Sometimes we would like to have our own DNS server cache, i.e for web developers, in order to have some control over our network servers in addition to the /etc/hosts file. We will have our own network hosts resolved and also a DNS cache from internet, reducing timing making queries to a remote servers.
There are several steps we must follow, so let’s start.
set rndc
Create a new config file and secret key file, this /etc/rndc.key file defines a default command channel and authentication key allowing rndc to communicate with named on the local host with no further configuration..
rndc is the DNS server configuration utility. Enter the following commands into terminal to generate a new secret key and configuration for rndc:
You must run the next commands as root, so, or you become root (sudo su – ) or you must add sudo before every command.
I will take the first option :)
# rndc-confgen -b 256 > /etc/rndc.conf # head -n5 /etc/rndc.conf | tail -n4 > /etc/rndc.key
Now, edit the both generated files and check the UDP port number that will listen to, since must be the same in both files (normally 53). So if the values are different, change them to be the same in both cases.
setup bind
We must configure bind to run at startup so, let’s run these commands to assure it start in next reboot.
# launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist # echo "launchctl start org.isc.named" >> /etc/launchd.conf
If you have an old MacOS version, try this.
# echo "DNSSERVER=-YES-" >> /etc/hostconfig
setup named
Henceforth you might do some research in internet either to find other sample configurations or to configure other special needs as replications or some others.
Next two files will be stored in/var/named/ by default.
First create the local zone file.
vi /var/named/local.zone
$TTL 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost.
Create also next file /var/named/sample.file with the configuration for our domain, with the following lines
$TTL 86400 @ IN SOA sample.com. root.localhost ( 3 ; serial 28800 ; refresh 7200 ; retry 604800 ; expire 86400 ; ttl ) @ IN NS sample.com. @ IN MX 1 smtp.sample.com. @ IN A 192.168.1.1 web1 IN A 192.168.1.35 web2 IN A 192.168.1.36 otherhosts IN A 192.168.1.40
Next, we need to update the /etc/named.conf file to tell BIND about our new zones.
add in /etc/named.conf with the following lines
zone "local" IN {
type master;
allow-update { none; };
allow-query { any; };
file "local.zone";
};
zone “sample.com” IN {
type master;
notify no;
allow-update { none; };
allow-query { any; };
file “sample.zone”;
};
save it and start bind.
starting bind
you can do it by hand…
# /usr/bin/named
or running it through launchctl
# launchctl start org.isc.named
TIP*: If the DNS queries doesn’t work, try running next commands.
# launchctl unload -w /System/Library/LaunchDaemons/org.isc.named.plist # launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist
useful commands
Whenever you happen to make changes to these files, you may need to reload the DNS configuration and zone files.
# rndc reload
You can also flush the DNS cache by using this command:
# rndc flush