ALINK="#FF0000">

"Linux Gazette...making Linux just a little more fun!"


DNS for the Home Network

By JC Pollman and Bill Mote


Disclaimer: This article provides information we have gleaned from reading the books, the HOWTOs, man pages, usenet news groups, and countless hours banging on the keyboard. It is not meant to be an all-inclusive exhaustive study on the topic, but rather, a stepping stone from the novice to the intermediate user.  All the examples are taken directly from our home networks so we know they work.

How to use this guide:

Prerequisites: This guide assumes that you have bind v8.2 installed, that you have selected a legal domain name, and that you're using IP Masquerade to "hide" your machine from the internet. If you're running bind v4.x  either upgrade (there are some security concerns with 4.x) or do not use this article as it will not work. Note - most distributions have three packages of bind - the only one you do not want is the "caching-only" version.

What is DNS?  DNS stands for: Domain Name System and is actually a protocol. Bind, which is the program you will use, (Berkeley Internet Name Domain) is an implementation of DNS, both server and client.  DNS translates alpha-numeric names, which we humans use, to ip addresses, which computers programs use, and vice versa.  In other words, it translates www.netscape.com to 207.200.75.200.

Why have your own DNS server?  You can survive without your own DNS server by using your ISP's DNS server. Using your own server helps to speed up name lookup, minimize the amount of admin time spent configuring your network when you add a new computer, allows sendmail to work better for your home network, and will give you a good weekend project.

Who is providing your DNS now? Odds are your local ISP is providing you DNS. Follow along with this example as it will validate our assumption and provide you with the basis to test your DNS setup after the installation. Connect to your ISP and then, from a terminal window, type the following command(s):

nslookup[Enter]

Default Server: {your ISP's DNS name will show here}
Address: {your ISP's DNS server IP address here}

Now type this in to see dns work:
>www.tux.org

Non-authoritative answer:
Name: gwyn.tux.org
Address: 207.96.122.8
Aliases: www.tux.org
>exit [Enter]


Important Note - Masquerading, do NOT even think of setting up your own private DNS unless you have set up masquerading (or have real ip addresses and have registered your network name)!  Otherwise you will confuse the system and probably get some nasty emails from the owners of the real ip addresses.  Masquerading allows you to use whatever ip addresses and name you want for your own private network and then masquerades requests from that network through your internet connection using the valid ip address for that connection.

Install DNS: You have to install the bind program to get DNS working.  In my home setup, kulai.org is my domain.  Since I use masquerade, kulai.org is not listed anywhere, nor did I register it with anyone. When you choose your domain name, make sure it is not already registered or you could end up making a mess of things.  You use the whois program to check if your domain has been legally registered. Example, while connected to the net:

whois  kulai.org [Enter]
and I get back a lot of stuff that ends with:
No match for "KULAI.ORG".
For the rest of this article I will be using my computers. They are:
 
 
master.kulai.org 192.168.124.10 linux only, the server
jc.kulai.org 192.168.124.1 linux and win98
fserver.kulai.org 192.168.124.11 freebsd only
phillip.kulai.org 192.168.124.20 win98 only

Setup your DNS: There are five files you have to create. These are ordinary text files you create with your favorite editor. You can copy and paste the examples provided - just make sure to change the names and ip addresses to yours!  These files are very particular about the syntax - be very careful when you type/edit them!

/etc/named.conf
/var/named/db.cache
/var/named/db.kulai.org        (where kulai.org is my domain)
/var/named/db.124.168.192    (where my network is 192.168.124.0)
/var/named/db.127.0.0
WARNING: While your DNS is being set up, never reboot your server without renaming /etc/resolv.conf. When the boot completes, rename it back to /etc/resolv.conf. A bad reverse DNS can prevent booting, requiring a boot and rescue bust-in. Save yourself the trouble - rename.

Also, check your /etc/nsswitch.cnf file. The "hosts" line should say "hosts: files dns". This will make the system resolve hostnames by first looking at /etc/hosts before consulting a possibly non-functioning DNS. If you have the Network Information System, the line may be "hosts: files nis dns".


 

Start it Up: Create the files above and then edit your /etc/resolv.conf to list only your own name server:

search kulai.org
nameserver 192.168.124.10
Note: /etc/resolv.conf is manditory for bind 8.*  then type: tail -f /var/log/messages[Enter] so you can monitor any error messages when named starts.  Open another window/console and type: /usr/sbin/ndc start [Enter]
(or for Redhat users: /etc/rc.d/init.d/named start )
Your /var/log/messages should have a number of entries about named and end with: Jul 10 15:54:26 master named: named startup succeeded
Jul 10 15:54:26 master named[3523]: Ready to answer queries.
To test it, connect to the internet and repeat the process in section "Who is providing your DNS now?"  It should give your server's name as the name server.  Type in a place you often go to and see if it gives you the ip address.

If this does not work:
    1. Check to see if named is running:
        ps ax|grep named [Enter]

    2. Ping the server from a different machine, both by ip address and name:
        ping 192.168.124.10 [Enter]
        ping  master.kulai.org [Enter]

    3. Telnet to the server. A long time to connect will indicate a problem.

If all goes well, point the rest of the computers on your home network to your new name server.

Final thoughts: We have given you a cookie-cutter recipe for setting up a simple dns server.  Since success usually creates greater interest, here are some places to learn more:

The DNS HOWTO
DNS and Bind by O'Reilly
DNS - ZDNet Webopedia Definition and Links
Troubeshooters.com: DNS -- also includes hints for those who have used an old version of bind

Get your dns working as we will be using it in the months to come. Next month we tackle mail for the home network.


Copyright © 1999, JC Pollman and Bill Mote
Published in Issue 44 of Linux Gazette, August 1999


[ TABLE OF CONTENTS ] [ FRONT PAGE ]  Back  Next