One vital step to hosting your own domain is to set up a domain name server. One nice solution is to use Linux and the Berkeley Internet Name Domain(BIND) software. The primary job of a domain name server is to allow you and your users to associate your domains and subdomains with IP addresses. Oddly enough, even though the software is called BIND the daemon that you run is called named.
Generally speaking, you will need to have two servers (or at least two ip addresses) to act as nameservers. One will be the master nameserver where you set up all your settings and make all your changes and one will be the slave that will act as redundancy and will gather information from the master. Once you have set up your two name servers correctly you would associate them as your domain’s nameservers with the domain registrar (example: GoDaddy) that you used to register the domain.
For our purposes, I will be using the tools and syntax available on Redhat based Linux Distributions (Redhat, Fedora, CentOS, etc). The basic ideas and set up process would be similar if not the same on any other Linux Distribution.
Installation
# yum install bind bind-chroot
As you can see here we not only installed bind but we also installed a package called bind-chroot. This second package sets things up so that named runs in a chrooted environment (like a prison within a subdirectory so that it does not have access to anything but the contents of that subdirectory). You can install and use bind without the chrooted environment if you wish but I would not recommend it. With it you can minimize the damage if a cracker were to actually find and exploit a bug in named.
Configuring the Master Nameserver
Let’s say that we own the domain example.com and have 4 servers we plan to use for that domain; a webserver at 192.168.1.1, our master nameserver at 192.168.1.2, our slave nameserver at 192.168.1.3, and an email server at 192.168.1.4. It is entirely possible (and quite common) to have one server act as a webserver, email server, and a nameserver. However, for this example we’ll separate them to avoid confusion.
/var/named/chroot/etc/named.conf — Download This File
options{
directory "/var/named/";
};
The only option we set (for now) is the directory for the zone files. Even though we set it to /var/named the files will actually be located in /var/named/chroot/var/named since named is chrooted to /var/named/chroot.
zone "example.com" {
type master;
file "example.com.zone";
allow-transfer { 192.168.1.3; };
};
This is our domain’s zone definition. We point to the zone file that will hold the details and allow transfer to what will be our slave nameserver.
zone "1.168.192.in-addr.arpa" {
type master;
file "1.168.192.in-addr.arpa.zone";
};
This is the zone for reverse lookups to any of our IP addrsses that start with 192.168.1. A reverse lookup allows us to translate from ip address to domain name instead of just domain to IP.
Now let’s create the two zone files we defined in named.conf.
/var/named/chroot/var/named/example.com.zone — Download This File
$TTL 900 ; 900 seconds default record (T)ime (T)o (L)ive in cache
In the first line of the zone file we define the default TTL (Time to LIve) for this zone. This basically tells computers how long to wait before checking again to see if any of the information they have already looked up has changed. This saves each and every computer that visits your website (or other server) from having to look up the ip address every single time it connects. It is generally wise to set this to long enough to cover a general browsing session but short enough so that the next time they come back they will catch if you did any changes to the dns records.
上一页12 3 下一页 |
