Configure NIS Slave Server
login as root.
1. domainname example-domain
"example-domain" is the domainname. It must be the same domainname as you have in NIS master.
2. Populate the /etc/defaultdomain file with the domainname.
domainname > /etc/defaultdomain
3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined.
4. cp /etc/nsswitch.nis /etc/nsswitch.conf
Edit /etc/nsswitch.conf as necessary (ie. add dns entry).
5. /usr/sbin/ypinit -c
Above command initialize the slave server as a client first.
The "ypinit" command prompts you for a list of NIS servers. Enter the name of the local slave you are working on first, then the master server, followed by the other NIS servers in your domain in order from the physically closest to the furthermost (in network team), then press CTRL-D.
6. Make sure "ypbind" is not running.
ps -ef | grep ypbind
7. Start ypbind.
/usr/lib/netsvc/yp/ypstart
8. Initialize this machine as a slave and transfer the NIS maps.
/usr/sbin/ypinit -s master_machine_name
9. Stop ypbind.
/usr/lib/netsvc/yp/ypstop
10. Start ypbind and ypserv.
/usr/lib/netsvc/yp/ypstart
Configure NIS Client
login as root
domainname > /etc/defaultdomain
cp /etc/nsswitch.nis /etc/nsswitch.conf
Edit /etc/nsswitch.conf as necessary (ie. add dns entry)
/usr/sbin/ypinit -c
You will be asked to name NIS servers from which the client may obtain name service information. You may list as many master or slave servers as youwant. The servers that you list can be located anywhere in the domain. It is good practice to first list the servers closest (in net terms) to the machine,then those that are on more distant parts of the net, then press CTRL-D.
Start the YP service
/usr/lib/netsvc/yp/ypstart
Sunday, April 13, 2008
Configure NIS Master
HOW TO CONFIGURE NIS MASTER
You must login as root.
1. Define the NIS domainname.
domainname example-domain
2. Populate the /etc/defaultdomain file with the domainname.
domainname > /etc/defaultdomain
3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave
servers have been defined and that a fully qualified name exists for this server.
4. Optionally, create an alternate directory and copy the source files there.
mkdir /var/yp/src
cd /etc
cp auto_home auto_master bootparams ethers group hosts netgroup netmasks networks \
passwd protocols publickey rpc services shadow timezone user_attr /var/yp/src
5. Edit the Makefile.
cp /var/yp/Makefile /var/yp/Makefile.orig
vi /var/yp/Makefile
Modify DIR= and PWDIR= entries to reflect the location of the alternate directory
used in step 4.
Example:DIR=/var/yp/src
Example:PWDIR=/var/yp/src
If you wish NIS to resolve hosts through DNS comment out "B=" and uncomment "B=-b".
Locate the target labeled all: and remove any map from the definition that does not have a
corresponding file and will not be used as part of this service. For example, bootparams,
ethers, and timezone files do not exist by default, and may be removed. This will avert
errors during the make process (IE. make: Fatal error: Command failed for target 'k').
Note: If the netgroup map is to be used later, but does not yet exist, create a
placeholder for this in the target directory.
touch /var/yp/src/netgroup
Note: To relocate RBAC related files or /etc/inet/ipnodes consult the comments in
/var/yp/Makefile.
6. Ensure files are selected as the naming service, if not previously defined.
cp /etc/nsswitch.files /etc/nsswitch.conf
7. Initialize the server:
cd /var/yp
/usr/sbin/ypinit -m
It will ask you for the other yp server's name. Type the name of the server you
are working on, along with the name of your NIS slave servers, and then
press CTRL-D.
It will ask the question "Do you want this procedure to quit on non-fatal
errors [y/n:n]n. choose n.
8. Start the NIS daemons.
/usr/lib/netsvc/yp/ypstart
This will start all NIS server daemons (ypbind ypserv ypxfrd rpc.yppasswdd rpc.ypupdated).
9. Test the configuration.
cd /var/yp
/usr/ccs/bin/make (this should complete without errors)
ypcat -k hosts (to make sure the new maps are there)
ypwhich -m (display the maps that are being served)
NOTE: All the resulting NIS maps will be stored under /var/yp/example-domain directory.
