10. Configuring a DNS server¶
- Configuring a DNS server
- Install the DNS service onto your system
- Manage the DNS service
- Creating a DNS zone
- Modifying a DNS zone
- Deleting a DNS zone
- Deleting MX records for a zone
- Deleting an A record for a zone
- Creating a DNS record
- Modifying records
- Removing a DNS record
- Get information on the DNS service
- Getting information on all zones
- Getting information about a zone
- Getting information about a record
- Examples of creating a zone and adding records to it
- Check for the DNS server's intergrity
To configure your DNS server, you should go through several steps:
Install the DNS service onto your system¶
We have started supporting DNS since calculate-server 2.1.4.
We use_BIND_, a common DNS server.
Before installing, make sure that BIND has been compiled with support of sdb_ldap.
Also check what you have LDAP installed. If LDAP is not on your system, install it with:
cl-setup ldap
To install the DNS service, execute:
cl-setup dns
To install the service with trusted networks:
cl-setup -a dns
Note: The time to live (TTL) of a DNS record is 178600 seconds.
Manage the DNS service¶
Jargon:- DNS zone - a segment of the domain name space.
- master DNS zone - the main storage area for the records.
- slave DNS zone - a record area subordinated to the master zone.
- forward DNS zone - an area storing the records for matching the domain name to the IP address.
- reverse DNS zone - an area storing the records for matching the IP address to the domain name.
- authoritative server - the server used to store a DNS zone, whose records are considered authoritative for other DNS servers.
- SOA record - recorded zone description.
- NS record - authoritative domain name server.
- A record - matching the domain name to the IP address.
- PTR record - matching the IP address to the domain name.
- CNAME record - matching on domain name to another.
- MX record - matching the domain name to the domain names of the mail servers.
Creating a DNS zone¶
To create a DNS zone, use the cl-dns-zoneadd command.
Create a master DNS zone
Create a zone with an authoritative server in your zone:
cl-dns-zoneadd -n <zone name> --server <authoritative server name> --ipserver <authoritative server ip>
Create a zone with an authoritative server in another zone:
cl-dns-zoneadd -n <zone name> --server <authoritative server name>
Examples:
cl-dns-zoneadd -n test.ru --server test.ru --ipserver 10.0.0.34
- The forward zone "test.ru" will be created;
- Reverse zone 0.0.10.in-addr.arpa will be created, if it does not exist yet;
- An A record will be created in the "test.ru" zone, containing test.ru corresponding to 10.0.0.34;
- An NS record will be created in the "test.ru" zone, containing test.ru;
- If reverse zone 0.0.10.in-addr.arpa was created, an NS record will be created for it, containing test.ru.
cl-dns-zoneadd -n test.ru --server ns.test.ru --ipserver 10.0.0.34
- The forward zone "test.ru" will be created;
- Reverse zone 0.0.10.in-addr.arpa will be created, if it does not exist yet;
- An A record will be created in the "test.ru" zone, containing test.ru corresponding to 10.0.0.34;
- An NS record will be created in the "test.ru" zone, containing ns.test.ru;
- If reverse zone 0.0.10.in-addr.arpa was created, an NS record will be created for it, containing test.ru;
- A PTR record will be created in reverse zone 0.0.10.in-addr.arpa, containing 10.0.0.34 corresponding to ns.test.ru, if it does not exist.
cl-dns-zoneadd -n 10.0.10.0/24 --server test.ru* Reverse zone 10.0.10.in-addr.arpa will be created for network 10.0.10.0/24; * An NS record, containing test.ru, will be created in zone 10.0.10.in-addr.arpa.
