Bind is the most common and open source DNS server implementation that resolves a DNS name to an IP address and vice versa. This system was created by students.
It is necessary
- - a computer;
- - the Internet.
Instructions
Step 1
Configure bind to serve only your own domains, without the ability to use it in DNS cached mode. This is done because most data centers have their own DNS server. Check for the following packages on your system: bind, bind-chroot to install bind. To do this, use the command
$ rpm -q bind
bind-9.2.4-24. EL4
$ rpm -q bind-chroot
bind-chroot-9.2.4-24. EL4.
Step 2
Install the second package to make your server more secure against hacking, it allows you to isolate bind from the rest of the system. All files used by bind after installing this package will be moved to the / var / named / chroot / folder. Don't change paths in config files.
Step 3
Note when configuring bind to use current time information, so replace var / named / chroot / etc / localtime with your time zone information. It is the file that needs to be replaced, because a symbolic link to another file will not work in chroot mode. Next, configure the var / named / chroot / etc / rndc.key file to run bind. This file contains the authorization key for the rndc program, which controls the bind server and displays the statistics of hits.
Step 4
Create a line in # dnssec-keygen -a HMAC-MD5 -b 128 -n USER rndckey, this command will create two files in the current folder. The key will appear in the private file on the third line PBpLBGUy6QRdCnUMwv9dxw ==. Create a new file, name it rndc.key, insert the key "rndckey" {; algorithm hmac-md5; secret "PBpLBGUy6QRdCnUMwv9dxw ==".
Step 5
Create a named.com file containing the following key:
options {
directory "/ var / named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
listen-on {127.0.0.1; };
version "unknown";
allow-recursion {none; };
allow-query {any; };
};
Replace the ip in the file with the one you want. Verify that the bind configuration is set correctly using the # named-checkconf /var/named/chroot/etc/named.conf command.