You configure zone transfers from a master to aslave server.-Create a 128 bit MD5 key with the name zonetransfer.-Configure the master server to use this key for zonetransfer. Create a file /etc/named.key where you enter the keyzonetransfer options. This file is included into the /etc/named.conf
You configure the slave to server to use this key for zonetransfer. Copy the file /etc/named.key from the master server to theclient server and include it into the file /etc/named.conf.
Do the following:
■ Part I: Generate a Key
■ Part II: Configure the Master Server
■ Part III: Configure the Slave Server
Part I: Generate a Key
1. To stop the DNS server, enter
rcnamed stop
2. Change the directory by entering
cd /var/lib/named
3. To generate a key, enter (on one line)
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST zonetransfer
4. Record the file name of the key in the space below:
Part II: Configure the Master ServerDo the following:
1. Create a new file /etc/named.key with the following content:
key zonetransfer {
algorithm HMAC-MD5;
secret “key”;
};
Instead of key insert the key you created in part I.
2. Change the owner of the file to named by entering
chgrp named /etc/named.key
3. Remove the read permission for others from the file by entering
chmod o-r /etc/named.key
4. On the master server, open the /etc/named.conf file with a texteditor.5. Add the following line at the beginning of the file:
include “/etc/named.key”;
6. Change the content of the zone description of angkor.biz. as follows:
zone "angkor.biz" in {
type master;
file "master/angkor.biz.zone";
allow-transfer {key zonetransfer;};
};
7. Change the content of the zone description of 65.168.192.in-addr.arpa as follows:
zone “65.168.192.in-addr.arpa” in {
type master;
file “master/65.168.192.zone”;
allow-transfer {key zonetransfer;};
};
8. Save the file and exit the text editor.
9. Open a second terminal window and enter su - to get rootpermissions.
10. When prompted, enter the root password .
11. Enter the command
tail -f /var/log/messages
12. Switch to the first terminal window and start bind by entering
rcnamed start
13. From the second terminal window, watch the log output of bindwhen the slave server is started.
Part III: Configure the Slave ServerDo the following:
1. Copy the file /etc/named.key from the master server to the slaveserver.
2. Change the owner of the file to named by enteringchgrp named /etc/named.key
3. Remove the read permission for others from the file by entering
chmod o-r /etc/named.key
4. On the slave server, open the /etc/named.conf file with a texteditor.
Configure the DNS Server Using BIND5.
Add the following line at the beginning of the file:
include “/etc/named.key”;
6. Add the following lines after the option section:
key zonetransfer {
algorithm HMAC-MD5;
secret “key”;
};
server IP_address_of_the_master_server {
keys {zonetransfer;};
};
In the secret option, enter the key of the master server.
7. Save the file and exit the text editor.
8. Remove the files in the directory /var/lib/named/slave/ by entering:
rm /var/lib/named/slave/*
9. Open a second terminal window and enter su - to get root permissions.
10. When prompted, enter the root password novell.11. Enter the command
tail -f /var/log/messages
12. Switch to the first terminal window and start bind by enteringrcnamed start
13. From the second terminal window, watch the log output of bindto see if the zone transfer will be done.
Thursday, May 1, 2008
Configure Zone Transfers from the Master Server to Slave
0 comments:
Post a Comment