I'm not too familiar with setting up my own name servers so I'm hoping someone can help me out. I'm trying to setup my own name servers. I have several domains and want to use the same name servers for each of the domains. Is this possible? Basically I registered a domain just to use for my name servers (i.e. dnsdomain.com). I have two different servers and I want to use the name servers ns1.dnsdomain.com and ns2.dnsdomain.com each of them on different servers. I have assigned the two different ips with my registrar successfully. Now, I'm trying to figure out what to do next One of my servers is using plesk and the other is using directadmin. Can someone please help me figure out how I can accomplish this? i.e. setting up the name servers so that I can use these name servers for my other domains as well? Thanks!
Hi, You may be able to accomplish this via zone transfers but you will need a script or scripts to generate a list of slave zones for each server. When a zone is configured as a Master in bind this is the server where changes to the file will be made. The server where the zone is slave needs to know about the zones it needs to get information about. You need a script for this.
Firstly, you need to setup the name servers directly inside your registrar service before you can proceed to add the zone files to your server. If you have already done this, you can easily setup your domain by editing manually your named.conf and resolv.conf files via SSH and reboot your server rather than trying from inside your server's control panel. I would suggest for this task the software available for free at www.winscp.net
I have setup the name servers from my registrar already. So I just have to configure it on my server right now. Can you please clarify what needs to go under named.conf and resolv.conf? From what I understand something like this should go under named.conf zone "domain1.com" { type master; file "/var/named/domain1.db"; }; zone "domain2.com" { type master; file "/var/named/domain2.db"; }; zone "domain3.com" { type master; file "/var/named/domain3.db"; }; Code (markup): Basically a new entry for each domain for the name server? Correct me if I'm wrong but if one of the domains is also hosted in the same server as the name server, then the control panel should have already created one of the these entries for that domain, right? I'm not exactly sure what should I put in resolv.conf. When I edit resolv.conf I just see two IP addresses (one on each line). Thanks for the help!
Yes, your control panel creates each of the entries and you can simply edit them manually to make sure they are correct. There are three files to check for the proper settings: named.conf (usually inside /etc/) with this structure options { directory "/etc"; pid-file "/var/run/named/named.pid"; }; zone "." { type hint; file "/etc/db.cache"; }; zone "domain1.com" { type master; file "/var/named/domain1.com.hosts"; }; zone "domain2.com" { type master; file "/var/named/domain2.com.hosts"; }; zone "domain3.com" { type master; file "/var/named/domain3.com.hosts"; }; Code (markup): The above will look for a file domain1.com.hosts (inside "/var/named/ for the example above) containing your domains records that may look like these for the root domain: $ttl 3600 domain1.com. IN SOA ns1.domain1.com. your.email.com. ( 2008010101 3600 120 1209600 3600 ) NS ns1.domain1.com. NS ns2.domain1.com. domain1.com. IN NS ns1.domain1.com. ns1.domain1.com. IN A X.X.X.X ns2.domain1.com. IN A X.X.X.X domain1.com. IN A X.X.X.X domain1.com. IN A X.X.X.X www.domain1.com. IN CNAME domain1.com. @ IN MX 10 mail.domain1.com. @ IN MX 20 mail2.domain1.com. mail IN A X.X.X.X mail2 IN A X.X.X.X domain1.com. IN TXT "v=spf1 a mx a:domain1.com mx:domain1.com ~all" @ IN A X.X.X.X @ IN A X.X.X.X * IN A X.X.X.X Code (markup): The other domains will have more simplified records using ns1.domain1.com and ns2.domain1.com as nameservers. Finally, resolv.conf (inside /etc/) basically serves to list the nameservers IPs your server needs to install distros, repository software, etc. If you have IPs listed there already, then it's OK.
Thanks for the detailed response. Just wanted to clarify that I understood everything. Lets assume I have a name-server domain called mydns.com, and I have two other domains mydomain1.com and mydomain2.com, and two dedicated servers with ips: 123.45.67.89 and 321.45.67.90. Now... to get this configured so that I can use ns1.mydns.com and ns2.mydns.com for my domains, I first register ns1.mydns.com and ns2.mydns.com to the ips 123.45.67.89 and 321.45.67.90 with my registrar. Next, I would goto Server-A (123.45.67.89) and add the following record to named.conf: zone "mydns.com" { type master; file "/var/named/mydns.com.hosts"; }; Code (markup): Then I would goto Server-B (321.45.67.90) and add the same record to named.cof ** I hope I'm getting this right so far ** Once thats complete, I would then have to configure the mydns.com.hosts file in both Server-A and Server-B to the following: $ttl 3600 mydns.com. IN SOA ns1.mydns.com. your.email.com. ( 2008010101 3600 120 1209600 3600 ) NS ns1.mydns.com. NS ns2.mydns.com. mydns.com. IN NS ns1.mydns.com. ns1.mydns.com. IN A 123.45.67.89 [I]ns2.mydns.com. IN A 321.45.67.90[/I] mydns.com. IN A 123.45.67.89 www.mydns.com. IN CNAME mydns.com. mydns.com. IN TXT "v=spf1 a mx a:mydns.com mx:mydns.com ~all" Code (markup): So now the question I have is after I have configured these two name-servers on two different physical machines, if I want to host mydomain1.com and mydomain2.com on Server-A, would I have to add the .hosts records on both servers? And they would be pretty much the exact same records, right? Thanks again for your help.
If you add the same records on both servers, they would both act as masters. Though there's nothing wrong with this, it makes management a little tough. Even more so when you have more than 2 name servers. Configure one of these as a master and the other as its slave. That way, any changes you make on the master will be automatically transferred to the slave via a zone transfer. So in the master, the entry would look like this: zone "example.com" IN { type master; file "com/example.zone"; allow-transfer { slaves; }; allow-query { any; }; }; Code (markup): On the slave: zone "example.com" IN { type slave; file "com/example.zone"; masters { 192.168.0.100 key global; }; allow-transfer { slaves; }; allow-query { any; }; }; Code (markup): (note the "key global" part. It is only required if you use keys to authenticate your slave server, though I'd highly recommend reading up on it and setting it up) Also, the previous examples don't include anything related to security. You should keep this in mind, both to keep your data private and to avoid unauthorized usage of your servers (as an open DNS server, for distributed attacks, cache poisoning etc.). To define the slaves, include an acl like this at the beginning of your named.conf: acl slaves { 10.7.8.99; 172.16.30.45; }; Code (markup): Also disable recursion for anyone other than your trusted IPs. Note the last 2 directives in my options section: options { query-source port 53; query-source-v6 port 53; directory "/var/named"; dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; memstatistics-file "data/named_mem_stats.txt"; allow-recursion { slaves; localhost; }; allow-query { slaves; localhost; }; }; Code (markup): My setup is a lot more complicated, but at the least, you should follow these basic settings when setting up DNS.
Is there any way to know which name servers will be hit during a lookup, or is this arbitrary? If it is arbitrary, is it possible for me to ensure that only ns1 get's queried if the server is up--and if it's not up, it would query ns2 (different server). Thanks again for the help guys.
Another question I had was for the example acl definition: would it be wrong to have one of the ips as the master nameserver's ip? Or should it only contain the IP address of the slave nameserver? Thanks!
To answer your first question, the NSs are most frequently queried in a round-robin fashion. So a random NS will be hit for the first lookup and subsequent lookups will cycle between the two. For the ACL definition, no it wouldn't be wrong. You can include your master's IP in it as well.