Setting up BIND as caching DNS server on Opensolaris for a home server

I wanted to setup a local DNS server for the home network to cache and resolve local machine names. I did think about DNSMasq of DNS cache which are two linux centric cut-down DNS caching only servers but trawling the interwaves they seem to be a flaky on OpenSolaris at the moment.

So a task for me is to install and configure the defacto standard DNS server (BIND) on opensolaris.

I first tried pretty much followed this guide to the letter BUT I found that on my system (a fresh b134 install) they’re a bit mis-leading.

So here’s my attempt at a walkthrough.

1. Install the server binaries (SUNWbind)

Either via the package management GUI  (the way I did it) or I guess

#pfexec pkgadd SUNWbind

would also work.

2. Create the configuration files

The files that are need are
1. /etc/named.conf                               Main configuration file
2. /var/named/slave/smjc.co.uk  ‘Zone file’
3. /var/named/192.168.1.rev         Reverse DNS lookup map
4. /var/pri.localhost                            Localhost forward lookup file (required)
5. /var/localhost.rev                           Localhost reverse lookup file (required)
6. /var/named/root.servers            Root servers lookup file

1. named.conf configuration file

I’ve based my file on the example provided in the BIND documentation. I’ve used the example of a slave DNS server (the domain is hosted elsewhere and hence already has a master DNS server provided by the ISP

// SLAVE & CACHING NAME SERVER for smjc.co.uk
// maintained by: JWC
// CHANGELOG:
// 1. 9 November - initial configuration
//
options {
  directory "/var/named";
  // version statement - inhibited for security
  // (avoids hacking any known weaknesses)	
  version "not currently available";
  // allows notifies only from master
  allow-notify {69.64.67.242};
  // disables all zone transfer requests
  allow-transfer{"none"};
  // Closed DNS - permits only local IPs to issue recursive queries 
  // remove if an Open DNS required to support all users 
  // or add additional ranges 
  allow-recursion {192.168.1.0/24;};
};
//
// log to /var/log//named/example.log all events 
// from info UP in severity (no debug)
// defaults to use 3 files in rotation
// BIND 8.x logging MUST COME FIRST in this file
// BIND 9.x parses the whole file before using the log
// failure messages up to this point are in (syslog)
// typically /var/log/messages
//
  logging{
  channel example_log{
  file "/var/log/named/example.log" versions 3 size 2m;
  severity info;
  print-severity yes;
  print-time yes;
  print-category yes;
 };
 category default{
  example_log;
 };
};
// required zone for recursive queries
zone "." {
  type hint;
  file "root.servers";
};
// see notes below
zone "smjc.co.uk" in{
  type slave;
  file "slave/slave.smjc.co.uk";
  masters {69.64.67.242;};
};
// required local host domain
zone "localhost" in{
  type master;
  file "pri.localhost";
  allow-update{none;};
};
// localhost reverse map
zone "0.0.127.in-addr.arpa" in{
  type master;
  file "localhost.rev";
  allow-update{none;};
};
// reverse map for class C 192.168.1.0 (see notes)
zone "1.168.192.IN-ADDR.ARPA" IN {
  type slave;
  file "sec.192.168.1.rev";
  masters {69.64.67.242;};
};

2. Zone file /var/named/slave/smjc.co.uk

Initially just create an empty file

3. /var/named/192.168.1.rev         Reverse DNS lookup map

Initially just create an empty file

4. /var/named/pri.localhost               Localhost forward lookup file (required)

$TTL	86400 ; 24 hours could have been written as 24h
$ORIGIN localhost.
; line below = localhost 1D IN SOA localhost root.localhost
@  1D  IN	 SOA @	root (
			      2002022401 ; serial
			      3H ; refresh
			      15 ; retry
			      1w ; expire
			      3h ; minimum
			     )
@  1D  IN  NS @ 
   1D  IN  A  127.0.0.1

5. /var/localhost.rev

$TTL	86400 ;
; could use $ORIGIN 0.0.127.IN-ADDR.ARPA.
@       IN      SOA     localhost. root.localhost.  (
                        1997022700 ; Serial
                        3h      ; Refresh
                        15      ; Retry
                        1w      ; Expire
                        3h )    ; Minimum
        IN      NS      localhost.
1       IN      PTR     localhost.

6. root.servers file

;       This file holds the information on root name servers needed to
;       initialize cache of Internet domain name servers
;       (e.g. reference this file in the "cache  .  "
;       configuration file of BIND domain name servers).
;
;       This file is made available by InterNIC 
;       under anonymous FTP as
;           file                /domain/named.root
;           on server           FTP.INTERNIC.NET
;       -OR-                    RS.INTERNIC.NET
;
;       last update:    Jan 29, 2004
;       related version of root zone:   2004012900
;
;
; formerly NS.INTERNIC.NET
;
.                        3600000  IN  NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
;
; formerly NS1.ISI.EDU
;
.                        3600000      NS    B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
;
; formerly C.PSI.NET
;
.                        3600000      NS    C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
;
; formerly TERP.UMD.EDU
;
.                        3600000      NS    D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90
;
; formerly NS.NASA.GOV
;
.                        3600000      NS    E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
;
; formerly NS.ISC.ORG
;
.                        3600000      NS    F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
.                        3600000      NS    G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
.                        3600000      NS    H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
;
; formerly NIC.NORDU.NET
;
.                        3600000      NS    I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
;
; operated by VeriSign, Inc.
;
.                        3600000      NS    J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
;
; operated by RIPE NCC
;
.                        3600000      NS    K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129 
;
; operated by ICANN
;
.                        3600000      NS    L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET.      3600000      A     198.32.64.12
;
; operated by WIDE
;
.                        3600000      NS    M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
; End of File

3. Configure the service

Try

#svcadm -v enable dns/server

Then check if the service is running by
#
svcs network/dns/server

References and links;
– A post about chrooted BIND install – http://blog.l1x.me/2009/09/chrooted-bind-in-opensolaris.html

– Useful post detailing how to install, confgure and check the status of BIND – http://sunadmin.blogspot.com/2005/12/configuring-bind-931.html

– General documentation about ,name service discovery on opensolaris
http://www.opensolaris.org/os/project/duckwater/Documentation/ns-discovery/;jsessionid=511F3C3237DAA6CD0ACE1DD93D8BA850#configuring-dns-serve

– Nice full manual including some template named.conf files
http://www.zytrax.com/books/dns/ch4/index.html#caching

– Solaris 10 manual about naming services –
http://docs.sun.com/app/docs/doc/816-4556/intro-1?l=en&a=view

167 Comments

  1. Michael Said,

    January 29, 2015 @ 12:32 pm

    .

    ñïñ….

  2. wade Said,

    February 2, 2015 @ 12:58 pm

    .

    ñýíêñ çà èíôó!!…

  3. Johnnie Said,

    February 2, 2015 @ 1:28 pm

    .

    ñïàñèáî çà èíôó!…

  4. Nick Said,

    February 2, 2015 @ 5:29 pm

    .

    ñïñ….

  5. Marion Said,

    February 2, 2015 @ 6:05 pm

    .

    ñïñ….

  6. dan Said,

    February 2, 2015 @ 6:40 pm

    .

    ñïàñèáî….

  7. Seth Said,

    February 2, 2015 @ 7:14 pm

    .

    áëàãîäàðåí!…

  8. warren Said,

    February 2, 2015 @ 7:48 pm

    .

    ñïàñèáî!…

  9. ian Said,

    February 3, 2015 @ 4:14 pm

    .

    thanks for information!!…

  10. Clinton Said,

    February 8, 2015 @ 2:58 am

    .

    ñïñ!!…

  11. vernon Said,

    February 11, 2015 @ 6:44 am

    .

    ñïàñèáî çà èíôó….

  12. Tim Said,

    February 11, 2015 @ 7:21 am

    .

    thanks for information!!…

  13. Ben Said,

    February 11, 2015 @ 7:56 am

    .

    thank you!!…

  14. Lee Said,

    February 11, 2015 @ 8:31 am

    .

    thanks for information!…

  15. Gilbert Said,

    February 11, 2015 @ 9:06 am

    .

    áëàãîäàðþ!!…

  16. Scott Said,

    February 11, 2015 @ 9:41 am

    .

    tnx….

  17. perry Said,

    February 13, 2015 @ 4:46 pm

    .

    tnx for info….