tr>
|
|
</table>
|
|
<b></b><b></b>
|
|
<p><b>Setup your DNS: </b>There are five files you have to create. These
|
|
are ordinary text files you create with your favorite editor. You can copy
|
|
and paste the examples provided - just make sure to change the names and
|
|
ip addresses to yours! These files are very particular about the
|
|
syntax - be very careful when you type/edit them!
|
|
<dir>
|
|
<dir><a href="name_conf.html">/etc/named.conf</a>
|
|
<br><a href="db_cache.html">/var/named/db.cache</a>
|
|
<br><a href="db_kulai.html">/var/named/db.kulai.org </a>
|
|
(where kulai.org is my domain)
|
|
<br><a href="db_124.html">/var/named/db.124.168.192 </a>
|
|
(where my network is 192.168.124.0)
|
|
<br><a href="db_127.html">/var/named/db.127.0.0</a></dir>
|
|
</dir>
|
|
<b></b>
|
|
<table BORDER COLS=1 WIDTH="100%" NOSAVE >
|
|
<tr>
|
|
<td>WARNING: While your DNS is being set up, never reboot your server without
|
|
renaming /etc/resolv.conf. When the boot completes, rename it back to /etc/resolv.conf.
|
|
A bad reverse DNS can prevent booting, requiring a boot and rescue bust-in.
|
|
Save yourself the trouble - rename.
|
|
|
|
<P> Also, check your /etc/nsswitch.cnf file. The "hosts" line should say
|
|
"<CODE>hosts: files dns</CODE>". This will make the system resolve hostnames by first
|
|
looking at /etc/hosts before consulting a possibly non-functioning DNS. If
|
|
you have the Network Information System, the line may be
|
|
"<CODE>hosts: files nis dns</CODE>".</td>
|
|
</tr>
|
|
</table>
|
|
<b></b>
|
|
<br><b></b> <b></b>
|
|
<p><b>Start it Up:</b> Create the files above and then edit your /etc/resolv.conf
|
|
to list only your own name server:
|
|
<dir>
|
|
<dir>search kulai.org
|
|
<br>nameserver 192.168.124.10</dir>
|
|
</dir>
|
|
Note: /etc/resolv.conf is manditory for bind 8.* then type:
|
|
<dir>
|
|
<dir><i>tail -f /var/log/messages[Enter]</i></dir>
|
|
</dir>
|
|
so you can monitor any error messages when named starts. Open another
|
|
window/console and type:
|
|
<dir>
|
|
<dir><i>/usr/sbin/ndc start [Enter]</i>
|
|
<br>(or for Redhat users: /etc/rc.d/init.d/named start )</dir>
|
|
</dir>
|
|
Your /var/log/messages should have a number of entries about named and
|
|
end with:
|
|
<dir>
|
|
<dir>Jul 10 15:54:26 master named: named startup succeeded
|
|
<br>Jul 10 15:54:26 master named[3523]: Ready to answer queries.</dir>
|
|
</dir>
|
|
To test it, connect to the internet and repeat the process in section "Who
|
|
is providing your DNS now?" It should give <b>your</b> server's name
|
|
as the name server. Type in a place you often go to and see if it
|
|
gives you the ip address.
|
|
<p>If this does not work:
|
|
<br> 1. Check to see if named is running:
|
|
<br> <i>ps ax|grep named [Enter]</i><i></i>
|
|
<p> 2. Ping the server from a different machine, both
|
|
by ip address and name:
|
|
<br><i> ping 192.168.124.10 [Enter]</i>
|
|
<br><i> ping master.kulai.org
|
|
[Enter]</i><i></i>
|
|
<p> 3. Telnet to the server. A long time to connect will
|
|
indicate a problem.
|
|
<p>If all goes well, point the rest of the computers on your home network
|
|
to your new name server.
|
|
<p><b>Final thoughts</b>: We have given you a cookie-cutter recipe for
|
|
setting up a simple dns server. Since success usually creates greater
|
|
interest, here are some places to learn more:
|
|
<p><a href="http://howto.linuxberg.com/ptHOWTO/DNS-HOWTO">The DNS HOWTO</a>
|
|
<br><a href="http://www.ora.com/catalog/dns3/">DNS and Bind by O'Reilly</a>
|
|
<br><a href="http://www.zdwebopedia.com/TERM/D/DNS.html">DNS - ZDNet Webopedia
|
|
Definition and Links</a>
|
|
<br><a href="http://www.troubleshooters.com/linux/dns.htm">Troubeshooters.com:
|
|
DNS</a> -- also includes hints for those who have used an old version of bind
|
|
<br>
|
|
<p>Get your dns working as we will be using it in the months to come. Next
|
|
month we tackle mail for the home network.
|
|
|
|
<!--===================================================================-->
|
|
<P> <hr> <P>
|
|
<center><H5>Copyright © 1999, JC Pollman and Bill Mote<BR>
|
|
Published in Issue 44 of <i>Linux Gazette</i>, August 1999</H5></center>
|
|
|
|
<!--===================================================================-->
|
|
<!--startcut ==========================================================-->
|
|
<P> <hr> <P>
|
|
<A HREF="../index.html"><IMG ALIGN=BOTTOM SRC="../../gx/indexnew.gif"
|
|
ALT="[ TABLE OF CONTENTS ]"></A>
|
|
<A HREF="../../index.html"><IMG ALIGN=BOTTOM SRC="../../gx/homenew.gif"
|
|
ALT="[ FRONT PAGE ]"></A>
|
|
<A HREF="../oneill.html"><IMG SRC="../../gx/back2.gif"
|
|
ALT=" Back "></A>
|
|
<A HREF="../severinghaus.html"><IMG SRC="../../gx/fwd.gif" ALT=" Next "></A>
|
|
<P> <hr> <P>
|
|
</BODY>
|
|
</HTML>
|
|
<!--endcut ============================================================-->
|