DNS
Server des OpenDNS Projekts
Statt den DNS-Servern des Providers lassen sich auch andere Server nutzen. OpenDNS bietet z.B. einen solchen Service. Laut deren Webseite hat das folgende Vorteile:
-
schnellere DNS-Abfragen (per Anycast wird immer der am nächsten stehende Server gefragt)
-
große DNS-Caches
-
hohe Zuverlässigkeit, 0-Downtime, keine Ausfälle
IPv4:
208.67.222.222 208.67.220.220 208.67.222.220 208.67.220.222
IPv6:
2620:0:ccc::2 2620:0:ccd::2
Umlautdomains Punycode IDN
Mit folgenden Tools können Umlaute in Domains in Punycode umgewandelt werden, den z.B. BIND und Apache brauchen, um diese Domains verwalten zu können.
$ host `echo dürüm-döner.de | idn -a --quiet` dürüm-döner.de has address 217.20.127.64 dürüm-döner.de mail is handled by 10 217-20-127-64.internetserviceteam.com.
Falls keine Konsole zur Verfügung steht, kann man die Umwandlung auch via Webtools vornehmen, z.B. hier: nemox.net
BIND
DNS Master/Slave-Server konfigurieren
This article is all about configuring DNS in master/slave mode.
Master DNS contains the zone files for all the domains for which it is authoritative. This zone information will be transfered to the slave machine when „named“ is started.
Here we need two machines with BIND rpm installed; one to be kept as master and the other to be kept as slave. In this example I use 192.168.1.1 as master and 192.168.1.2 as slave. Also, here I take 192.168.1.3 as the machine where I host my domain and mail.
Do the following in master.
1. Login as root.
2. Find out the path to the named configuration file.Usually it will be /etc/named.conf.
3. Edit the conf file.
4. Give the following entries in it.
allow-transfer{
<192.168.1.2>;
};
zone "domain.com" IN {
type master;
file "/var/named/domain.com.db";
};
Here „allow-transfer“ is given to transfer the zone information to the slave machine. The zone entry for the domain is given to show that this machine is authoritative for the domain. The information about the domain is stored in another file (/var/named/domain.com.db ), as you can see in the conf file.
A sample zone file can be given as:
$TTL 86400
@ IN SOA localhost master.domain.com. (
2007110901 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
IN NS 192.168.1.1
IN NS 192.168.1.2
IN MX 10 mail
IN A 192.168.1.3
mail IN A 192.168.1.3
www IN A 192.168.1.3
5) restart named
service named restart
When named is restarted, it will read the configuration file, and will go to that file which contains the zone information for a particular domain. Then it tries to transfer this information to the slave.
Do the following in Slave machine:
1. Login as root
2. Edit the conf file
3. Add the following to it:
zone "domain.com" IN {
type slave;
masters {
192.168.1.1
};
file "/var/named/doamin.com.db";
};
4. restart named.
named will read the conf file and will listen for the master. The master will transfer the zone information to slave and the file will be stored in „/var/named/domain.com.db“.
Thus once the zone information is passed to the slave, it is done. You have configured DNS in master-slave mode.
DNS-Cache leeren für eine bestimmte Domain
Bekannterweise kann man mit
rndc flush
den kompletten DNS-Cache leeren. Mit
rndc flush domain1.tld domain2.tld
kann man den Flush aber auch auf bestimmte Domains beschränken.