Simple DNS Configuration Example
Author : RIPE DNS working group
Version : 1.0
RIPE NCC
Document : ripe-192
See Also :
Updates :
Table of Contents
* Abstract
* Recommended Reading
* Preparation
* Example Files
* Authors
Abstract
This document is intended as a very short primer and example on how to set up
your own server for the domain name system (DNS). Setting up the DNS server is
not the only step you need to take to make your domain visible on the Internet.
There can be several steps of registration procedures you have to go through.
Your Internet service provider (ISP) should be able to help you with these.
This text assumes that you are running the Unix operating system, and that you
are using the Berkeley Internet Name Daemon (BIND) version 8 or version 4. If
this is not the case, this document is of less value to you, but may still be
worth reading. It also assumes that you have basic experience with Unix, moving
around in the file tree, starting and stopping processes, and editing text files
with some text editor. You are also expected to have administrator privileges on
the machine, and you will find that most command will have to be given by the
"root" user.
You also need the following information: your domain name, your network number,
who your ISP is, and the host names and IP addresses of your computers.
This "step by step" instruction does not intend to explain what the various files
and statements therein actually mean, but is a quick and dirty "do this, and it
might work". If you are interested in a more thorough introduction to the
subject, please see the following documents.
Recommended Reading
"DNS & BIND 3rd Edition" by Paul Albitz & Cricket Liu,
O'Reilly & Associates Inc.
The DNS Resources Directory
http://www.dns.net/dnsrd/
Preparation
In the files below, the domain name company.xy is used. This is just an example,
and should of course be replaced with your own domain name. We also assume that
this "example company" has been assigned the IP network numbers 192.168.42.0 -
192.168.42.255 (often expressed as 192.168.42.0/24). Please pay attention to the
notes in the example files, if your address assignment is not exactly 256
addresses (i.e., a /24, or previously referred to as a "class 'C' network").
There are a couple of steps you have to take before installing the configuration
files.
1. Install a mail alias "hostmaster@company.xy" that receives mail and delivers
it to the person that runs the DNS server at your site. This probably means
YOU. Also be prepared to read and act on mail arriving to this address.
("company.xy" should of course be replaced with your own domain name.)
2. Make sure that your machine has the program "named" (name daemon) installed.
Also find out which version of the program you are using. You only need to
worry about the first digit in the version number. It should be either 4 or
8.
"named" is part of the BIND package, and we STRONGLY encourage you to take
the effort of installing the latest version of BIND you can lay your hands
on. All programs have errors in them, and "named" is no exception. We tend
to believe that more modern versions are less prone to this problem,
especially on the security side.
3. Create the directory "/etc/domain" (using the command "mkdir /etc/domain")
on your name server computer. All the examples below assume that the
directory exists, and all files except one reside in that directory. The one
exception is the file /etc/named.boot or /etc/named.conf. You only use one
of them, and which one depends on which version of BIND you are using.
Now you can install the files below in the location indicated by the "Filename:"
comment that you find at the top of all the example files. Please remember to
replace the strings as indicated.
We have done the best we can to provide a simple and straight forward
configuration, but all Internet sites are different, and it is not at all
unlikely that your site will not fit exactly into our model. If you find that the
configuration below doesn't work for you, you will either have to study the
system further (see suggested reading list) or consult someone who is more
experienced in running the system. If you do, don't be surprised if the models
presented in literature and by consultants differ substantially from ours. DNS
can be done in many ways - most of which are wrong, but there is a substantial
number of ways that DO work, and they may seem quite different. Which one to
choose is merely a question of taste or religious conviction.
Example Files
On the following pages we present a set of example files that can be used as a
very basic configuration for a BIND DNS server.
The name server process uses these files to tell the rest of the Internet about
your machines. If you add a new machine, or if you change the IP address of a
machine, you have to change the corresponding file. After having edited one or
more files, you must restart the "named" process. Don't forget to update the
serial number in every zone file you edit.
