Using Webmin and Bind9 To Setup DNS Server On Linux v12

Global Open Versity - Vancouver Canada Using Webmin and Bind9 to Setup DNS Server v1.
Global Open Versity

Systems Integration Hands-on Labs Training Manual
Using Webmin and Bind9 to Setup DNS Sever on Linux

By Kefa Rabah, krabah@globalopenversity.org March 2008
Installing and Configuring Webmin

Administering Linux and Unix-based servers does not need to be the scourge of your work day.
With a handy tool called Webmin as part of your arsenal, you can regain full control of your
servers’ setup and configuration via the Web browser.
To Install Webmin and get started, drop by www.webmin.com and download the latest release.
You can use RPMs for Red Hat and related systems that support binary installations or you can
build Webmin from source. Webmin supports a large number of UNIX variants, including OS X. To
install the rpm, simply open a terminal session, and type in:
# rpm –ivh webmin*
Or
# yum install webmin* -y
As root user in the directory in which Webmin was downloaded
Webmin is the most powerful administration tool in its nature. We will use it to set up our DNS,
but I will not go over it in detail because we already know how to use other administrative tools.
It is not difficult to use because it is web based, in any event, you should know that you can use
it remotely to administrate the system. In this HowTo we’re going to use Webmin to setup DNS
Server and mail, www and ftp servers on Linux CentOS5.
While here also note our hostname: cos52.linuxauth.com
Other servers are:
mail.linuxauth.com
www.linuxauth.com
ftp.linuxauth.com
Check out /etc/hosts to ensure that you have a correct setup, in our case, it’s as follows:
# Do not remove the following line, or various programs

# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.83.15 cos52.linuxauth.com cos52 mail www ftp
::1 localhost6.localdomain6 localhost6
Make sure that all the required services are running including webmin, if it is already installed. If
you need help for installation, refer to software installation in this book.
Ok here we go…
1
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Global Open Versity - Vancouver Canada Using Webmin and Bind9 to Setup DNS Server v1.0
Open the web browser and type:
http:// localhost:10000 or http://127.0.0.1:10000 http://yourdomain:1000
in our case: http://cos52.linuxauth.com:1000
Fig. 1
When you open the web browser and execute the 10000 port you will see an error, describing
that the web server is running in SSL mode and gives you a link to try instead. Click on the link,
you may see another error describing that the server certificate failed; click on Continue.
Another warning pops up.
Fig 2
Click on Or you can add an exception
Next enter the user name and password to authenticate.
2

Fig. 3
Note: For security practices, never use Remember login password.

Also note that this is run by root, but you can still give permission to other users to run it.
I suggest never give this power to any other user except to you, the administrator.
Click on Login to enter Webmin…
Fig 4
Figure 4 above shows Webmin's home page a generic most wanted administrative tool. But of
course with all the tools, you probably won't rely on webmin for all admin purposes. Although,
Webmin is useful for automating tasks, for teaching purpose, it’s always preferable to do things
3

manually via command line so that apprentices can have a better understanding of what actually
happens in the background.
Feel free to explore and actually try to use the available modules in webmin. Once you learn to
use it, it will become your favorite remote administrative tool.
From Fig. 4 clicking on Servers brings you to Fig. 5, while there note all other servers that are
available in this panel, and which are installed on this machine.
Next, from Fig. 5 below; click on Bind DNS Server to start with our DNS configuration. For this
article we used Bind9, however, do make a point to download the latest Bind server package and
ensure that update your system before proceeding with setup. The network address used here is
for LAN, but you can easily replace it with a public IP address if you have a legal domain name
and have an IP address issued to you by your ISP or domain hosting company.
Fig 5
From 5, choose the option best suited for your setup. In our case we opted for the second option.
Checking the second option and clicking Create Primary Configuration and Start Nameserver
brings you to the Bind DNS Server panel.
Note that Bind DNS Server panel is divided into three different sections:
• Global server options

• Existing DNS zones (which will be our working section, see Fig. 6)
• Client's view designed on the server
4

Fig 6: Our working section, Existing DNS Zone: Click Create master zone.
Creating the Master Domain
Our Domain: linuxauth.com

Note the period (.) at the end of the domain name, it has to be there – it’s not a mistake.
Adding the zone / Forward Zone!
1. Click on create a new master zone

