# Need help setting up bind

## Adel Ahmed

I'm trying to create a simple dns server

here's my network:

dns server             192.168.1.6

laptop                   192.168.1.11

winmaster             192.168.1.12

winbmrclient          192.168.1.13

I just need to be able to resolve these names to IPs via the DNS

having the dns server referring to another dns server for resolution(for internet access) would be nice too 

I have emerged bind but I'm a bit clueless about the configuration file, and the gentoo entry was a little complicated.

I'm new to bind so please keep it simple

thanks

----------

## John R. Graham

Have you seen then Gentoo BIND Guide?

- John

----------

## 666threesixes666

jrg, wouldnt resolving this issue be as simple as starting named at boot, pointing all devices to dns server, then having a host file with ip addresses / aliases on the name server?  (bind resolves outside stuff out of the box, though id run through the namebench gauntlet and feed it the fastest possible name servers)Last edited by 666threesixes666 on Fri Jun 14, 2013 5:30 pm; edited 1 time in total

----------

## Adel Ahmed

yup 

I keep getting this error though:

 * Starting named ...

 * Checking named configuration ...                                                                                                                    [ ok ]

 * start-stop-daemon: failed to start `/usr/sbin/named'                                                                                                [ !! ]

 * ERROR: named failed to start

I dont think its a configuration error, the configuration errors were explicitly mentioned when starting

I've messed aroudn with the configuration files alot so I thought a fresh start would be much better

----------

## John R. Graham

 *666threesixes666 wrote:*   

> jrg, wouldnt resolving this issue be as simple as starting named at boot, pointing all devices to dns server, then having a host file with ip addresses / aliases on the name server?

 Not ideally, no. Instead, you'd set up a DHCP server that would automatically point all the devices at the local DNS and resolve the host names automatically as well. DNS is half the puzzle.

- John

----------

## 666threesixes666

searching the doc you posted, yields zero results for "dhcp" & "DHCP" id say more like 1/3rd, because how are you going to name hosts, or statically assign the same ip to servers?  what complicated entry do you refer to original poster?  (link please)

i know how to do this with dnsmasq serving up dhcp, static addresses based off of macs, and caching dns, but i am interested in BIND to do this as dnsmasq is not corporate grade.  second, what DHCP server do you suggest to do this JRG?  i realized that i didnt test dnsmasq doing host name resolutions through dhcp of the host pc naming its self, and using static /etc/host entries.

----------

## John R. Graham

 *666threesixes666 wrote:*   

> searching the doc you posted, yields zero results for "dhcp"...

 That's because the OP's question was about bind.

For a carrier grade DHCP server, I'd probably recommend net-misc/dhcp. Personally, I do successfully use dnsmasq to resolve host names on the local network. Static addresses are a pain. For those that are a near necessity (e.g., gateways, routers) I use dnsmasq to manage those all in one place. In other words, my machines with static IP addresses receive those static addresses via dhcp.

- John

----------

## Adel Ahmed

I need to create a dhcp server as well?

----------

## 666threesixes666

first, before doing anything else, make sure 192.168.1.6 can dig google.com, and can start bind.

make sure as root

/etc/init.d/named status

produces

* status:started

then once you have that squared away

try putting in the name server box's /etc/hosts

192.168.1.6 dns

192.168.1.11 laptop

192.168.1.12 winmaster

192.168.1.13 winbmrclient

"having the dns server referring to another dns server for resolution" no need to change any configs, it does this the moment its merged...

on .11 box as root

echo "nameserver 192.168.1.6" >> /etc/resolv.conf

& put # in front of all other nameserver references by means of nano.

dig google.com, from .11 if you get a response good, do the echo command & commenting to other boxes.  (if not uncomment other name servers, and comment .6 entry)

if windows set name server to 192.168.1.6 in static ip configuration.

"cya" references

```

sed -n '15 p' /etc/host.conf

```

my computer runs a static ip stand alone bind server with no clients behind it except its self on 127.0.0.1.  dhcp is only a good idea, not mandatory.  (else i think that DNS documentation page would be severely lacking in documentation, and flagged with warnings of being incomplete)

----------

## Adel Ahmed

well I've removed my previous config and started the service

however the clients cannot resolve each other

all my clients are windows machines, I'm not sure if this affects the config somehow

edit:

sorry about that, I just looked at the config file and found out my subnet was not added to the trusted acl  :Very Happy:  :Very Happy: 

edit2:

actually, it's forwarding an the internet names can be resolved, the hosts in /etc/hosts are not resolvable. 