10. To enable this host as a NIS client.
cp /etc/nsswitch.nis /etc/nsswitch.conf
Edit /etc/nsswitch.conf as necessary (ie. add dns entry).
Note: To control NIS services from the command line:
/usr/lib/netsvc/yp/ypstop (to stop NIS services)
/usr/lib/netsvc/yp/ypstart (to start NIS services)
For Solaris 10, you can use:
ypstop/ypstart (enable/disable/restart)
svcadm disable network/nis/server:default
svcadm disable network/nis/client:default
You must login as root.
1. Define the NIS domainname.
domainname example-domain
2. Populate the /etc/defaultdomain file with the domainname.
domainname > /etc/defaultdomain
3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave
servers have been defined and that a fully qualified name exists for this server.
4. Optionally, create an alternate directory and copy the source files there.
mkdir /var/yp/src
cd /etc
cp auto_home auto_master bootparams ethers group hosts netgroup netmasks networks \
passwd protocols publickey rpc services shadow timezone user_attr /var/yp/src
5. Edit the Makefile.
cp /var/yp/Makefile /var/yp/Makefile.orig
vi /var/yp/Makefile
Modify DIR= and PWDIR= entries to reflect the location of the alternate directory
used in step 4.
Example:DIR=/var/yp/src
Example:PWDIR=/var/yp/src
If you wish NIS to resolve hosts through DNS comment out "B=" and uncomment "B=-b".
Locate the target labeled all: and remove any map from the definition that does not have a
corresponding file and will not be used as part of this service. For example, bootparams,
ethers, and timezone files do not exist by default, and may be removed. This will avert
errors during the make process (IE. make: Fatal error: Command failed for target 'k').
Note: If the netgroup map is to be used later, but does not yet exist, create a
placeholder for this in the target directory.
touch /var/yp/src/netgroup
Note: To relocate RBAC related files or /etc/inet/ipnodes consult the comments in
/var/yp/Makefile.
6. Ensure files are selected as the naming service, if not previously defined.
cp /etc/nsswitch.files /etc/nsswitch.conf
7. Initialize the server:
cd /var/yp
/usr/sbin/ypinit -m
It will ask you for the other yp server's name. Type the name of the server you
are working on, along with the name of your NIS slave servers, and then
press CTRL-D.
It will ask the question "Do you want this procedure to quit on non-fatal
errors [y/n:n]n. choose n.
8. Start the NIS daemons.
/usr/lib/netsvc/yp/ypstart
This will start all NIS server daemons (ypbind ypserv ypxfrd rpc.yppasswdd rpc.ypupdated).
9. Test the configuration.
cd /var/yp
/usr/ccs/bin/make (this should complete without errors)
ypcat -k hosts (to make sure the new maps are there)
ypwhich -m (display the maps that are being served)
NOTE: All the resulting NIS maps will be stored under /var/yp/example-domain directory.
10. To enable this host as a NIS client.
cp /etc/nsswitch.nis /etc/nsswitch.conf
Edit /etc/nsswitch.conf as necessary (ie. add dns entry).
Note: To control NIS services from the command line:
/usr/lib/netsvc/yp/ypstop (to stop NIS services)
/usr/lib/netsvc/yp/ypstart (to start NIS services)
For Solaris 10, you can use:
ypstop/ypstart (enable/disable/restart)
svcadm disable network/nis/server:default
svcadm disable network/nis/client:default
SSH between servers with no password
Steps:
On the client run the following commands:
$ mkdir -p $HOME/.ssh
$ chmod 0700 $HOME/.ssh
$ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P ''
This should result in two files, $HOME/.ssh/id_dsa (private key) and $HOME/.ssh/id_dsa.pub (public key).
Copy $HOME/.ssh/id_dsa.pub to the server.
On the server run the following commands:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
$ chmod 0600 $HOME/.ssh/authorized_keys2
Depending on the version of OpenSSH the following commands may also be required:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys
$ chmod 0600 $HOME/.ssh/authorized_keys
An alternative is to create a link from authorized_keys2 to authorized_keys:
$ cd $HOME/.ssh && ln -s authorized_keys2 authorized_keys
On the client test the results by ssh'ing to the server:
$ ssh -i $HOME/.ssh/id_dsa server
(Optional) Add the following $HOME/.ssh/config on the client:
Host server
IdentityFile ~/.ssh/id_dsa
This allows ssh access to the server without having to specify the path to the id_dsa file as an argument to ssh each time.
