Now to define our own domain. We're going to make the domain
freebsd.bogus
and define machines in it. I use a totally bogus
domain name to make sure we disturb no-one Out There.
One more thing before we start: Not all characters are allowed in
host names. We're restricted to the characters of the English
alphabet: a-z, and numbers: 0-9 and the character '-' (dash). Keep to
those characters. Upper and lower-case characters are the same for
DNS, so pat.uio.no
is identical to Pat.UiO.No
.
We've already started this part with this line in named.conf
:
zone "0.0.127.in-addr.arpa" { type master; file "localhost.rev"; };
Please note the lack of `.
' at the end of the domain names in
this file. This says that now we will define the zone
0.0.127.in-addr.arpa
, that we're the master server for it and
that it is stored in a file called localhost.rev
. We've already
set up this file, it reads:
@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( 1 ; Serial 8H ; Refresh 2H ; Retry 1W ; Expire 1D) ; Minimum TTL NS ns.freebsd.bogus. 1 PTR localhost.
Please note the `.
' at the end of all the full domain names in
this file, in contrast to the named.conf
file above. Some people
like to start each zone file with a $ORIGIN
directive, but
this is superfluous. The origin (where in the DNS hierarchy it
belongs) of a zone file is specified in the zone section of the
named.conf
file, in this case it's 0.0.127.in-addr.arpa
.
This `zone file' contains 3 `resource records' (RRs): A SOA RR. A NS RR and a PTR RR. SOA is short for Start Of Authority. The `@' is a special notation meaning the origin, and since the `domain' column for this file says 0.0.127.in-addr.arpa the first line really means
0.0.127.in-addr.arpa. IN SOA ...
NS is the Name Server RR. There is no '@' at the start of this line, it is implicit since the last line started with a '@'. Saves some typing that. So the NS line could also be written
0.0.127.in-addr.arpa. IN NS ns.freebsd.bogus
It tells DNS what machine is the name server of the domain
0.0.127.in-addr.arpa
, it is ns.freebsd.bogus
. 'ns' is a
customary name for name-servers, but as with web servers who are
customarily named www.
something the name may be anything.
And finally the PTR record says that the host at address 1 in the
subnet 0.0.127.in-addr.arpa
, i.e., 127.0.0.1 is named
localhost
.
The SOA record is the preamble to all zone files, and there
should be exactly one in each zone file. It describes the zone, where
it comes from (a machine called ns.freebsd.bogus
), who is
responsible for its contents (hostmaster@freebsd.bogus
, you should
insert your e-mail address here), what version of the zone file this
is (serial: 1), and other things having to do with caching and
secondary DNS servers. For the rest of the fields (refresh, retry,
expire and minimum) use the numbers used in this HOWTO and you should
be safe.
Now restart your named (the command is ndc restart
) and use
nslookup to examine what you've done:
$ nslookup
Default Server: localhost
Address: 127.0.0.1
> 127.0.0.1
Server: localhost
Address: 127.0.0.1
Name: localhost
Address: 127.0.0.1
so it manages to get localhost
from 127.0.0.1, good. Now for our
main task, the freebsd.bogus
domain, insert a new 'zone' section in
named.conf
:
zone "freebsd.bogus" { notify no; type master; file "pz/freebsd.bogus"; };
Note again the lack of ending `.
' on the domain name in the
named.conf
file.
