Difference between revisions of "Multiple DNS server configuration"
m |
m |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Bind DNS server configuration]] > [[Multiple DNS server configuration]] | |||
=Different DNS for different zone= | |||
It is possible for an organization to have many internal DNS servers serving different domains. Assume the domains to be example.com and example.org. Now if a client requests example.com DNS server for example.org address resolution then the request may be resolved as a public request, because example.com server will treat example.org same as yahoo.com or google.co.in. To ensure that such requests also get resolved locally both example.com and example.org servers should have both example.org and example.com zones. Now example.com server should have following entry in its '<tt>named.conf</tt>' file: | It is possible for an organization to have many internal DNS servers serving different domains. Assume the domains to be example.com and example.org. Now if a client requests example.com DNS server for example.org address resolution then the request may be resolved as a public request, because example.com server will treat example.org same as yahoo.com or google.co.in. To ensure that such requests also get resolved locally both example.com and example.org servers should have both example.org and example.com zones. Now example.com server should have following entry in its '<tt>named.conf</tt>' file: | ||
Line 16: | Line 15: | ||
= | =Different DNS for sub-zone= | ||
To delegate a sub-zone to a different DNS appropriate records have to be entered in the zone file of parent zone. This can be done as follows: | |||
<pre> | |||
$ORIGIN <sub-zone>. | |||
@ IN NS ns1.<sub-zone>. | |||
IN NS ns2.<sub-zone>. | |||
ns1 IN A A.B.C.D. | |||
ns2 IN A P.Q.R.S | |||
</pre> | |||
Steps learned from http://stackoverflow.com/questions/15338232/how-to-forward-a-subzone | |||
===Primary server zone configuration | |||
=Subzone in same DNS= | |||
To create a sub-zone in same DNS use following at end after all current zone entries are complete: | |||
<pre> | |||
$ORIGIN admin.sbarjatiya.com. | |||
@ IN MX 10 smtp.admin.sbarjatiya.com. | |||
smtp IN A 172.19.4.126 | |||
imap IN A 172.19.4.126 | |||
pop3 IN A 172.19.4.126 | |||
rcube IN A 172.19.4.127 | |||
</pre> | |||
=Primary and secondary DNS servers= | |||
==Primary server zone configuration== | |||
Multiple DNS servers are most commonly created for backup so that if primary server is down secondary server can resolve all queries. | Multiple DNS servers are most commonly created for backup so that if primary server is down secondary server can resolve all queries. | ||
Line 36: | Line 63: | ||
==Secondary server zone configuration== | |||
To configure a secondary server zone use: | To configure a secondary server zone use: | ||
Line 52: | Line 79: | ||
==Editing zone records== | |||
To edit zone records use following steps: | To edit zone records use following steps: | ||
Line 68: | Line 95: | ||
#:</pre> | #:</pre> | ||
# Verify new serial number is reflected in secondary server using same dig command. | # Verify new serial number is reflected in secondary server using same dig command. | ||
Steps learned from http://jon.netdork.net/2008/08/21/bind-dynamic-zones-and-updates/ | |||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Bind DNS server configuration]] > [[Multiple DNS server configuration]] |
Latest revision as of 08:26, 10 March 2022
Home > CentOS > CentOS 6.x > Bind DNS server configuration > Multiple DNS server configuration
Different DNS for different zone
It is possible for an organization to have many internal DNS servers serving different domains. Assume the domains to be example.com and example.org. Now if a client requests example.com DNS server for example.org address resolution then the request may be resolved as a public request, because example.com server will treat example.org same as yahoo.com or google.co.in. To ensure that such requests also get resolved locally both example.com and example.org servers should have both example.org and example.com zones. Now example.com server should have following entry in its 'named.conf' file:
zone "example.org." { type forward; forwarders { <IP>; }; };
where <IP> should be IP address of example.org DNS server which would resolve all example.org requests.
Different DNS for sub-zone
To delegate a sub-zone to a different DNS appropriate records have to be entered in the zone file of parent zone. This can be done as follows:
$ORIGIN <sub-zone>. @ IN NS ns1.<sub-zone>. IN NS ns2.<sub-zone>. ns1 IN A A.B.C.D. ns2 IN A P.Q.R.S
Steps learned from http://stackoverflow.com/questions/15338232/how-to-forward-a-subzone
Subzone in same DNS
To create a sub-zone in same DNS use following at end after all current zone entries are complete:
$ORIGIN admin.sbarjatiya.com. @ IN MX 10 smtp.admin.sbarjatiya.com. smtp IN A 172.19.4.126 imap IN A 172.19.4.126 pop3 IN A 172.19.4.126 rcube IN A 172.19.4.127
Primary and secondary DNS servers
Primary server zone configuration
Multiple DNS servers are most commonly created for backup so that if primary server is down secondary server can resolve all queries. To configure a primary server zone use:
zone "sbarjatiya.com." { type master; file "sbarjatiya.com.forward"; allow-transfer {192.168.2.114; 127.0.0.1; }; also-notify {192.168.2.114; }; allow-update {}; };
and replace 192.168.2.114 with actual secondary server IP. Multiple secondary servers can also be specified.
Secondary server zone configuration
To configure a secondary server zone use:
zone "sbarjatiya.com." { type slave; file "sbarjatiya.com.forward"; masters {192.168.2.106; }; allow-notify {192.168.2.106; }; allow-transfer {127.0.0.1; }; };
and replace 192.168.2.106 with actual primary server IP. Multiple primary servers can also be specified.
Editing zone records
To edit zone records use following steps:
- Log into primary server
- Edit zone file
- Use commands:
- rndc freeze sbarjatiya.com
- rndc reload sbarjatiya.com
- rndc thaw sbarjatiya.com
- Verify new serial number is reflected in primary server
- dig -t AXFR sbarjatiya.com @127.0.0.1
- Verify new serial number is reflected in secondary server using same dig command.
Steps learned from http://jon.netdork.net/2008/08/21/bind-dynamic-zones-and-updates/
Home > CentOS > CentOS 6.x > Bind DNS server configuration > Multiple DNS server configuration