Local DNS Server (BIND 9) in OpenSuse 10.2

Hi, this is another series of how to make an OpenSuse 10.2 as a powerful servers 😀 Last time I show you how to make Hard disk quota in OpenSuse, this time I will show you how to make an internal DNS server. I assume you all understand the basic concept of DNS, for further explanation you can go here

Well I already read some of the material that I can get in the Internet, but so far what I’ve got is confusion, but luckily I’ve got my boss that try to simplify this things 😀 So the idea is like to make a phone book, we must specify which IP address belong to which name and vice versa, in here we also going to make a local domain. Here we’re going to make a simple DNS Caching server.

The first thing to do is to edit /etc/named.conf, you can see the example of this below:

options {
# The directory statement defines the name server’s working directory

directory “/var/lib/named”;

# Write dump and statistics file to the log subdirectory. The
# pathenames are relative to the chroot jail.

dump-file “/var/log/named_dump.db”;
statistics-file “/var/log/named.stats”;

# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global ‘notify’ statement in the ‘options’ section, a separate
# ‘notify’ can be added to each zone definition.

notify no;

#write your ISP’s DNS server in this file with maximum 3 server, CMIIW

forwarders {;;};

allow-query {;;};
# The following zone definitions don’t need any modification. The first one
# is the definition of the root name servers. The second one defines
# localhost while the third defines the reverse lookup for localhost.

zone “.” in {
type hint;
file “root.hint”;

zone “localhost” in {
type master;
file “localhost.zone”;

zone “0.0.127.in-addr.arpa” in {
type master;
file “127.0.0.zone”;

# Include the meta include file generated by createNamedConfInclude. This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named

zone “3.168.192.in-addr.arpa” in {
allow-transfer { any; };
file “master/3.168.192.in-addr.arpa”;
type master;
zone “aprdev.com” in {
allow-transfer { any; };
file “master/xanadu.com”;
type master;

In my case I’m going to make a record for my servers in address range with my domain is
xanadu.com So for example i have one server with IP address and later I want to name it mail.xanadu.com and I still have some server to give some name.

In above configuration file I mention about ISP’s DNS server as forwarder, it is used when your client asking about public name server, like when you’re asking about http://www.yahoo.com of course our local DNS would not be able to answer it, actually it can but we have to update the DNS and that isn’t a dream job, let’s just give it to ISP 😀 So you have to add

forwarders {;; };

After setting those things up we go to /var/lib/named/master the working directory in this folder you have to create two files: xanadu.com and 3.168.192.in-addr.arpa . xanadu.com will try to translate every request like mail.xanadu.com or http://www.xanadu.com, basically it will try to translate from words to IP numbers. While 3.168.192.in-addr.arpa will try to do the oppsite things, like what is the name for IP address. The example of xanadu.com zone file is like this:
@ IN SOA dns.xanadu.com. root.dns.xanadu.com. (
2008041000 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum

xanadu.com. IN NS dns.xanadu.com.
xanadu.com. IN MX 10 mail.xanadu.com.
localhost IN A
router IN A
www IN A
mail IN A
dns IN A
jabber IN CNAME www
gateway IN CNAME router

While for the reverse zone, 3.168.192.in-addr.arpa it would be something like this:

@ IN SOA dns.xanadu.com. root.dns.xanadu.com. (
2008040501 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum

3.168.192.in-addr.arpa. IN NS dns.xanadu.com.
1 IN PTR router.xanadu.com.
2 IN PTR http://www.xanadu.com.
3 IN PTR mail.xanadu.com.
10 IN PTR dns.xanadu.com

Now I will try to explain all the attribute inside those files:

  • TTL – time to live will define how long the data will be reside in database
  • SOA – Start of Authority define the hostname, which is the start of a zone
  • dns.xanadu.com is the host name that will handle xanadu.com domain
  • root.dns.xanadu.com is the email address of the administrator of xanadu.com domain
  • 2008040501;serial is the serial number of zone file that will ad up if there is a data changes
  • 3H;refresh is time needed for secondary name server to check changes in primary name server
  • 1H;retry is time needed for secondary name server to retry the checking on primary name server
  • 1W;expiry is time needed for keeping zone file if secondary name server cannot do checking to primary name server
  • 1D);minimum is the default TTL for all record’s resource in zone file
  • IN NS dns.xanadu.com define that dns.xanadu.com will responsible for named service in xanadu.com
  • IN MX 10 mail.xanadu.com define that mail.xanadu.com will responsible as mail server in xanadu.com
  • router IN A define that router.xanadu.com have IP address
  • gateway IN CNAME router define that gateway.xanadu.com is the other name of router.xanadu.com
  • 1 IN PTR router.xanadu.com define that IP address belong to router.aprdev.com and gateway.aprdev.com

Well the configuration is already finish, now we can start the service, by logging on as root, then type rcnamed start, then we can test the configuration, whether working or not, by typing in any computer that has been configured having aka dns.aprdev.com as the name server.

  1. type: host it should return you with: domain name pointer mail.xanadu.com
  2. type: host http://www.xanadu.com it should return you with: http://www.xanadu.com has address
  3. type: host -t ns xanadu.com it should return you with: xanadu.com name server dns.xanadu.com
  4. type: host -t mx xanadu.com it should return you with: xanadu.com mail is handled by 10 mail.xanadu.com, 10 is the priority number

The first command is to test whether reverse zone is working or not, the second command is to test if the zone working or not, the third command to test whether xanadu.com name server is dns.xanadu.com, and the fourth command is to test if xanadu.com mail is being handled by mail.xanadu.com.

If all went smooth then you’ve just make a simple DNS server for yourself, if your environment is in VLAN you can add another reverse zone, as you add some data in xanadu.com, for example you can make another file to caontain all the IP address in subnet by making 2.168.192.in-addr.arpa inside /var/lib/named/master.

Well I hope if there is someone who would like to give comment, you’re welcome then 😀 since I make this based on my experience. I haven’t add up about the security, and another stuffs. This DNS server won’t be a problem if you did not publish to the net with Static IP address since it will make everybody confuse, let’s just use it for our self, and it would be better if you make DNS server when your PC is more less 50, otherwise it will be worthless 😀


3 thoughts on “Local DNS Server (BIND 9) in OpenSuse 10.2

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s