17731521 using webmin and bind9 to setup dns server on linux v12

8/6/2019 17731521 Using Webmin and Bind9 to Setup DNS Server on Linux v12

1/13

DNS Server Using Webmin and Bind9 to Setup DNS Server v1.0

April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada

www.globalopenversity.org A GOV HowTo Technical Publication

1

Using Webmin and Bind9 to Setup DNS Sever on Linux

By Kefa Rabah, [email protected] March 2008

Installing and Configuring Webm inAdministering Linux and Unix-based servers does not need to be the scourge of your work day.With a handy tool called Webmin as part of your arsenal, you can regain full control of your

servers setup and configuration via the Web browser.

To Install Webmin and get started, drop by www.webmin.com and download the latest release.

You can use RPMs for Red Hat and related systems that support binary installations or you can

build Webmin from source. Webmin supports a large number of UNIX variants, including OS X. To

install the rpm, simply open a terminal session, and type in:

# rpm ivh webmin*

Or

# yum install webmin* -y

As root user in the directory in which Webmin was downloaded

Webmin is the most powerful administration tool in its nature. We will use it to set up our DNS,

but I will not go over it in detail because we already know how to use other administrative tools.

It is not difficult to use because it is web based, in any event, you should know that you can use

it remotely to administrate the system. In this HowTo were going to use Webmin to setup DNS

Server and mail, www and ftp servers on Linux CentOS5.

While here also note our hostname: cos52.linuxauth.com

Other servers are:

mail.linuxauth.com

www.linuxauth.com

ftp.linuxauth.com

Check out /etc/hosts to ensure that you have a correct setup, in our case, its as follows:

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost

192.168.83.15 cos52.linuxauth.com cos52 mail www ftp

::1 localhost6.localdomain6 localhost6

Make sure that all the required services are running including webmin, if it is already installed. If

you need help for installation, refer to software installation in this book.

Ok here we go

Open the web browser and type:

http:// localhost:10000 orhttp://127.0.0.1:10000 http://yourdomain:1000in our case: http://cos52.linuxauth.com:1000
mailto:[email protected]://www.webmin.com/http://www.webmin.com/mailto:[email protected]


2/13




2

Fig. 1

When you open the web browser and execute the 10000 port you will see an error, describing

that the web server is running in SSL mode and gives you a link to try instead. Click on the link,

you may see another error describing that the server certificate failed; click on Continue.

Another warning pops up.

Fig 2

Click on Or you can add an exceptionNext enter the user name and password to authenticate.


3/13




3

Fig. 3

Note: For security practices, never use Remember login password.

Also note that this is run by root, but you can still give permission to other users to run it.

I suggest never give this power to any other user except to you, the administrator.

Click on Login to enter Webmin

Fig 4

Figure 4 above shows Webmin's home page a generic most wanted administrative tool. But of

course with all the tools, you probably won't rely on webmin for all admin purposes. Although,

Webmin is useful for automating tasks, for teaching purpose, its always preferable to do things


4/13




4

manually via command line so that apprentices can have a better understanding of what actually

happens in the background.

Feel free to explore and actually try to use the available modules in webmin. Once you learn to

use it, it will become your favorite remote administrative tool.

From Fig. 4 clicking on Servers brings you to Fig. 5, while there note all other servers that are

available in this panel, and which are installed on this machine.

Next, from Fig. 5 below; click on Bind DNS Server to start with our DNS configuration. For this

article we used Bind9, however, do make a point to download the latest Bind server package and

ensure that update your system before proceeding with setup. The network address used here is

for LAN, but you can easily replace it with a public IP address if you have a legal domain name

and have an IP address issued to you by your ISP or domain hosting company.

Fig 5

From 5, choose the option best suited for your setup. In our case we opted for the second option.

Checking the second option and clicking Create Primary Configuration and Start Nameserver

brings you to the Bind DNS Server panel.

