Setting up BIND under windows
Download the BIND executeable linked from the previous post and install it to the default directory. Make sure that in BIND's installation window that you specify a password for the named user.Under Windows XP, %WINDIR% is 'C:\WINDOWS'
Under Windows NT/2K/2K3, %WINDIR% is 'C:\WINNT'
%WINDIR%\SYSTEM32\dns\bin
In this directory you have all of the BIND executeables. Here's a description of the executeables I'm going to bother mentioning:
named.exe - This is the BIND server program
rndc.exe - This program can be used to manage the server
named-checkzone.exe - This program can be used to check the syntax for zone files
named-checkconf.exe - This program can be used to check the syntax for config files
%WINDIR%\SYSTEM32\dns\etc
In this directory you have all the configuration files and zone files. Delete all the files you see in here. Then download my template BIND Config files to this directory. Ignore the sub directories at the link. Here's a description of the files:
named.conf - Tell bind what domains you are hosting - plus some extra config stuff.
rndc.key - This is the authentication key for rndc.exe to manage named.exe.
named.ca - These are the DNS root servers.
basiczone.com.zone - This is an example zone file.
127.0.0.rev - This is an example of a reverse IP zone file.
If you are the intuitive sort, reading the comments in these files should teach you all you need to know to get everything setup to your satisfaction. However, I'm going to assume you're still confused, so let's move on. The first thing we need to do is configure BIND to be the host of your domain. So crack open named.conf in notepad.
-- open named.conf --
First we need to tell BIND where our zone files are going to be stored. Currently it is set to this:
directory "/var/named";
That may be fine under linux, but we need to change it to this. Don't forget to replace %WINDIR% with the path to your windows directory.
directory "%WINDIR%\SYSTEM32\dns\etc";
Now let's pretend the domain you want to host on your server is called "example.com". Let's edit the file so that it is using our domain. Scroll all the way down to the end of the file. You will find this zone block:
zone "basiczone.com" IN {
type master;
file "basiczone.com.zone";
};
Seems pretty straight-forward. We are going to be the master of the domain, so the type is "master". It also provides the name of the file that stores information about the "basiczone.com" domain. Let's change that to this:
zone "example.com" IN {
type master;
file "example.com.zone";
};
Excellent, we are now the host of our very own example.com! The file "example.com.zone" that will be in our etc directory will take care of domain->IP resolutions, but we also need IP->domain resolution as well. So take a look at this other zone block:
zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0.rev";
};
Now we see why it's called a "reverse" zone. The IP address is reversed for resolution purposes to make it act like a domain. Now go to www.whatismyip.com and copy that IP address. I'm going to pretend that the IP is 12.345.67.8. Let's edit the zone block to say this:
zone "67.345.12.in-addr.arpa" {
type master;
file "12.345.67.rev";
};
Wondering why we aren't including the last number 8? It's because this demonstration is creating a reverse zone file for all the IP addresses that start with 12.345.67. In the zone file we'll configure which ending IPs are pointing to what.
-- close named.conf --
So now we're done configuring named.conf. We need to setup the domain and reverse ip zone files now. In your etc directory, make the following changes:
rename basiczone.com.zone to example.com.zone
rename 127.0.0.rev to 12.345.67.rev
Once again we're at a point where the dns server will run perfectly fine. However, our DNS info will be all wrong wrong wrong. So on to editing your example.com domain. We're assuming the following:
You registered ns1.example.com at your registrar with 12.345.67.8
You registered ns2.example.com at your registrar with 12.345.67.8
You specified the following servers as hosts for your domain at your registrar:
ns1.example.com
ns2.example.com
-- open example.com.zone --
There's a few confusing points about this file that you may be wondering about. A zone file is filled with "records". Each record takes a domain, and assign it to some piece of information. The file is also organized into columns. Here's a description of them:
Column1: The domain to assign the information
In the first column we have these values: @, ns1, ns2, www, mail. The '@' is a symbol for the name of our zone. That would be 'example.com' in this case. The other words are simply a shortcut for "ns1.example.com", "ns2.example.com", "Www.example.com", and "mail.example.com" respectively. BIND will add on the zone name when it reads the file.
