(note related to nameserver)
chkconfig iptables off
chkconfig ip6tables off
service iptables stop
service ip6tables stop
vi /etc/selinux/config
change SELinux=enforcing to SELinux=disabled
:~# chattr +i /etc/resolv.conf (to make permanent entry on resolv.conf entry)
########################################################################
[root@smrprodb1 named]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver srv-scan.example.com
domain example.com
########################################################################
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
[root@smrprodb1 named]#
########################################################################
[root@smrprodb1 named]# cat /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
# listen-on port 53 { 127.0.0.1; 20.198.242.116; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 20.198.242.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "example.com" IN {
type master;
file "forward.zone";
};
zone "56.168.192.in-addr.arpa" IN {
type master;
file "reverse.zone";
};
[root@smrprodb1 named]#
###############################################################
[root@smrprodb1 named]# cat forward.zone
; /var/named/chroot/var/named/forward.zone
$TTL 86400
@ IN SOA srv-scan.example.com. root.srv-scan.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS srv-scan.example.com.
srv-scan A 192.168.56.91
srv-scan A 192.168.56.92
srv-scan A 192.168.56.93
[root@smrprodb1 named]#
###############################################################
[root@smrprodb1 named]# cat reverse.zone
; /var/named/chroot/var/named/reverse.zone
$TTL 86400
@ IN SOA srv-scan.example.com. root.srv-scan.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS srv-scan.example.com.
91 PTR srv-scan.example.com.
92 PTR srv-scan.example.com.
93 PTR srv-scan.example.com.
##############################################################
[root@smrprodb1 named]#
[root@smrprodb1 etc]# cat named.rfc1912.zones
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "forward.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "56.168.192.in-addr.arpa" IN {
type master;
file "reverse.zone";
allow-update { none; };
};
#zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
#type master;
#file "named.ip6.local";
#allow-update { none; };
#};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
#zone "0.in-addr.arpa" IN {
#type master;Oracle 11gR2 RAC On VM - INSTALLATION
#www.reachdba.com | www.dbalounge.com | info@dbalounge.com | 011-40581394
#file "named.zero";
#allow-update { none; };
#};
[root@smrprodb1 etc]#
service named start
service named status
chkconfig named on
Hosts entry details
[root@srv1 named]# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
# Public
192.168.56.71 srv1.example.com srv1
192.168.56.72 srv2.example.com srv2
# Private
192.168.10.1 srv1-priv.example.com srv1-priv
192.168.10.2 srv2-priv.example.com srv2-priv
# Virtual
192.168.56.81 srv1-vip.example.com srv1-vip
192.168.56.82 srv2-vip.example.com srv2-vip
# SCAN (in production this should be configured in DNS)
192.168.56.91 srv-scan.example.com srv-scan
192.168.56.92 srv-scan.example.com srv-scan
192.168.56.93 srv-scan.example.com srv-scan
[root@srv1 named]#
OUTPUT:
[root@srv1 etc]# nslookup srv-scan
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: srv-scan.example.com
Address: 192.168.56.92
Name: srv-scan.example.com
Address: 192.168.56.93
Name: srv-scan.example.com
Address: 192.168.56.91
[root@srv1 etc]# nslookup srv-scan
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: srv-scan.example.com
Address: 192.168.56.93
Name: srv-scan.example.com
Address: 192.168.56.91
Name: srv-scan.example.com
Address: 192.168.56.92
[root@srv1 etc]# nslookup srv-scan
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: srv-scan.example.com
Address: 192.168.56.91
Name: srv-scan.example.com
Address: 192.168.56.92
Name: srv-scan.example.com
Address: 192.168.56.93
[root@srv1 etc]#
No comments:
Post a Comment