Installing Bind DNS Server with Multi-View on Debian Jessie
Configuring Bind DNS server on Debian Jessie with MultiView support into the same domain and replicating the information.
Issue: When the replication starts the domain zones with the same name were overwritten by the last one replicated (internal or external)
How to solve the issue, inside each view let's force to who we will send the information to each view configuration that will have an ip to each one. Example: Internal View 192.168.25.111 so when we need to send the replication to the internal view we send to 192.168.25.111 and when needs to send to the external View we send the information to 192.168.25.112.
- Internal View ip address into Slave Server: 192.168.25.111
- External View ip address into Slave Server: 192.168.25.112
- Ip address into Master Server: 192.168.25.110
- Client Networks: 10.0.0.0/23, 10.100.0.0/24, 10.101.0.0/24, 10.200.0.0/24, 172.16.0.0/24, 192.168.25.0/24
Make sure that your system is already configured properly and run the following script Easy-Debian. My environment is working with that script so if you have had some issue with some package please google by it and fix by yourself.
Let's star configuring the Master server.
Configuring the Bind DNS Server Master
Let's install the bind packets.
aptitude update aptitude install bind9 dnsutils -y
Let's stop the Bind DNS service, before start configure it.
systemctl stop bind9
Now we need to create the chroot environment to put the Bind DNS server running inside it.
mkdir -p /var/lib/named/etc/bind/zones/{disabled,external,internal}
mkdir -p /var/lib/named/dev
mkdir -p /var/lib/named/var/log
mkdir -p /var/lib/named/var/cache/bind/{disabled,dynamic,master,slave}
mkdir -p /var/lib/named/var/run/bind/run
mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
mknod /var/lib/named/dev/zero c 1 5
Now let's fix the permissions.
chmod 666 /var/lib/named/dev/{null,random,zero}
chown -R bind:bind /var/lib/named/var/*
Now we need to move the default configuration file directory into the chroot, create a link to the system to be more easy to access it and fix the permissions.
mv /etc/bind/* /var/lib/named/etc/bind/ rm -rf /etc/bind ln -sf /var/lib/named/etc/bind /etc/bind cp /etc/localtime /var/lib/named/etc chown -R bind:bind /var/lib/named/etc/bind chown -R root:bind /var/lib/named/var/cache/bind/dynamic chmod -R 775 /var/lib/named/var/cache/bind/dynamic
Now we need to tell the Bind dns server where is its home directory, so let's configure it.
Let's copy the systemd configuration file.
cp /lib/systemd/system/bind9.service /etc/systemd/system
Why copy the file and don't change the default one, so if you update the service the /lib/systemd/system/bind9.service will be overwritten and we will lost the configuration.
vim /etc/systemd/system/bind9.service [Unit] Description=BIND Domain Name Server Documentation=man:named(8) After=network.target [Service] ExecStart=/usr/sbin/named -f -u bind -t /var/lib/named ExecReload=/usr/sbin/rndc reload ExecStop=/usr/sbin/rndc stop [Install] WantedBy=multi-user.target
Now we need to configure the /etc/resolv.conf to use the current server as dns server.
vim /etc/resolv.conf nameserver 127.0.0.1
Now we need to configure the /etc/bind/named.conf.options to set up the options that we need, fell free to change what you want.
vim /etc/bind/named.conf.options
#/etc/bind/named.conf.options
acl "internal_hosts" {
127.0.0.1/32;
10.0.0.0/23;
10.100.0.0/24;
10.101.0.0/24;
10.200.0.0/24;
172.16.0.0/24;
192.168.25.0/24;
};
acl "internal_slave" {
192.168.25.111;
};
acl "external_slave" {
192.168.25.112;
};
options {
directory "/var/cache/bind";
managed-keys-directory "/var/cache/bind/dynamic";
auth-nxdomain no;
listen-on-v6 { any; };
listen-on { 127.0.0.1/32; 192.168.25.0/24; };
forwarders { 8.8.8.8; 8.8.4.4; };
allow-query { any; };
recursion no;
version "Nao Disponivel";
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;
empty-zones-enable yes;
};
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
#LOGS
logging {
channel xfer-log {
file "/var/log/named.log";
print-category yes;
print-severity yes;
print-time yes;
severity info;
};
category xfer-in { xfer-log; };
category xfer-out { xfer-log; };
category notify { xfer-log; };
channel update-debug {
file "/var/log/named-update-debug.log";
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
channel security-info {
file "/var/log/named-auth-info.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category update { update-debug; };
category security { security-info; };
};
include "/etc/bind/bind.keys";
Now let's change the /etc/bind/named.conf to insert the files that will be used by the Bind DNS server.
