Category Archives: Dns

Quick dns server for CentOS 7 minimal

Damn, this CentOS 7 minimal installation has taken my whole day. The last thing I want to try is dns server. Since I’ve working standard dns that use maradns under CentOS 5.10 then I’m going to try the steps here. Using CentOS 7.

# yum install gcc wget

# gcc -v

Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/4.8.2/lto-wrapper
Target: x86_64-redhat-linux
Configured with: ../configure –prefix=/usr –mandir=/usr/share/man –infodir=/usr/share/info –with-bugurl=http://bugzilla.redhat.com/bugzilla –enable-bootstrap –enable-shared –enable-threads=posix –enable-checking=release –with-system-zlib –enable-__cxa_atexit –disable-libunwind-exceptions –enable-gnu-unique-object –enable-linker-build-id –with-linker-hash-style=gnu –enable-languages=c,c++,objc,obj-c++,java,fortran,ada,go,lto –enable-plugin –enable-initfini-array –disable-libgcj –with-isl=/builddir/build/BUILD/gcc-4.8.2-20140120/obj-x86_64-redhat-linux/isl-install –with-cloog=/builddir/build/BUILD/gcc-4.8.2-20140120/obj-x86_64-redhat-linux/cloog-install –enable-gnu-indirect-function –with-tune=generic –with-arch_32=x86-64 –build=x86_64-redhat-linux
Thread model: posix
gcc version 4.8.2 20140120 (Red Hat 4.8.2-16) (GCC)

Download latest MaraDNS Source Code

# wget -c http://maradns.samiam.org/download/2.0/2.0.09/maradns-2.0.09.tar.bz2

# tar xvjf maradns-2.0.09.tar.bz2
tar (child): bzip2: Cannot exec: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now

Ups CentOS 7 minimal install not install bzip2

# yum install bzip2

Re extract

# tar xvjf maradns-2.0.09.tar.bz2

# cd maradns-2.0.09

# make

# make install

VERSION=2.0.09 ./build/install.sh
Installing MaraDNS, placing programs in /usr/local//bin/ and /usr/local//sbin/,
man pages in /usr/local//share/man/man1, /usr/local//share/man/man5,
and /usr/local//share/man/man8, and documents in /usr/local//doc/maradns-2.0.09
Adding MaraDNS startup scripts
Starting up MaraDNS at runlevel 3
starting up MaraDNS at runlevel 5

Start MaraDNS

# service maradns start
Starting all maradns processes
Starting maradns process which uses Mararc file /etc/mararc

Check it

# ps ax | grep mara
19635 pts/0    S      0:00 /usr/local/bin/duende /usr/local/sbin/maradns -f /etc/mararc
19636 pts/0    S      0:00 /usr/local/sbin/maradns -f /etc/mararc
19637 pts/0    S      0:00 /usr/local/bin/duende /usr/local/sbin/maradns -f /etc/mararc

# nano /etc/mararc

looking for ipv4_bind_address line and change it into :

ipv4_bind_addresses = “192.168.1.88, 127.0.0.1”

My lan ip address is 192.168.1.88

# chkconfig maradns on

Edit test dns zone file

# nano /etc/maradns/db.example.net

test.example.net.      +14400    soa    ns1.example.net. dns@example.net. 2012010117 14400 3600 604800 14400 ~
example.net.      +14400    ns     ns1.example.net. ~
example.net.      +14400    ns     ns2.example.net. ~
ns1.example.net.  +14400    a       192.168.1.88 ~
ns2.example.net.  +14400    a       192.168.1.88 ~
example.net.      +14400    a       127.0.0.1 ~
www.example.net.  +14400    a       127.0.0.1 ~
example.net.      +14400    mx     10 mail.example.net. ~
test.example.net. +14400    a       192.168.1.88 ~

save the file.

Restart maradns service

# service maradns restart

Sending all MaraDNS processes the TERM signal
waiting 1 second
Sending all MaraDNS processes the KILL signal
MaraDNS should have been stopped
Starting all maradns processes
Starting maradns process which uses Mararc file /etc/mararc

Testing using dig

# yum install bind-utils

# dig @192.168.1.88 test.example.net

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> @192.168.1.88 test.example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10783
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;test.example.net.        IN    A

;; ANSWER SECTION:
test.example.net.    14400    IN    A    192.168.1.88

;; AUTHORITY SECTION:
example.net.        14400    IN    NS    ns1.example.net.
example.net.        14400    IN    NS    ns2.example.net.

;; ADDITIONAL SECTION:
ns1.example.net.    14400    IN    A    192.168.1.88
ns2.example.net.    14400    IN    A    192.168.1.88

;; Query time: 0 msec
;; SERVER: 192.168.1.88#53(192.168.1.88)
;; WHEN: Kam Des 11 15:04:23 WIB 2014
;; MSG SIZE  rcvd: 118

Testing from other user in local area network

$ dig @192.168.1.88 test.example.net

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> @192.168.1.88 test.example.net
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

Seem firewall block udp connection and port 53.

# firewall-cmd --permanent --add-port=53/udp

# systemctl restart firewalld.service

# service maradns restart

Re test resolver from LAN

$ dig @192.168.1.88 test.example.net

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> @192.168.1.88 test.example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4614
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;test.example.net.        IN    A

;; ANSWER SECTION:
test.example.net.    14400    IN    A    192.168.1.88

;; AUTHORITY SECTION:
example.net.        14400    IN    NS    ns1.example.net.
example.net.        14400    IN    NS    ns2.example.net.