Column2: The type of information we're assigning
In the second column we have these values: SOA, NS, MX, A. Just ignore the SOA record, it's required. The NS records are where we specify the names of the dns servers that host our domain. The MX record is where we assign the name of our email server for
Column3: The information data
This is what we're going to have to edit. The NS records are fine if you added "ns1.example.com" and "ns2.example.com" as hosts for your domain at your registrar. If not, you need to change the data values to the names of the dns servers you DID assign at your registrar. The MX record is also fine if you want "mail.example.com" to be your mail server. The 'A' records have got to change though. If you're hosting your own mail server and web server, change all the IPs to 12.345.67.8 (replace that with your real IP of course).
-- close example.com.zone --
All done with that. Let's move on to the reverse zone:
-- open 12.345.67.rev --
Things are a little bit different in this file. Notice that we've got some full domains. You are allowed to specify full domains in your zone files IF you have a period stuck on to the end of it. Always put that period on there if you DON'T want BIND to automatically append the zone name to the end of the domain. We also got a new record type called PTR. The PTR record is what you use to assign a domain to an IP. PTR records should only be located in reverse IP zones. In this zone we are assigning domains to 4 IP addresses. All 4 IPs begin with 12.345.67 since that is the name of our zone, and the last digit can be found in the first column. Delete all these records:
1 PTR ns1.basiczone.com.
2 PTR ns2.basiczone.com.
3 PTR mail.basiczone.com.
4 PTR www.basiczone.com.
In our demonstration we only have 1 IP, so let's make only 1 PTR record for the IP ending with 8.
8 PTR mail.example.com. ;12.345.67.8 points to mail.example.com
We actually have a lot of domains pointing to that IP, but we should only specify one of them. Since many mail servers require RDNS for you to send mail to them, I had the mail domain assigned to the IP. We also need to change the NS records from:
@ NS ns1.basiczone.com.
@ NS ns2.basiczone.com.
To the name servers that host a reverse zone for this IP:
@ NS ns1.example.com.
@ NS ns2.example.com.
-- close 12.345.67.rev --
Now let's talk about how to manage the server.
start the server
Windows: Control Panel->Administrative Tools->Services->ISC BIND->Start
stop the server
Windows: Control Panel->Administrative Tools->Services->ISC BIND->Stop
DOS: %WINDIR%\SYSTEM32\dns\bin>rndc.exe stop
reload config
Windows: Control Panel->Administrative Tools->Services->ISC BIND->Restart
DOS: %WINDIR%\SYSTEM32\dns\bin>rndc.exe reload
If you try to start the server and it says the application terminated unexpectedly or something, check the error logs like this:
Windows: Control Panel->Administrative Tools->Event Viewer->Application Log
DOS: %WINDIR%\SYSTEM32\dns\bin>named.exe -g
If you did fail to start the server, it means named.conf has a syntax error someplace. Either try to figure it out yourself, or show me the logs using the DOS method.
Got the server start? excellent! Now let's test your configuration. I wrote a tool called "DNS Crawler" and it is a great way to test your dns server config remotely.
http://www.dollardns.net/cgi-bin/dnscrawler/index.pl
In the above URL, enter your IP in the "server" field. The domain you registered in the "name" field. And "AXFR" for the type. Press "submit query" and you'll see your entire zone if you didn't mess up someplace. If you got a "server failure" then you need to check out the logs to see why. "server failures" most commonly happen when you have a syntax error in your zone file.
The above test uses TCP port 53. We should also make sure that normal UDP queries also work. Make the same query except change the type to "ANY". That will display all records assigned to the root domain. (the ones that start with @ in your zone file).
Another great resource for checking the syntax of your domains is in the below link. Create a master or reverse zone, and change it up. It will tell you if you try to save a zone with syntax errors. There's also a DNS Crawler link to check the format of your zone.
DollarDNS DNS Manager
And by golly, I think I'm done with this tutorial.
source :
http://forums.devshed.com/dns-36/bet-you-want-to-setup-a-dns-server-huh-141940.html
0 komentar:
Posting Komentar