This document describes how I configured the named name server on my MkLinux machine.
If you don't have a name server installed yet, you must do so before you can use the information below. [Installation instructions]
My test network consists of these machines:
The MkLinux machine (boa) runs the name server. I configured name service on it two different ways:
Assuming the BIND name server software is installed, the steps you follow to set up name service are similar whether your network is isolated or part of the Internet:
As you read, you should probably have at hand a copy of the BIND Operations Guide (BOG), since that is the primary reference for name server configuration file content and syntax.
Choose a Domain Name and IP Addresses
If your network is isolated, you can use whatever domain name you like. For IP addresses, there are three address ranges officially designated for use by non-connected networks. It doesn't matter how many networks use these addresses, because they don't communicate with each other or with the Internet. This is discussed in Address Allocation for Private Internets (RFC 1918). (If you intend to connect to the Internet eventually, you may want to consider obtaining an official set of unique IP addresses and a registered domain name now. Otherwise, when you do connect, you'll need to renumber your network, and you may find that someone has already taken your domain name.)
The address ranges for private networks (as listed in RFC 1918) are:
| Class A | 10.0.0.0 | - | 10.255.255.255 | |
| Class B | 172.16.0.0 | - | 172.31.255.255 | |
| Class C | 192.168.0.0 | - | 192.168.255.255 |
For the example in this section, I've chosen the class C network number 192.168.0 and the domain name snake.net. I assign names and addresses to the machines in this network as shown below:
cobra.snake.net 192.168.0.1
rat.snake.net 192.168.0.2
boa.snake.net 192.168.0.3
pit-viper.snake.net 192.168.0.4
The fourth number in each address is arbitrary, except that each machine must be different, and you cannot use 0 or 255 for host addresses.
Select a Root Server Source
Information about the root servers is unavailable on an isolated network. To handle this, the name server will be configured to think it's authoritative for the root domain.
Initialize the Network
Initialize network information on boa by running setnet (located in root's home directory):
# ./setnet
Do you want to set up networking capability? [y/n, default=y] >>> y
Please enter a hostname (it must be unique on a network): boa
Please enter a domain name [none]: snake.net
Please enter a primary nameserver address [none]: 192.168.0.3
Please enter an Internet address (e.g.130.43.2.2): 192.168.0.3
Please enter an Internet Broadcast address: 192.168.0.255
Please enter a netmask [none]: 255.255.255.0
Please enter a gateway address [none]:
hostname is boa
IP address is [192.168.0.3]; broadcast address is [192.168.0.255]
netmask is [255.255.255.0]; gateway address is [none]
domain is [snake.net]; namserver address is [192.168.0.3]
OK to set up networking with these values? [y/n, default=y] >>> y
The network broadcast address and netmask values of 192.168.0.255 and 255.255.255.0 are appropriate for a class C network with addresses of the form 192.168.0.XXX. There is no gateway since the network is isolated and has no way to route traffic to external networks.
Configure the Resolver
The resolver configuration file /etc/resolv.conf shown below tells programs where to look for name service information (i.e., how to resolve name or address queries). Specifying the contents of the file as shown below tells programs that snake.net is the default domain, and that boa (192.168.0.3) is the machine to which name service queries should be sent:
domain snake.net
nameserver 192.168.0.3
The default domain is used to help resolve unqualified names (names that don't have a domain specified). For example, the unqualified name cobra would be treated as the fully-qualified name cobra.snake.net.
Theoretically you could specify the name server using the loopback address 127.0.0.1. The BOG (section 3.2) warns against this on the grounds that on many systems the networking code for the loopback interface is not robust. I have no idea whether or not this is true for MkLinux.
Set Up the Name Server Configuration Files
The files shown below set up named for name service on the snake.net network. Lines in these files that begin with a semicolon (";") are comments.
The Boot File (/etc/named.boot)
named reads /etc/named.boot when it starts up. This file tells named where to find other startup files and how their contents should be interpreted.
; directory in which other files are found
directory /var/local/domain
;type domain source file
;---- ------ -----------
primary . root.snake-net
primary 0.0.127.in-addr.arpa local.snake-net
primary snake.net hosts.snake-net
primary 0.168.192.in-addr.arpa hosts.snake-net.rev
As indicated by the directory line, the files referenced by named.boot reside in the /var/local/domain directory. You can use a different directory if you like, but it must match the location specified in the boot file.
The primary lines tell named which domains it's the primary server for (i.e., which domains it's authoritative for). The first primary line indicates that this machine is authoritative for the root domain. (It isn't really, of course; the purpose of this line is to keep named from trying to reach some other network to answer queries it can't handle.) The other primary lines are for the local loopback interface and for host and address information for the snake.net domain.