Creating a slave DNS zone
Create a DNS zone:
cl-dns-zoneadd -t slave -n <zone name> --servers <storage servers' ips of the master zone for this zone>Examples:
cl-dns-zoneadd -t slave -n slave.ru --servers 10.0.0.3,10.0.10.5
- A subordinated forward zone, slave.ru, will be created; data will be fetched for it from the main slave.ru zone located on DNS servers 10.0.0.3 and 10.0.10.5.
cl-dns-zoneadd -t slave -n 10.0.0.0/24 --servers 10.0.0.3* A subordinated reverse zone will be created for network 10.0.0.0/24 - 0.0.10.in-addr.arpa; data will be fetched for it from the main zone, 0.0.10.in-addr.arpa, located on DNS server 10.0.0.3.
Modifying a DNS zone¶
To modify a DNS zone, use the cl-dns-zonemod command.
You can only modify the options for a master zone.
cl-dns-zonemod -n <zone_name or network> <options>
where:
zone_name is used for modifying a forward zone,network is used for modifying a reverse zone.
Zone modification options:
- --server - changing the domain name of the main authoritative server in the zone
- --ip - changing or adding, if absent, the IP address of the zone (the A record modified or added)
- --mx - modifying or adding, if absent, the MX records of the zone (the domain names of the mail servers modified or added)
- --mxmod - replacing one domain name of a mail server with another, in the MX record of the zone (a mail server domain name modified)
- -- email - changing the email address of the zone administrator (root@zone_name by default)
- --servers - modifying the list of all authoritative servers in the zone (zone NS record)
- --refresh - time interval before the zone is initialized in seconds or a figure + (M stands for minutes, H stands for hours, D stands for days and W stands for weeks)
The default value is 8H (8 hours). - --update - time interval after a zone initialization fail before the zone is initialized again
The default value is 2H (2 hours). - --expiry - time interval before zone data is considered obsolete on secondary DNS servers when unable to connect to the main DNS server
The default value is 2W (2 weeks). - --minimum - time interval of storing information on failed calls in the zone
The default value is 2H (2 hours).
Examples:
cl-dns-zonemod -n test.ru --email admin@test.ru
Modifies the email address of the zone administrator.
cl-dns-zonemod -n test.ru --refresh 10H
Modifies the zone refresh interval (10 hours)
Deleting a DNS zone¶
To delete a DNS zone, use the cl-dns-zonedel command.
cl-dns-zonedel -n <zone_name or network>
where:
zone_name is used for deleting a forward zone,network is used for deleting a reverse zone.
Examples:
cl-dns-zonedel -n test.ru
The forward zone test.ru will be deleted.
сl-dns-zonedel -n 10.0.0.0/24
Reverse zone 0.0.10.in-addr.arpa will be deleted.
Deleting MX records for a zone¶
Example:
cl-dns-zonedel --mx -n test.ru
The MX records for the test.ru zone (domain names of mail servers for zone) will be deleted.
Deleting an A record for a zone¶
Example:
cl-dns-zonedel --ip -n test.ru
The A record for the test.ru zone (zone IP) will be deleted.
Creating a DNS record¶
To create a DNS record, use cl-dns-recadd.
To create a record, you will have to create a master zone where this record will be put.
For an A record (host.test.ru --> 10.0.0.4 ), a forward master zone must be created (test.ru).
For a PTR record (10.0.0.4 --> host.test.ru), a reverse master zone must be created (0.0.10.in-addr.arpa)
Creating an A record
Create records: examples
Create an A record and a PTR record. You will have to create a forward zone and a reverse zone first, respectively test.ru and 0.0.10.in-addr.arpa.cl-dns-recadd --host host.test.ru --ip 10.0.0.66
- A record will be created in the forward zone test.ru, host.test.ru corresponding to 10.0.0.66.
- A record will be created in reverse zone 0.0.10.in-addr.arpa, 10.0.0.66 corresponding to host.test.ru
cl-dns-recadd --autoptr off --host host.test.ru --ip 10.0.0.66
- A record will be created in the forward zone test.ru, host.test.ru corresponding to 10.0.0.66.
