h3. Installing and Configuring the DNS slave Server.
We are using the chrooted environment for Bind. so that the base configuration path would be {code}/var/named/chroot/var/named{code}
For non glam dns we will build the caching name server.
h5. Install the required packages
{code}
# yum update -y
# yum install bind bind-utils -y
# yum install bind-chroot -y
#yum install caching-nameserver.x86_64
You should have following packages installed,
bind-chroot-9.3.6-20.P1.el5_8.5
bind-9.3.6-20.P1.el5_8.5
ypbind-1.19-12.el5_6.1
bind-utils-9.3.6-20.P1.el5_8.5
bind-libs-9.3.6-20.P1.el5_8.5
caching-nameserver-9.3.6-20.P1.el5_8.5
{code}
h5. Next step would be to create the named.conf file. Rather than creating it from scratch, it would be much easier to copy it from any existing slave server.
So take backup of existing /etc/named.conf and scp the named.conf file from existing slave server at location {code}/var/named/chroot/etc/named.conf{code}
And then create the softlink
{code}
# ls -l /etc/named.conf
lrwxrwxrwx 1 root root 32 Oct 17 00:50 /etc/named.conf -> /var/named/chroot/etc/named.conf
Verify the named configuration, using below command,
# named-checkconf ; echo $?
0
{code}
h5. Master server setup
On master you have to perform two major changes,
* Edit the named.conf and add the IP range of the new slave server in the acl "my_networks"
* Add the NS record of new slave server in every zone file, e.g.
{code}
; This is a list of all of the named servers for this domain. The first
; is the primary (us) and the rest are our various secondaries
;
; WARNING: cannot list as a nameserver any machine that forwards to mac
@ IN NS tiber.tipsntraps.com
@ IN NS slavetiber.tipsntraps.com
{code}
* Restart the named on both master and slave.
make sure you perform the configtest before restarting the named.
h5. how to perform the confitest
{code}
# named-checkconf ; echo $?
0
# /etc/init.d/named configtest
zone tipsntraps.com/IN: loaded serial 2013121908
{code}
h3. Make sure all the zone files are transferred in the newly configured slave properly, the zone defination files would be located at,
{code}/var/named/chroot/var/named/slaves/{code}
h3. Testing
Change the Serial of one of the zone file on master and do rndc reload , confirm that the change is propagated successfully on the new slave.
h3. Monitoring
We have DNS-Zone-CHECK monitoring in place on master server, which checks that all the zone files defined in master are also setup on the slave server. This monitoring also checks the Serial of every domain of slave server against the master server.
To enable this monitoring, add the line in file {code}
/etc/check_mk/mrpe.cfg
Note- please pass the appropriate slave server name as second argument
### DNS zone check for rsukapp2
DNS-ZONE-CHECK-slavename /etc/nagios/scripts/check_dns_slave.sh <master> <slave>
{code}
once you have added this line in mrpe.cfg, take the re-inventory of the master dns server in check_mk and restart it.
We are using the chrooted environment for Bind. so that the base configuration path would be {code}/var/named/chroot/var/named{code}
For non glam dns we will build the caching name server.
h5. Install the required packages
{code}
# yum update -y
# yum install bind bind-utils -y
# yum install bind-chroot -y
#yum install caching-nameserver.x86_64
You should have following packages installed,
bind-chroot-9.3.6-20.P1.el5_8.5
bind-9.3.6-20.P1.el5_8.5
ypbind-1.19-12.el5_6.1
bind-utils-9.3.6-20.P1.el5_8.5
bind-libs-9.3.6-20.P1.el5_8.5
caching-nameserver-9.3.6-20.P1.el5_8.5
{code}
h5. Next step would be to create the named.conf file. Rather than creating it from scratch, it would be much easier to copy it from any existing slave server.
So take backup of existing /etc/named.conf and scp the named.conf file from existing slave server at location {code}/var/named/chroot/etc/named.conf{code}
And then create the softlink
{code}
# ls -l /etc/named.conf
lrwxrwxrwx 1 root root 32 Oct 17 00:50 /etc/named.conf -> /var/named/chroot/etc/named.conf
Verify the named configuration, using below command,
# named-checkconf ; echo $?
0
{code}
h5. Master server setup
On master you have to perform two major changes,
* Edit the named.conf and add the IP range of the new slave server in the acl "my_networks"
* Add the NS record of new slave server in every zone file, e.g.
{code}
; This is a list of all of the named servers for this domain. The first
; is the primary (us) and the rest are our various secondaries
;
; WARNING: cannot list as a nameserver any machine that forwards to mac
@ IN NS tiber.tipsntraps.com
@ IN NS slavetiber.tipsntraps.com
{code}
* Restart the named on both master and slave.
make sure you perform the configtest before restarting the named.
h5. how to perform the confitest
{code}
# named-checkconf ; echo $?
0
# /etc/init.d/named configtest
zone tipsntraps.com/IN: loaded serial 2013121908
{code}
h3. Make sure all the zone files are transferred in the newly configured slave properly, the zone defination files would be located at,
{code}/var/named/chroot/var/named/slaves/{code}
h3. Testing
Change the Serial of one of the zone file on master and do rndc reload , confirm that the change is propagated successfully on the new slave.
h3. Monitoring
We have DNS-Zone-CHECK monitoring in place on master server, which checks that all the zone files defined in master are also setup on the slave server. This monitoring also checks the Serial of every domain of slave server against the master server.
To enable this monitoring, add the line in file {code}
/etc/check_mk/mrpe.cfg
Note- please pass the appropriate slave server name as second argument
### DNS zone check for rsukapp2
DNS-ZONE-CHECK-slavename /etc/nagios/scripts/check_dns_slave.sh <master> <slave>
{code}
once you have added this line in mrpe.cfg, take the re-inventory of the master dns server in check_mk and restart it.
No comments:
Post a Comment