You have to choose ONE of the first two example files. The first one is to be
used if you have BIND version 8 installed. The second one is to be used if you
have BIND version 4 installed. The third and following files are common to the
two versions, and are all required on your system.
When dealing with DNS files it is crucial that one is EXTREMELY careful when one
types. If the example files have a period character (".") at one place, it is
imperative that your files have that character in the corresponding place.
Likewise, if the files do NOT have have a period character, neither should yours.
The placement of special characters might seem random and unmotivated, but they
are there to make your unforgiving computer shut up and not complain, and in the
long run, that will make life easier for you. :-)
The file "named.root" that resides in the /etc/domain directory is not included
in the example files below. It is a standard file, but its content varies slowly
over time. You should obtain a fresh copy, and you do so by pointing your
favourite web browser to ftp://ftp.rs.internic.net/domain/named.root and save the
file do disk in "text" format. Copy the file to its correct location
(/etc/domain/named.root).
The example files follow the authors section.
Authors
This document is a collaborate effort with its root in the RIPE DNS working
group. Suggestions have been brough forward by many. Thanks a lot! The following
people have devoted some extra time to it:
Amar Andersson Telia Network Services AA90-RIPE
Hans Niklasson Tele2/SwipNet HN413-RIPE
Ruediger Volk Deutsche Telekom RV32
Peter Koch Universitaet Bielefeld PK46-RIPE
Niall O'Reilly University College NO8
Dublin
Randy Bush Verio RB366
Kurt Kayser VIAG Interkom KK37-RIPE
Nic Lewis LINX
Lars-Johan Liman Royal Inst. of LL10-RIPE
Technology
^L// Filename: /etc/named.conf
// This is an example of a name server configuration for BIND version 8.
// If you change this file, you must restart the "named" process.
//----------------------------------------------------------------------
// This is the directory where the rest of the files reside.
options {
directory "/etc/domain";
};
//----------------------------------------------------------------------
// The following three blocks are standard configuration
// and should appear verbatim.
zone "." {
type hint;
file "named.root"; // This file should be picked up from
}; // ftp://ftp.rs.internic.net/domain/named.root
zone "localhost" {
type master;
file "localhost";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0";
};
//----------------------------------------------------------------------
// This is the part of the DNS database that will translate host and
// domain names into IP addresses. Replace "company.xy" with your
// own domain name.
zone "company.xy" { // The file "company.xy" should reside in
type master; // the /etc/domain/ directory, and you
file "company.xy"; // have to create it yourself.
};
//----------------------------------------------------------------------
// This is the part of the DNS database that will translate your IP
// addresses back to domain names (so called reverse DNS information).
// Replace "192.168.42" with your own network number. NOTE! The
// network number appears backwards in the second clause (just before
// ".in-addr.arpa").
zone "42.168.192.in-addr.arpa" { // The file "192.168.42" should reside in
type master; // the /etc/domain/ directory, and you
file "192.168.42"; // have to create it yourself.
};
// IMPORTANT NOTE!
// If your ISP has assigned fewer than 255 addresses to you, you must
// contact the ISP for further assistance.
//----------------------------------------------------------------------
// END OF FILE
^L; Filename: /etc/named.boot
; This is an example of a name server configuration for BIND version 4.
; If you change this file, you must restart the "named" process.
;----------------------------------------------------------------------
; This is the directory where the rest of the files reside.
directory /etc/domain
;----------------------------------------------------------------------
; The following three blocks are standard configuration
; and should appear verbatim.
cache . named.root
; This file should be picked up from
; ftp://ftp.rs.internic.net/domain/named.
root
primary localhost localhost
primary 0.0.127.in-addr.arpa 127.0.0
;----------------------------------------------------------------------
; This is the part of the DNS database that will translate host and
; domain names into IP addresses. Replace "company.xy" with your
; own domain name.
primary company.xy company.xy
; The file "company.xy" should reside in
; the /etc/domain/ directory, and you
; have to create it yourself.
