CONFIGURE DNS and GNS
OS OEL 5.10 (Tikanga)
STEP-1
RPM INSTALLATION
Install Below
RPMs
yum install bind* caching-namSeserver*
[root@dns ~]# rpm -qa bind* cach*
bind-libs-9.3.6-20.P1.el5_8.6
bind-chroot-9.3.6-20.P1.el5_8.6
bind-sdb-9.3.6-20.P1.el5_8.6
bind-utils-9.3.6-20.P1.el5_8.6
caching-nameserver-9.3.6-20.P1.el5_8.6
bind-devel-9.3.6-20.P1.el5_8.6
bind-libbind-devel-9.3.6-20.P1.el5_8.6
bind-9.3.6-20.P1.el5_8.6
STEP-2
chmod
775 named.conf
Copy named.conf at all below locations
cp
named.conf /var/named
cp
named.conf /var/named/chroot/var/named/
#dns-keygen
(to generate the
dns keys)
ZhOVl2DRY1oKnOX486kKzzuiverp7AwD16BsAOm9gIrXW70f3bjTrKA8FAB8
[root@dns ~]# cat /etc/named.conf
options
{
// Those options
should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
// Put files that
named is allowed to write in the data/ directory:
listen-on port 53 { 127.0.0.1;
192.168.2.103; };
directory
"/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file
"data/named_mem_stats.txt";
};
logging
{
/* If you want to
enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run'
file in the $directory (/var/named).
* By default, SELinux policy does not allow
named to modify the /var/named directory,
* so put the default debug log file in
data/ :
*/
channel default_debug {
file
"data/named.run";
severity
dynamic;
};
};
key ddns_key
{
algorithm hmac-md5;
secret "ZhOVl2DRY1oKnOX486kKzzuiverp7AwD16BsAOm9gIrXW70f3bjTrKA8FAB8";
};
zone "ora.com" IN
{
type master;
file "ora.com.zone";
allow-update { none; };
};
zone
"2.168.192.in-addr.arpa." IN {
type master;
file "2.168.192.in-addr.arpa";
allow-update { none; };
};
zone "." in {
type hint;
file "/dev/null";
};
[root@dns ~]# vi /var/named/ora.com.zone
+++++++++++++++++CONTENTS++++++++++++++++++++++++++++++++
$TTL 86400
@
IN SOA dns.ora.com.
root@dns.ora.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D
) ; minimum
@
IN NS dns.ora.com.
localhost
IN A 127.0.0.1
rac1
IN A 192.168.2.131
rac2
IN A 192.168.2.132
rac1-vip
IN A 192.168.2.31
rac2-vip
IN A 192.168.2.32
rac-scan
IN A 192.168.2.133
rac-scan
IN A 192.168.2.134
rac-scan IN A 192.168.2.135
gns IN A 192.168.2.105 ; A record for the GNS
;
;sub-domain(gns.ora.com)
definitions
$ORIGIN gns.ora.com.
@ IN
NS gns.ora.com. ; name server for the ora.com
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
chmod 775 /var/named/ora.com.zone
cp -p
/var/named/ora.com.zone /var/named/chroot/var/named/
STEP-3
Create the reverse proxy file under /var/named
[root@dns ~]# vi
/var/named/2.168.192.in-addr.arpa
+++++++++++++++++CONTENTS++++++++++++++++++++++++++++++++
$ORIGIN
2.168.192.in-addr.arpa.
$TTL 1H
@ IN SOA ora.com.
root.ora.com. ( 2
3H
1H
1W
1H )
2.168.192.in-addr.arpa.
IN NS ora.com.
131 IN PTR
rac1.ora.com.
132 IN PTR
rac2.ora.com.
31 IN PTR
rac1-vip.ora.com.
32 IN PTR
rac2-vip.ora.com.
133 IN PTR
rac-scan.ora.com.
134 IN PTR
rac-scan.ora.com.
135 IN PTR
rac-scan.ora.com.
105 IN PTR gns.ora.com.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
cp -p
/var/named/2.168.192.in-addr.arpa /var/named/chroot/var/named/
STEP-4
UPDATE BELOW FILE
[root@dns ~]# cat /etc/resolv.conf
search ora.com
nameserver 192.168.2.103
STEP-5
Restarting services
#service named stop
#service named start
#chkconfig named on
#dig -x 192.168.1.131 (Dig stands for (Domain Information Groper) is a network administration
command-line tool for querying Domain Name System (DNS) name servers. It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answers that
are returned from the name server that were queried. dig is part of the BIND
domain name server software suite. dig command replaces older tool such as nslookup a)nd the host. dig tool is available in
major Linux distributions.
