SUMMARY: DNS Primer

From: David Willard (willard@hvsun1.mdc.com)
Date: Mon Oct 26 1992 - 16:52:00 CST


Hello all!
  Thank you to all those who responded. About half the people
who replied wanted to see a summary, so here it is. First
my original query:

> Does anyone know of a reference I could use to help me
> get DNS up and running on our Suns? I have the System & Network
> Administration manual, but if someone could point me to other
> helpful documents, I would appreciate it.
>
> Of course, if there is interest, I'll summarize...

Of the people who sent real (i.e. not "me too", not that that is bad)
information, most suggested books in print or other references out
in netland; their (almost) full reply is included. Two others sent
their own summaries of what to do; their replies are also included.
Finally, two others sent actual files for me to work from. Both
of these were rather long, so, in the interest of space, I did not
include them here, although I have included their introductions
so you might get a feel for what they sent. I will forward those
replies to those who request them, but I would rather not send them
to the entire list (unless there is just an overwhelming demand,
say 100+ requests by the end of the day).

 Thanks again for the responses, they have helped me a great deal!

-- 
David Willard (willard@hvsun1.mdc.com)
Unix Systems Analyst Programmer, McDonnell Douglas Space Systems Co.
Huntsville, AL  35806

----------------------(summary below)---------------------------

From: katzung@lisle.swissbank.com (Brian Katzung)

The Nutshell Handbook on TCP/IP Network Administration by Craig Hunt (O'Reilly & Associates, Inc.) is pretty helpful.

------------ From: phil@pex.eecs.nwu.edu (William LeFebvre)

O'Reilly will be coming out with a DNS and Bind Nutshell book real soon now. I haven't heard an exact date, but I know that it will be before the end of the year. I reviewed it for them and found it to be very thorough and worthwile.

------------- >From ornstein@refuge.Colorado.EDU@hvsun1.mdc.com Tue Oct 20 02:48:58 1992

I can't vouch for this just yet, but I have heard good things about it from other peopld in the company that the 'bind and dns' handbook that is coming out this week from o'reily is very full of information that will help a lot of people. I know that they are selling it as the lisa conference, so bookstores should have it soon if not already.

------------- From: craig@cam.nist.gov (Craig Hunt)

There is a new book called "DNS and BIND in a Nutshell" by Paul Albitz and Cricket Lui which is available from O'Reilly & Associates. I have only seen a pre-publication draft copy, but it is loaded with info--about 350 pages of nothing but DNS. I would guess this is the most extensive treatment of DNS anywhere.

------------- From: grobbins@Kodak.COM

You may want to try the O'Reilly & Assoc. "nutshell" book "TCP/IP Network Administration". It has a whole chapter on configuring DNS, along with other good network stuff.

I just got the book myself yesterday, and haven't had a chance to go through it, but co-workers of mine say it's a good book.

------------- From: for@pttnms.ewi.ch (Rejane Forre)

A new book by O'Reilly is supposed to be published in October, with the title "DNS & Bind", by someone called Liu, for US$ 38.65. I hope this book will be as good as many of the O'Reilly series.

------------- From: trinkle@cs.purdue.edu (Daniel Trinkle)

A friend of mine (Paul ALbitz at HP in Cupertino) has coauthored a book on DNS for O'Reilly & Associates. I reviewed the book and think it would be very useful. I don't know when it is scheduled to be released, but you should bug O'Rielly (ora.com) about it :-)

------------- From: gauthier@fresnel.telecom.hydro.qc.ca (Jean-Benoit Gauthier)

The books from Douglas Comer "Internetworking with TCP/IP", which is kind of a bible on the TCP/IP subject. The latest edition was split in multiple book, tome 1 is the one about DNS i think. There's a full chapter on DNS.

The RFC: 1032: Domain Administration Guide 1034: Domain Names - Concepts and Facilities 1035: Domain Names - Implementation and Specifications

For DNS on Sun, at last year (1991) SUG there was a seminar given by Bill LeFebvre on the subject. The title was "Introduction to the Domain Name System". Try to get the paper. if you can't i will have a copy in a couple of days, maybe we can arrange something....

----------- From: mdl@cypress.com (J. Matt Landrum)

I believe there is something in the FAQ to this list. I can look for it if you can't find it lying around.

