System Administration: Another Step toward the BIND - III
Before we take a look at a complete primary zone file, we need to cover background. Consider this background the context where the file itself is content.
Note: None of this may mean much to you until you see the entire text of a zone file. That's OK at this point because when you do see it tomorrow, you can refer back to this information to make sense of it. In the mean time, you may have to humor the editor.
The early information contained in the primary zone file exists to accommodate your secondary or slave server. That's BIND for you. When you look at the SOA entry you will see the information for the secondary server in lines 2 through 6.
The primary zone file contains the bulk of the configuration information DNS needs. The zone file for the example.org domain is pri.example.org. (The pri prefix exists to help you recognize that it's primary.)
If you're using the set of files that our Debian installation provides, you should name your own file after your domain. The file itself reads as follows with an explanation for each entry below it.
@ IN SOA server1.example.org. root.localhost. ( 2006012103; serial 28800; refresh, seconds 7200; retry, seconds 604800; expire, seconds 86400 ); minimum, seconds ;
SOA refers to "Start of Authority." This term applies to the concept of an authoritative server. By the time you write your part of the DNS distributed directory, the system has handed off authority for part of the entire database to you. So your zone file has to indicate where your authority starts—the domain you are serving.
NS server1.example.org.; NS server2.example.org.; ;
The above record type specifies the name servers for the domain. These are the ones you specified at registration of the domain.
MX 10 server1.example.org.; ;
The MX record in this section of the file identifies the mail server for the domain.
example.org. A 188.8.131.52 www A 184.108.40.206 server1 A 220.127.116.11 server2 A 18.104.22.168
A record types map a name to an IP address.
The data field of the SOA record contains several components or fields. You need to provide data or answers in the record that will allow another server on the Internet to satisfy its query. I suggest you take some time and study these. The fields include:
The root name of the zone, here just an @ sign. It's a shorthand reference to the current origin (zone) in the /etc/bind/named.conf file.
A number of different DNS classes exist. We will use the IN or Internet class used when defining IP address mapping information for BIND. The other classes exist for non-Internet protocols and functions.
The type of DNS resource record. In this case, this is an SOA resource record.
The fully qualified name of your primary name server. Must be followed by a period “.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- The US Government and Open-Source Software
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide