Setting up a Secondary DNS (slave) server under Fedora Core 6

by Marion Bates <mbates at whoopis.com>

Last modified: October 10 2007 12:09:15

(Need to do primary DNS? Check here.)

Get named:
```
yum install caching-nameserver
```

Get some fonts: (I had to do this because this server doesn't have a complete X environment and I didn't want to install the whole thing)

yum install xorg-x11-fonts-base
yum install xorg-x11-font-utils
yum install xorg-x11-fonts-truetype
yum install xorg-x11-utils
yum install xorg-x11-fonts-Type1

Update the font cache:
```
fc-cache -f -v
```
Run (in X environment):
```
system-config-bind 
```
Do nothing; just exit. This creates the dummy config files.

Fix permissions:

cd /var/named
chown named.named slaves
chown named.named .

Edit 2ndary's /etc/named.conf, leave defaults. Scroll down and, just above the "include rndc.key" line, add section like the following:

zone "your.domain.com" {
	type slave;
	file "named.hosts";
	masters {
		ip.of.primary.dns;
	};
};
zone "ip.range.of.your.network.in-addr.arpa" {
	type slave;
	file "named.rev";
	masters {
		ip.of.primary.dns;
	};
};

If you have multiple VLSM'd IP ranges, add another .rev block for each.

Optional: Allow zone transfers from 2ndary to some range (in our case, rest of campus network) -- edit 2ndary's /etc/named.conf and under options block, add:
```
	allow-transfer {
		129.170.0.0/16;
	};
```
Firewall issues:
- Make sure firewall on 2ndary allows UDP 53 from the world for basic lookups; TCP/53 if you want to enable zone transfers from it to other servers.
- Make sure firewall on primary allows TCP/53 from the 2ndary, and of course UDP 53 from the world.
- Make sure firewall in between the two lets them do same as above, and lets them both connect outbound to TCP and UDP 53.
(re)start named and check /var/log/messages for errors:
```
service named restart
```
If no errors, done!

Get Euro-style oval stickers for Geeks!

NEW -- the "magic/more magic" light switch cover!
Click here for the story.