Configuration on Primary DNS server:
- edit /etc/named.conf
zone "msm.net" {
type master;
file "msm.net.db";
allow-transfer { 192.168.12.3; };
};
zone "12.168.192.in-addr.arpa" {
type master;
file "msm.net.rev.db";
allow-transfer { 192.168.12.3; };
};
- Allow firewall to communicate on tcp/udp port 53
- iptables -I INPUT -p tcp --dport 53 -j ACCEPT
- iptables -I INPUT -p udp --dport 53 -j ACCEPT
- Restart the named deamon
- service named restart
Configuration on Secondary DNS server:
Make sure you have internet access.- Install Bind packages
- yum install bind bind-utils bind-chroot bind-libs
- edit /etc/named.conf
*Remove the allow-query line
*Optional: remove recursion statement and the "." zone to disable recursion and caching.
zone "msm.net" { //your forward zone statement, same as primary
type slave; //slave sets this server as slave
file "msm.net.db"; //the file name that you created in primary
masters { 192.168.12.2; }; //this is telling the server that this ip is my primary dns's ip
allow-transfer { none; };
};
zone "12.168.192.in-addr.arpa" { //reverse lookup zone statement, same as primary
type slave; //this sets this server as a slave of this reverse zone
file "msm.net.rev.db"; //the file name that you created in primary for reverse zone
masters { 192.168.12.2; }; //primary server's ip address
allow-transfer { none; };
};
- Add exception in SELINUX
- setsebool -P named_write_master_zones 1
- make name the owner of /var/named directory
- chown named:named /var/named
- Start the named daemon
- service named start
- Check logs if everything went well. It should say zone loaded and file transfered
- tail -30 /var/log/messages
If everything went fine then you should see your zone files under /var/named automatically transferred by starting the named daemon, this transfer of file is called a zone transfer.
Prefer a video walk-through? have a look...
No comments:
Post a Comment