Note that Bind DNS Server panel is divided into three different sections:

Global server options Existing DNS zones (which will be our working section, see Fig. 6)

Client's view designed on the server


5/13




5

Fig 6: Our working section, Existing DNS Zone: Click Create master zone.

Creating the Master Domain

Our Domain: linuxauth.com

Note the period (.) at the end of the domain name, it has to be there its not a mistake.

Adding the zone / Forward Zone!

1. Click on create a new master zone2. Zone type: Forward (forward name to address) select it3. Domain name /Network: linuxauth.com. (domain here)

4. Record file:Automatic

5. Master server:server2.linuxauth.com[/]Add NS record for Master Server?

6. Email address: root@localhost or [email protected]

7. Use zone template:no

8. Leave the rest as default9. Click on create

Once the zone was created proceed to edit its properties, it takes you to this panel

automatically.

Once the zone was created proceed to edit its properties, it takes you to this panel automatically.

Edit master zone[In Netcontrol.or

*Adding the address:g]

1. Click on Address2. Enter name:linuxauth.com.

3. Enter address: 192.168.83.15(note: this is the physical address domain 1)


6/13




6

4. Time-To Leave: default5. Update reverse?: yes

6. Click on create

Fig 6: Your address record should look like this

7. Return to record types

Add Name Server records

(Note: this section may be already updated)

1. Enter zone name: linuxauth.com.

2. Time-To-Leave : Default

3. Enter Name server: cos52.linuxauth.com.(host.domain.com)4. Click on create

Fig 7:If already updated, it should look like this

5. Return to record type.

Add Name Alias Record

1. Name: www

2. Time-To-Leave:Default

3. Real Name: linuxauth.com.

4. Click on create--------------------------------------------------------

5. Name:mail

6. Time-To Leave: Default

7. Real Name: linuxauth.com.8. Click on create

-------------------------------------------------------9. Name: ftp10. Time-To-Leave: Default11. Real Name: linuxauth.com.12. Click on create


7/13




7

Fig 8: Your alias should look like this

13. Return to Record Type

-------------------------------------------------------

Mail Exchange Record (Mx record)

1. Name: linuxauth.com.

2. Time-To-Leave:Default3. Mail Server:mail. linuxauth.com.

4. Priority: 10

5. Click on create

Fig 9: The mail record should look like this

Return to Record Types

We just finished creating the forward zone. At the very bottom of this current panel (EditMaster Zone), click on Return to zone list.

From the zone list

* Click on Apply Changes.

The next step is the Reverse Zone for netcontrol.org

Adding the Reverse Zone

1. Click on Create New Master Zone2. Now the Zone type will be:Reverse

3. Domain name/network:192.168.83 (The last number is left out which is 58)

4. Records file:Automatic

5. Master server: server2.linuxauth.com [/]Add NS record for Master Server?

6. Email address: root@localhost or [email protected]


8/13




8

7. Use template:no

8. Refresh time: leave as default

9. Expiry time:leave as default

10. IP address for template:leave blank

11. Transfer retry time:leave as default

12. Default time to leave: leave as default

13. Click on create

Now Edit the Master Zone properties for the Reverse that we just created.

Create Pointer

1. Click on PT2. Now add Reverse Address Record3. Address:192.168.83.15(type complete IP address here)

4. Host name:cos52.linuxauth.com.

5. Update forward:yes

6. Click on Create

Fig 10: After creating it should look like this

7. Return to Record Types

Add name Server (NS)

(This data may be already updated)

1. Zone Name:83.168.192

2. Name Server:cos52.linuxauth.com.

3. Time to leave:Default

4. Click create

Fig 11:If already updated should look like this

5. Return to Record Types


9/13




9

Add Name Alias Record (CN)

--------------------------------------------------------------

1. Name: www

2. Time-To-Leave:Default

3. Real Name:linuxauth.com.

4. Click on create------------------------------------------------------------

5. Name:mail

6. Time-to-Leave:Default


8. Click on create-----------------------------------------------------------

9. Name: ftp

10. Time-to-Leave:Default


12. Click on create

Fig 12:After you have entered all the aliases it should look like this

13.Return to zone list

Our newly modified zone list now is as shown in Fig. 13 below:


10/13




10

Fig. 13: Final Existing DNS Zone------------------------------------------------------------

Click on Apply Changes

We just completed a totally functional DNS

You can now verify the changes in the main configuration file

/var/named/chroot/etc/named.conf

Note that a new zone has been added, which can be found at: /var/named/chroot/var/named,

these are: linuxauth.com.hosts and 192.168.83.rev.