----------- From: John A. Murphy <jam@philabs.Philips.Com>

O'Reilley just came out with a nutshell book on BIND. Not free, but quite extensive.

----------- From: phil@dgbt.doc.ca (Phil Blanchfield)

Get the BIND Operators Guide from: Host emx.cc.utexas.edu

Location: /pub/mnt/source/tcp-ip/bind-4.8.3/doc DIRECTORY drwxrwxr-x 512 Jun 10 14:43 BOG

----------- From: Steven Parkes <steven@crhc.uiuc.edu>

I would recommend you get the contents of uxc.cso.uiuc.edu:~ftp/services/cra-bind This has the sources to the most recent, enhanced in.named as well all the rfc's and the BOG (Name Server (bind) Operations Guide.) The campus dns administrator (who is quite well versed in these things) reports that the named that comes with Sun OS is quite old and crufty.

------------- From: Andrew Purshottam <andy@autodesk.com>

How do you want to run DNS, with YP or as replacement? If as replacement, there used to be a tutorial on it in the sun-managers archives, on titan.rice.edu, but that was 3 years ago. (NOTE: I will be running it with NIS(YP))

------------ From: densond@carbon.cor2.epa.gov

I looked at both the System and Network Administration manual from Sun, and an installation at Oregon State U. I wrote this after I set it up in order to help those who were in charge of maintaining the thing. It does not tell you how to set it up, however, as the S and N A manual does that just fine. I hope it helps. I strongly suggest you look at another installations DNS database to help you out.

Adding Resource Records to the Nameserver -----------------------------------------

Dave Denson (densond@heart.cor.epa.gov), 9 Sep 92

This document (currently) specifies three procedures: "Adding a New Host to the Nameserver", "Adding an Mail Exchange (MX) Record for a Host or Domain", and "Adding a CNAME (an Alias) for a Host". I do not claim complete and irrefutable knowledge in these matters, and I suggest a breeze through the "System and Network Administration" manual.

Please direct whatever you wish at the above address.

Adding a New Host to the Nameserver -----------------------------------

Adding a new host to the nameserver requires the modification of two files, and sending a signal to the running in.named daemon. I will add the host "banner.cor3.epa.gov" in this example.

1. cd to /var/named on cerberus.

In /var/named there are two sets of files you are concerned with, the *.hosts and *.hosts.rev pairs. Since banner is under the cor3 domain, the files cor3.hosts and cor3.hosts.rev will need to be modified.

2. Using your favorite editor, edit the *.hosts file.

This file has a header that must remain at the beginning of the file:

@ IN SOA cerberus.cor.epa.gov. jwh.heart.cor.epa.gov. ( 9208.2100 ;Serial (YYMM.DDVV) 10800 ;Refresh 1800 ;Retry 3600000 ;Expire 86400 ) ;Minimum IN NS cerberus.cor.epa.gov.

Following this are the resource records for the various hosts. To add banner's internet address to the table, the line

banner IN A 134.67.228.75

must be added somewhere after the header.

3. Edit the *.hosts.rev file.

This file contains the table for mapping IP numbers to names. It also has a header that must remain at the top of the file.

After the header add a line similar to:

75 IN PTR banner.cor3.epa.gov.

where the first field is the IP host number without the network number (which is specified in the file's header), and the last field is the fully qualified host name, terminated by a period.

4. Send a HUP to in.named to read the files and rebuild the database.

5. (Optional) If you want to make certain that the new host is actually in the table, sending an INT signal will cause in.named to dump its database to /var/tmp/named_dump.db. Just grep for the hostname--the file is long and very ugly.

Adding an Mail Exchange (MX) Record for a Host or Domain --------------------------------------------------------

To add an MX record for a particular host, a line needs to be added to the cor*.hosts file for that domain. I will be adding an MX record for corvls.cor.epa.gov to point to vaxtm1.rtpnc.epa.gov.

1. cd to /var/named on cerberus.

2. Edit the cor*.hosts file for the appropriate domain. For this example, cor.hosts must be used, since corvls in the cor domain.

3. If the host has an internet address, place an MX line immediately following that definition. The host name field may be omitted in this case:

hydro IN A 134.67.100.29 MX 10 heart.cor.epa.gov.

