djbdnsrocks.org latest news
A major site renovation is under way. Please excuse the mess while this is in progress.
Home
About
The Installation
Extra Options
faq
Journal of Events
Links
The future
Contact Me

Multiple server DNS solution
- Deploying tinydns on the master DNS server-

Now we will setup the tinydns authoritative nameserver on our master DNS box. The authoritative nameserver is going to contain zone files for all domains which you wish to handle. In other words, we're about to set your DNS server! Once the zone entry for a domain in entered into tinydns, you can then point that domain, via your registrar, toward your nameserver and it will direct requests (web, mx, etc.) wherever you want them to go!

Registering your nameservers

The first thing you need to do, before we worry about deploying tinydns, is to register your nameservers. After all, it won't do any good to have a DNS server with no registered addresses. If you're smart, you should have done this well before reading the guide, but if you haven't here's you chance.

The first thing to do is decide which IP addresses you will be using for each of your nameservers. Since my install involved 3 DNS servers, I need 3 IP address. The IP of the first nameserver will reside on the master DNS server, the other 2 IPs will each reside on the 2 slave servers. So, for example, let's say I've got the following 3 IP address:

1.2.3.4 - IP address bound on the master DNS server

5.6.7.8 - IP address bound on slave server 1

9.10.11.12 - IP address bound on slave server 2

OK, binding each IP to its respective server is easy enough. If you don't know how to do that, you're really in over your head right now. So the next step is deciding what names you will assign to these IP addresses. Nameserver names are pretty standard in format. Usually using something like "ns1.yourdomain.com", "ns2.yourdomain.com" and "ns3.yourdomain.com" will do just fine, but they can really be anything you like. So, for this example, let's say my domain is djbdnsrocks.org. With the 3 IP addresses above, I now intend to register the following 3 nameservers:

ns1.djbdnsrocks.org

ns2.djbdnsrocks.org

ns3.djbdnsrocks.org

Sounds easy enough, right. Well, it is. Registering nameserver is a required step, but it's pretty simple. Domain registrars WILL NOT let you point a domain to any nameservers that are not registered. Fortunately, most (if not all) domain registrars give the domain administrator the ability to easily register nameservers for any domain that they own. The process WILL VARY from registrar to registrar, but overall it's the same idea. I personally use godaddy.com to register my domains. In the godaddy.com domain administration panel, there is an area where you can register nameservers for a domain. You simple tell them the name of the nameservers you want to register and the IP addresses to which they will point. It is VERY IMPORTANT that you make sure that the 3 IP addresses you intend to use are functional and that they resolve to a working server. So, for djbdnsrocks.org, I would register the following 3 nameservers:

ns1.djbdnsrocks.org   1.2.3.4

ns2.djbdnsrocks.org   5.6.7.8

ns3.djbdnsrocks.org   9.10.11.12

Once you complete the registration process, it generally takes around 24 hours for the new nameservers' registration to be active and functional (you may get faster results depending on who your registrar is). Once that's done, you can now focus on deploying tinydns on your server and making those nameservers actually do something!

Deploying tinydns

The first thing you'll want to do is create the needed users on your system that will enable your DNS server to function correctly. Lucky for you, I've created some scripts to do that...

For Redhat and most other Linux systems:

/downloads/djbdnsrocks/scripts/add_users_rh.script

For FreeBSD systems:

/downloads/djbdnsrocks/scripts/add_users_freebsd.script

Next, we will create the core of the first tinydns server. We will create a series of scripts and folders and it is here where all the zones and other configs will live. Fortunately, there are ready made scripts that do all the work for us. Remember, that since we are creating 3 nameservers, we're going to do this three times. For now, however, we will just be doing the master server.

So let's create the first nameserver on our master DNS server. In this example, I'm creating the first tinydns server for the IP address that will serve ns1.djbdnsrocks.org

/usr/local/bin/tinydns-conf tinydns dnslog /etc/tinydns 1.2.3.4

Viola! If you take a look, there will now be an /etc/tinydns folder with lots of crazy files and scripts in it. Don't worry about them now, however. We'll go over them later. That wasn't so bad, now was it? Now your master tinydns server is installed and ready to be fired up. Granted, it doesn't contain any zone entries for any domains yet, but we'll get to that in a bit.

To start the tinydns server, all we have to do is add it to the daemontools service directory. If you're familiar with daemontools, you know how easy this is. But if not, don't worry, because guess what? It's easy. Well, it's easy as long as you've already installed daemontools and ucspi-tcp.

So let's crank up the master DNS server...

ln -s /etc/tinydns /service

OK, that's it! The master DNS server should now be up and running. If you run a "ps -aux" (or similar) command on your server you should now see the tinydns processes running. It should look similar this:

root 12730 0.0 0.0 1376 276 ? S 12:22 0:00 supervise tinydns
tinydns 12731 0.0 0.0 1508 280 ? S 12:22 0:00 /usr/local/bin/tinydns
root 12732 0.0 0.0 1376 276 ? S 12:22 0:00 supervise log
dnslog 12733 0.0 0.0 1396 280 ? S 12:22 0:00 multilog t ./main

root 1731 0.0 0.0 1364 232 ? S Sep08 0:00 readproctitle service errors: .......................................

If the "readproctitle service errors" line is clear, as above, you are all set. If it shows errors, you will need to troubleshoot those errors. Reading the nameserver's logs at /etc/tinydns/log/main/current can help track down an error a lot of the time. Most errors with tinydns are "usually", in my experience, related to bad file permissions or ownership settings.

OK, so your master tinydns nameserver is now up and running! Granted, you don't have any zone entries set up yet, but it is working in a technical sense. In the next step of the install, we are going to divert from tinydns for a few minutes so that we can set up an internal caching nameserver on our server. Then, after that, we'll return to tinydns and install the Vegadns web based DNS control panel. From there, you can start adding domains to your nameserver! Finally, once the master DNS server is fully functional, we will set up the 2 slave DNS servers.

Proceed to step 5

 

Modified
Site last modified: October 08, 2006 11:07:54 EDT
   
 
The Rocks Project