Creating A, MX and PTR records
Below is an example of creating an A record, an MX record and a PTR record. Begin by creating a forward and a reverse zones, test.ru and 0.0.10.in-addr.arpa, respectively.cl-dns-recadd --mx mail1.test.ru,mail2.test.ru --host host2.test.ru --ip 10.0.0.69
- A record will be created in the forward zone test.ru, host2.test.ru corresponding to 10.0.0.69.
- The MX record will be created in the forward zone test.ru, host2.test.ru corresponding to two mail servers, mail1.test.ru (priority 10) and mail2.test.ru (priority 20)
- A record will be created in reverse zone 0.0.10.in-addr.arpa, 10.0.0.69 corresponding to host2.test.ru
Creating A and MX records
Example создания A записи и MX записи.Here is an example of creating an A record and an MX record. First of all, create the test.ru forward zone:cl-dns-recadd --autoptr off --mx mail1.test.ru,mail2.test.ru --host host2.test.ru --ip 10.0.0.69
- A record will be created in the forward zone test.ru, host2.test.ru corresponding to 10.0.0.69.
- The MX record will be created in the forward zone test.ru, host2.test.ru corresponding to two mail servers, mail1.test.ru (priority 10) and mail2.test.ru (priority 20)
Creating a PTR record
Here is an example of creating a PTR record. Begin by creating a reverse zone, 0.0.10.in-addr.arpa:cl-dns-recadd -t ptr --ip 10.0.0.67 --host host.test.ru
- The record will be created in reverse zone 0.0.10.in-addr.arpa, 10.0.0.67 corresponding to host.test.ru
Creating a CNAME record
Here is an example of creating a CNAME record. Create a forward zone first, test.ru:cl-dns-recadd -t cname --host host.test.ru --cname calculate.ru
- The record will be created in the forward zone test.ru, host.test.ru corresponding to calculate.ru.
Modifying records¶
To modify a DNS record, use the cl-dns-recmod command.
Modifying an A record
Modifying the domain name of A and PTR records
Example:
cl-dns-recmod --host newname.test.ru oldname.test.ru
or
cl-dns-recmod --host newname.test.ru 10.0.0.5
Replaces the domain name oldname.test.ru with newname.test.ru.
Initial records:
A record oldname.test.ru corresponding to 10.0.0.5
PTR record 10.0.0.5 corresponding to oldname.test.ru
Modified records:
A record newname.test.ru corresponding to 10.0.0.5
PTR record 10.0.0.5 corresponding to newname.test.ru
Modifying the IP of A and PTR records
Example:
cl-dns-recmod --ip 10.0.0.6 10.0.0.5
or
cl-dns-recmod --ip 10.0.0.6 oldname.test.ru
Modifies the IP for the domain name oldname.test.ru
Initial records:
A record oldname.test.ru corresponding to 10.0.0.5
PTR record 10.0.0.5 corresponding to oldname.test.ru
Modified records:
A record oldname.test.ru corresponding to 10.0.0.6
PTR record 10.0.0.6 corresponding to oldname.test.ru
Modifying the domain name of an A record
Example:
cl-dns-recmod --automod off --host newname.test.ru oldname.test.ru
or
cl-dns-recmod --automod off --host newname.test.ru 10.0.0.5
Replaces the domain name oldname.test.ru with newname.test.ru.
Initial record:
A record oldname.test.ru corresponding to 10.0.0.5
Modified record:
A record newname.test.ru corresponding to 10.0.0.5
Modifying the IP of an A record
Example:
cl-dns-recmod --automod off --ip 10.0.0.6 10.0.0.5
or
cl-dns-recmod --ip 10.0.0.6 oldname.test.ru
Replaces the IP value with 10.0.0.6 for the domain name oldname.test.ru.
