|
|
by Wendy Cheng
Commercial Systems Division
DNS BIND, which stands for Berkeley Internet Name BIND/iX Domain, is an
implementation of the Domain Name System (DNS) and is the most commonly used
of the Domain Name System (DNS). Now, the complete implementation of DNS
BIND/iX runs on MPE/iX shell operation system on MPE/iX release 6.0. Initially,
DNS BIND/iX was written for UNIX. Now, the latest version of DNS BIND/iX 8.1.1
runs on MPE/iX systems.
Overview of DNS BIND/iX
DNS BIND/iX is a domain name system which consists of a client-server
mechanism. The name-servers comprise the server half of the DNS's
client-server mechanism. The name-server is the NM program NAMED
which maintains information about some part of the DNS called a zone and has
capabilities to retrieve information regarding other zones. The clients are
resolver routines provided as NMRL libraries. The resolvers are clients that
query the name servers, interpret the responses and send the answers to the
requester.
DNS BIND/iX makes your domain names visible to the internet as well as
handling client requests to resolve domain names within your domain and
external domains. Prior to DNS BIND/iX, the HP 3000 users had to rely on other
machines or other operating system to host their organization DNS information.
Now, you can host it on HP 3000 systems.
The latest version of DNS BIND/iX 8.1.1 is available for MPE/iX release 6.0
with the following features:
- DSN Dynamic Updates
- DNS Change Notification
- Completely new configuration syntax
- More efficient zone transfers
The BIND/iX contains the following major utilities and administration tools:
- nslookup
- The nslookup utility can be used by users to query the name servers
interactively
- DIG
Domain Information Groper.
- named-xfer
- The named-xfer utility is used to transfer the zone information and
called by name-server internally.
- dnsquery
- The dnsquery tool can be used to provide you all the DNS detail
information.
Overview of Syslog/iX
Syslog is the standard event logging system for Syslog/iX UNIX. Now the
Syslog/iX can run on the MPE/iX shell operating system on MPE/iX release 6.0.
With the features of Syslog/iX available on MPE/iX systems, the event messages
can be logged to files, terminal devices, or even forward to other syslog
systems. Syslog/iX can accept data from the local system via an AF_UNIX socket
or from any system on the network via an AF_INET UDP socket on port 514. DNS
BIND/iX uses Syslog/iX as the event logging subsystem.
Types of Names Servers
DNS BIND/iX provides two types of name-servers: primary masters and secondary
masters. A primary master name server gets the data for the zones it is
authorized for from files on the host it runs on. A secondary master name
server gets its zone data from another name server authorized for the zone.
When a secondary name-server starts up, it contacts the name-server it updates
from and, if necessary, pulls the zone data over. This is referred to as a
zone transfer. With DNS BIND/iX available on MPE/iX systems, you can create
the data for your zone and set up a primary master name-server, then you can
set up secondary master name-servers that load their data from primary servers.
Once they are set up, the secondary servers will periodically query the
primary servers to keep the zone data up to date.
Major Files Used for DNS BIND/iX
The following lists the major files required for DNS BIND/iX:
- NAMED.CONF
- The NAMED.CONF file is a configuration file of the DNS BIND/iX,
which contains runtime configuration for the name-server called NAMED.
This file resides in /BIND/PUB/etc directory.
- Data Files
- The files from which primary name-servers load their zone data are
called data files or zone files. They are also referred to as db files
or database files. The data files contain resource records that describe
the zone. The resource records describe all the hosts in the zone.
There are two types of the data files. The files mapping addresses to
hostnames are called db.ADDR or zone.ADDR, where
ADDR is the network address. The files mapping hostnames to addresses
called db.DOMAIN or zone.DOMAIN.
- Loopback Address Files
- A name-server needs one additional db.ADDR or
zone.ADDR file to cover the loopback network. The loopback
address is a special address that hosts use to direct traffic to
themselves. This network is always 127.0.0. and the host number is
always 127.0.0.1. Therefore, the name of this file is zone.127.0.0.
