On Sunday, I mentioned making your forward and reverse DNS entries match up. But I didn’t really discuss what to do if they don’t. For those readers moving into Ubuntu from Mac OS X Server, you’ll note that at installation time, if the hostname doesn’t match the A record and PTR for your server then it will install DNS and make them match up. The reason for this is that host names are a critical aspect in how many of the network services that modern services run. If you don’t have DNS or if you want to fire up DNS in the same manner that Mac OS X Server does it then let’s look at doing so here.
First up, let’s get the packages that we’ll need installed using apt-get, which includes bind9 and dnsutils:
apt-get install bind9 dnsutils
Once those are installed, let’s define our zone and reverse zone in /etc/bind/named.conf.local:
zone “krypted.com” {
type master;
file “/etc/bind/zones/krypted.com.db”;
};
zone “210.168.192.in-addr.arpa” {
type master;
file “/etc/bind/zones/rev.210.168.192.in-addr.arpa”;
};
Note: If you’re cut/copy/pasting here, the double-quotes are going to need to get replaced with unformatted ones.
If you have other forward or reverse zones then you will need to add them using the same format as above. Once you’re done, save the file.
Next, let’s tell the server where to look when attempting to resolve names that it does not host. This information is stored in the options array in /etc/bind/named.conf.options. This is currently commented out (commented lines start with //) so let’s uncomment the forwarders section (by removing the // in front of the lines) and change the IP of that forwarder from 0.0.0.0 to the IP address of your server. It should look similar to the following when complete:
forwarders {
4.2.2.2
};
Next, we’re going to create our
mkdir /etc/bind/zones
touch /etc/bind/zones/krypted.com.db
touch /etc/bind/zones/rev.210.168.192.in-addr.arpa
Now that we’ve created our files, let’s edit them. First, open /etc/bind/zones/krypted.com.db and look for all instances of krypted.com, replacing them with the domain name that you would like to use. Also, look for all of the records and make sure that they match with the name and IP that you would like to use, creating new lines for each new record:
krypted.com. IN SOA ns1.krypted.com. admin.krypted.com. (
2007031001
28800
3600
604800
38400
)
krypted.com. IN NS ubuntu08.krypted.com.
krypted.com. IN MX 10 mail.krypted.com.
www IN A 192.168.210.2
home IN A 192.168.210.2
mta IN A 192.168.210.2
ubuntu08 IN A 192.168.210.254
Next, we’ll populate the reverse zone file. You’ll need to replace my instances with your own as in the previous section. Open /etc/bind/zones/rev.0.168.192.in-addr.arpa in your favorite text editor and edit away:
@ IN SOA ubuntu08.krypted.com. admin.krypted.com. (
2007031001;
28800;
604800;
604800;
86400
)
IN NS ubuntu08.krypted.com. 1 IN PTR krypted.com
Next, we’ll restart the DNS services to accept these massive changes we’ve made:
/etc/init.d/bind9 restart
Next, edit the /etc/resolv.conf file to set the DNS server and (optional) search domain. Then change it to look something like the following:
search https://krypted.com/
nameserver 192.168.210.254
Finally, you can use dig and nslookup to test the lookups and make sure they work. For example:
nslookup ubuntu08.krypted.com