In the freebsd.bogus
zone file we'll put some totally bogus
data:
; ; Zone file for freebsd.bogus ; ; The full zone file ; @ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( 199802151 ; serial, todays date + todays serial # 8H ; refresh, seconds 2H ; retry, seconds 1W ; expire, seconds 1D ) ; minimum, seconds ; NS ns ; Inet Address of name server MX 10 mail.freebsd.bogus ; Primary Mail Exchanger MX 20 mail.friend.bogus. ; Secondary Mail Exchanger ; localhost A 127.0.0.1 ns A 192.168.196.2 mail A 192.168.196.4
Two things must be noted about the SOA record. ns.freebsd.bogus
must be a actual machine with a A record. It is not legal to
have a CNAME record for he machine mentioned in the SOA record. It's
name need not be `ns', it could be any legal host name. Next,
hostmaster.freebsd.bogus should be read as hostmaster@freebsd.bogus, this
should be a mail alias, or a mailbox, where the person(s) maintaining
DNS should read mail frequently. Any mail regarding the domain will
be sent to the address listed here. The name need not be
`hostmaster', it can be your normal e-mail address, but the e-mail
address `hostmaster' is often expected to work as well.
There is one new RR type in this file, the MX, or Mail eXchanger
RR. It tells mail systems where to send mail that is addressed to
someone@freebsd.bogus
, namely too mail.freebsd.bogus
or
mail.friend.bogus
. The number before each machine name is that
MX RRs priority. The RR with the lowest number (10) is the one mail
should be sent to if possible. If that fails the mail can be sent to
one with a higher number, a secondary mail handler, i.e.,
mail.friend.bogus
which has priority 20 here.
Restart named by running ndc restart
. Examine the results
with nslookup:
$ nslookup
> set q=any
> freebsd.bogus
Server: localhost
Address: 127.0.0.1
freebsd.bogus
origin = ns.freebsd.bogus
mail addr = hostmaster.freebsd.bogus
serial = 199802151
refresh = 28800 (8 hours)
retry = 7200 (2 hours)
expire = 604800 (7 days)
minimum ttl = 86400 (1 day)
freebsd.bogus nameserver = ns.freebsd.bogus
freebsd.bogus preference = 10, mail exchanger = mail.freebsd.bogus.freebsd.bogus
freebsd.bogus preference = 20, mail exchanger = mail.friend.bogus
freebsd.bogus nameserver = ns.freebsd.bogus
ns.freebsd.bogus internet address = 192.168.196.2
mail.freebsd.bogus internet address = 192.168.196.4
Upon careful examination you will discover a bug. The line
freebsd.bogus preference = 10, mail exchanger = mail.freebsd.bogus.freebsd.bogus
is all wrong. It should be
freebsd.bogus preference = 10, mail exchanger = mail.freebsd.bogus
I deliberately made a mistake so you could learn from it :-) Looking in the zone file we find that the line
MX 10 mail.freebsd.bogus ; Primary Mail Exchanger
is missing a period. Or has a 'freebsd.bogus' too many. If a machine
name does not end in a period in a zone file the origin is added to
its end causing the double freebsd.bogus.freebsd.bogus
. So either
MX 10 mail.freebsd.bogus. ; Primary Mail Exchanger
or
MX 10 mail ; Primary Mail Exchanger
is correct. I prefer the latter form, it's less to type. There are
some bind experts that disagree, and some that agree with this. In a
zone file the domain should either be written out and ended with a
`.
' or it should not be included at all, in which case it
defaults to the origin.
I must stress that in the named.conf file there should not be
`.
's after the domain names. You have no idea how many times a
`.
' too many or few have fouled up things and confused the h*ll
out of people.