- Root Cache Data File
- Besides your local data files for your zone information, the name
servers also needs to know where the name servers for the root domain
are. This file is needed to initialize cache of Internet Domain Name
Servers. This file is also called hint file.
Configure Masters
The DNS BIND/iX allows users to configure both master zone or slave zone in
your configuration file. Here are the sample configuration units for a master
zone or slave zone shown below:
Sample Configuration for a Master Zone
zone "43.10.15.IN-Addr.ARPA {
type master
file "db.15.10.43"
}
The file db.15.10.43 will have entries like:
IN SOA bindserver.india.hp.com
104 ; Serial
36000 ; Refresh every 10 hours
3600 ; Retry every hour
360000 ; Expire after 100 hours
36000 ; Minimum ttl is 10 hours
IN SOA bindserver.india.hp.com
1 IN PTR m1.india.hp.com.
2 IN PTR m2.india.hp.com.
3 IN PTR m3.india.hp.com.
There are several key parameters defined in the zone file record:
- Serial
- The "serial" field is one of the important field defined in the zone
file. Every time you make a change to a database file, you must
increment its serial number. Only by doing this will secondary servers
know they need to reach into your system and pull out new name server
data, a procedure is known as a "zone transfer."
- Refresh
- The refresh field specifies the time interval that must elapse between
each poll of the primary by the secondary name server (here 36,000
seconds or 10 hours). If the "serial number" has been updated on the
primary server, the secondary name-server assumes its data is stale and
requests updated information as a "zone transfer."
- Retry
- If the secondary fails to reach the primary name-server after the
refresh period, it starts trying to connect every retry seconds, here
3600 seconds or 1 hour.
- Retry Expire
- If the secondary fails to contact the primary name-server for expire
seconds, the secondary expires its data. Expiring the data means the
secondary stops giving out answers about the data because the data are
too old to be useful.
- Minimum
- The minimum time-to-live value, which specifies how long other servers
should cache data from the name-server, here 36,000 seconds or 10
hours.
Sample Configuration Unit for a Slave Zone
zone "41.10.15.IN-ADDR.ARPA" {
type slave;
file "db.15.10.41";
masters {
15.70.188.45;
};
}
The IP address of the server that is primary for that domain is specified in
the masters { } section of the configuration unit. There could be more than
one master for a given zone.
When the name-server comes up, looking at this configuration, it makes a
connection with the name-server running on 15.70.188.45 and does a zone
transfer, if it is required. It makes a local copy of this file too.
Configuration Migration
The configuration file in BIND/iX 8.1.1 version is called "named.conf"
which has a completely new syntax. The configuration file in BIND 4.x version
was called "named.boot."
The migration utility "named-bootconf.pl" is available with DNS
BIND/iX and can be used to convert 4.x of named.boot file to 8.1.1 version of
named.conf file. The utility "named-bootconf.pl" resides in
/BIND/PUB/bin directory.
How to Run Syslog/iX
The following describes the important steps to start Syslog/iX:
- Log on to the system as MGR.SYSLOG.
- Create, examine and adjust the Syslog configuration file
syslog.conf. The syslog.conf file resides in /SYSLOG/PUB
directory.
- You stream the following job to start Syslog/iX:
STREAM JSYSLOGD.PUB.SYSLOG
- You can stop Syslog/iX by issuing the command :ABORTJOB
How to Run DNS BIND/iX
The following describes the major steps to start DNS BIND/iX:
- Log on to system as MGR.BIND.
- Create, examine and customize the configuration file named.conf
for your own system environment. The named.conf file resides in
/BIND/PUB/etc directory.
- You need to stream the following job to start DNS BIND/iX:
STREAM JNAMED.PUB.BIND
- Add your server's IP address as the first name-server entry in
/etc/resolv.conf for all MPE and HPUX hosts that you wish to use this
server for resolution queries. On MPE hosts, make sure that there is a
symbolic link to make RESLVCNF.NET.SYS link to
/etc/resolv.cnf.