;; ADDITIONAL SECTION:
ns1.example.net.    14400    IN    A    192.168.1.88
ns2.example.net.    14400    IN    A    192.168.1.88

;; Query time: 1 msec
;; SERVER: 192.168.1.88#53(192.168.1.88)
;; WHEN: Fri Dec 12 10:10:29 WIB 2014
;; MSG SIZE  rcvd: 118

Good, dns server work now for my CentOS 7 minimal installation :-)

Quick DNS Server for Centos 5.10

dns settingI used to use Bind as dns server. The server itself is not for complex task such master or slave dns server. Only for authoritative and local dns cache (optional). As I love copy and paste I often post my experience here at least for my future reference in case I have problem.

Today, my copy and paste method in Centos server (running 5.10) not work anymore. Googling around don’t help either. So I choose other dns software that work for my case. Tinydns is my other choice but I think its time to try something new and I found marands.

Installation process is straightforward and working well, here’s the steps :

 

# yum install gcc

# gcc -v
Using built-in specs.
Target: x86_64-redhat-linux
Configured with: ../configure –prefix=/usr –mandir=/usr/share/man –infodir=/usr/share/info –enable-shared –enable-threads=posix –enable-checking=release –with-system-zlib –enable-__cxa_atexit –disable-libunwind-exceptions –enable-libgcj-multifile –enable-languages=c,c++,objc,obj-c++,java,fortran,ada –enable-java-awt=gtk –disable-dssi –disable-plugin –with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre –with-cpu=generic –host=x86_64-redhat-linux
Thread model: posix
gcc version 4.1.2 20080704 (Red Hat 4.1.2-54)

Downloaad latest marands (at the time of writing its 2.0.09)

# wget -c http://maradns.samiam.org/download/2.0/2.0.09/maradns-2.0.09.tar.bz2

# tar xvjf maradns-2.0.09.tar.bz2

# cd maradns-2.0.09
# make
# make install
VERSION=2.0.09 ./build/install.sh
Installing MaraDNS, placing programs in /usr/local//bin/ and /usr/local//sbin/,
man pages in /usr/local//share/man/man1, /usr/local//share/man/man5,
and /usr/local//share/man/man8, and documents in /usr/local//doc/maradns-2.0.09
Adding MaraDNS startup scripts
Starting up MaraDNS at runlevel 3
starting up MaraDNS at runlevel 5

# service maradns start

# chkconfig maradns on

Edit mararc to change bind address, I use 192.168.1.100 as lan address.

# nano /etc/mararc
looking for ipv4_bind_address line and change it into :

ipv4_bind_addresses = “192.168.1.100, 127.0.0.1”

save.

Edit content of zone (db.example.net)

# nano /etc/maradns/db.example.net

Use this lines :

test.example.net.      +14400    soa    ns1.example.net. dns@example.net. 2012010117 14400 3600 604800 14400 ~
example.net.      +14400    ns     ns1.example.net. ~
example.net.      +14400    ns     ns2.example.net. ~
ns1.example.net.  +14400    a      192.168.1.100 ~
ns2.example.net.  +14400    a      192.168.1.100 ~
example.net.      +14400    a      127.0.0.1 ~
www.example.net.  +14400    a      127.0.0.1 ~
example.net.      +14400    mx     10 mail.example.net. ~
test.example.net. +14400    a      192.168.1.100 ~

Save.

restart maradns service

# service maradns restart

dig test ::

Try query dns from other computer that exist on lan.

# dig @192.168.1.100 test.example.net

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> @192.168.1.100 test.example.net
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19886
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;test.example.net.        IN    A

;; ANSWER SECTION:
test.example.net.    14400    IN    A    192.168.1.100

;; Query time: 0 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Fri Sep 26 19:41:51 2014
;; MSG SIZE  rcvd: 53

ok.

The rest is change /etc/resolv.conf and add 192.168.1.100 as nameserver.

In case of blocked port 53 :

# iptables -I INPUT -p udp -m udp --dport 53 -j ACCEPT
# service iptables save
# service iptables restart

Testing dns server using nslookup

DNS take important part in internet world as resolver for domain. The problem came when we think something wrong with it. Need to examine which server is in trouble.

From this picture :

There is two dns servers :

  1. 202.146.178.4
  2. 208.67.222.222

In windows we can check which dns server that work well using nslookup.

Steps :

1. Click start -> run

type  cmd dan press OK.

2. Enter DOS prompt

See this example :

Continue reading

Free, secure and smart dns with OpenDNS

Recent surf activity sent me to interesting website, OpenDNS

What is OpenDNS?

OpenDNS helps you navigate the Internet in a safer, faster, smarter and more reliable way. Our service is free and requires nothing to download. OpenDNS doesn’t replace your existing Internet connection, it just makes it better.

Important useful things for me (taken from their FAQ) :

Why is OpenDNS safer than what I’m using now for DNS?

OpenDNS intercepts phishing attempts. OpenDNS customers will be warned if they attempt to visit a phishing site.

Why is OpenDNS faster than other DNS services?

Two things make OpenDNS faster than similar services. First, OpenDNS runs a really big, smart cache, so every OpenDNS user benefits from the activities of the broader OpenDNS user base. Second, OpenDNS runs a high-performance network which is geographically distributed (see network map) and serviced by several redundant connections. OpenDNS responds to your query from the nearest location. That means we’re very fast (and extremely reliable, to boot).

Continue reading

Free Blog on Your Own Domain with Free Email Hosting Part 3

In part 1 I wrote about how to set dns at domain registrar and register for account in mydomain.com

In part 2 I wrote about pointing blogspot with my domain.

In this part, I’ll describe step taken to make rasyid.info has it’s own email hosted in google apps.

The only requirement to follow this step is have an account in google.

Refer to this post about google account.

Lets begin :-)

1. Signup for google apps

Continue reading