Web Search


Site Search




J&R Computer/Music World



[*VIPRE Antivirus Premium*]


Deploying Suse Linux Enterprise Server

Purchase "Deploying Suse Linux Enterprise Server"
at Lulu.com

Configuring DNS and DHCP

Configuring the DNS Server

The DNS Server (Bind) is configured in two areas - first you configure the main "server" in how it will operate and communicate with DNS clients and other servers, then you add your "data" into zones so the DNS Server can provide appropriate information about your network.

This section will cover how to configure the main server so it will communicate properly with other clients and servers, as well as "fine tune" the server for your environment. Many of the options here you probably already configured through the DNS Wizard.


DNS Startup OptionsDNS Basic Options
DNS Startup Options and DNS Server Basic Options

Start-Up - This tab allows you to configure how the server is started and ensures that the appropriate firewall rules are in place to allow clients to communicate with the server. The options you need to be aware of is to ensure that at least the firewall port on the Network Interface connected to you local network is open. Also you want to ensure that if you want to use LDAP with the DNS Server that it is checked (needed for the Yast Mail Server Module).

Forwarders - This tab allows you to enter any "Forwarders" - other DNS servers your server will query if it does not have the "answer" within it's cache. Normally, you will enter your ISPs DNS servers here.

Basic Options - This tab allows you to fine-tune your server to ensure that it will communicate correctly with clients and allow you to customize how the DNS server runs depending upon your network. There are quite a few options available that you can specify. DNS Parameters Reference

Logging - By default the DNS Server will log all errors to the System Log, if you want to change this you will use this tab. Here you can specify a file to log errors to, as well as specify additional "triggers" to log, such as Zone Updates and Transfers as well as DNS Queries. This can be helpful in troubleshooting DNS problems.

ACLs - This tab allows you to specify Access Control Lists (ACLs) that you can utilize with different DNS Zones that you will create. Usually these are used when allowing zone transfers to another DNS Server or client. The values are surrounded by '{ }' and can contain IP addresses and/or IP subnets (i.e. 192.168.1.0/24 ).

TSIG Keys - This tab allows you to create or add TSIG keys you can use for your DNS zones. TSIG Keys are usually used to authenticate DHCP Servers to allow for Dynamic DNS updates. I will cover this in a later section.

Notes on the SLES DNS Server Implementation

SLES10, for security reasons, will run the DNS Server in a "chroot jail" that is located at /var/lib/named - this is done in case any security breaches to the DNS server will only result in the DNS Service to be attacked. You can adjust this behavior with the "/etc/sysconf Editor" Yast Module located in the "System" category. Here you can adjust the following DNS options:

NAMED_RUN_CHROOTED - Allows you to disable running the DNS Server within a chroot jail

NAMED_ARGS - Additional options you can add when starting the DNS Server.

NAMED_CONF_INCLUDE_FILES - Any additional files you may need have copied to the chroot jail when named is started.

NAMED_INITIALIZE_SCRIPTS - Any scripts that you want to be ran when the DNS Server is (re)Started can be listed here.

FYI - When you enable LDAP support, the Organizational Unit "ou=DNS" is created within your LDAP tree, and any DNS zone you will create will be listed under this OU as "zoneName=...". Under your zoneName, all of your zone records will be stored. Note that the standard /var/lib/named/master/zone files are also maintained and are used by the DNS Server.

Next

Purchase "Deploying Suse Linux Enterprise Server"
at Lulu.com