- You can stop DNS BIND/iX by issuing the command :ABORTJOB.
Sample Configuration File for SysDiag/iX
When you want to use Syslog/iX, you should examine File for SysDiag/iX and
adjust the syslog configuration file syslog.conf.
The syslog.conf file resides in /SYSLOG/PUB directory.
The following is the sample configuration file for Syslog/iX that you can find
in the system:
##
## :TELL @.@
## *.emerg
##
## Write to the :console
##
*.alert
##
## :TELL @.SYSLOG
##
*.crit @.SYSLOG
##
## :TELL MANAGER.SYS
## *.err MANAGER.SYS
##
## Forward to syslogd on another host via UDP
##
*.warning @some.host.running.syslogd
##
*.info
##
## Write to a file
##
*.debug /tmp/syslog.log
The error messages coming from a program are classified into critical
informative and alert types of messages. The syslog configuration file tells
the syslog daemon how to post these messages. They could be sent to the
console or to a log file, or to another machine.
Test Your Name Server
The nslookup utility can be used interactively, using nslookup much like other
programs, such as ftp. That is, if you invoke this program without
command-line arguments, it displays a prompt and waits for your command:
> server mpe3000
Default Name Server: mpe3000.cup.hp.com Address: 15.13.199.80
By default, nslookup performs queries based on host names you submit; just
enter a host name after the prompt:
> romeo
Server: mpe3000.cup.hp.com
Address: 15.13.199.80
Name: romeo.cup.hp.com
Address: 15.13.194.242
> 15.12.194.242
Server: mpe3000.cup.hp.com
Address: 15.13.199.80
Name: romeo.cup.hp.com
Address: 15.12.194.242
You can check the resource records information about name server:
> set type=ns
> mpeworld
Name Server: mpeworld.cup.hp.com
Address: 15.13.199.80
origin = dns.cup.hp.com
mail addr = dns-admin.dns.cup.hp.com
serial = 96092255
refresh = 10800 (3 hours)
retry = 3600 (1 hour) expire = 604800 (7 days)
minimum ttl = 86400 (1 day)
Debugging Levels for Troubleshooting
Debugging levels 1 through 14 can be specified when Troubleshooting the DNS
BIND/iX server is started. The level of detail can be controlled in the
JNAMED.PUB.BIND file. The higher the debugging value, the more detail
will be logged aboutthe activities of the server.
The following describes how you can set up the debugging level in the
JNAMED.PUB.BIND:
JNAMED.PUB.BIND:
!job jnamed,mgr.bind;outclass=,2
!run named;info="-f /BIND/PUB/etc/named.conf"
!eoj
The parameter "-d <level>" can be specified in the info string of the
run command.
Example
!run named;info=" -d 4 -f /BIND/PUB/etc/named.conf"
It will set the debugging level 4.
The logging and trace messages can be seen in the spool files.
Example
:showjob
JOBNUM STATE IPRI JIN JLIST JOB NAME
#J2 EXEC 10S LP FTPMON,FTP.SYS
#j3 EXEC 10S LP JINETD,MANAGER.SYS
#17 EXEC 10S LP JNAMED,MGR.BIND
#S44 EXEC 20 20 MGR.BIND
:showout job=#j17
:print Oxxx.out.hpspool
Documentation
Documentation for the DNS BIND/iX and Syslog/iX is available in the
Configuring and Managing MPE/iX Internet Services that is shipped with
the MPE/iX FOS.
More DNS BIND/iX Resources
Additional information is available in this book and on these websites:
- DNS & BIND is a book which was written by Paul Albitz and
Cricket Lui and published by O'Reilly & Associates, Inc.
- http://www.isc.org
- http://www.academ.com/nanog/oct1997/bind8/index.html
|