Deploying Suse Linux Enterprise Server
 |
Purchase "Deploying Suse Linux Enterprise Server" at Lulu.com |
Configuring DNS and DHCP
Configuring a Secondary DNS Server
For larger networks, and for redundancy it is beneficial to configure another server to act as a secondary DNS Server. Using SLES, this is very easy to accomplish using the Yast DNS Server module.
Creating an ACL and Using the ACL for DNS Zone Transport
Configuring the Main DNS Server
The first steps in configuring a Secondary DNS Server is to make a few adjustments to the Primary DNS Server, these steps are:
- Create an ACL for zone transport: This allows you to securely ensure that only your secondary DNS Server can transfer the DNS Zone. To do this launch the Yast DNS Module your Primary DNS Server and go to the "ACLs" section. To add an ACL to use, simply name it something informative, such as sec_dns and enter either the IP Address of the server you will use for the Secondary DNS server, or enter the IP Address of your network (i.e. "{ 192.168.1.0/24; }").
- Enable the ACL you created within the DNS Zone(s): Edit the DNS Zones you are going to transport and check "Enable Zone Transport" and select the ACLs you will use.
- Create the "A"ddress name and "CNAME" records for the Secondary DNS Server: it is common practice to create a CNAME record for your Secondary Name Servers using "ns2". Also ensure you enter a PTR record in your reverse zone.
- Add the Secondary DNS Server to the NS Records.
Entering the Record for the Secondary Server and Adding the "NS" Record for that server
Configuring the Secondary Name Server
Once you configure the Primary Name Server to allow zone transfers and add the records for the Secondary Name Server, you will want to launch the DNS Server Yast Module on the Sec. Name Server.
Adding and Adjusting a "Slave" DNS Zone Using the DNS Wizard on the Secondary Server
Upon first launching the DNS Server, you will be presented with the DNS Wizard. The configuration will be similar to the main DNS Server, the only difference is when you create the DNS Zone, ensure that you specify that they are slave zones. When you hit the "Add" button you will be presented with a dialog asking you the IP Address of the Primary DNS Server, simply enter it and you are done. Note that you can also setup zone transport on this screen, which may allow you an added layer of security if you need to allow other servers to transfer the DNS zones (as opposed to allowing them to transfer the Zones directly from your Primary DNS Server).
Test your Secondary Name Servers
Follow the procedures in the previous section to test your secondary name servers - (i.e. dig @sec_ns_ipaddr servername@private.lan ).
Testing the Secondary DNS Server and Ensuring the Reverse Zone Also Works Properly
|
Purchase "Deploying Suse Linux Enterprise Server" at Lulu.com |
