DNS Slave Using Virtualmin

DNS Slave Auto-Configuration Quickstart

A quick guide to assist administrators who want to use Virtualmin’s automatic DNS slave configuration features. This allows for DNS server redundancy.

Introduction

Virtualmin can automatically manage any number of DNS slave servers for you. Once configured, it will create slave zones on other servers and configure them to automatically update when changes are made on your Virtualmin server. For this to work, you need Virtualmin on your primary server and Webmin (a free download) on your slave server(s). Henceforth, all references will refer to the primary server as the “Virtualmin server” and the DNS slave server as the “slave server”.

Getting Webmin for the Slave

If you don’t have Virtualmin installed on your slave server(s), you’ll need to install Webmin. Webmin is available for nearly every UNIX and Linux variant available, and is free to download and use. Continue reading “DNS Slave Using Virtualmin” »

Share

DNS Forwarder and Transfer using Bind and Webmin

To point your BIND based DNS server to use OpenDNS resolvers for external resolution you need to modify the named.conf.options and add the OpenDNS resolvers as forwarders. This can be done in two ways:

via the command line, Shell\SSH
via a GUI if you have Webmin installed on your BIND server

Shell\SSH Instructions

Attach directly to your server or ssh to it. From there, go into /etc/bind/.  This is the default location so you may need to change this based on your configuration.

From there you will need to edit named.conf.options with your favorite text editor. Continue reading “DNS Forwarder and Transfer using Bind and Webmin” »

Share

Bind DNS Auto Slave Using Webmin

The latest webmin has bug! In this tutorials I’m using webmin verison 1.801- that actually works. Don’t know if webmin team really knows are aware of the bug 🙁

So, let’s start. But before that, it’s assumed that you have webmin installed in both the servers.

Configuring Webmin Server Continue reading “Bind DNS Auto Slave Using Webmin” »

Share

BIND ACL to restrict zone trasfer with IP address

You need to define ACL in /etc/named.conf or /etc/bind/named.conf.local file. Let us say IP 1.2.3.4 and 1.2.3.5 are allowed to transfer your zones.

# vi named.conf or vi /etc/bind/named.conf.local

Here is sample entry for domain domain.org.bd (ns1 configuration):

acl trusted-servers {
1.2.3.4; //ns1
1.2.3.5; //ns2
};

zone "domain.org.bd" {
 type master;
 file "/var/lib/bind/domain.org.bd.hosts";
 also-notify {
1.2.3.5; 
 };
 notify yes;
 allow-transfer { trusted-servers; };
 };

Continue reading “BIND ACL to restrict zone trasfer with IP address” »

Share

Publishing long domain key SPF TXT records in bind9

If your bind is throwing error with long TXT data, you can do the following means to concatenate: You are using commas to separate your key/value pairs in your record instead of semi-colons. Change it to:

a9d04665528b593d263a6e5256648c99._domainkey IN 1800 TXT (
 "k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2/ZfhxSI/A"
 "bqgh0amM8ylrlosirWeKShUhq7fg12aYmRwOqq9hIzO0Fcz1BzfgHVu6HU++rC5"
 "QoUK0JQK/nk4jwkDgvG2di2ZYmAvEbY/VeiK1x/TG0p1Iczr2k6Bj0gEAb/YGD2"
 "YbwrwAi4bDXwoPsYuuNn9TB3jjyWKu/dvOsqhff1/4Wc+FkOi0ClvgrXiklN28X"
 "TLjyjSyU794ntIoegXxrfwcwkhfPMvuqcnhfIC0Z8L71M4WR4SoHyNHVfBtNlUv"
 "VNROiXlMxtxnNQvfViSwz6LC8bYIxeAba3hSXPTChKu3qZtfR0o3jFwEWAfLQdg"
 "Ixler0jMEoAyJmfQIDAQAB")

 

Share

List all DNS records from a Nameserver using nslookup

Method-1)
How to list all records below some domain name.

Usually it’s done from interactive nslookup mode, not from batch mode

nslookup - your_dns_server
>set q=any
>ls -d domain.name

listing may be prohibited by administrator or by firewall settings, in that case you get empty output or ‘not implemented’ errors.

Method-2)
How to get all records of the domain name itself. In that case you need to run on Windows:

nslookup -"set q=all" yourdomain.com

onUnix:

nslookup -q=any yourdomain.com
Share

Fixing Bind for Webmin

First get rid of bind-chroot (if it is installed!)

yum -y remove bind-chroot

edit /etc/sysconfig/named and remove/comment out any lines that look like ROOTDIR="/var/named/chroot"

Fix the owner of /etc/named.conf with

chown named:named /etc/named.conf

In Webmin go to Servers > Bind DNS Server > Module Config and check the following configs Continue reading “Fixing Bind for Webmin” »

Share