In tutorial(1) we showed you how to configure a DNS split-horizon master server and also how to create zone (reverse zone) files. It is a good idea to have a slave DNS server. A slave DNS server gets its zone data using a zone transfer operation from master (usually), and it will respond as authoritative for those zones for which it is defined to be a 'slave' and for which it has a currently valid zone configuration.
Note that it is impossible to determine from a query result that it came from a zone master or slave.
In Bind9, slave status is defined by "type slave" in zone declaration section in named.conf file.
To configure a slave dns server:
Assume we will use slave.test.com - Internal IP address is (10.168.1.100)
1. Install bind service on slave.test.com
# yum install bind
2. Edit your /etc/named.conf file:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
directory "/var/named";
};
zone "test.com" {
type slave;
masters {10.168.1.0;};
file "slaves/db.test.com";
};
zone "1.168.10.in-addr.arpa" IN {
type slave;
masters {10.168.1.0;};
file "slaves/1.168.10.in-addr.arpa";
};
In options, we are using bind's chroot features so all our necessary files will be stored in chroot directory (/var/named).
3. In your master DNS server, add the following into /etc/named.conf file:
acl slaves {
10.168.1.100; // XName
};
and for all the zone definition, add
allow-transfer { slaves; };
for example:
zone "1.168.10.in-addr.arpa" IN {
type master;
file "/etc/named/internals/1.168.10.in-addr.arpa";
allow-transfer { slaves; };
};
4. Restart named service on DNS master.
# service named restart
5. Now start the named service. It should be start without any error.
6. In /var/named/slaves directory, you can see now there are newly generated files "db.test.com" and "1.168.10.in-addr.arpa".
No comments:
Post a Comment