[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Re: Secondary DNS auto replication
- Subject: [cobalt-security] Re: Secondary DNS auto replication
- From: Sérgio Araújo <sergio@xxxxxxxx>
- Date: Fri, 03 May 2002 02:18:35 +0100
- Organization: 3G - NetWorks
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Greetings,
jeanjean wrote:
Hello,
I read a page some weeks ago, talking about how easy it is to configure a
auto replication of a secondary DNS. The problem is that i loose the link ;(
Can anybody help me to explain how to setup my secondary DNS server to auto
replicate or duplicate the ns1 server ?
I'm not talking about the 'Add Secondary Name Service for Domain', because
this one don't auto replicate the ns1....
OK now, this one is easy, though I'm a bit tired after a long day. Let's
assume your primary DNS is a Cobalt system, and the secondary is an
common Linux system:
1. Go to the "Server Management", "Control Panel", "DNS Server", "Add",
"Server Settings", and add the secondary DNS system's IP address to the
"Zone Transfer Address" box. Save changes.
2. Select your domain, and edit the "Start of Authority (SOA)
Configuration". Add the secondary DNS system's hostname to the
"Secondary Name Server (NS) Host Name" box. Save changes.
3. "Save changes to the DNS server", and "Save Changes" to the Service
Settings.
4. Now, on to the secondary DNS system. Supposing that you already have
the "bind" DNS server installed there, edit /etc/named.conf and use
something like:
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
statistics-file "/var/log/named.stats";
};
//
// a caching only nameserver config
//
zone "." {
type hint;
file "root.cache";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};
zone "your.domain.com" {
type slave;
file "your.domain.com";
masters { DNS1.IP.address; };
};
5. Save the /etc/named.conf file, and restart "bind" with
/etc/rc.d/init.d/named restart. You should see something like this,
using a "tail -f /var/log/messages":
May 3 02:10:49 localhost named[12789]: slave zone "your.domain.com"
(IN) loaded (serial 2002050302)
6. A copy of your "your.domain.com" DNS zone is kept on
/var/named/your.domain.com.
7. Check everything is OK with a "nslookup -type=ns your.domain.com
DNS2.your.domain.com", and a "nslookup webserver.your.domain.com
DNS2.your.domain.com".
Good luck,
Sérgio Araújo