I'll work on using those zone directives

----------

## Adel Ahmed

here's my zone file:

$TTL 3D

@               IN      SOA     ns.me. adel.me. (

                                1       ; Serial

                                8H      ; Refresh

                                2H      ; Retry

                                4W      ; Expire

                                1D)     ; Minimum TTL                                                                                

                        NS      ns.me.

1                       PTR     localhost.

pc      A       192.168.1.6

I just used a zone file from another website so I honestly do not understand the directives

----------

## cwr

These are the config files I use for an isolated network with a desktop

machine used as a bind server, http server, etc.  The various machine

numbers have been changed, but farthing is the desktop (server) and florin

a laptop (client).  Some of the lease time-outs are very short, intended

to deal with Virtualbox instances and Arduino programming.

I can't remember much about how I set it up, several years ago, but basically

I followed the instructions.  Be careful; things may have changed since then

and some of the options/settings gone out of fashion.  And be especially

careful of trailing '.'s in bind db files.

Will

(It's an isolated network, but I'm pretty sure it would play nicely with

a router and the internet if I gave it the chance.)

##########################################

/etc/dhcp/dhcpd.conf

##########################################

#

# dhcpd.conf

#

# Configuration file for ISC dhcpd on farthing.

#

# Decimal / binary masks.

# 192 decimal is 11000000

# 224 decimal is 11100000

# 240 decimal is 11110000

# Option definitions common to all supported networks.

option domain-name "seckford.org";

option domain-name-servers localhost, farthing;

# Lease times. The default is used for virtual machines.

# Note that Bind uses half this duration as TTL.

default-lease-time 600;

max-lease-time 7200;

# DDNS methods (not used on this network).

ddns-domainname "seckford.org";

ddns-update-style interim;

do-forward-updates true;

allow client-updates;

# If this DHCP server is the official DHCP server for the local

# network, the authoritative directive should be uncommented.

authoritative;

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local1;

# This is used for DDNS.

key DHCP_UPDATER {

    algorithm HMAC-MD5.SIG-ALG.REG.INT;

    secret xxxxxxxxxxxxxxxxxxxxxxxx;

}

zone seckford.org. {

    primary 123.456.78.196;

    #primary 127.0.0.1;

    key DHCP_UPDATER;

}

zone 78.456.123.in-addr.arpa. {

    primary 123.456.78.196;

    #primary 127.0.0.1;

    key DHCP_UPDATER;

}

# No service will be given on this subnet, but declaring it helps the 

# DHCP server to understand the network topology.

#subnet 10.152.187.0 netmask 255.255.255.0 {

#}

# This declares the addresses available for dynamic assignment.

# The dynamically-assigned addresses form a subnet with a 240 mask,

# but that is something for routing, not addressing, to deal with.

# Sort out this masking; is wired/wireless split useful ???

subnet 123.456.78.192 netmask 255.255.255.224 {

    range 123.456.78.200 123.456.78.222;

    #option subnet-mask 255.255.255.240;

    option broadcast-address 123.456.78.255;

    option domain-name-servers 123.456.78.196;

}

# This declares an interface on the AP COINS.

# The wlan0 interface is set to 224 in conf.d/net

# Is the name server on 196 accessible?

subnet 123.456.78.224 netmask 255.255.255.224 {

   range 123.456.78.225 123.456.78.254;

   #option subnet-mask 255.255.255.224;

   option broadcast-address 123.456.78.255;

   option domain-name-servers 123.456.78.196;

}

# These are the subnets used when running without Bind.

# Empty subnet on 123.456.78.0 (controlled by farthing).

# subnet 123.456.78.0 netmask 255.255.255.0 {

#}

# Empty subnet on wlan0

subnet 192.168.0.0 netmask 255.255.255.0 {

}

# Subnet used for Arduino programming.

# The Asus WL-330gE uses the address

# 192.168.1.220 by default.

subnet 192.168.1.0 netmask 255.255.255.0 {

    # The T23 dhcpd is on 192.168.1.20

    range 192.168.1.8 192.168.1.19;

    option domain-name "seckford.org";

    option broadcast-address 192.168.1.255;

    # Without the max-lease-time setting

    # the minimum default is 300 seconds.

    default-lease-time 120;

    max-lease-time 120;

}

# Should this group of fixed address have a zone of their own, so that

# common options can be set?

# T23 Laptop one

host florin {

    hardware ethernet 11:22:33:44:55:66;

    fixed-address 123.456.78.199;

}

# ASUS Desktop

host farthing {

    hardware ethernet 11:22:33:44:55:66;

    fixed-address 123.456.78.196;

}

#

# and the rest.

#

##########################################

/etc/bind/named.conf

##########################################

//

// named.conf for the seckford.org domain.