2. Zone type: Forward (forward name to address) select it
3. Domain name /Network: linuxauth.com. (domain here)
4. Record file: Automatic
5. Master server: server2.linuxauth.com [/] Add NS record for Master Server?
6. Email address: root@localhost or root@linuxauth.com
7. Use zone template: no
8. Leave the rest as default
9. Click on create
Once the zone was created proceed to edit its properties, it takes you to this panel
automatically.
Once the zone was created proceed to edit its properties, it takes you to this panel automatically.
Edit master zone

[In Netcontrol.org]
*Adding the address:
1. Click on Address
2. Enter name: linuxauth.com.
3. Enter address: 192.168.83.15 (note: this is the physical address domain 1)
5

4. Time-To Leave: default

5. Update reverse?: yes
6. Click on create
Fig 6: Your address record should look like this
7. Return to record types
Add Name Server records
(Note: this section may be already updated)
1. Enter zone name: linuxauth.com.

2. Time-To-Leave : Default
3. Enter Name server: cos52.linuxauth.com. (host.domain.com)
4. Click on create
Fig 7: If already updated, it should look like this
5. Return to record type.
Add Name Alias Record
1. Name: www
2. Time-To-Leave: Default
3. Real Name: linuxauth.com.
4. Click on create
--------------------------------------------------------
5. Name: mail
6. Time-To Leave: Default
8. Click on create
-------------------------------------------------------
9. Name: ftp
12. Click on create
6

Fig 8: Your alias should look like this
13. Return to Record Type
-------------------------------------------------------
Mail Exchange Record (Mx record)
1. Name: linuxauth.com.
3. Mail Server: mail. linuxauth.com.
4. Priority: 10
5. Click on create
Fig 9: The mail record should look like this
Return to Record Types
We just finished creating the forward zone. At the very bottom of this current panel (Edit
Master Zone), click on Return to zone list.
From the zone list
* Click on Apply Changes.
The next step is the Reverse Zone for netcontrol.org
Adding the Reverse Zone
1. Click on Create New Master Zone

2. Now the Zone type will be: Reverse
3. Domain name/network: 192.168.83 (The last number is left out which is 58)
4. Records file: Automatic
5. Master server: server2.linuxauth.com [/] Add NS record for Master Server?
6. Email address: root@localhost or root@linuxauth.com
7

7. Use template: no
8. Refresh time: leave as default
9. Expiry time: leave as default
10. IP address for template: leave blank
11. Transfer retry time: leave as default
12. Default time to leave: leave as default
13. Click on create
Now Edit the Master Zone properties for the Reverse that we just created.
Create Pointer
1. Click on PT
2. Now add Reverse Address Record
3. Address: 192.168.83.15 (type complete IP address here)
4. Host name: cos52.linuxauth.com.
5. Update forward: yes
6. Click on Create
Fig 10: After creating it should look like this
7. Return to Record Types
Add name Server (NS)

(This data may be already updated)
1. Zone Name: 83.168.192

2. Name Server: cos52.linuxauth.com.
3. Time to leave: Default
4. Click create
Fig 11: If already updated should look like this
5. Return to Record Types
8

Add Name Alias Record (CN)

--------------------------------------------------------------
1. Name: www
4. Click on create
------------------------------------------------------------
5. Name: mail
6. Time-to-Leave: Default
8. Click on create
-----------------------------------------------------------
9. Name: ftp
10. Time-to-Leave: Default
12. Click on create
Fig 12: After you have entered all the aliases it should look like this
13. Return to zone list
Our newly modified zone list now is as shown in Fig. 13 below:
9

Fig. 13: Final Existing DNS Zone

------------------------------------------------------------
Click on Apply Changes
We just completed a totally functional DNS
You can now verify the changes in the main configuration file
/var/named/chroot/etc/named.conf
Note that a new zone has been added, which can be found at: /var/named/chroot/var/named,
these are: linuxauth.com.hosts and 192.168.83.rev.
You should see something similar to this: (Your host of course)
This is the content of the file: named.conf
options {
directory "/etc";
pid-file "/var/run/named/named.pid";
};
zone "." {
type hint;
file "/etc/db.cache";
};
zone "linuxauth.com" {
type master;
file "/var/named/linuxauth.com.hosts";
};
10

