Monday, November 14, 2011

Fedora Core DNS Server using BIND

Setting and configure BIND as and Domain Name Sever (DNS) on Fedora Core Linux machine.

1. DNS (domain name system)
Correspondence of IP address and hostname
The  /etc/hosts file example

# IP Address Hostname Alias localhost apple www desk desk.domain.cxm

Installation of BIND

BIND (Berkeley Internet Name Domain)

[root@tenouk ~]# mount /mnt/cdrom
[root@tenouk ~]# cd /mnt/cdrom/RedHat/RPMS
[root@tenouk ~]# rpm –Uhv bind-9.2.0-8.i386.rpm
[root@tenouk ~]# rpm –Uhv caching-nameserver-7.2.1.noarch.rpm
[root@tenouk ~]# cd /
[root@tenouk ~]# umount /dev/cdrom

Setting of client and server

edit the resolf.conf file to enable the client or server to find the DSN server.

[root@tenouk ~]# vi /etc/resolv.conf

Definition of IP address of DNS server which client uses

Setting the DNS server.

[root@tenouk ~]# vi /etc/named.conf
// generated by
options {
directory "/var/named";
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
// query-source address * port 53;

// a caching only nameserver config
controls {
inet allow { localhost; } keys { rndckey; };
zone "." IN {
type hint;
file "";

zone "localhost" IN {
type master;
file "";
allow-update { none; };

zone "" IN {
type master;
file "named.local";
allow-update { none; };
// The following code is added
zone "" IN {
type master;
file "";
allow-update { none; };

zone "" IN {
type master;
file "named.10.10.0";
allow-update { none; };

include "/etc/rndc.key";

[root@tenouk ~]# cp /var/named/named.local /var/named/named.10.10.0
[root@tenouk ~]# vi /var/named/named.10.10.0

$TTL 86400
@ IN SOA (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum

235 IN PTR
236 IN PTR

[root@tenouk ~]# cp /var/named/named.local /var/named/
[root@tenouk ~]# vi /var/named/

$TTL 86400
@ IN SOA (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum

IN MX 10

jmtist20 IN A
compaq IN A

Start BIND service

Start, stop and restart the named service.

[root@tenouk ~]# /etc/rc.d/init.d/named start
[root@tenouk ~]# /etc/rc.d/init.d/named stop
[root@tenouk ~]# /etc/rc.d/init.d/named restart


[root@tenouk ~]# /sbin/service named start
[root@tenouk ~]# /sbin/service named stop
[root@tenouk ~]# /sbin/service named restart

Setting automatic start for named on runlavel 3 and runlevel 5..

[root@tenouk ~]# /sbin/chkconfig --level 35 named on

Confirmation of automatic start.

[root@tenouk ~]# /sbin/chkconfig --list named

Confirmation of bind.

Use the command example below to test your DNS server functionality.

[root@tenouk ~]# ping
[root@tenouk ~]# ping
[root@tenouk ~]# ping jmtist20
[root@tenouk ~]# ping compaq
[root@tenouk ~]# ping
[root@tenouk ~]# ping
[root@tenouk ~]# nslookup
[root@tenouk ~]# nslookup
[root@tenouk ~]# nslookup
[root@tenouk ~]# nslookup

SOA - Start of authority
NS - Name server
A - Address record
PTR - Pointer record
MX - Mail exchanger

Configure NFS server and Configure NFS client - Network File System

NFS offers service which can use the file which other remote hosts have as well as the file which a local host has.  Portmapper should should be install and configure in order to start NFS service.  The article below show the step by step NFS installation, the NFS server configuration and NFS client configuration.

Installation of NFS server

[root@tenouk ~]# mount /dev/cdrom
[root@tenouk ~]# cd /mnt/cdrom/RedHat/RPMS
[root@tenouk ~]# rpm –Uhv nfs-utils-0.3.1-13.i386.rpm
[root@tenouk ~]# cd /
[root@tenouk ~]# umount /dev/cdrom

Start and stop NFS service

[root@tenouk ~]# /sbin/service nfs start
[root@tenouk ~]# /sbin/service nfs stop

Setting of automatic start for NFS

Set automatically start for nfs on runlevel 3 and runlevel 5.

[root@tenouk ~]# /sbin/chkconfig –level 35 nfs on

Confirmation of automatic start

[root@tenouk ~]# /sbin/chkconfig --list nfs
nfs 0:off 1: off 2: off 3: on 4: off 5:on 6: off
[root@tenouk ~]#

Configure /etc/exports

File which sets which file or directory on NFS server other hosts can share
It is called export to put out permission to other hosts.

[root@tenouk ~]# vi /etc/exports

The NFS mount is permitted to be done to the host who has belonged to while possible to be read and written.

Configure /usr/sbin/exportfs

The content written in /etc/exports is moved to the export table.