So having made my point here is the new zone file, with some extra information in it as well:
; ; Zone file for freebsd.bogus ; ; The full zone file ; @ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( 199802151 ; serial, todays date + todays serial # 8H ; refresh, seconds 2H ; retry, seconds 1W ; expire, seconds 1D ) ; minimum, seconds ; TXT "FreeBSD.Bogus, your DNS consultants" NS ns ; Inet Address of name server NS ns.friend.bogus. MX 10 mail ; Primary Mail Exchanger MX 20 mail.friend.bogus. ; Secondary Mail Exchanger localhost A 127.0.0.1 gw A 192.168.196.1 HINFO "Cisco" "IOS" TXT "The router" ns A 192.168.196.2 MX 10 mail MX 20 mail.friend.bogus. HINFO "Pentium" "FreeBSD 3.0" www CNAME ns donald A 192.168.196.3 MX 10 mail MX 20 mail.friend.bogus. HINFO "i486" "FreeBSD 3.0" TXT "DEK" mail A 192.168.196.4 MX 10 mail MX 20 mail.friend.bogus. HINFO "386sx" "FreeBSD 2.2" ftp A 192.168.196.5 MX 10 mail MX 20 mail.friend.bogus. HINFO "P6" "FreeBSD 2.1.86"
There are a number of new RRs here: HINFO (Host INFOrmation) has two parts, it's a good habit to quote each. The first part is the hardware or CPU on the machine, and the second part the software or OS on the machine. The machine called 'ns' has a Pentium CPU and runs FreeBSD 3.0. CNAME (Canonical NAME) is a way to give each machine several names. So www is an alias for ns.
CNAME record usage is a bit controversial. But it's safe to follow the rule that a MX, CNAME or SOA record should never refer to a CNAME record, they should only refer to something with a A record, so it is inadvisable to have
foobar CNAME www ; NO!
but correct to have
foobar CNAME ns ; Yes!
It's also safe to assume that a CNAME is not a legal host name for
a e-mail address: webmaster@www.freebsd.bogus
is an illegal e-mail
address given the setup above. You can expect quite a few mail admins
Out There to enforce this rule even if it works for you. The way to
avoid this is to use A records (and perhaps some others too, like a MX
record) instead:
www A 192.168.196.2
A number of the arch-bind-wizards, recommend not using CNAME at all. But the discussion of why or why not is beyond this HOWTO.
But as you see, this HOWTO and many sites does not follow this rule.
Load the new database by running ndc reload
, this causes named
to read its files again.
$ nslookup
Default Server: localhost
Address: 127.0.0.1
> ls -d freebsd.bogus
This means that all records should be listed. It results in this:
[localhost]
$ORIGIN freebsd.bogus.
@ 1D IN SOA ns hostmaster (
199802151 ; serial
8H ; refresh
2H ; retry
1W ; expiry
1D ) ; minimum
1D IN NS ns
1D IN NS ns.friend.bogus.
1D IN TXT "FreeBSD.Bogus, your DNS consultants"
1D IN MX 10 mail
1D IN MX 20 mail.friend.bogus.
gw 1D IN A 192.168.196.1
1D IN HINFO "Cisco" "IOS"
1D IN TXT "The router"
mail 1D IN A 192.168.196.4
1D IN MX 10 mail
1D IN MX 20 mail.friend.bogus.
1D IN HINFO "386sx" "FreeBSD 2.1.5"
localhost 1D IN A 127.0.0.1
www 1D IN CNAME ns
donald 1D IN A 192.168.196.3
1D IN MX 10 mail
1D IN MX 20 mail.friend.bogus.
1D IN HINFO "i486" "FreeBSD 2.2"
1D IN TXT "DEK"
ftp 1D IN A 192.168.196.5
1D IN MX 10 mail
1D IN MX 20 mail.friend.bogus.
1D IN HINFO "P6" "FreeBSD 2.2.7"
ns 1D IN A 192.168.196.2
1D IN MX 10 mail
1D IN MX 20 mail.friend.bogus.
1D IN HINFO "Pentium" "FreeBSD 2.2"
That's good. As you see it looks a lot like the zone file itself.
Let's check what it says for www
alone:
> set q=any
> www.freebsd.bogus.
Server: localhost
Address: 127.0.0.1
www.freebsd.bogus canonical name = ns.freebsd.bogus
freebsd.bogus nameserver = ns.freebsd.bogus
freebsd.bogus nameserver = ns.friend.bogus
ns.freebsd.bogus internet address = 192.168.196.2
In other words, the real name of www.freebsd.bogus
is
ns.freebsd.bogus
, and it gives you some of the information it has
about ns as well, enough to connect to it if you were a program.
Now we're halfway.