The /etc/hosts file is the ancestor of DNS. This file is stil in use for some essential lookups during e.g. the boot of a system when there is no network.
Check this file. It should look like this:
passwd: compat group: compat shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
As seen before a part of your systems security is accomplished by hostname and domainname lookups. This is thus a vital aspect of system maintenance. The function of the /etc/hosts file is nameresolving when the system has no other means for lookups (like DNS over the network). An /etc/hosts file should look like this:
127.0.0.1 localhost <em>192.168.1.1 <em>server.domain server
Always setup your own DNS server. This way any additional program that needs a DNS server can be told to use 127.0.0.1 to access DNS. This way you have a single point of configuration and RAM and harddisks are cheap these days.
apt-get install bind9 dnsutils
search <em>intern.domain <em>domain nameserver 127.0.0.1
Before a DNS server can work one needs to tell a GNU/Linux system to use DNS. The nsswitch.conf file is used for that. The line that is used for hostname lookups must look like this:
hosts: files dns
This tells your GNU/Linux systeem that is should first consult the hosts file and afterthat should use the DNS server.
The DNS server configuration can be found in /etc/bind/named.conf. The options section should look like this:
options {
directory "/etc/bind";
listen-on port 53 {
192.168.1.1; # listen on local interface only
127.0.0.1; # Make sure machine can get to itself
};
};
The hints file, make sure you have an up-to-date file.
zone "." {
type hint;
file "db.root";
};
zone "localhost" {
type master;
file "db.local";
allow-update { none; };
};
zone "127.in-addr.arpa" {
type master;
file "db.127";
allow-update { none; };
};
zone "0.in-addr.arpa" {
type master;
file "db.0";
allow-update { none; };
};
zone "255.in-addr.arpa" {
type master;
file "db.255";
allow-update { none; };
};
All these zones are standard Debian. If however these files are missing, or if you are using a non-Debian system, see Appendix A for their contents.
Here is an example of how you might configure your own zone. Another way might be to not configure any zone, but to use forwarders:
zone "<em>intern.domain.com" {
type master;
file "<em>intern.domain.com";
# allow-transfer { any; };
allow-update { none; };
notify no;
};
zone "<em>1.168.192.in-addr.arpa" {
type master;
file "<em>192.168.1";
# allow-transfer { any; };
allow-update { none; };
notify no;
};
All zone files are located in /etc/bind/.
An example forward zone:
@ IN SOA <em>ns.domain.com. <em>hostmaster.domain.com. (
2002021501 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ; minimum, seconds
)
NS ns ; Inet Address of name server
MX 10 mail.domain.com. ; Primary Mail Exchanger
MX 20 mail.domain.com. ; Secondary Mail Exchanger
;
ns A 192.168.1.1
mail A 192.168.1.1
otherhost A 192.168.1.2
An example reverse zone:
@ IN SOA <em>hostname.domain.com. <em>hostmaster.domain.com. (
2002031903 ; serial
36000 ; refresh any 10 hours
3600 ; retry after 1 hour
3600000 ; expire aftres 100 hours
36000 ; default ttl is 10 hours
)
IN NS ns.domain.com.
1 IN PTR ns.domain.com.
2 IN PTR otherhost.domain.com.
It is also possible to setup your server as a slave of another DNS server. Therefor you need to be able to make changes to the master server. But if you have that control or if you have someone who can do that for you, here is the way to setup a slave.
The things that need to be changed on the master are:
zone "<em>domain.com"{
allow-transfer { <em>192.168.1.1; localhost; };
notify yes;
};
Restart the DNS server and you should now be able to do transfers from this server to your own. The benefir of being slave is that you don't need to write your own zone files. You just create an entry in /etc/bind/named.conf like this:
zone "<em>domain.com" {
type slave;
file "slavezones/<em>domain.com";
masters { <em>192.168.1.55; };
};
As you can see the type is now slave. Create the direcory /etc/bind/slavezones, restart your server and you are happy. One final note. The masters IP says 192.168.1.55, change this one to the IP address of the actual DNS master server.
host localhost host 127.0.0.1 host -t mx <em>domein.nl host <em>server.domein.nl host <em>server.domein.nl slave.domein.nl # als aanwezig host <em>ip-address host <em>ip-address slave.domein.nl # als aanwezig