;----------------------------------------------------------------------
; This is the part of the DNS database that will translate your IP
; addresses back to domain names (so called reverse DNS information).
; Replace "192.168.42" with your own network number. NOTE! The
; network number appears backwards in the second clause (just before
; ".in-addr.arpa").
primary 42.168.192.in-addr.arpa 192.168.42
; The file "192.168.42" should reside in
; the /etc/domain/ directory, and you
; have to create it yourself.
; IMPORTANT NOTE!
; If your ISP has assigned fewer than 255 addresses to you, you must
; contact the ISP for further assistance.
;----------------------------------------------------------------------
; END OF FILE
^L; Filename: /etc/domain/localhost
; This is information about a special host named "localhost" that
; should appear in all name servers. Replace "dns.company.xy" with the
; hostname of your DNS server and "company.xy" with your domain name.
; Also replace the serial number indicated with a number made up of
; the year (4 digits), the month (two digits), the day of the month
; (two digits) and a version number (two digits). The date should
; correspond to the date when you edit the file.
; The serial number should be adjusted every time you edit the file,
; and must always be increased. If you make several changes the same
; day, increase the version part of the serial number, keeping the
; date. Start with version = 00 for a new day and increase the value
; by 1 for every change. This will allow for 99 changes the same day.
; The serial number was generated in the year 1998, month 09
; (September), the 29th day of the month, and it was the first version
; (00) that day.
; If you change this file, you must restart the "named" process.
localhost. SOA dns.company.xy. hostmaster.company.xy. (
1998092900 ; Serial number
86400 ; Refresh 1 day
7200 ; Retry 2 hours
3600000 ; Expire 41.67 days
172800 ) ; Minimum TTL 2 days
localhost. NS dns.company.xy.
localhost. A 127.0.0.1
;----------------------------------------------------------------------
; END OF FILE
^L; Filename: /etc/domain/127.0.0
; This is the information about the translation from the special IP
; address 127.0.0.1 back to the special hostname "localhost" (see
; /etc/domain/localhost) that should appear in all name
; servers. Replace "dns.company.xy" with the hostname of your DNS
; server and "company.xy" with your domain name.
; Also replace the serial number indicated with a number made up of
; the year (4 digits), the month (two digits), the day of the month
; (two digits) and a version number (two digits). The date should
; correspond to the date when you edit the file.
; The serial number should be adjusted every time you edit the file,
; and must always be increased. If you make several changes the same
; day, increase the version part of the serial number, keeping the
; date. Start with version = 00 for a new day and increase the value
; by 1 for every change. This will allow for 99 changes the same day.
; The serial number was generated in the year 1998, month 09
; (September), the 29th day of the month, and it was the first version
; (00) that day.
; If you change this file, you must restart the "named" process.
0.0.127.in-addr.arpa. SOA dns.company.xy. hostmaster.company.xy. (
1998092900 ; Serial number
86400 ; Refresh 1 day
7200 ; Retry 2 hours
3600000 ; Expire 41.67 days
172800 ) ; Minimum TTL 2 days
0.0.127.in-addr.arpa. NS dns.company.xy.
1.0.0.127.in-addr.arpa. PTR localhost.
;----------------------------------------------------------------------
; END OF FILE
^L; Filename: /etc/domain/company.xy (replace company.xy with your
; domain)
; This file contains the information regarding your domain. Generally
; replace "company.xy" with your domain name, and replace other
; records according to the comments in the file.
; Also replace the serial number indicated with a number made up of
; the year (4 digits), the month (two digits), the day of the month
; (two digits) and a version number (two digits). The date should
; correspond to the date when you edit the file.
; The serial number should be adjusted every time you edit the file,
; and must always be increased. If you make several changes the same
; day, increase the version part of the serial number, keeping the
; date. Start with version = 00 for a new day and increase the value
; by 1 for every change. This will allow for 99 changes the same day.
; The serial number was generated in the year 1998, month 09
; (September), the 29th day of the month, and it was the first version
; (00) that day.