You should see something similar to this: (Your host of course)

This is the content of the file:named.conf

options {

directory "/etc";

var/run/named/named.pid";pid-file "/

};

zone "." {

type hint;

db.cache";file "/etc/

};

zone "linuxauth.com" {

type master;

file "/var/named/linuxauth.com.hosts";

};


11/13




11

zone "83.168.192.in-addr.arpa" {

type master;

file "/var/named/192.168.83.rev";

};

Contents of these files in: /var/named/chroot/var/named/

This is the content of the file:linuxauth.com.hosts

------------------------------------------------------------------------------

$ttl 38400linuxauth.com. IN SOA cos52.linuxauth.com. root.linuxauth.com. (

123631754710800

3600

60480038400 )

linuxauth.com. IN NS cos52.linuxauth.com.linuxauth.com. IN A 192.168.83.15

www.linuxauth.com. IN CNAME linuxauth.com.

mail.linuxauth.com. IN CNAME linuxauth.com.ftp.linuxauth.com. IN CNAME linuxauth.com.

linuxauth.com. IN MX 10 mail.linuxauth.com.cos52.linuxauth.com. IN A 192.168.83.15

------------------------------------------------------------------------------

This is the content of the file:83.168.192.rev

-

-----------------------------------------------------------------------------

$ttl 38400

83.168.192.in-addr.arpa. IN SOA cos52.linuxauth.com.root.linuxauth.com. (

123632143910800

360060480038400 )

83.168.192.in-addr.arpa. IN NS cos52.linuxauth.com.

15.83.168.192.in-addr.arpa. IN PTR cos52.linuxauth.com.www.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.

mail.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.ftp.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.


12/13




12

------------------------------------------------------------------------------

As you can see, using webmin is the fastest and surest way to set up a DNS server; or you can sit

there all day and type line by line and still get wrong.

[root@cos52 ~]# service named restart

Now test our DNS server using dig and nslookup to test and ensure that our master DNS is

working as expected. Fig. 15 shows the dig and Fig. 16, which confirms that all is working well.

Fig. 15: shows the dig command which returns corrects results.


13/13




13

Fig. 16: shows the nslookup command which returns IP address correctly.

Now that we have created a perfect master DNS; we can go ahead and use our system for almost

anything, e.g., ftp, mail, and www. The same way we created this master DNS you can also

create a slave DNS server at a different IP address to provide for redundancy. That is, by creating

a slave DNS, they can replicate each others data so that if one of the servers goes down, the otherone will respond to the queries transparently without affecting the network clients.

So what is the big picture i.e., in a simple language having perfectly functioning redundancy DNS

server within your network enables both servers and clients in your network to use different IP addresses

and will be resolved by your DNS server.

Now you can go ahead install messaging server like Zimbra that require that master DNS is installed and

working.

Enjoy!-----------------------

Kefa Rabah is the Founder and CIO, of Serengeti Systems Group Inc. Kefa isknowledgeable in several field of Science & Technology, IT Security Complianceand Project Management, and Renewable Energy Systems. He is also the founderof Global Open Versity, a Center of Excellence in eLearning.
mailto:%[email protected]://www.serengetisys.com/http://www.globalopenversity.org/http://www.globalopenversity.org/http://www.serengetisys.com/mailto:%[email protected]

17731521 using webmin and bind9 to setup dns server on linux v12

Documents