Page 113 - DCAP602_NETWORK_OPERATING_SYSTEMS_I
P. 113

Unit 6: Domain Name System




          Web server. Don’t worry. BIND figures this out using its views feature which allows you to use   notes
          predefined zone files for queries from certain subnets. This means it’s possible to use one set of
          zone files for queries from the Internet and another set for queries from your home network.
          Here’s a summary of how it’s done:
          1.   If your DNS server is also performing as a caching DNS server, then you’ll also need a view
               for localhost to use. We’ll use a view called localhost_resolver for this.
          2.   Place your zone statements in the /etc/named.conf file in one of two other view sections.
               The first section is known as internal and lists the zone files to be used by your internal
               network. The second view called external lists the zone files to be used for Internet users.


                       Example: You could have a reference to a zone file called my-site.zone for lookups
               allied to the 97.158.253.X network which Internet users would see. This /etc/named.conf
               entry would be inserted in the external section. You could also have a file called my-site-
               home.zone for lookups by home users on the 192.168.1.0 network. This entry would be
               inserted in the internal section. Creating the my-site-home.zone file is fairly easy: Copy
               it from the my-site.zone file and replace all references to 97.158.253.X with references to
               192.168.1.X.
          3.   You must also tell the DNS server which addresses you feel are internal and external. To
               do this, you must first describe the internal and external networks with access control lists
               (ACLs) and then refer to these lists within their respective view section with the match-
               clients statement. Some built-in ACLs can save you time:

               (a)   localhost: Refers to the DNS server itself
               (b)   localnets: Refers to all the networks to which the DNS server is directly connected
               (c)   any: which is self explanatory.
          Let’s observe BIND views more carefully using a number of sample configuration snippets from
          the /etc/named.conf file I use for my home network. All the statements below were inserted
          after the options and controls sections in the file. I have selected generic names internal, for views
          given to trusted hosts (home, non-internet or corporate users), and external for the views given
          to Internet clients, but they can be named whatever you wish.




              Task    Describe the queries in your home networks

          First let’s talk about how we should refer to the zone files in each view.

          Forward Zone File References in named.conf
          Let’s describe how we point to forward zone files in a typical named.conf file.
          In this example the zone file is named my-site.zone, and, though not explicitly stated, the file
          my-site.zone should be located in the default directory of /var/named/chroot/var/named in a
          chroot configuration or in /var/named in a regular one. With Debian / Ubuntu, references to the
          full file path will have to be used. Use the code:
          Zone “my-web-site.org” {
           type master;
           notify no;
           allow-query { any; };
           file “my-site.zone”;

          };

                                           LoveLy professionaL university                                   107
   108   109   110   111   112   113   114   115   116   117   118