; If you change this file, you must restart the "named" process.
company.xy. SOA dns.company.xy. hostmaster.company.xy. (
1998092900 ; Serial number
86400 ; Refresh 1 day
7200 ; Retry 2 hours
3600000 ; Expire 41.67 days
172800 ) ; Minimum TTL 2 days
company.xy. NS dns.company.xy.
; This is the hostname of your name server.
; It should have its address defined in an
; "A" record below.
company.xy. NS ns2.isp.net.
; This is the hostname of a slave name server.
; You should have one, and you need to talk
; to your Internet provider to agree on the
; name to put here. They also need to
; set up their system accordingly.
company.xy. MX 0 mailserver.company.xy.
; This is the hostname of your mail
; server. NOTE! You have to set up the
; mail system of your mail server to
; accept mail to your domain. The
; record here is not sufficient, but
; necessary.
www.company.xy. A 192.168.42.33
; This should be the IP address of
; your web server.
; The following is the list of computers at your site. To the left
; should go the hostnames of the hosts. They should all end with your
; domain name. To the left you should put their corresponding IP
; addresses.
dns.company.xy. A 192.168.42.2
mailserver.company.xy. A 192.168.42.3
computer1.company.xy. A 192.168.42.12
server-nt.company.xy. A 192.168.42.17
www.company.xy. A 192.168.42.33
pc1.company.xy. A 192.168.42.51
pc2.company.xy. A 192.168.42.52
pc3.company.xy. A 192.168.42.53
macserver.company.xy. A 192.168.42.217
;----------------------------------------------------------------------
; END OF FILE
^L; Filename: /etc/domain/192.168.42 (replace 192.168.42 with your
; network number)
; This file contains the information regarding your domain. Generally
; replace "42.168.192" with your own network number TURNED BACKWARDS!
; and replace other records according to the comments in the file.
; Also replace the serial number indicated with a number made up of
; the year (4 digits), the month (two digits), the day of the month
; (two digits) and a version number (two digits). The date should
; correspond to the date when you edit the file.
; The serial number should be adjusted every time you edit the file,
; and must always be increased. If you make several changes the same
; day, increase the version part of the serial number, keeping the
; date. Start with version = 00 for a new day and increase the value
; by 1 for every change. This will allow for 99 changes the same day.
; The serial number was generated in the year 1998, month 09
; (September), the 29th day of the month, and it was the first version
; (00) that day.
; If you change this file, you must restart the "named" process.
42.168.192.in-addr.arpa. SOA dns.company.xy. hostmaster.company.xy. (
1998092900 ; Serial number
86400 ; Refresh 1 day
7200 ; Retry 2 hours
3600000 ; Expire 41.67 days
172800 ) ; Minimum TTL 2 days
42.168.192.in-addr.arpa. NS dns.company.xy.
; This is the hostname of your name server.
42.168.192.in-addr.arpa. NS ns2.isp.net.
; This is the hostname of a slave name server.
; You should have one, and you need to talk
; to your Internet provider to agree on the
; name to put here. They also need to
; set up their system accordingly.
; The following is the list of computers at your site. To the left
; should go the IP addresses (TURNED BACKWARDS!) of your hosts,
; immediately followed by the string ".in-addr.arpa." To the left you
; should put the corresponding hostnames.
2.42.168.192.in-addr.arpa. PTR dns.company.xy.
3.42.168.192.in-addr.arpa. PTR mailserver.company.xy.
12.42.168.192.in-addr.arpa. PTR computer1.company.xy.
17.42.168.192.in-addr.arpa. PTR server-nt.company.xy.
33.42.168.192.in-addr.arpa. PTR www.company.xy.
51.42.168.192.in-addr.arpa. PTR pc1.company.xy.
52.42.168.192.in-addr.arpa. PTR pc2.company.xy.
53.42.168.192.in-addr.arpa. PTR pc3.company.xy.
217.42.168.192.in-addr.arpa. PTR macserver.company.xy.
;----------------------------------------------------------------------
; END OF FILE