Initial record:
A record oldname.test.ru corresponding to 10.0.0.5
Modified record:
A record oldname.test.ru corresponding to 10.0.0.6
Modifying a PTR record
Modifying the domain name of PTR and A records
Example:
cl-dns-recmod -t ptr --host newname.test.ru oldname.test.ru
or
cl-dns-recmod -t ptr --host newname.test.ru 10.0.0.5
Replaces the domain name oldname.test.ru with newname.test.ru.
Initial records:
PTR record 10.0.0.5 corresponding to oldname.test.ru
A record oldname.test.ru corresponding to 10.0.0.5
Modified records:
PTR record 10.0.0.5 corresponding to newname.test.ru
A record newname.test.ru corresponding to 10.0.0.5
Modifying the IP for PTR and A records
Example:
cl-dns-recmod -t ptr --ip 10.0.0.6 10.0.0.5
or
cl-dns-recmod --ip 10.0.0.6 oldname.test.ru
Modifies the IP for the domain name oldname.test.ru.
Initial records:
PTR record 10.0.0.5 corresponding to oldname.test.ru
A record oldname.test.ru corresponding to 10.0.0.5
Modified records:
PTR record 10.0.0.6 corresponding to oldname.test.ru
A record oldname.test.ru corresponding to 10.0.0.6
Modifying the domain name of a PTR record
Example:
cl-dns-recmod -t ptr --automod off --host newname.test.ru oldname.test.ru
or
cl-dns-recmod -t ptr --automod off --host newname.test.ru 10.0.0.5
Replaces the oldname.test.ru domain name with newname.test.ru.
Initial record:
PTR record 10.0.0.5 corresponding to oldname.test.ru
Modified record:
PTR record 10.0.0.5 corresponding to newname.test.ru
Modifying the IP of a PTR record
Example:
cl-dns-recmod -t ptr --automod off --ip 10.0.0.6 10.0.0.5
or
cl-dns-recmod -t ptr --ip 10.0.0.6 oldname.test.ru
Replaces the IP value with 10.0.0.6 for the domain name oldname.test.ru.
Initial record:
PTR record 10.0.0.5 corresponding to oldname.test.ru
Modified record:
PTR record 10.0.0.6 corresponding to oldname.test.ru
Modifying a CNAME record
Example 1:
cl-dns-recmod --cname calculate.ru cn.test.ru
Modifies the CNAME record.
Initial record:
CNAME record cn.test.ru corresponding to acoola.ru
Modified record:
CNAME record cn.test.ru corresponding to calculate.ru
Example 2:
cl-dns-recmod -t cname --host cname.test.ru cn.test.ru
Modifies the CNAME record.
Initial record:
CNAME record cn.test.ru corresponding to calculate.ru
Modified record:
CNAME record cname.test.ru corresponding to calculate.ru
Modifying or creating an MX record
Example 1:
cl-dns-recmod --mx mail1.test.ru,mail2.test.ru test.test.ru
Replaces or, if it does not exist, creates MX records in the A record _ test.test.ru_.
Initial record:
A record test.test.ru - MX record mail.test.ru (priority 10)
Modified record:
A record test.test.ru - MX record mail1.test.ru (priority 10), MX record mail2.test.ru (priority 20)
Example 2:
cl-dns-recmod --mxmod mail2.test.ru,mailnew.test.ru test.test.ru
Modifies the MX record.
Initial record:
A record test.test.ru - MX record mail1.test.ru (priority 10), MX record mail2.test.ru (priority 20)
Modified record:
A record test.test.ru - MX record mail1.test.ru (priority 10), MX record mailnew.test.ru (priority 20)
Removing a DNS record¶
To remove a DNS record, use cl-dns-recdel.
Removing an A or a СNAME record
Example:
cl-dns-recdel --host test.test.ru
The A or CNAME record will be removed from test.test.ru
Removing a PTR record
Example:
cl-dns-recdel --ip 10.0.0.20
The PTR record of 20.0.0.10.in-addr.arpa will be removed (10.0.0.20 corresponding to test.test.ru)
Removing MX records from an A record
Example:
cl-dns-recdel --mx --host test.test.ru
All MX records will be removed from the A record test.test.ru
Get information on the DNS service¶
To get information on records and zones of the DNS service, you should use the cl-info command.