//

options {

    directory "/etc/bind";               // Working directory

    pid-file "/var/run/named/named.pid"; // PID file

    allow-query-cache { any; };          // Allow access to cache

    allow-query { 123.456.78.0/24; };    // Permit local queries only

    //allow-query { any; };              // This is the default

    //forward only;                      // Query the forwarders only, not first

    //forwarders { 123.456.78.199; };    // Default is the empty list

    //allow-transfer { none; };          // For security

    //recursion yes;                     // dnsmasq requires recursion

    recursion no;

    files 4096;                          // Set max file count to max socket count

};

// Set up direct logging, ie. not via syslog.

logging {

	channel default_log {

		file "/var/log/named/named.log" versions 4 size 5M;

		print-time yes;

		print-category yes;

		print-severity yes;

	};

	category default { default_log; };

	category general { default_log; };

};

zone "." IN {

    type hint;

    file "root.hints";

};

// Forward lookups on the local host.

zone "localdomain" IN {

    type master;

    notify no;

    file "master/localhost.db";

};

// Reverse lookups on the local host.

zone "0.0.127.in-addr.arpa" IN {

    type master;

    notify no;

    file "master/localhost.rev.db";

};

// DDNS requires security.

key DHCP_UPDATER {

    algorithm HMAC-MD5.SIG-ALG.REG.INT;

    secret xxxxxxxxxxxxxxxxxxxxxxxx;

};

// We are the master server for seckford.org

zone "seckford.org" IN {

    type master;

    notify no;

    #allow-update { 123.456.78.0; };

    allow-update { key DHCP_UPDATER; };

    file "master/seckford.org.db";

};

// Reverse lookups on the domain.

zone "78.456.123.in-addr.arpa" IN {

    type master;

    notify no;

    #allow-update { 123.456.78.0; };

    allow-update { key DHCP_UPDATER; };

    file "master/seckford.org.rev.db";

};

// EOF

##########################################

/etc/bind/master/localhost.db

##########################################

$TTL 86400

; localhost.db

@	IN SOA localhost.localdomain. admin.localhost.localdomain. (

		001

		3h

		15

		1w

		3h

		)

		IN NS localhost.localdomain.

localhost	IN A  127.0.0.1

##########################################

/etc/bind/master/localhost.rev.db

##########################################

$TTL 86400

; localhost.rev.db

@	IN SOA localhost. admin.localhost. (

		001

		3h

		15

		1w

		3h

		)

@	IN NS  localhost.

1	IN PTR localhost.

##########################################

/etc/bind/master/seckford.org.db

##########################################

$ORIGIN .

$TTL 3600	; 1 hour

seckford.org		IN SOA	farthing.seckford.org. admin.seckford.org. (

				1373       ; serial

				10800      ; refresh (3 hours)

				3600       ; retry (1 hour)

				604800     ; expire (1 week)

				300        ; minimum (5 minutes)

				)

			NS	farthing.seckford.org.

			MX	10 farthing.seckford.org.

$ORIGIN seckford.org.

data			CNAME	florin

docs			CNAME	farthing

farthing		A	123.456.78.196

florin			A	123.456.78.199

ftp			CNAME	farthing

hg			CNAME	farthing

news			CNAME	florin

www			CNAME	farthing

##########################################

/etc/bind/master/seckford.org.rev.db

##########################################

$ORIGIN .

$TTL 3600	; 1 hour

78.456.123.in-addr.arpa	IN SOA	farthing.seckford.org. admin.seckford.org. (

				918        ; serial

				10800      ; refresh (3 hours)

				3600       ; retry (1 hour)

				604800     ; expire (1 week)

				300        ; minimum (5 minutes)

				)

			NS	farthing.seckford.org.

$ORIGIN 78.456.123.in-addr.arpa.

196			PTR	farthing.seckford.org.

199			PTR	florin.seckford.org.

$TTL 150	; 2 minutes 30 seconds

218			PTR	Nanode.seckford.org.

##########################################

----------

