Categories

DNS Server

Introduction

A DNS server is great to have on a local network, especially if there are several machines. It is far easier to remember machine names than it is to remember IP addresses. On the local network the “.atgo” domain is used as an extension for all computer names for communication. Any thing can be used really, but it is best to stay away from official domains. The purpose of this DNS server is to provide these domains through a single source for all the computers on the network and a cache to speed up queries.

MacOS X comes with a pre-installed version of BIND that is suited to this task. There is two files to edit, two files to create to enable this job.

Local Domain

In this case the local domain will be “.atgo”. Hence, two files are created in /var/named.

atgo.zone


$TTL    86400
@                       1D IN SOA       ns.atgo. Webmaster.atgo.org. (
                                        2006112401      ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum
;
                TXT     "ATGO"
                NS      ns.atgo. ; Address of name server
                MX      10 mail.atgo. ; Primary mail exchanger
;
localhost       A       127.0.0.1

ns              A       xxx.xxx.xxx.xxx

jesus           A       xxx.xxx.xxx.xxx
                HINFO   "Core Solo" "MacOS X"
                TXT     "Intel Core Solo"
mail            CNAME   jesus
www             CNAME   jesus

This is a standard BIND installation, and so standard nomenclature can be used. The xxx.xxx.xxx.xxx is the IP address assigned to the computer in question on the local network. The IP address can be set in the Network Preference Pane on each computer. Obviously, this list can be as long as necessary, one for each computer on the network.

named.atgo

The second file to be created is the inverse of the first file. This is the reverse mapping, indicating which numbers point to which names.


TTL    86400
@       IN      SOA     localhost. root.localhost.  (
                                      2006112500  ; Serial
                                      3H          ; Refresh
                                      15M         ; Retry
                                      1W          ; Expire
                                      1D  )       ; Minimum
        IN      NS      ns.atgo.

xxx     IN      PTR     jesus.atgo.

Ideally, there should be a PTR entry for every physical computer on the network.

named.conf

The first of the files to be edited can be found in /etc/. This is the main configuration file for BIND, and will point to the two files previously created.


controls {
     inet 127.0.0.1 port 54 allow {any; };
};

options {
        directory "/var/named";
        forward first;
        forwarders {
                xxx.xxx.xxx.xxx;
                xxx.xxx.xxx.xxx;
        };
        allow-query { xxx.xxx.xxx.0/24; localhost; };
        allow-recursion { xxx.xxx.xxx.0/24; localhost; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "atgo" IN {
        type master;
        file "atgo.zone";
        allow-query { any; };
};

zone "xxx.xxx.xxx.in-addr.arpa" IN {
        type master;
        file "named.atgo";
        allow-query { any; };
};

The forwarders should be any DNS servers provided by your ISP. The idea is that the server will query these servers if it doesn’t know the address being queried.

The allow-query and allow-recursion fields should be the first three blocks of your local network. These usually begin with 192.168.0., but that will depend on the network. The zone field should be these three blocks in reverse order.

org.isc.named.plist

The final file is the start up control. It tells MacOS X that BIND needs to be turned on at start up. Note that in 10.4 and above, this is handled by launchd and not hostconfig. This file can be found in /System/Library/LaunchDaemons/.


...
<key>Disabled</key>
<false />
...

All that’s left now is load this into launchd. Open a terminal and type:


sudo -s
launchctl stop org.isc.named
launchctl unload org.isc.named.plist
launchctl load org.isc.named.plist
launchctl start org.isc.named

All done! BIND should now be running, and start up when the server is rebooted. If not, then you probably have incorrect syntax in one of your files. Fix the problem and try again.

More Information

Leave a Reply

Your email address will not be published. Required fields are marked *