STEP-6
update the below entry in /etc/nsswitch.conf file
(Its shows first DNS
server will use to resolve the IP address then /etc/ hosts file
then nis
/etc/nsswitch.conf
#hosts: db files nisplus nis dns ç========OLD
hosts: dns files nis ç======NEW
After modifying the nsswitch.conf file, restart the nscd daemon on
each node using the following command:
# /sbin/service nscd restart
I used the DNS and GNS to install 12C
clusterware. Below are the high level
steps to configure DNS and GNS
Configured DNS and GNS machine
OS OEL 5.10 (Tikanga)
STEP-1
RPM INSTALLATION
Install Below
RPMs
yum install bind* caching-namSeserver*
[root@dns ~]# rpm -qa bind* cach*
bind-libs-9.3.6-20.P1.el5_8.6
bind-chroot-9.3.6-20.P1.el5_8.6
bind-sdb-9.3.6-20.P1.el5_8.6
bind-utils-9.3.6-20.P1.el5_8.6
caching-nameserver-9.3.6-20.P1.el5_8.6
bind-devel-9.3.6-20.P1.el5_8.6
bind-libbind-devel-9.3.6-20.P1.el5_8.6
bind-9.3.6-20.P1.el5_8.6
STEP-2
chmod
775 named.conf
Copy named.conf at all below locations
cp
named.conf /var/named
cp
named.conf /var/named/chroot/var/named/
#dns-keygen
(to generate the
dns keys)
ZhOVl2DRY1oKnOX486kKzzuiverp7AwD16BsAOm9gIrXW70f3bjTrKA8FAB8
[root@dns ~]# cat /etc/named.conf
options
{
// Those options
should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
// Put files that
named is allowed to write in the data/ directory:
listen-on port 53 { 127.0.0.1;
192.168.2.103; };
directory
"/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file
"data/named_mem_stats.txt";
};
logging
{
/* If you want to
enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run'
file in the $directory (/var/named).
* By default, SELinux policy does not allow
named to modify the /var/named directory,
* so put the default debug log file in
data/ :
*/
channel default_debug {
file
"data/named.run";
severity
dynamic;
};
};
key ddns_key
{
algorithm hmac-md5;
secret "ZhOVl2DRY1oKnOX486kKzzuiverp7AwD16BsAOm9gIrXW70f3bjTrKA8FAB8";
};
zone "ora.com" IN
{
type master;
file "ora.com.zone";
allow-update { none; };
};
zone
"2.168.192.in-addr.arpa." IN {
type master;
file "2.168.192.in-addr.arpa";
allow-update { none; };
};
zone "." in {
type hint;
file "/dev/null";
};
[root@dns ~]# vi /var/named/ora.com.zone
+++++++++++++++++CONTENTS++++++++++++++++++++++++++++++++
$TTL 86400
@
IN SOA dns.ora.com.
root@dns.ora.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D
) ; minimum
@
IN NS dns.ora.com.
localhost
IN A 127.0.0.1
rac1
IN A 192.168.2.131
rac2
IN A 192.168.2.132
rac1-vip
IN A 192.168.2.31
rac2-vip
IN A 192.168.2.32
rac-scan
IN A 192.168.2.133
rac-scan
IN A 192.168.2.134
rac-scan IN A 192.168.2.135
gns IN A 192.168.2.105 ; A record for the GNS
;
;sub-domain(gns.ora.com)
definitions
$ORIGIN gns.ora.com.
@ IN
NS gns.ora.com. ; name server for the ora.com
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
chmod 775 /var/named/ora.com.zone
cp -p
/var/named/ora.com.zone /var/named/chroot/var/named/
STEP-3
Create the reverse proxy file under /var/named
[root@dns ~]# vi
/var/named/2.168.192.in-addr.arpa
+++++++++++++++++CONTENTS++++++++++++++++++++++++++++++++
$ORIGIN
2.168.192.in-addr.arpa.
$TTL 1H
@ IN SOA ora.com.
root.ora.com. ( 2
3H
1H
1W
1H )
2.168.192.in-addr.arpa.
IN NS ora.com.
131 IN PTR
rac1.ora.com.
132 IN PTR
rac2.ora.com.
31 IN PTR
rac1-vip.ora.com.
32 IN PTR
rac2-vip.ora.com.
133 IN PTR
rac-scan.ora.com.
134 IN PTR
rac-scan.ora.com.
135 IN PTR
rac-scan.ora.com.
105 IN PTR gns.ora.com.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
cp -p
/var/named/2.168.192.in-addr.arpa /var/named/chroot/var/named/
STEP-4
UPDATE BELOW FILE
[root@dns ~]# cat /etc/resolv.conf
search ora.com
nameserver 192.168.2.103
STEP-5
Restarting services
#service named stop
#service named start
#chkconfig named on
#dig -x 192.168.1.131 (Dig stands for (Domain Information Groper) is a network administration
command-line tool for querying Domain Name System (DNS) name servers. It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answers that
are returned from the name server that were queried. dig is part of the BIND
domain name server software suite. dig command replaces older tool such as nslookup a)nd the host. dig tool is available in
major Linux distributions.
STEP-6
update the below entry in /etc/nsswitch.conf file
(Its shows first DNS
server will use to resolve the IP address then /etc/ hosts file
then nis
/etc/nsswitch.conf
#hosts: db files nisplus nis dns ç========OLD
hosts: dns files nis ç======NEW
After modifying the nsswitch.conf file, restart the nscd daemon on
each node using the following command:
# /sbin/service nscd restart
No comments:
Post a Comment