[root@tenouk ~]# /usr/sbin/exportfs –a

All content written in /etc/exports is made effective.

[root@tenouk ~]# /usr/sbin/exportfs –v

The content of a present export table is displayed.

Confirmation of NFS mount

Which client does the NFS mount is confirmed.

[root@tenouk ~]# showmount
Host on localhost
[root@tenouk ~]#

Display the NFS mount directory.

[root@tenouk ~]# showmount –d
[root@tenouk ~]#

The directory and the client that the NFS mount is done are displayed.

[root@tenouk ~]# showmount –a
[root@tenouk ~]#

Setting of NFS client

[root@tenouk ~]# mount –t nfs compaq:/export /mnt/nfs

Directory /export on NFS server compaq is done and the NFS mount is done to local host's /mnt/nfs.

Un mount NFS.

[root@tenouk ~]# umount /mnt/nfs

Automatic mount NFS filesystem

When starting, the mount is done when the NFS mount is described in /etc/fstab.

[root@tenouk ~]# vi /etc/fstab
hostA:/export /mnt/nfs mfs soft 0 0

The first field : Directory name on NFS server
The second field : Mount point on local host
The third field : Kind of filesystem
The fourth field : Mount option
The fifth field :
The sixth field :

Automount NFS

Installation of autofs is needed to make sure that the NFS is aoutmatically mount.

Confirmation on autofs installation.

[root@tenouk ~]# rpm -q autofs 

Installation of autofs.

Install autofs using rpm package.

[root@tenouk ~]# mount /dev/cdrom
[root@tenouk ~]# cd /mnt/cdrom/RedHat/RPMS
[root@tenouk ~]# rpm -Uhv autofs-3.1.7-28.i386.rpm
[root@tenouk ~]# cd /
[root@tenouk ~]# umont /dev/cdrom

Start, stop and restart autofs.

[root@tenouk ~]# /sbin/service autofs start
[root@tenouk ~]# /sbin/service autofs stop
[root@tenouk ~]# /sbin/service autofs restart

Setting of autofs automatic start.

[root@tenouk ~]# /sbin/chkconfig --level 35 autofs on

Confirmation of autofs automatic start

[root@tenouk ~]# /sbin/chkconfig --list autofs

Setting which uses NIS

The configuration on the NIS server

[root@tenouk ~]# vi /etc/auto.master
/nfs /etc/auto.home --timeout 60

[root@tenouk ~]# vi /etc/auto.home
home -rw,hard,intr,nolock compaq:/home

[root@tenouk ~]# vi /var/yp/Makefile
all: passwd group hosts rpc services netid protocols mail \
shadow auto.home \
# netgrp shadow publickey networks ethers bootparams printcap \
# amd.home auto.master auto.home auto.local passwd.adjunct \
# timezone locale netmasks

Update of NIS data base

[root@tenouk ~]# cd /var/yp
[root@tenouk ~]# make

Setting on the NIS / NFS client side

Confirmation of auto.home

[root@tenouk ~]# ypcat auto.home
-rw,hard,intr,nolock compaq:/home

[root@tenouk ~]# vi /etc/auto.master
/nfs auto.home --timeout 60

Setup and configure NIS server and NIS client on Fedora Core Linux operating system.

 NIS required only when NIS (Network Information Service) is used, Nis involve only with the user registration etc. only to the server.  The article below the step by step setup and configure the NIS server and NIS client on Fedora operating system, the article also include the setup of portmap, nsswitch and using tools such as ypwhich, ypcat and ypmatch.

Setting of NIS domain server and client
The following line is added to /etc/sysconfig/network.

Portmapper should start to operate NIS and NFS.
Portmapper allocates the TCP/UDP port number in the RPC service program.

Portmap installation

[root@tenouk ~]# mount /dev/cdrom
[root@tenouk ~]# cd /mnt/cdrom/RedHat/RPMS
[root@tenouk ~]# rpm –Uhv portmap-4.0-38.i386.rpm
[root@tenouk ~]# cd /
[root@tenouk ~]# umount /dev/cdrom

Start  and stop portmap service

[root@tenouk ~]# /sbin/service portmap start
[root@tenouk ~]# /sbin/service portmap stop

Confirmation of automatic start of portmap

List the automatic start for portmap service.

[root@tenouk ~]# /sbin/chkconfig --list portmap

Setting of automatic start of portmap.

