DJBDNS on Debian

1.Install necessary software
#apt-get install wget bzip2 rdate fetchmail
libdb3++-dev unzip zip ncftp xlispstat libarchive-zip-perl
zlib1g-dev libpopt-dev nmap openssl lynx fileutils g++
2. Remove unnecessary software
#apt-get remove lpr nfs-common portmap pidentd pcmcia-cs
pppoe pppoeconf ppp pppconfig

3.Create the following directories:
mkdir /usr/local/djb
mkdir /usr/local/djb/build
mkdir /usr/local/djb/patches

4.Get the patches:
#cd /usr/local/djb/patches

#wget http://www.thedjbway.org/patches/djb_errno_patches.tgz

#tar -xzvf djb*.tgz

5.Change directories and download the main packages:
#cd /usr/local/djb/build
#wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
#wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
#wget http://cr.yp.to/djbdns/djbdns-1.05.tar.gz

6.Extract and patch each of the three packages:

Extract and Patch ucspi:
Code:
///usr/local/djb/build/
#gunzip ucspi-tcp-0.88.tar
#tar -xf ucspi-tcp-0.88.tar
#cd ucspi-tcp-0.88

#patch -p1 < ../../patches/ucspi-tcp-0.88.errno.patch //[output from patch...] patching file error.h  #patch -p1 < ../../patches/ucspi-tcp-0.88.a_record.patch //[output from patch...] patching file rblsmtpd.c  #patch -p1 < ../../patches/ucspi-tcp-0.88.nobase.patch //[output from patch...] patching file rblsmtpd.c Hunk #2 succeeded at 228 (offset 38 lines).  #make setup check #./install #./instcheck  7.Extract and Patch daemontools: // /usr/local/djb/build #gunzip daemontools-0.76.tar #tar -xpf daemontools-0.76.tar #rm daemontools-0.76.tar #cd admin/daemontools-0.76 #patch -p1 < ../../../patches/daemontools-0.76.errno.patch //[output from patch...] patching file src/error.h package/install   

7. Extract and Patch djbdns:

///usr/local/djb/build
#gunzip djbdns-1.05.tar
#tar -xf djbdns-1.05.tar
#cd djbdns-1.05
#patch -p1 < ../../patches/djbdns-1.05.errno.patch
//[output from patch...]
patching file error.h

#make
#make setup check
#./install
#./instcheck

8.Next, you'll add the necessary user accounts
//create the group and users -- modify if needed
groupadd -g 91 dns
useradd -g 91 -u 91 -d /nonexistent -c "tinydns" -s /sbin/nologin Gtinydns
useradd -g 91 -u 92 -d /nonexistent -c "tinydns" -s /sbin/nologin Gdnslog
useradd -g 91 -u 93 -d /nonexistent -c "tinydns" -s /sbin/nologin Gdnscache



Posted by
Labels:

How To DNS - BIND

Primary Nameserver for jepoy.com domain
IP Address:xxx.189.10.130


1.Install Bind

[root@mail etc]# yum install bind bind-devel bind-utils caching-nameserver
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Reducing Dag-RHEL-Yum to included packages only
Finished
Excluding Packages from Postgrey Repository
Finished
Reducing Postgrey Repository to included packages only
Finished
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package caching-nameserver.noarch 0:7.3-3 set to be updated
---> Package bind.i386 20:9.2.4-2 set to be updated
---> Package bind-devel.i386 20:9.2.4-2 set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
bind i386 20:9.2.4-2 base 462 k
bind-devel i386 20:9.2.4-2 base 2.2 M
caching-nameserver noarch 7.3-3 base 22 k

Transaction Summary
=============================================================================
Install 3 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 2.6 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): caching-nameserver 100% |=========================| 22 kB 00:01
(2/3): bind-9.2.4-2.i386. 100% |=========================| 462 kB 00:25
(3/3): bind-devel-9.2.4-2 100% |=========================| 2.2 MB 02:24
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: bind ######################### [1/3]
Installing: caching-nameserver ######################### [2/3]
Installing: bind-devel ######################### [3/3]

Installed: bind.i386 20:9.2.4-2 bind-devel.i386 20:9.2.4-2 caching-nameserver.noarch 0:7.3-3
Complete!

2. Check out the files needed
/etc/named.conf
/var/named
[root@mail named]# ls
data localdomain.zone localhost.zone named.broadcast named.ca named.ip6.local named.local named.zero slaves

3. Check your network configuration files

/etc/hosts -->> hostname and ip address
[root@mail etc]# more hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
xxx.189.10.130 ns1.jepoy.com ns1


/etc/sysconfig/network -->> gateway and hostname
[root@mail sysconfig]# more network
NETWORKING=yes
HOSTNAME=mail.jepoy.com
GATEWAY=xxx.189.10.129


/etc/resolv.conf
nameserver xxx.189.10.130

4. Edit Your named.conf file

/etc/named.conf

[root@ns1 etc]# more named.conf
//
// named.conf for Red Hat caching-nameserver
//

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "jepoy.com" IN {
type master;
file "jepoy.com.zone";
allow-update { none; };
};

zone "10.189.xxx.in-addr.arpa" IN {
type master;
file "jepoy.com.rev";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};

zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};

include "/etc/rndc.key";


5. Edit your zone files

/var/named/

Copy one zone file to recreate your own zone file.

[root@ns1 named]# cp localdomain.zone jepoy.com.zone
[root@ns1 named]# ls
data localhost.zone named.broadcast named.ip6.local named.zero
localdomain.zone jepoy.com.zone named.ca named.local slaves
[root@ns1 named]#


Edit jepoy.com.zone
[root@ns1 named]# vi jepoy.com.zone

$TTL 86400
@ IN SOA ns1.jepoy.com. jcb.jepoy.com. (
2006072701 ; serial YYYYMMDDXX
1200 ; refresh 20 mins
120 ; retr 2 mins
1209600 ; expiry 2 weeks
43200 ) ; minimum 12 hours

IN NS ns1.jepoy.com.
IN NS ns2.jepoy.com.
IN MX 10 mail.jepoy.com.


localhost IN A 127.0.0.1
ns1 IN A xxx.189.10.130
ns2 IN A xxx.189.10.131
mail IN CNAME ns1

Copy one reverse zone file
[root@ns1 named]# cp named.local jepoy.com.rev
[root@ns1 named]# ls
data localhost.zone jepoy.com.zone named.ca named.local slaves
localdomain.zone jepoy.com.rev named.broadcast named.ip6.local named.zero
[root@ns1 named]#


Edit jepoy.com.rev
[root@ns1 named]# vi jepoy.com.rev
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
$TTL 86400
@ IN SOA ns1.jepoy.com. jcb.jepoy.com. (
2006072701 ; serial YYYYMMDDXX
1200 ; refresh 20 mins
120 ; retr 2 mins
1209600 ; expiry 2 weeks
43200 ) ; minimum 12 hours

IN NS ns1.jepoy.com.
IN NS ns2.jepoy.com.

130.10.189.xxx.in-addr.arpa. IN PTR ns1.jepoy.com.
131.10.189.xxx.in-addr.arpa. IN PTR ns2.jepoy.com.
Posted by
Labels:
Subscribe to: Posts (Atom)