Getting information on all zones¶
cl-info -z dns
Getting information about a zone¶
cl-info -Z <zone_name or network> dns
Examples:
cl-info -Z 10.0.0.0/24 dns
Returns information on reverse zone 0.0.10.in-addr.arpa (network 10.0.0.0/24)
cl-info -Z test.ru dns
Returns information on the forward zone test.ru
Getting information about a record¶
cl-info -r <record_name_or_ip> dns
Examples:
cl-info -r 10.0.0.5 dns
Returns information on the record in reverse zone 5.0.0.10.in-addr.arpa (IP 10.0.0.5)
cl-info -r test.test.ru dns
Returns information on the record in the test.test.ru forward zone.
Examples of creating a zone and adding records to it¶
You will have to create a zone, test.ru, as well as the following domain names:- test.ru - ip 10.0.0.1, a WEB server, a DNS server.
- www.test.ru - ip 10.0.0.1, a WEB server (the CNAME record, the same server as test.ru)
- ftp.test.ru - ip 10.0.0.5, an FTP server
- user1.test.ru - 10.0.0.100, a user's computer
To do so, run the following commands after installing the DNS service:
- Creating a zone, named test.ru with an A record (test.ru --> 10.0.0.1) and a reverse zoen for network 10.0.0.0/24
cl-dns-zoneadd -n test.ru --server test.ru --ipserver 10.0.0.1
- creating a CNAME record (www.test.ru --> test.ru)
cl-dns-recadd -t cname --host www.test.ru --cname test.ru
- creating an A and a PTR records for the FTP server
cl-dns-recadd --host ftp.test.ru --ip 10.0.0.5
- creating an A and a PTR records for the user's computer
cl-dns-recadd --host user1.test.ru --ip 10.0.0.100
Check for the DNS server's intergrity¶
To check a DNS server for integrity, use the nslookup or host tools.
Once you have created a DNS zone and added records to it, you will have to display the existing records within the zone; to do this, enter:
cl-info -Z zone_name dns
Example:
The test.ru zone and records in it have been created previously.
Execute:
cl-info -Z domain.ru dns
The program returns:
Information about master DNS zone domain.ru +-------------------------------------------+------------------------------+ | Field | Value | +-------------------------------------------+------------------------------+ | Zone name | domain.ru | | Master autoritative server | domain.ru | | NS record | domain.ru | | A record | 10.0.0.5 | | Email administrator | root@domain.ru | | Serial number | 3 | | Refresh | 8H | | Update | 2H | | Expiry | 2W | | Minimum | 2H | +-------------------------------------------+------------------------------+ (10 rows) Information about A records in master DNS zone domain.ru +-------------------------------------+-----------------+ | Domain | ip | +-------------------------------------+-----------------+ | localhost.domain.ru | 127.0.0. | | calculate.domain.ru | 10.0.0.54 | +-------------------------------------+-----------------+ (2 rows)
Check the DNS server's intergrity based on any of the existing A records; use one of the following commands:
nslookup A_record_name DNS_server_ip
or
host A_record_name DNS_server_ip
Example:
Checking a DNS server with IP address 10.0.0.5. Zone information of domain.ru is the same as in the previous example.
Check with nslookup:
nslookup calculate.domain.ru 10.0.0.5
If the DNS service works OK, the program will return:
Server: 10.0.0.5 Address: 10.0.0.5#53 Name: calculate.domain.ru Address: 10.0.0.54
Check with host:
host calculate.domain.ru 10.0.0.5
If the DNS service works OK, the program will return:
Using domain server: Name: 10.0.0.5 Address: 10.0.0.5#53 Aliases: calculate.domain.ru has address 10.0.0.54