Here hydro has an MX record directing mail to heart. The number 10 is just a place holder in this example--in the case of multiple MX records for a given host, this field denotes preferences (lower numbers having a higher preference). Also note the trailing dot in "heart.cor.epa.gov.". This is needed, otherwise the address would be relative to the current domain (in this case heart.cor.epa.gov.cor2.epa.gov, since the definition is in the cor2.hosts file).

If the host does not have an internet address, just add the MX resource record with the host name field:

corvls MX 10 vaxtm1.rtpnc.epa.gov.

4. Send a HUP to in.named.

5. Test the definition using nslookup:

Make sure the server is cerberus (type "server 134.67.4.48", if need be). Set the query type to MX ("set qtype=MX"). Enter the fully qualified domain name for the host with the new MX record. You should get a response like:

Server: cerberus.cor.epa.gov Address: 134.67.4.48

corvls.cor.epa.gov preference = 10, mail exchanger = vaxtm1.rtpnc.epa.gov vaxtm1.rtpnc.epa.gov inet address = 134.67.208.95

-----

To add a MX record for a domain, edit the cor*hosts file for that domain, and add a line like:

*.cor2.epa.gov MX 10 heart.cor.epa.gov.

This _should_ do it, after sending a HUP to in.named. I have not tested this, so don't blame me if it blows up.

Adding a CNAME (an Alias) for a Host ------------------------------------

To add an alias for a host, the cor*.hosts file for the domain the alias resides in must be edited. For example, an alias pointing from emissions.cor.epa.gov to the host emissions.cor2.epa.gov will be added below.

1. cd to /var/named on cerberus.

2. Edit the cor*.hosts file for the aliases domain. For the example, the file cor.hosts must be edited.

3. Add a line similar to the following:

emissions IN CNAME emissions.cor2.epa.gov.

4. Send a HUP signal to in.named.

5. Test the alias using nslookup. Make sure that cerberus is the default server, and enter the fully qualified domain name for the alias. A result like the following should be seen:

> emissions.cor.epa.gov Server: cerberus.cor.epa.gov Address: 134.67.4.48 Name: emissions.cor2.epa.gov Address: 134.67.100.11 Aliases: emissions.cor.epa.gov, emissions.cor2.epa.gov emissions.cor2.epa.gov

------------- From: higgins@math.niu.edu

Lets pretend your domain is x.mdc.com.

1) Create a directory to put your DNS files. I chose /var/domain/math for mine. /var is good since DOES write to it. Lets call that directory $DNS .

2) create the text file $DNS/named.boot, you can use the following as a model substituting your domain name for X.MDC.COM and substituting the correct ip number for y.38.130.in-addr.arpa. (I'm pretending you are subnetting off of MDC.COM).

; ; named.boot

directory /var/domain/x

; type domain source file or host backup file

cache . root.cache primary X.MDC.COM hosts primary y.38.130.in-addr.arpa hosts.rev primary 0.0.127.in-addr.arpa named.local

3) create the hosts table, lets suppose you're going to run your server on host z in the domain x.mdc.com and lets suppose your mail server is the host w in x.mdc.com

; Authoritative data for ; X.MDC.COM (SOME MDC.COM SUB DOMAIN) ; @ IN SOA z support.x.mdc.com. ( 19210190 ; Serial 86400 ; refresh interval 21600 ; retry interval 1440000 ; expiration limit 86400 ) ; min RR TTL binding ; IN NS z.x.mdc.com. IN NS TINES.MDC.COM. ;assuming the parent domain is going to be a secondary nameserver IN NS WUARCHIVE.WUSTL.EDU. ; wuarchive is a NS for MDC.COM, lets suppose it's one for you also. ; you must get them to agree to do this. ; ; @ IN MX 0 w ; w.x.mdc.com ; if you have a backup mail server(s) put them in here also, in ; the same way, but incresing the number 0 by 10 in order of ; preference. ; ; ; localhost IN A 127.1 ; Standard loopback address ; ; below, for each system in the domain, put the system information in the ; following format ; hostname IN HINFO Machine-type OpSysName ; IN A ip-address ; ;examples z IN HINFO SUN-3/280 UNIX IN A 130.38.y.a w IN HINFO SUN-4/IPC UNIX IN A 130.38.y.b ; ; this is nice too. mailhost IN CNAME clinch.math.niu.edu. ;a sendmail alias ;