The files in the /var/local/domain directory are specified as shown below. Notice that each file begins with an SOA (start of authority) record indicating the origin, i.e., the domain to which the file applies. The domain specified on the named.boot file primary line is always used by named as the default origin for interpreting the domain file, so we can specify the origin in the file itself simply as @, which means "the current origin."
Also note that if a name in a domain file does not end with a period, it's treated implicitly as if it has the origin tacked onto the end. Thus, it's very important that whenever you specify a fully-qualified name, you terminate it with a period.
The fields following the SOA keyword are:
The serial number is written in the form YYYYMMDDNN, where YYYYMMDD is the date you last modified the file, and NN is a sequence number from 00 to 99 indicating that this is the NN'th time you have modified the file on the given date. For the other fields, you can just use the values shown below. Consult the BOG for more information on what the fields mean.
The Root Domain File (root.snake-net)
This file tells named where to look for name servers for the root domain (the "." domain).
@ IN SOA boa.snake.net. postmaster.snake.net. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS boa.snake.net.
On boa, we specify that boa itself is the authoritative name server for the domain (the NS record). That way, if boa receives a query for a machine it doesn't know about, it returns failure right away rather than wasting time trying to contact a name server on an external network somewhere.
The Loopback Domain File (local.snake-net)
Every machine has a loopback interface, which by convention has the address 127.0.0.1. In order to resolve queries for this address back to a name in the local domain (localhost.snake.net), we provide a file for the 0.0.127.in-addr.arpa domain.
@ IN SOA boa.snake.net. postmaster.snake.net. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS boa.snake.net.
1 IN PTR localhost.
As before, the NS record specifies that boa is authoritative for this domain.
The PTR (pointer) record specifies that host 1 in the domain (i.e., the address 127.0.0.1) maps to localhost.snake.net.
The snake.net Domain File (hosts.snake-net)
This file specifies the names and addresses for machines in the snake.net domain.
@ IN SOA boa.snake.net. postmaster.snake.net. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS boa.snake.net.
; loopback address
localhost IN A 127.0.0.1
; host addresses
cobra IN A 192.168.0.1
IN HINFO "Macintosh LC 475" "System 7.5.5"
rat IN A 192.168.0.2
IN HINFO "PowerBook 5300c" "System 7.5.5"
boa IN A 192.168.0.3
IN HINFO "Power Macintosh 7100/66/CD" "MkLinux DR2"
pit-viper IN A 192.168.0.4
IN HINFO "Dell Optiplex 180 Pentium Pro" "FreeBSD 2.1.5"
; aliases for service-based names
www CNAME boa.snake.net.
ftp CNAME boa.snake.net.
mail CNAME boa.snake.net.
The NS record specifies that boa is authoritative for this domain.
The A (address) records specify the addresses of the hosts within the domain. The HINFO records (optional) provide host information, specifically, what kind of hardware and OS the machines are running. Note that values containing spaces must be quoted.
In addition, the file specifies aliases for service-based names like www.snake.net. These point to boa using CNAME (canonical name) records.
The "Reverse" snake.net Domain File (hosts.snake-net.rev)
This file tells named how to resolve queries for addresses in the 0.168.192.in-addr.arpa domain, i.e., how to find the names to which those addresses correspond.
@ IN SOA boa.snake.net. postmaster.snake.net. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS boa.snake.net.
1 IN PTR cobra.snake.net.
2 IN PTR rat.snake.net.
3 IN PTR boa.snake.net.
4 IN PTR pit-viper.snake.net.
The NS record specifies that boa is authoritative for this domain.
The PTR records specify what name corresponds to each address.
This section assumes you've read the previous section, Configuring an Isolated Network. Some of the terminology used below is explained there.
Choose a Domain Name and IP Addresses
If your network is going to communicate with the rest of the Internet, it must comprise or be part of an official domain and must have its own unique set of IP addresses. If you're not setting up as part of an existing domain, you need to register a domain name. Check http://rs.internic.net/ for information about the InterNIC's registration services. Unique IP addresses are designated for your network by the Internet authorities, and assigned to you by your network administrator.
In the example below, I show how to set up my network as part of the primate.wisc.edu domain. The addresses in the examples below are "live"; DO NOT use them for your own network. (The exception is the special loopback address (127.0.0.1), which is used on every machine.)
