Mike Petersen

Network Admin, Technical Writer, Programmer, GNU/Linux Fan, etc.

• Home Page
• Documents
  • Deploying Suse Linux Enterprise Server
  • Samba Server Information & Guides
  • GNU/Linux Guides
  • Networking Related Guides
  • Misc Articles I wrote
• Downloads
  • Custom Built GNU/Linux Packages
  • NIMA Virtual Machine
  • Windows SPE Templates for Samba
  • Various Network Utilities I created
  • Misc Code
• Misc / FAQS
  • Contact Information
  • GNU/Linux FAQs
  • Network Admin FAQs
  • My Resume

Deploying Suse Linux Enterprise Server

Purchase "Deploying Suse Linux Enterprise Server" at Lulu.com

Configuring DNS and DHCP

• DNS Server
• Stepping Through the Wizard
• Configuring the DNS Server
• Adding Records to Zones
• Configuring a Secondary DNS Server
• DHCP Server
• Stepping Through the Wizard
• Manually Assigning DHCP Addresses
• Advanced DHCP Settings
• Dynamic DNS
• Creating a TSIG Key and Zone Setup
• Enabling DHCP for Dynamic DNS
• DNS & DHCP Reference
• DNS Parameters
• DHCP Parameters

Adding Records to DNS Zones

Up until now you have configured the DNS Server to simply be a "Caching" DNS Server, which will answer your queries if it has the answer in it's "cache" or query it's forwarders to get the answer for you. Now we will create DNS Zones on your server to allow the DNS Server to provide answers regarding your local network.

You do not need to have a registered domain name, or even provide these zones outside of your network on the Internet. In these examples, I will use the "private.lan" Domain Name for the local network (which can not be provided over the Internet). Providing a private "zone" will allow you to maintain a database of local computer names to IP addresses for your network so you can use computer names instead of IP addresses for all of you network services, such as Printing, NFS, web, etc. If you do have a Registered Domain Name, feel free to use that instead, you can even provide DNS Queries over the internet (if you want and are configured to do so).

Editing DNS Zones and Basic Options for the Zone

The first step in creating a DNS Zone is to go to the "DNS Zones" Tab within the Yast DNS Server module and enter a name for a master zone, then click on "Add". Once the zone is added to the Configured DNS Zones list, highlight it and click on Edit, this will open the Zone Editor, which provides a few tabs so you can add records to the zone.

Basics Tab

The Basics tab allows you to specify a few security features to your zone. These features allow you to control what clients or servers can either transfer your zone (through ACLs) or which servers can update your DNS records through Dynamic updates. Both of these features will be covered in a later section.

NS and MX Records Tabs

The next tabs allow you to specify the Name Server records and the Mail Server records for the zone. Normally you simply enter the computer name of your server here and when you click on add, the module will automatically add the correct zone information for you. Note that you must enter an "A record" here and not a "CNAME record" (covered later) to be in compliance with the DNS standards.

Defining the Name Server and the Mail Records for the Zone

The MX Records tab has an additional entry called Priority. This allows you to specify which mail server is the preferred mail server for your zone when you have multiple mail servers listed. The lower the priority number the more preferred the mail server will be.

The Start of Authority (SOA) Tab

This tab allows you to define certain parameters that affect the zone, such as:

Serial - Used to tell the software that the configuration has changed. This number will be autogenerated by Yast when it writes the configuration.

TTL - Specifies the default Time to Live for records within the Zone.

Refresh - Sets how often the Zone should be synchronized from the Master Server to the Slave Server(s).

Retry - Sets the amount of time the Slave Server(s) try to sync to the Master Server if the sync fails.

Expiration - Amount of time the zone will expire on a Slave Server, the server will stop responding to replies until it once again synchronizes.

Minimum - Amount of time the Slave Server(s) should cache negative answers to responses (name resolution failures).

Adjusting the Zones SOA and Adding Records to the Zone

The Records Tab

The records tab is where you enter all the relevant information about your network, the computer names to IP Addresses as well as computer aliases. The two main types of records you will work with here are "A" (Address) records and "CNAME" (Canonical Names).

Address Records are simply entered with the computer name being the "Record Key" and the "Value" being it's IP Address. CNAME Records are entered as the "Record Key" being the Alias name you want to use and the "Value" being the computer name for the alias. Note that you must enter a "A" record for any computer name you will create an Alias for.

Some CNAME records you may want to create are for "mail" as well as "ns1", "ns2", etc. for every Name Server you have on your network. This allows for standard computer names to be used in lieu of the correct hostname of the server which provides the standard service.

Creating Reverse Zones

Now you should have a DNS Server that will return an IP Address when you query it with the Domain Name. The next step is to enter a zone so your DNS Server will return a FQDN when you query the server with an IP Address. To do this you must create a Reverse Zone on your DNS Server.

To create the reverse zone, you must first figure out the correct name for it. The standard name for a reverse zone would be XXX.in-addr.arpa, where XXX is the transposed network address - for instance a network containing 192.168.1.X addresses would be 1.168.192.in-addr.arpa, while a network containing 172.16.X.X addresses would be 16.172.in-addr.arpa. Once you have the name, you would create the DNS Zone as you would a standard zone and Yast will automatically treat it as a reverse zone.

Entering the Reverse DNS Server and Adding Records to the Reverse Zone

Once you create the zone and click on "Edit", you will be able to enter the records pertaining to your network. Their are only 2 types of records that you need to enter, the first is the list of name servers (as reverse records), as well as "Pointer Records" which are entered in the "Records" Tab.

To enter Pointer Records, the "Record Key" will be the part of the IP Address not included in the zone name, and the "Value" will be the full domain name of the computer followed by a period (.). For instance the record for a computer at the IP Address 192.168.1.1 would have a "Record Key" of "1" and a Value of "computername.private.lan." - or whatever the name of the domain is that you will use. Note that for every reverse record there should be only 1 answer. So if you have multiple domains on your network (usually used for virtual hosts for HTTP and Mail servers) only enter the primary DNS Zone for your network.

Testing Your DNS Zones

After you enter all of the DNS zones you will use into your DNS Server, you will want to check the Server to ensure that it is working properly. To do this, you could go to another computer and try to "ping" another computer on your network using it's domain name instead of IP Address, or you could utilize the DNS Utility "Dig" (available on most GNU/Linux Distributions).

Testing the DNS Zones using Dig

To do a basic DNS Test using dig simply type the following:

dig @dns_ipaddr computer.private.lan

to check for standard records and the following to check for reverse records:

dig @dns_ipaddr -x IPADDR

An alternative method to check your DNS Servers is to use the GNOME Network Tools which should also be available for any GNU/Linux Distribution.

Next

Purchase "Deploying Suse Linux Enterprise Server" at Lulu.com