[root@tenouk ~]# /sbin/chkconfig --level 35 portmap on

Setting of NIS Server

NIS installation

[root@tenouk ~]# mount /dev/cdrom
[root@tenouk ~]# cd /mnt/cdrom/RedHat/RPMS
[root@tenouk ~]# rpm –Uhv ypserv-1.3.12-2.i386.rpm
[root@tenouk ~]# cd /
[root@tenouk ~]# umount /dev/cdrom

Control of ypserv

[root@tenouk ~]# /sbin/service ypserv start
[root@tenouk ~]# /sbin/service ypserv stopt

Setting of automatic start of ypserv

[root@tenouk ~]# /sbin/chkconfig --level 35 ypserv on

Confirmation of automatic start of ypserv

[root@tenouk ~]# /sbin/chkconfig --list ypserv

Ypserv controls the access by /var/yp/securenets.

[root@tenouk ~]# vi /var/yp/securenets //The access from all hosts is permitted.

Ypserv responds only from the host who belongs to


   One NIS server or more is necessary to use NIS. NIS data bases contains user information and host information, etc. are put on the NIS server. One of NIS must becomes a master server when two or more NIS servers are prepared, and the remain becomes a slave server.  All information is set on the master server, and the slave server maintains the copy.  The file such as /etc/passwd on the master server is converted into the NIS map.

Example of NIS map

(file) (nis map)
passwd passwd.byname passwd.byuid
hosts hosts.byname hosts.byaddr

Making NIS map

1. Information necessary for the file is written If it is for instance /etc/hosts, the host name and Internet Protocol address are written.
2. The NIS data base is made from these files.

[root@tenouk ~]# cd /var/yp
[root@tenouk ~]# make

Setting of master server

Information in the NIS map is reflected in the mastering server.

[root@tenouk ~]# /usr/lib/yp/ypinit –m

The NIS slave server name is heard when executing.
Besides, when the NIS server does not exist, ends if CTRL+D is input.

Setting of slave server

[root@tenouk ~]# /usr/lib/yp/ypinit –s masterservername

Information in the NIS map is automatically copied from the master server.

Setting of NIS client

The installation process of ypbind and yp-tools.

[root@tenouk ~]# mount /dev/cdrom
[root@tenouk ~]# cd /mnt/cdrom/RedHat/RPMS
[root@tenouk ~]# rpm –Uhv ypbind-1.8-1.i386.rpm
[root@tenouk ~]# rpm –Uhv yp-tools-2.5-1.i386.rpm
[root@tenouk ~]# cd /
[root@tenouk ~]# umount /dev/cdrom

Beginning and stop of ypbind)

[root@tenouk ~]# /sbin/service ypbind start
[root@tenouk ~]# /sbin/service ypbind stop

Setting of automatic start)

[root@tenouk ~]# /sbin/chkconfig --level 35 ypbind on

Confirmation of automatic start

[root@tenouk ~]# /sbin/chkconfig --list ypbind

Specification of nis server

Open and edirt yp.conf file.

[root@tenouk ~]# vi /etc/yp.conf

# /etc/yp.conf - ypbind configuration file
# Valid entries are
# Use server HOSTNAME for the domain NISDOMAIN.
#domain NISDOMAIN broadcast
# Use broadcast on the local net for domain NISDOMAIN
#ypserver HOSTNAME
# Use server HOSTNAME for the local domain. The
# IP-address of server must be listed in /etc/hosts.

Setting of name service switch

   For instance, information on the user has two of information from /etc/passwd and NIS of each client. Moreover, the host name has three of information from /etc/hosts, NIS, and DNS of each client. By what priority level these information is used specifies the name service switch depending.

[root@tenouk ~]# vi /etc/nsswitch.conf

# /etc/nsswitch.conf
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
# Legal entries are:
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis

passwd: files nisplus
shadow: files nisplus
group: files nisplus

#hosts: db files nisplus nis dns
hosts: files nisplus dns

# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files nisplus
rpc: files
services: files nisplus

netgroup: files nisplus

publickey: nisplus

automount: files nisplus
aliases: files nisplus

Using ypwhich

Ypwhich displays which NIS server to be used.

[root@tenouk ~]# ypwhich
[root@tenouk ~]#

The list of the data base map is output

[root@tenouk ~]# ypwhich –x
Use "ethers" for map "ethers.byname"
Use "aliases" for map "mail.aliases"
Use "services" for map "services.byname"
Use "protocols" for map "protocols.bynumber"
Use "hosts" for map "hosts.byname"
Use "networks" for map "networks.byaddr"
Use "group" for map "group.byname"
Use "passwd" for map "passwd.byname"

Using ypcat

Display the content of the NIS data base output.

Nis passwd

[root@tenouk ~]# ypcat passwd
nfsnobody:!!:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
[root@tenouk ~]#

hosts file

[root@tenouk ~]# ypcat hosts nt RedHatA localhost.localdomain localhost RedHatA localhost.localdomain localhost RedHatA
[root@tenouk ~]#

Using ypmatch

A specific key word of the NIS data base is retrieved, and the result is output.

[root@tenouk ~]# ypmatch nt hosts nt
[root@tenouk ~]#