4) Now we need a hosts.rev in $DNS ; ; hosts.rev ; ; Authoritative Zone definition for ; x.mdc.in-addr.arpa. ; @ IN SOA z.x.mdc.com. support.x.mdc.com. ( 19210190; Serial # 86400 ; refresh interval 21600 ; retry interval 1440000 ; expiration limit 86400 ) ; min RR TTL binding ; IN NS z.x.mdc.com. IN NS TINES.MDC.COM. ;assuming the parent domain is going to be a secondary nameserver IN NS WUARCHIVE.WUSTL.EDU. ; wuarchive is a NS for MDC.COM, lets suppose it's one for you also. ; you must get them to agree to do this. ; ; ; now you put in records for each host in your domain. a IN PTR z.x.mdc.com. b IN PTR w.x.mdc.com.

5) Now we need a root.cache in $DNS, use the following

; Initial cache data for root domain servers. ;

. 99999999 IN NS NS.NIC.DDN.MIL. 99999999 IN NS KAVA.NISC.SRI.COM. 99999999 IN NS NS.NASA.GOV. 99999999 IN NS TERP.UMD.EDU. 99999999 IN NS AOS.BRL.MIL. 99999999 IN NS C.NYSER.NET. 99999999 IN NS NIC.NORDU.NET. 99999999 IN NS NS.EU.NET. 99999999 IN NS NS.UU.NET.

; ; Prep the cache (hotwire the addresses). Order does not matter. ; NS.NIC.DDN.MIL. 99999999 IN A 192.112.36.4 KAVA.NISC.SRI.COM. 99999999 IN A 192.33.33.24 NS.NASA.GOV. 99999999 IN A 128.102.16.10 NS.NASA.GOV. 99999999 IN A 192.52.195.10 AOS.BRL.MIL. 99999999 IN A 192.5.25.82 C.NYSER.NET. 99999999 IN A 192.33.4.12 TERP.UMD.EDU. 99999999 IN A 128.8.10.90 NIC.NORDU.NET. 99999999 IN A 192.36.148.17 NS.UU.NET. 99999999 IN A 137.39.1.13 NS.EU.NET. 99999999 IN A 192.16.202.11

6) In /etc/aliases in your NIS database or whatever, alias support to the person who is going to respond to inquires about problems with the nameserver.

7) In /etc/rc.local on the system which is going to be your nameserver, i.e. z.x.mdc.com, find the following and set it correctly. That is, replace $DNS with the full path to named.boot

echo -n 'starting additional services:' if [ -f /usr/etc/in.named -a -f $DNS/named.boot ]; then in.named -b $DNS/named.boot; echo -n ' named' fi

8) If you are running NIS, cd to /var/yp and set the -b flag in the makefile.

9) check /etc/resolv.conf to set for correct nameserver.

10) start nameserver with in.named -b $DNS/named.boot

I don't think I've forgotten anything, but you should also follow along in S&N Admin manual to be sure.

------------- From: stuart@bfsun1.eglin.af.mil (stuart shapiro)

Dave,

The enclosed files where sent to me from Sun when I called them. The first set is for a secondary server.

After setting up the files in /etc and /var, restart the sendmail daemon. "ps -ax | grep sendmail" Kill sendmail and restart it the same way it appears from the ps command.

Try the sendmail and mail tests to determine if it is running correctly.

Write me back if it doesn't work.

The Sun manual got me very close, but I didn't realize that sendmail.mx is for DNS. Stuart (stuart@bfsun1.eglin.af.mil) (740+ lines worth of stuff - email me if you want it)

------------ From: fabrice@pure.com (Fabrice Guerini)

I don't really have a primer to suggest, but I have something that might be better. You know how a programmer only writes one program in his or her life and all the others are changes applied to it. Well, I offer the set of named(8C) files that we use here for you to modify with your IP addresses and your domain.

Our current DNS has only one domain, no subdomain and no slave DNS servers. Nor are we connected directly to the Internet. If you are, you will have to make changes to named.boot and named.ca (RTFM).

Here is the list of files. They should be present on the DNS server, except the file /etc/resolv.conf, which is supposed to be used by the clients.

(Files will sent on request, almost 400 lines worth)



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:51 CDT