zone "83.168.192.in-addr.arpa" {
type master;
file "/var/named/192.168.83.rev";
};
Contents of these files in: /var/named/chroot/var/named/
This is the content of the file: linuxauth.com.hosts
------------------------------------------------------------------------------
$ttl 38400
linuxauth.com. IN SOA cos52.linuxauth.com. root.linuxauth.com. (
1236317547
10800
3600
604800
38400 )
linuxauth.com. IN NS cos52.linuxauth.com.
linuxauth.com. IN A 192.168.83.15
www.linuxauth.com. IN CNAME linuxauth.com.
mail.linuxauth.com. IN CNAME linuxauth.com.
ftp.linuxauth.com. IN CNAME linuxauth.com.
linuxauth.com. IN MX 10 mail.linuxauth.com.
cos52.linuxauth.com. IN A 192.168.83.15
------------------------------------------------------------------------------
This is the content of the file: 83.168.192.rev
------------------------------------------------------------------------------
$ttl 38400
83.168.192.in-addr.arpa. IN SOA cos52.linuxauth.com.
root.linuxauth.com. (
1236321439
10800
3600
604800
38400 )
83.168.192.in-addr.arpa. IN NS cos52.linuxauth.com.
15.83.168.192.in-addr.arpa. IN PTR cos52.linuxauth.com.
www.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.
mail.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.
ftp.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.
------------------------------------------------------------------------------
11

As you can see, using webmin is the fastest and surest way to set up a DNS server; or you can sit
there all day and type line by line and still get wrong.
[root@cos52 ~]# service named restart
Now test our DNS server using dig and nslookup to test and ensure that our master DNS is
working as expected. Fig. 15 shows the dig and Fig. 16, which confirms that all is working well.
Fig. 15: shows the dig command which returns corrects results.
12

Fig. 16: shows the nslookup command which returns IP address correctly.
Now that we have created a perfect master DNS; we can go ahead and use our system for almost
anything, e.g., ftp, mail, and www. The same way we created this master DNS you can also
create a slave DNS server at a different IP address to provide for redundancy. That is, by creating
a slave DNS, they can replicate each others data so that if one of the servers goes down, the other
one will respond to the queries transparently without affecting the network clients.
So what is the big picture – i.e., in a simple language – having perfectly functioning redundancy DNS
server within your network enables both servers and clients in your network to use different IP addresses
and will be resolved by your DNS server.
Now you can go ahead install messaging server like Zimbra that require that master DNS is installed and
working.
Enjoy!
-----------------------------------------------
Kefa Rabah is the Founder and CIO, of Serengeti Systems Group Inc. Kefa is knowledgeable in
several fields of Science & Technology, IT Security Compliance and Project Management, and
Renewable Energy Systems. He is also the founder of Global Open Versity, a Center of Excellence
in eLearning.
13

Using Webmin and Bind9 To Setup DNS Server On Linux v12

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Using Webmin and Bind9 To Setup DNS Server On Linux v12

Uploaded by

Copyright:

Available Formats

Global Open Versity - Vancouver Canada Using Webmin and Bind9 to Setup DNS Server v1.

Global Open Versity

Using Webmin and Bind9 to Setup DNS Sever on Linux

Installing and Configuring Webmin

# rpm –ivh webmin*

# yum install webmin* -y

As root user in the directory in which Webmin was downloaded

While here also note our hostname: cos52.linuxauth.com

Other servers are:

# Do not remove the following line, or various programs

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Open the web browser and type:

http:// localhost:10000 or http://127.0.0.1:10000 http://yourdomain:1000

in our case: http://cos52.linuxauth.com:1000

Click on Or you can add an exception

Next enter the user name and password to authenticate.

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Note: For security practices, never use Remember login password.

Click on Login to enter Webmin…

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

• Global server options

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Creating the Master Domain

Our Domain: linuxauth.com

Adding the zone / Forward Zone!

1. Click on create a new master zone

Edit master zone

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

4. Time-To Leave: default

Fig 6: Your address record should look like this

7. Return to record types

Add Name Server records

(Note: this section may be already updated)

1. Enter zone name: linuxauth.com.

Fig 7: If already updated, it should look like this

5. Return to record type.

Add Name Alias Record

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Fig 8: Your alias should look like this

13. Return to Record Type

Fig 9: The mail record should look like this

Return to Record Types

From the zone list

* Click on Apply Changes.

The next step is the Reverse Zone for netcontrol.org

Adding the Reverse Zone

1. Click on Create New Master Zone

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Fig 10: After creating it should look like this

7. Return to Record Types

Add name Server (NS)

1. Zone Name: 83.168.192

Fig 11: If already updated should look like this

5. Return to Record Types

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Add Name Alias Record (CN)

13. Return to zone list

Our newly modified zone list now is as shown in Fig. 13 below:

www.globalopenversity.org A GOV Open Knowledge Access License Technical Publication

Fig. 13: Final Existing DNS Zone

Click on Apply Changes

We just completed a totally functional DNS

You should see something similar to this: (Your host of course)