Exercise 1 =========== Overview 1- dig 2-Retrieving BIND 3-Building, Installing BIND 4-testing your installation 5-Rndc 1-dig * dig for NXDOMAIN # dig www.nodomain.conference.pacnog.org a check the header, answer and authority sections of the response * dig for NOERROR with RR # dig noc.conference.pacnog.org a check the header, answer and authority sections of the response * dig for NOERROR with 0 RR # dig noc.conference.pacnog.org txt check the header, answer and authority sections of the response 2-Retrieving BIND Use the Ubuntu package management tools to install: apt-get install bind9 or use: aptitude - and then search for bind9 using the / command type '+' to mark the package for install, type 'g' to install. Executables /usr/sbin dnssec-keygen, dnssec-signzone named-checkconf, named-checkzone rndc, rndc-confgen named /usr/bin dig host, nslookup nsupdate And libraries "happen" 3-testing your installation a-Make sure right version is now installed # named -v 4-RNDC what is Remote Name Daemon Controller Command-line control of named daemon Usually on same host, can be across hosts "rndc-confgen" generates lines to be added to two files named.conf and rndc.conf /etc/bind/named.conf #key definition key rndc_key { secret "dY7/uIiR0fKGvi5z50+Q=="; algorithm hmac-md5; }; Warning: example secret looks good but is invalid (don't copy it!) #controls statement controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; /etc/bind/rndc.conf specifies defaults for rndc E.g., key "rndc-key" { algorithm hmac-md5; secret "dY7/uIiR0fKGvi5z50+Q=="; }; options { default-key "rndc-key"; default-server 127.0.0.1; default-port 953; }; what can you do this rndc ? rndc stop - kills server rndc status - prints some information rndc stats - generates stat file (named.stats) rndc reload - refresh zone(s), w/variations rndc trace - increases debug level rndc flush - removes cached data rndc gives the full option list 1- run rndc-confgen # rndc-confgen 2- create your /usr/local/etc/named.conf and /usr/local/etc/rndc.conf files with data from rndc-confgen 3-start named # named -g If needed the option pid-file to your named.conf options { pid-file "/var/run/named/named.pid"; }; 4-test your rndc configuration # rndc status 5- test with other options of rndc