vim /etc/bind/named.conf #/etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.internal-zones"; include "/etc/bind/named.conf.external-zones";
Now we need to configure the internal zones file /etc/bind/named.conf.internal-zones make sure you added your network client into internal_hosts inside named.conf.options.
vim /etc/bind/named.conf.internal-zones
#/etc/bind/named.conf.internal-zones
view "internal" {
# Setting up which clients can use this view
match-clients {
!external_slave;
internal_hosts;
};
# As we will allow the internal network to use this view
# we need to enable the recursion to resolve another domains, besides ours
recursion yes;
# Setting up which server will be able to get the transfer.
allow-transfer {
internal_slave;
};
# Setting up which server will be notified about the changes
allow-notify {
internal_slave;
};
# The following lines will include the files about the internal zones
# they are divide by function
include "/etc/bind/zones/internal/named.conf.internal.master-zones";
include "/etc/bind/zones/internal/named.conf.internal.slave-zones";
include "/etc/bind/zones/internal/named.conf.internal.forward-zones";
};
Now let's configure the External View /etc/bind/named.conf.external-zones
vim /etc/bind/named.conf.external-zones
#/etc/bind/named.conf.external-zones
view "external" {
# Setting up which clients can use this view
match-clients {
external_slave;
!internal_hosts;
any;
};
# The clients of this view cannot use this server to resolve recursive queries.
recursion no;
# Setting up which server will be able to get the transfer.
allow-transfer {
external_slave;
};
# Setting up which server will be notified about the changes
allow-notify {
external_slave;
};
# The following lines will include the files about the external zones
include "/etc/bind/zones/external/named.conf.external.master-zones";
include "/etc/bind/zones/external/named.conf.external.slave-zones";
include "/etc/bind/zones/external/named.conf.external.forward-zones";
};
Now let's create and configure the master internal zones configuration file.
vim /etc/bind/zones/internal/named.conf.internal.master-zones
#/etc/bind/zones/internal/named.conf.internal.master-zones
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "douglasqsantos.com.br" {
type master;
file "master/db.douglasqsantos.com.br-internal";
};
Now let's create and configure the slave internal zones configuration file. Here I will configure another domain zone only to show that a master dns server can be slave server from another domain, if you don't want to use this configuration leave only the line starting with the #.
vim /etc/bind/zones/internal/named.conf.internal.slave-zones
#/etc/bind/zones/internal/named.conf.internal.slave-zones
zone "douglasqsantos.lan" {
type slave;
masters { 172.32.0.120; };
transfer-source 172.32.0.122;
file "slave/db.douglasqsantos.lan-internal";
};
Now let's create and configure the master external zones configuration file.
vim /etc/bind/zones/external/named.conf.external.master-zones
#/etc/bind/zones/external/named.conf.external.master-zones
zone "douglasqsantos.com.br" {
type master;
file "master/db.douglasqsantos.com.br-external";
};
Sometimes we got some issues about merge of companies and we can not replicate all the structure or we cannot do it, so we can forward the requests about a specific domain name and forward to a specific dns server that we are sure is authoritative about the zone. Usually this kind of configuration work through the VPN connection or another kind of direct connection.
vim /etc/bind/zones/internal/named.conf.internal.forward-zones
#/etc/bind/zones/internal/named.conf.internal.forward-zones
zone "douglas.wiki.br" {
type forward;
forwarders { 172.32.0.120; 172.32.0.122; };
};
Into the configuration about when we need to know about the domain zone douglas.wiki.br the server will forward the request to the authoritative dns server of that domain in our case 172.32.0.120 or the second one 172.32.0.122 whether the first one is not working.
So until now we do not have any external zone that we want to send directly the request but we can as we already done into the last configuration file, this kind of configuration occurs when we have a lot of connections to the same domain and we do not want to use cache or for another kind of issue.
vim /etc/bind/zones/external/named.conf.external.forward-zones #/etc/bind/zones/external/named.conf.external.forward-zones
So we do not have any external zone yet, but we add the file into named.conf so the file needs to exists and need to have some content such as a comment as we shall do below.
vim /etc/bind/zones/external/named.conf.external.slave-zones #/etc/bind/zones/external/named.conf.external.slave-zones
After configure the zone configuration file we need to create the zone database file that will store the information about the zones, such as the records and its address.
Let's create the internal database file of douglasqsantos.com.br /var/lib/named/var/cache/bind/master/db.douglasqsantos.com.br-internal
vim /var/lib/named/var/cache/bind/master/db.douglasqsantos.com.br-internal
$TTL 86400
@ IN SOA dns.douglasqsantos.com.br. root.dns.douglasqsantos.com.br. (
2016011901 ; Serial
3600 ; Refresh
1800 ; Retry
1209600 ; Expire
3600 ) ; Minimum
;
@ IN NS douglasqsantos.com.br.
douglasqsantos.com.br. IN TXT "v=spf1 a mx ip4:192.168.25.0/24 -all"
douglasqsantos.com.br. IN SPF "v=spf1 a mx ip4:192.168.25.0/24 -all"
mail.douglasqsantos.com.br IN TXT "v=spf1 a -all"
mail.douglasqsantos.com.br IN SPF "v=spf1 a -all"
@ IN NS ns1.douglasqsantos.com.br.
@ IN NS ns2.douglasqsantos.com.br.
@ IN MX 0 mail.douglasqsantos.com.br.
;NAME SERVERS
@ IN A 192.168.25.94
ns1 IN A 192.168.25.110
ns2 IN A 192.168.25.111
dns IN A 192.168.25.110
;MAIL SERVERS
mail IN A 192.168.25.242
imap IN CNAME mail
pop IN CNAME mail
smtp IN CNAME mail
webmail IN CNAME mail
;WEB SERVERS
www IN A 192.168.25.94
ftp IN CNAME www
mailadmin IN CNAME www
Let's create the external database file of douglasqsantos.com.br /var/lib/named/var/cache/bind/master/db.douglasqsantos.com.br-external
vim /var/lib/named/var/cache/bind/master/db.douglasqsantos.com.br-external
$TTL 86400
@ IN SOA dns.douglasqsantos.com.br. root.dns.douglasqsantos.com.br. (
2016011901 ; Serial
3600 ; Refresh
1800 ; Retry
1209600 ; Expire
3600 ) ; Minimum
;
@ IN NS douglasqsantos.com.br.
douglasqsantos.com.br. IN TXT "v=spf1 a mx ip4:200.200.200.0/28 -all"
douglasqsantos.com.br. IN SPF "v=spf1 a mx ip4:200.200.200.0/28 -all"
mail.douglasqsantos.com.br IN TXT "v=spf1 a -all"
mail.douglasqsantos.com.br IN SPF "v=spf1 a -all"
@ IN NS ns1.douglasqsantos.com.br.
@ IN NS ns2.douglasqsantos.com.br.
@ IN MX 0 mail.douglasqsantos.com.br.
;NAME SERVERS
@ IN A 200.200.200.25
ns1 IN A 200.200.200.25
ns2 IN A 200.200.200.27
dns IN A 200.200.200.25
;MAIL SERVERS
mail IN A 200.200.200.25
imap IN CNAME mail
pop IN CNAME mail
smtp IN CNAME mail
webmail IN CNAME mail
;WEB SERVERS
www IN A 200.200.200.27
ftp IN CNAME www
mailadmin IN CNAME www
Now we can start the Bind DNS server and take a look if everything is working properly.
systemctl daemon-reload systemctl start bind9
Now let's check if the service is working
systemctl status bind9
● bind9.service - BIND Domain Name Server
Loaded: loaded (/etc/systemd/system/bind9.service; enabled)
Drop-In: /run/systemd/generator/bind9.service.d
└─50-insserv.conf-$named.conf
Active: active (running) since Tue 2016-01-19 17:25:47 BRST; 1min 5s ago
Docs: man:named(8)
Process: 1967 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)
Main PID: 1972 (named)
CGroup: /system.slice/bind9.service
└─1972 /usr/sbin/named -f -u bind -t /var/lib/named
Jan 19 17:25:47 dns1 named[1972]: managed-keys-zone/internal: loaded serial 3
Jan 19 17:25:47 dns1 named[1972]: managed-keys-zone/external: loaded serial 3
Jan 19 17:25:47 dns1 named[1972]: zone 0.in-addr.arpa/IN/internal: loaded serial 1
Jan 19 17:25:47 dns1 named[1972]: zone 127.in-addr.arpa/IN/internal: loaded serial 1
Jan 19 17:25:47 dns1 named[1972]: zone douglasqsantos.com.br/IN/internal: loaded serial 2016011901
Jan 19 17:25:47 dns1 named[1972]: zone localhost/IN/internal: loaded serial 2
Jan 19 17:25:47 dns1 named[1972]: zone 255.in-addr.arpa/IN/internal: loaded serial 1
Jan 19 17:25:47 dns1 named[1972]: zone douglasqsantos.com.br/IN/external: loaded serial 2016011901
Jan 19 17:25:47 dns1 named[1972]: all zones loaded
Jan 19 17:25:47 dns1 named[1972]: running
As we can see all zones are loaded and the service is running, so we need to run some queries and make sure that everything is working.
Let's check the www.douglasqsantos.com.br
nslookup www.douglasqsantos.com.br Server: 127.0.0.1 Address: 127.0.0.1#53 Name: www.douglasqsantos.com.br Address: 192.168.25.94
Now let's check ns1.douglasqsantos.com.br
nslookup ns1.douglasqsantos.com.br Server: 127.0.0.1 Address: 127.0.0.1#53 Name: ns1.douglasqsantos.com.br Address: 192.168.25.110
Now let's check if the server is doing the recursive queries
nslookup www.terra.com.br Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: www.terra.com.br canonical name = web-portal-cdn.terra.com.br. Name: web-portal-cdn.terra.com.br Address: 200.192.176.65
Now let's configure the logrotate to do its job with the Bind DNS server log files.
vim /etc/logrotate.d/named
/var/lib/named/var/log/*.log {
weekly
missingok
rotate 7
postrotate
/bin/systemctl reload bind9 > /dev/null
endscript
compress
notifempty
}
Configuring the Bind DNS Server Slave
Let's install the bind packets.
aptitude update aptitude install bind9 dnsutils -y
Let's stop the Bind DNS service, before start configure it.
systemctl stop bind9
Now we need to create the chroot environment to put the Bind DNS server running inside it.
mkdir -p /var/lib/named/etc/bind/zones/{disabled,external,internal}
mkdir -p /var/lib/named/dev
mkdir -p /var/lib/named/var/log
mkdir -p /var/lib/named/var/cache/bind/{disabled,dynamic,master,slave}
mkdir -p /var/lib/named/var/run/bind/run
mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
mknod /var/lib/named/dev/zero c 1 5
Now let's fix the permissions.
chmod 666 /var/lib/named/dev/{null,random,zero}
chown -R bind:bind /var/lib/named/var/*
Now we need to move the default configuration file directory into the chroot, create a link to the system to be more easy to access it and fix the permissions.
mv /etc/bind/* /var/lib/named/etc/bind/ rm -rf /etc/bind ln -sf /var/lib/named/etc/bind /etc/bind cp /etc/localtime /var/lib/named/etc chown -R bind:bind /var/lib/named/etc/bind chown -R root:bind /var/lib/named/var/cache/bind/dynamic chmod -R 775 /var/lib/named/var/cache/bind/dynamic
Now we need to tell the Bind dns server where is its home directory, so let's configure it.
Let's copy the systemd configuration file.
cp /lib/systemd/system/bind9.service /etc/systemd/system
Why copy the file and don't change the default one, so if you update the service the /lib/systemd/system/bind9.service will be overwritten and we will lost the configuration.
vim /etc/systemd/system/bind9.service [Unit] Description=BIND Domain Name Server Documentation=man:named(8) After=network.target [Service] ExecStart=/usr/sbin/named -f -u bind -t /var/lib/named ExecReload=/usr/sbin/rndc reload ExecStop=/usr/sbin/rndc stop [Install] WantedBy=multi-user.target
Now we need to configure the /etc/resolv.conf to use the current server as dns server.
vim /etc/resolv.conf nameserver 127.0.0.1
Now we need to configure the /etc/bind/named.conf.options to set up the options that we need, fell free to change what you want.
vim /etc/bind/named.conf.options
#/etc/bind/named.conf.options
acl "internal_hosts" {
127.0.0.1/32;
10.0.0.0/23;
10.100.0.0/24;
10.101.0.0/24;
10.200.0.0/24;
172.16.0.0/24;
192.168.25.0/24;
};
acl "dns_master" {
192.168.25.110;
};
options {
directory "/var/cache/bind";
managed-keys-directory "/var/cache/bind/dynamic";
auth-nxdomain no;
listen-on-v6 { any; };
listen-on { 127.0.0.1/32; 192.168.25.0/24; };
forwarders { 8.8.8.8; 8.8.4.4; };
allow-query { any; };
recursion no;
version "Nao Disponivel";
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;
empty-zones-enable yes;
};
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
#LOGS
logging {
channel xfer-log {
file "/var/log/named.log";
print-category yes;
print-severity yes;
print-time yes;
severity info;
};
category xfer-in { xfer-log; };
category xfer-out { xfer-log; };
category notify { xfer-log; };
channel update-debug {
file "/var/log/named-update-debug.log";
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
channel security-info {
file "/var/log/named-auth-info.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category update { update-debug; };
category security { security-info; };
};
include "/etc/bind/bind.keys";
Now let's change the /etc/bind/named.conf to insert the files that will be used by the Bind DNS server.
vim /etc/bind/named.conf #/etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.internal-zones"; include "/etc/bind/named.conf.external-zones";
Now we need to configure the internal zones file /etc/bind/named.conf.internal-zones make sure you added your network client into internal_hosts inside named.conf.options.
vim /etc/bind/named.conf.internal-zones
#/etc/bind/named.conf.internal-zones
view "internal" {
# Setting up which clients can use this view
match-clients {
internal_hosts;
};
# As we will allow the internal network to use this view
# we need to enable the recursion to resolve another domains, besides ours
recursion yes;
# Setting up which server will be able to get the transfer.
allow-transfer {
none;
};
# Setting up which server will be notified about the changes
allow-notify {
dns_master;
};
# The following lines will include the files about the internal zones
# they are divide by function
include "/etc/bind/zones/internal/named.conf.internal.master-zones";
include "/etc/bind/zones/internal/named.conf.internal.slave-zones";
include "/etc/bind/zones/internal/named.conf.internal.forward-zones";
};
Now let's configure the External View configuration file /etc/bind/named.conf.external-zones
vim /etc/bind/named.conf.external-zones
#/etc/bind/named.conf.external-zones
view "external" {
# Setting up which clients can use this view
match-clients {
!internal_hosts;
any;
};
# The clients of this view cannot use this server to resolve recursive queries.
recursion no;
# Setting up which server will be able to get the transfer.
allow-transfer {
none;
};
# Setting up which server will be notified about the changes
allow-notify {
dns_master;
};
# The following lines will include the files about the external zones
include "/etc/bind/zones/external/named.conf.external.master-zones";
include "/etc/bind/zones/external/named.conf.external.slave-zones";
include "/etc/bind/zones/external/named.conf.external.forward-zones";
};
Now let's create and configure the master internal zones configuration file.
vim /etc/bind/zones/internal/named.conf.internal.master-zones
#/etc/bind/zones/internal/named.conf.internal.master-zones
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
Now let's create and configure the slave internal zones configuration file.
vim /etc/bind/zones/internal/named.conf.internal.slave-zones
#/etc/bind/zones/internal/named.conf.internal.slave-zones
zone "douglasqsantos.com.br" {
type slave;
masters { 192.168.25.110; }; # DNS Server Master Ip address
transfer-source 192.168.25.111; # Setting up which ip address I will be awaiting for replication.
file "slave/db.douglasqsantos.com.br-internal";
};
Now let's create and configure the slave external zones configuration file.
vim /etc/bind/zones/external/named.conf.external.slave-zones
#/etc/bind/zones/external/named.conf.external.master-zones
zone "douglasqsantos.com.br" {
type slave;
masters { 192.168.25.110; }; # DNS Server Master Ip address
transfer-source 192.168.25.112; # Setting up which ip address I will be awaiting for replication.
file "slave/db.douglasqsantos.com.br-external";
};
Now we need to create some files only with the some comment into them only to not get any warning or errors, those files can be used in a near future.
Internal forward zones configuration file for the internal view.
vim /etc/bind/zones/internal/named.conf.internal.forward-zones #/etc/bind/zones/internal/named.conf.internal.forward-zones
External forward zones configuration file for the External view.
vim /etc/bind/zones/external/named.conf.external.forward-zones #/etc/bind/zones/external/named.conf.external.forward-zones
Internal master zones configuration file for the external view.
vim /etc/bind/zones/external/named.conf.external.master-zones #/etc/bind/zones/external/named.conf.external.master-zones
Now we can start the Bind DNS server and take a look if everything is working properly.
systemctl daemon-reload systemctl start bind9
Now let's check if the service is working
systemctl status bind9
● bind9.service - BIND Domain Name Server
Loaded: loaded (/etc/systemd/system/bind9.service; enabled)
Drop-In: /run/systemd/generator/bind9.service.d
└─50-insserv.conf-$named.conf
Active: active (running) since Tue 2016-01-19 18:01:37 BRST; 3s ago
Docs: man:named(8)
Main PID: 1611 (named)
CGroup: /system.slice/bind9.service
└─1611 /usr/sbin/named -f -u bind -t /var/lib/named
Jan 19 18:01:37 dns2 named[1611]: zone 0.in-addr.arpa/IN/internal: loaded serial 1
Jan 19 18:01:37 dns2 named[1611]: zone 255.in-addr.arpa/IN/internal: loaded serial 1
Jan 19 18:01:37 dns2 named[1611]: zone localhost/IN/internal: loaded serial 2
Jan 19 18:01:37 dns2 named[1611]: zone 127.in-addr.arpa/IN/internal: loaded serial 1
Jan 19 18:01:37 dns2 named[1611]: all zones loaded
Jan 19 18:01:37 dns2 named[1611]: running
Jan 19 18:01:37 dns2 named[1611]: zone douglasqsantos.com.br/IN/internal: Transfer started.
Jan 19 18:01:37 dns2 named[1611]: zone douglasqsantos.com.br/IN/internal: transferred serial 2016011901
Jan 19 18:01:38 dns2 named[1611]: zone douglasqsantos.com.br/IN/external: Transfer started.
Jan 19 18:01:38 dns2 named[1611]: zone douglasqsantos.com.br/IN/external: transferred serial 2016011901
As we can see all zones are loaded and the service is running, so we need to run some queries and make sure that everything is working.
Let's check the www.douglasqsantos.com.br
nslookup www.douglasqsantos.com.br Server: 127.0.0.1 Address: 127.0.0.1#53 Name: www.douglasqsantos.com.br Address: 192.168.25.94
Now let's check ns1.douglasqsantos.com.br
nslookup ns1.douglasqsantos.com.br Server: 127.0.0.1 Address: 127.0.0.1#53 Name: ns1.douglasqsantos.com.br Address: 192.168.25.110
Now let's check if the server is doing the recursive queries
nslookup www.terra.com.br Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: www.terra.com.br canonical name = web-portal-cdn.terra.com.br. Name: web-portal-cdn.terra.com.br Address: 200.192.176.65
Now let's configure the logrotate to do its job with the Bind DNS server log files.
vim /etc/logrotate.d/named
/var/lib/named/var/log/*.log {
weekly
missingok
rotate 7
postrotate
/bin/systemctl reload bind9 > /dev/null
endscript
compress
notifempty
}