DNS: Difference between revisions
No edit summary |
No edit summary |
||
Line 11: | Line 11: | ||
Something like this is the file you need. This sets itself up as the SOA for the domain.com domain, sets the NS record to be zcs.domain.com, standard timeout stuff, then adds one MX record, plus the A record that corresponds to the MX record. | Something like this is the file you need. This sets itself up as the SOA for the domain.com domain, sets the NS record to be zcs.domain.com, standard timeout stuff, then adds one MX record, plus the A record that corresponds to the MX record. | ||
<tt> | |||
$TTL 3D @ IN SOA zcs.domain.com. zcs.marcmac.com. ( | $TTL 3D @ IN SOA zcs.domain.com. zcs.marcmac.com. ( | ||
: 2005110200 | |||
: 8H ; refresh, seconds | |||
: 2H ; retry, seconds | |||
: 4W ; expire, seconds | |||
: 1D ) ; minimum, seconds | |||
; | ; | ||
: NS zcs ; Inet Address of name server | |||
: MX 10 zcs.domain.com. ; Primary Mail Exchanger | |||
; | ; | ||
zcs A 1.2.3.4 | zcs A 1.2.3.4 | ||
mail CNAME zcs ; CNAME for a common nickname | mail CNAME zcs ; CNAME for a common nickname | ||
otherhost A 1.2.3.5 ; another host, for example | otherhost A 1.2.3.5 ; another host, for example | ||
www CNAME otherhost ; with a nickname | www CNAME otherhost ; with a nickname | ||
</tt> | |||
So, drop that in the domain.com file in /var/named/data (or /var/named/chroot/var/named/data, depending). | So, drop that in the domain.com file in /var/named/data (or /var/named/chroot/var/named/data, depending). | ||
Line 33: | Line 37: | ||
In /etc/named.conf (or /var/named/chroot/etc/named.conf), you'll put: | In /etc/named.conf (or /var/named/chroot/etc/named.conf), you'll put: | ||
<tt> | |||
options { | options { | ||
: directory "/var/named"; | |||
: dump-file "/var/named/data/cache_dump.db"; | |||
: statistics-file "/var/named/data/named_stats.txt"; | |||
}; | }; | ||
include "/etc/rndc.key"; | include "/etc/rndc.key"; | ||
zone domain.com { | zone domain.com { | ||
: type master; | |||
: file "/var/named/data/domain.com"; | |||
}; | }; | ||
</tt> | |||
Revision as of 01:25, 23 February 2006
Here's a quick overview of what you need:
First, remember that you need to set up an MX record for the DOMAIN, which points to the A record for the HOST, which will be the IP ADDRESS of the box running zimbra.
Example: Zimbra is running on zcs.domain.com, IP 1.2.3.4 You send mail to user1@domain.com
Postfix will look up the MX record for domain.com, which will return zcs.domain.com, IP address 1.2.3.4.
Something like this is the file you need. This sets itself up as the SOA for the domain.com domain, sets the NS record to be zcs.domain.com, standard timeout stuff, then adds one MX record, plus the A record that corresponds to the MX record.
$TTL 3D @ IN SOA zcs.domain.com. zcs.marcmac.com. (
- 2005110200
- 8H ; refresh, seconds
- 2H ; retry, seconds
- 4W ; expire, seconds
- 1D ) ; minimum, seconds
- NS zcs ; Inet Address of name server
- MX 10 zcs.domain.com. ; Primary Mail Exchanger
zcs A 1.2.3.4
mail CNAME zcs ; CNAME for a common nickname
otherhost A 1.2.3.5 ; another host, for example
www CNAME otherhost ; with a nickname
So, drop that in the domain.com file in /var/named/data (or /var/named/chroot/var/named/data, depending).
In /etc/named.conf (or /var/named/chroot/etc/named.conf), you'll put:
options {
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
};
include "/etc/rndc.key";
zone domain.com {
- type master;
- file "/var/named/data/domain.com";
};
A note about chrooting - most name servers run in a chrooted environment - so, you'll create the files in /var/named/chroot/whatever - but remember, when named is running, it's paths are relative to the chroot - so when you REFER to a file (as I do above in the named.conf snippet) you'll have absolute paths that are relative to the chroot.
Is it chrooted? Check /etc/sysconfig/named for a ROOTDIR value. If it's present, then that's your chroot.
Also, make sure that this nameserver is listed first in resolv.conf. Also, if there are other hosts in this domain, you should add them, too - or you won't be able to resolve them.
CAVEAT - I haven't touched my named config in a while, so more recent bind versions may be pickier than mine - but this should work.
Another CAVEAT - Run named chrooted, as a non-root user. Bind is known for exploits, and being hacked is a drag. My examples are just to get you going, and aren't intended as a Bind security primer.