Setting up a domain

In this exercise, you will register a new domain, something.taller.nsrc.org. You will create master nameservice on your own machine, and someone else will be your slave.

Firstly, note that each machine in the classroom has been given a working DNS name: pcX.taller.nsrc.org. Configure your server with its real name: e.g. for pc23

  # hostname pc23.taller.nsrc.org
  # vi /etc/sysconfig/network
  NETWORKING=yes
  HOSTNAME=pc23.taller.nsrc.org
  # vi /etc/hosts
  ...
  192.188.58.87     pc23.taller.nsrc.org

(You should see the new name at the login screen on the console)

Exercise

1. Choose a new domain: ___________________.taller.nsrc.org
2. Create the directories you will need:

   # mkdir /var/named/m
   # mkdir /var/named/s
   # chown named /var/named/s
   

3. Find someone who will agree to be slave for your domain. You must choose someone on a DIFFERENT table to you. (Remember RFC2182: secondaries must be on remote networks). You can have more than one slave if you wish.
4. Create your zone file in /var/named/m/xxxxxx.taller.nsrc.org (where xxxxxx is your own domain)

   $TTL 10m
   @       IN      SOA     pcXX.taller.nsrc.org. your.email.address. (
                                   2004030500 ; Serial
                                   10m        ; Refresh
                                   10m        ; Retry
                                   4w         ; Expire
                                   10m )      ; Negative
           IN      NS      pcXX.taller.nsrc.org.  ; master
           IN      NS      pcYY.taller.nsrc.org.  ; slave
   
   www     IN      A       192.188.58.xx          ; your own IP
   

   (Note that we have chosen purposely low values for TTL, refresh, retry. For a production domain you would use higher values, e.g. $TTL 1d)

5. Edit /etc/named.conf to configure your machine as master (see slides for information how to do this)
6. Check that your zone file is valid and load it:

   # named-checkzone xxxxxx.taller.nsrc.org /var/named/m/xxxxxx.taller.nsrc.org
   If there are any errors, correct them
   # rndc reload
   # tail /var/log/messages
   If there are any errors, correct them
   

7. Get your slaves to configure themselves. If you are slave for someone else, check that there are no errors when you do rndc reload.
8. Check that you and your slaves are giving authoritative answers:

   # dig @192.188.58.xx xxxxxx.taller.nsrc.org. soa
   # dig @192.188.58.yy xxxxxx.taller.nsrc.org. soa
   Check that you get an AA (authoritative answer) from both, and that
   the serial numbers match
   

9. Now you are ready to request delegation. Bring the following form to the classroom instructor:

       Domain name:          ___________________.taller.nsrc.org
   
       Master nameserver:    pc____.taller.nsrc.org
   
       Slave nameserver:     pc____.taller.nsrc.org
   
       Slave nameserver:     pc____.taller.nsrc.org (optional)
   
       Slave nameserver:     pc____.taller.nsrc.org (optional)
   

10. You will not get delegation until the instructor has checked:
    • Your nameservers are all authoritative for your domain
    • They all have the same SOA serial number
    • The NS records within the zone match the list of servers you are requesting delegation for
    • The slave(s) are not on the same desk as you
11. Once you have delegation, try to resolve www.xxxxxx.taller.nsrc.org:
    • On your own machine
    • On someone else's machine (who is not slave for you)
    • On a machine elsewhere on the Internet, if you have access to one
12. Add a new entry to your zone file. Remember to update the serial number. Check that your slaves have updated. Try resolving this new name from elsewhere.