Our campus uses the class B network number 144.92, which is subnetted into smaller networks. The primate.wisc.edu network is on subnet 43, so our network number is 144.92.43. The names and addresses of the machines in my test network are shown in the table below.
sphinx.primate.wisc.edu 144.92.43.35
bieti.primate.wisc.edu 144.92.43.36
grey.primate.wisc.edu 144.92.43.94
black.primate.wisc.edu 144.92.43.175
Note that although the machines in this section as the same as those in the previous section, they have different host names to fit the "theme" of the domain name. The names cobra, rat, boa, and pit-viper correspond to sphinx, bieti, grey, and black.
Select a Root Server Source
For a network that's connected to the Internet, certain hosts are designated as authoritative for the root domain. You tell your name server what those hosts are with a line in the named boot file that names another file containing a list of root servers.
Initialize the Network
Initialize network information on grey by running setnet (located in root's home directory):
# ./setnet
Do you want to set up networking capability? [y/n, default=y] >>> y
Please enter a hostname (it must be unique on a network): grey
Please enter a domain name [none]: primate.wisc.edu
Please enter a primary nameserver address [none]: 144.92.43.94
Please enter an Internet address (e.g.130.43.2.2): 144.92.43.94
Please enter an Internet Broadcast address: 144.92.43.255
Please enter a netmask [none]: 255.255.255.0
Please enter a gateway address [none]: 144.92.43.1
hostname is grey
IP address is [144.92.43.94]; broadcast address is [144.92.43.255]
netmask is [255.255.255.0]; gateway address is [144.92.43.1]
domain is [primate.wisc.edu]; namserver address is [144.92.43.94]
OK to set up networking with these values? [y/n, default=y] >>> y
Since the network is part of a class B 144.92 campus network, you might expect that the broadcast address and netmask would be 144.92.255.255 and 255.255.0.0. That's not the case here because the campus partitions its class B address space into subnets and the primate.wisc.edu subnet is 144.92.43. Thus, the broadcast address and netmask are 144.92.43.255 and 255.255.255.0.
Configure the Resolver
The resolver configuration file /etc/resolv.conf shown below tells programs where to look for name service information (i.e., how to resolve name or address queries). Specifying the contents of the file as shown below tells programs that primate.wisc.edu is the default domain, and that grey (144.92.43.94) is the machine to which name service queries should be sent:
domain primate.wisc.edu
nameserver 144.92.43.94
The default domain is used to help resolve unqualified names (names that don't have a domain specified). For example, the unqualified name sphinx would be treated as the fully-qualified name sphinx.primate.wisc.edu.
Set Up the Name Server Configuration Files
The files shown below set up the name server for name service on the primate.wisc.edu network.
The Boot File (/etc/named.boot)
; directory in which other files are found
directory /var/local/domain
;type domain source file
;---- ------ -----------
cache . root.cache
primary 0.0.127.in-addr.arpa local.primate
primary primate.wisc.edu hosts.primate
primary 43.92.144.in-addr.arpa hosts.primate.rev
In most respects, this named.boot is similar to the one used to set up the snake.net isolated network. The principal difference is that we prime the name server with a cache file root.cache that lists root servers instead of telling the server that it should serve the root domain itself.
The Root Server Cache File
A copy of this file comes with the BIND distribution (conf/master/root.cache). However, this information changes from time to time, so it's a good idea to fetch a current copy periodically. The file is available online at ftp://rs.internic.net/domain/named.root.
The Loopback Domain File (local.primate)
Every machine has a loopback interface, which by convention has the address 127.0.0.1. In order to resolve queries for this address back to a name in the local domain (localhost.primate.wisc.edu), we provide a file for the 0.0.127.in-addr.arpa domain.
@ IN SOA grey.primate.wisc.edu. postmaster.primate.wisc.edu. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS grey.primate.wisc.edu.
1 IN PTR localhost.
The NS record specifies that grey is authoritative for this domain.
The PTR record specifies that host 1 in the domain (i.e., the address 127.0.0.1) maps to localhost.primate.wisc.edu.
The primate.wisc.edu Domain File (hosts.primate)
This file specifies the names and addresses for machines in the primate.wisc.edu domain.
@ IN SOA grey.primate.wisc.edu. postmaster.primate.wisc.edu. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS grey.primate.wisc.edu.
; loopback address
localhost IN A 127.0.0.1
; host addresses
sphinx IN A 144.92.43.35
IN HINFO "Macintosh LC 475" "System 7.5.5"
bieti IN A 144.92.43.36
IN HINFO "PowerBook 5300c" "System 7.5.5"
grey IN A 144.92.43.94
IN HINFO "Power Macintosh 7100/66/CD" "MkLinux DR2"
black IN A 144.92.43.175
IN HINFO "Dell Optiplex 180 Pentium Pro" "FreeBSD 2.1.5"
; aliases for service-based names
www CNAME grey.primate.wisc.edu.
ftp CNAME grey.primate.wisc.edu.
mail CNAME grey.primate.wisc.edu.
The NS record specifies that grey is authoritative for this domain.
The A records specify the addresses of the hosts within the domain. The HINFO records (optional) provide host information, specifically, what kind of hardware and OS the machines are running. Note that values containing spaces must be quoted.
In addition, the file specifies aliases for service-based names like www.primate.wisc.edu. These point to grey using CNAME records.
The "Reverse" primate.wisc.edu Domain File (hosts.primate.rev)
This file tells named how to resolve queries for addresses in the 43.92.144.in-addr.arpa domain, i.e., how to find the names to which those addresses correspond.
@ IN SOA grey.primate.wisc.edu. postmaster.primate.wisc.edu. (
1996072200 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum
)
IN NS grey.primate.wisc.edu.
35 IN PTR sphinx.primate.wisc.edu.
36 IN PTR bieti.primate.wisc.edu.
94 IN PTR grey.primate.wisc.edu.
175 IN PTR black.primate.wisc.edu.
The NS record specifies that grey is authoritative for this domain.
The PTR records specify what name corresponds to each address.
It's possible to make sure named starts up and shuts down when your system boots and halts. [Instructions] But for now while you're testing, you can start the name server manually (as root) like this:
# /usr/sbin/named
Check for any messages in /var/log/messages that indicate problems with the configuration files. If there are any, fix them. (The messages usually indicate a filename and line number so that you can locate the problem more easily.)
Each time you modify a configuration file, increment its serial number, then tell named to reload its files. You can do this by killing and restarting named, or by sending it a HUP signal (you must do this as root). For instance, you can find out the process ID of named, then send it a signal like this:
# ps -ax | grep named
2478 ? S 0:15 named
# kill -HUP 2478
When named reads its configuration files without complaint, try some lookups using the host program. (You can also issue lookup queries using the nslookup program; I find host easier to use.) The examples below assume that named has been set up for the snake.net domain rather than the primate.wisc.edu domain.
Verify that the name server knows itself as the correct name server for your domain:
# host -t ns snake.net
snake.net NS boa.snake.net
Issue a query for the loopback address. This query should return the address 127.0.0.1:
# host localhost
localhost.snake.net has address 127.0.0.1
Then try a reverse lookup. This query should return the name localhost:
# host 127.0.0.1
Name: localhost
Address: 127.0.0.1
Aliases:
Try some queries for the "real" host names on your network. Both of the following queries should return the same result. For the first, the default domain (as specified in /etc/resolv.conf) is used to complete the name:
# host cobra
cobra.snake.net has address 192.168.0.1
# host cobra.snake.net
cobra.snake.net has address 192.168.0.1
Address lookups should work as well:
# host 192.168.0.1
Name: cobra.snake.net
Address: 192.168.0.1
Aliases:
If you specified CNAME records to provide aliases for some names, check that they work:
# host www.snake.net
www.snake.net is a nickname for boa.snake.net
boa.snake.net has address 192.168.0.3
If you are running the MkLinux 2.0 server, you can try a domain transfer (this will not work under the 1.2.x servers):
# host -l snake.net
snake.net NS boa.snake.net
rat.snake.net has address 192.168.0.2
cobra.snake.net has address 192.168.0.1
pit-viper.snake.net has address 192.168.0.4
localhost.snake.net has address 127.0.0.1
boa.snake.net has address 192.168.0.3
Now it's time to configure client machines so they can use the name server host for name service queries. On my test network, the clients are the LC 475 and the PowerBook 5300. Both of these run MacOS, but the network parameters you enter on a client will be similar for other operating systems.
The examples below configure the LC 475, running either MacTCP or Open Transport.
When the LC is on the snake.net isolated network, its name is cobra.snake.net and it's configured as shown below.
Running MacTCP: Select the Ethernet (not EtherTalk) icon in the first MacTCP window. In the second window:
12625920 represents network 192.168.0; the value is calculated as (((192*256)+168)*256)+0
Running Open Transport: Open the AppleTalk control panel and select an ethernet connection type. Open the TCP/IP control panel and select an ethernet connection type. The Setup parameters are:
When the LC is part of the primate.wisc.edu network on the Internet, its name is sphinx.primate.wisc.edu and it's configured as shown below.
Running MacTCP: Select the Ethernet (not EtherTalk) icon in the first MacTCP window. In the second window (click "More..."):
12625920 represents network 144.92; the value is calculated as (144*256)+92
Running Open Transport: Open the AppleTalk control panel and select an ethernet connection type. Open the TCP/IP control panel and select an ethernet connection type. The Setup parameters are:
11/17/96
10/30/96
9/30/96