DNS will be a major service in our network and must be up and running 100% To accomplish this we will install a secondary DNS server (slave).

The purpose of a slave name server is to share the load with the master server, or handle the entire load if the master server is down. A slave name server loads its data over the network from another name server usually the master name server, but it can load from another slave name server too.
This process is called a zone transfer.

For the installation of a slave dns we need a second virtual machine:

  • 1 vCPU
  • 512 MB Ram
  • Harddisk – 10GB
  • Network to your operational lan (ip: 172.30.1.3)
  • OS SLES 11 (64-bit)
We need to install the bind package on this server to, and do an initial configuration of the server.
I’ll give you the short version (long version see step 1)

DNSSlave:~ # yast2 -i bind bind-utils
DNSSlave:~ # ls /etc/named.conf.include
DNSSlave:~ # touch /etc/named.conf.include
DNSSlave:~ # vi /etc/named.conf

options {
     # The directory statement defines the name server's working directory
     directory "/var/lib/named";
     # Write dump and statistics file to the log subdirectory.    
     # The pathenames are relative to the chroot jail.

     # Defines the absolute path where BIND dumps the database (cache)   
     # in response to a rndc dumpdb.
     dump-file "/var/log/named_dump.db";
     # File-name to which data will be written when the command rndc
     # stats is issued.
     statistics-file "/var/log/named.stats";
     # The forwarders record contains a list of servers to which queries
     # should be forwarded.  Enable this line and modify the IP address to
     # your provider's name server.  Up to three servers may be listed.

     # The listen-on-v6 record enables or disables listening on IPv6  
     # interfaces.  Allowed values are 'any' and 'none' or a list of addresses.
     listen-on-v6 { any; };
     # If notify is set to yes (default), notify messages are sent to other
     # name servers when the the zone data is changed.  Instead of setting
     # a global 'notify' statement in the 'options' section, a separate
     # 'notify' can be added to each zone definition.
     notify no;
     # version specifies the string that will be returned to a version.
     # bind query when using the chaos class only. We tend to use it in
     # all named.conf files to avoid giving out a version number such that
     # an attacker can exploit known version-specific weaknesses.
     version "Biolizards DNS server"; };

# The following zone definitions don't need any modification.  The first one
# is the definition of the root name servers.  The second one defines
# localhost while the third defines the reverse lookup for localhost.
zone "." in { type hint; file "root.hint"; }; zone "localhost" in { type master; file "localhost.zone"; }; zone "0.0.127.in-addr.arpa" in { type master; file "127.0.0.zone"; };
# Include the meta include file generated by createNamedConfInclude.  This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named
include "/etc/named.conf.include";

Now before we go on we need to modify the configuration on our masterdns
We need to allow our slavedns to download the zone file from the masterdns
Open the file /etc/named.conf.include for editing on the masterdns

DNSMaster:~ # vi /etc/named.conf.include

Modify the content by adding
allow-transfer { 172.30.1.3; };
to each zone config  where 172.30.1.3 is the Ip address from our slavedns

zone "biolizards.local" in {
 type master;
 file "master/biolizards.local.zone";
 allow-transfer {172.30.1.3;};
}; 

zone "30.172.in-addr.arpa" in {
 type master;
 file "master/172.30.zone";
 allow-transfer {172.30.1.3;};
};

Don’t forget to load the new configuration

By a reload
DNSMaster:~ # service named reload

or a restart of the named service
DNSMaster:~ # service named restart

Now that the masterdns is configured to allow the slave to download the zone files, we can further configure  the slavedns. Let’s configure the zone files:

DNSSlave:~ # vi /etc/named.conf.include

Insert the following content:

zone "biolizards.local" in {
 type slave;
 file "slave/biolizards.local.zone";
 masters { 172.30.1.2; };
}; 

zone "30.172.in-addr.arpa" in {
 type slave;
 file "slave/172.30.zone";
 masters { 172.30.1.2; };
};

Note that we changed the type to slave and the file location to the slave directory.
We also added the line masters { 172.30.1.2; };
Witch will tell the named service who the master dns server is for this zone.

Don’t forget to modify the rights for he working directory and sub-folder/files
DNSSlave:~ # chown named.named /var/lib/named/ -R

and to add the named service to the different runlevels
DNSSlave:~ # chkconfig –add named

Now we are ready to start the named service.
DNSSlave:~ # service named start

Once the slave server has been started you can check the /var/lib/named/slave directory and you should notice the new files called “biolizards.local.zone” and “172.30.zone”  which have been transfered from the master server.

Check the syslog for any errors