Network Presence Blog

Here’s how to use your dual IP address equipment Network Presence VPS running the CentOS flavour of Redhat Linux, to run your Name Servers (ns1 and ns2) for your own Domains.

First, you need two separate live to the Internet IPv4 IP Addresses and if you’re VPS Plan is one of our popular Value VPS Plans, then you only have a single IP address to start. So our “Extra IP Address for your VPS” Professional Services product provides you with another IP address that can be configured to your CentOS VPS.

If you need to configure another IP address to your CentOS VPS, then replace X.X.X.X and Y with details supplied by us in the following shell command extract (run as the ‘root’ user when logged into your VPS by SSH client) :

# cat < EOF > /etc/sysconfig/network-scripts/ifcfg-eth0:0
DEVICE="eth0:0"
BOOTPROTO="static"
IPADDR=X.X.X.X
NETMASK=255.255.255.Y
ONBOOT="yes"
EOF

ifup eth0:0 ## or reboot now..

Then with your dual IP Addresses running on your VPS, you can now install the BIND/named Name Server packages for CentOS with:

yum -y install bind bind-chroot

This just installs the software, but doesn’t configure it in any way and you next need to populate the various files that BIND
needs in the ‘chroot’ directory tree (/var/named/chroot/) to run and host your domain name(s).

Like most RHEL-based RPMs and open-source software distributions, the bind Package has installed example and documentation files into /usr/share/doc/bind-9.3.6/sample/

So now we copy relevant example files and then configure your local Name Server for your Domain name and the following creates a named.conf file for you in the “chroot” directory tree of the CentOS “bind-chroot” package. Please substitute YOURDOMAIN.CO for your full domain name.

# cat < EOF > /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion no;
allow-recursion { none; };
allow-transfer {
localhost;
IP-ADDRESS-OF-YOUR-SECONDARY-NAME-SERVER;
};
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.conf.local";
EOF

Now configure your /etc/named.conf.local, with a template looking like:

# cat < EOF > /var/named/chroot/etc/named.conf.local
zone "YOURDOMAIN.CO" {
type master;
allow-transfer {IP-ADDRESS-OF-YOUR-SECONDARY-NAME-SERVER;}; // or "allow-transfer {none;};" if you don't want any Secondary Name Server Zone Transfers
file "/var/named/YOURDOMAIN.CO";
allow-query { any; };
};
EOF

If you have a separate Secondary Name Server, then its named.conf.local file would be (to be a ‘slave’ Name Server from your Primary’s IP address, assuming that the Primary Name Server is on X.X.X.X and the Secondary is on IP addr Y.Y.Y.Y, being the above referenced ‘IP-ADDRESS-OF-YOUR-SECONDARY-NAME-SERVER’:

# cat < EOF > /var/named/chroot/etc/named.conf.local
zone "YOURDOMAIN.CO" {
type slave;
masters { X.X.X.X; };
file "/var/named/chroot/var/named/YOURDOMAIN.CO";
allow-query { any; };
};
EOF

Make sure that the running Name Server software will be able to read those files with commands like (as root):

chgrp named /var/named/chroot/etc/named.conf /var/named/chroot/etc/named.conf.local
chmod g+r /var/named/chroot/etc/named.conf /var/named/chroot/etc/named.conf.local

Last step in the setup is to create the “Zone Files” (the actual files containing your domain’s data or information) and continuing to use the template/demo domain name of YOURDOMAIN.CO and your VPS IP Address of X.X.X.X, here’s a template Zone File for YOURDOMAIN.CO:

# cat < EOF > /var/named/chroot/var/named/YOURDOMAIN.CO
$ORIGIN .
$TTL 3600 ; 1 hour
YOURDOMAIN.CO IN SOA ns1.YOURDOMAIN.CO. domain.YOURDOMAIN.CO. (
2014030100 ; serial
8640 ; refresh (.1 day)
360 ; retry (.1 hour)
259200 ; expire ((4 weeks 2 days)/10)
60480 ; minimum (.01 week)
)
$TTL 36000 ; 10 hours
NS ns1.YOURDOMAIN.CO.
NS ns2.YOURDOMAIN.CO.
$TTL 360 ; .1 hour
MX 10 mail.YOURDOMAIN.CO.
A X.X.X.X
$ORIGIN YOURDOMAIN.CO.
$TTL 3600 ; 1 hour
ns1 A X.X.X.X
ns2 A Y.Y.Y.Y // if you have a Secondary Name Server on Y.Y.Y.Y or use X.X.X.X again (not recommended really though)
;
www A IP.ADDR.of.your.Web.Server
mail A IP.ADDR.of.your.Mail.Server;
EOF

With the templates and filenames listed above updated for your actual domain names, you can now test that your configuration works with:

service named configtest

If all is “Ok” in that output, now start your Name Server with:

service named start

And make sure it’ll start at system bootup with:

chkconfig named on

That should do it, start testing with the ‘dig’ commands, substituting your actual domain name with something like:

dig YOURDOMAIN.CO @127.0.01 # to test from the host itself

Or from a remote host with:

dig YOURDOMAIN.CO @X.X.X.X # IP address as listed above

FYI and Network Presence customers are welcome to contact us for help setting up their Name Servers, regards,
Richard.