On the client run the following commands:
$ mkdir -p $HOME/.ssh
$ chmod 0700 $HOME/.ssh
$ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P ''
This should result in two files, $HOME/.ssh/id_dsa (private key) and $HOME/.ssh/id_dsa.pub (public key).
Copy $HOME/.ssh/id_dsa.pub to the server.
On the server run the following commands:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
$ chmod 0600 $HOME/.ssh/authorized_keys2
Depending on the version of OpenSSH the following commands may also be required:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys
$ chmod 0600 $HOME/.ssh/authorized_keys
An alternative is to create a link from authorized_keys2 to authorized_keys:
$ cd $HOME/.ssh && ln -s authorized_keys2 authorized_keys
On the client test the results by ssh'ing to the server:
$ ssh -i $HOME/.ssh/id_dsa server
(Optional) Add the following $HOME/.ssh/config on the client:
Host server
IdentityFile ~/.ssh/id_dsa
This allows ssh access to the server without having to specify the path to the id_dsa file as an argument to ssh each time.
Setting up RBAC
RBAC - Assign web administration to given server
Assign user "nsserver" the ability to manage the web services
ServerName: mywebserver1
Rolename : web_admin
Username : nsserver
Profile : web_prof
Objective : Stop and Start the Web Server ( secure & non-secure )
Create a role
roleadd -u 400 -g 10 -d /export/home/web_admin -m web_admin
Assign Password to the role
passwd web_admin
cd /etc/security
cp prof_attr prof_attr.orig
edit the prof_attr file and add the below line
vi prof_attr
web_prof:::Permit stop and start of Web, coldfusion Server:
edit the exec_attr and add the below line
vi exec_attr
web_prof:suser:cmd:::/apps/iplanet/servers/https-mywebserver1.twcnyc.com/stop:uid=0
web_prof:suser:cmd:::/apps/iplanet/servers/https-mywebserver1.twcnyc.com/start:uid=0
web_prof:suser:cmd::: /apps/coldfusionmx/bin/coldfusion stop:uid=0
web_prof:suser:cmd::: /apps/coldfusionmx/bin/coldfusion start:uid=0
web_prof:suser:cmd:::/usr/bin/ls
web_prof:suser:cmd:::/usr/bin/wc
web_prof:suser:cmd:::/usr/bin/profiles
web_prof:suser:cmd:::/usr/bin/vi
web_prof:suser:cmd:::/usr/bin/more
web_prof:suser:cmd:::/usr/bin/id
web_prof:suser:cmd:::/usr/bin/gzip
web_prof:suser:cmd:::/usr/bin/roles
Use rolemod to assign the profile to the role
rolemod -P web_prof web_admin
Use the usermod command to assign the role to the user
usermod -R web_admin nsserver
Assign user "nsserver" the ability to manage the web services
ServerName: mywebserver1
Rolename : web_admin
Username : nsserver
Profile : web_prof
Objective : Stop and Start the Web Server ( secure & non-secure )
Create a role
roleadd -u 400 -g 10 -d /export/home/web_admin -m web_admin
Assign Password to the role
passwd web_admin
cd /etc/security
cp prof_attr prof_attr.orig
edit the prof_attr file and add the below line
vi prof_attr
web_prof:::Permit stop and start of Web, coldfusion Server:
edit the exec_attr and add the below line
vi exec_attr
web_prof:suser:cmd:::/apps/iplanet/servers/https-mywebserver1.twcnyc.com/stop:uid=0
web_prof:suser:cmd:::/apps/iplanet/servers/https-mywebserver1.twcnyc.com/start:uid=0
web_prof:suser:cmd::: /apps/coldfusionmx/bin/coldfusion stop:uid=0
web_prof:suser:cmd::: /apps/coldfusionmx/bin/coldfusion start:uid=0
web_prof:suser:cmd:::/usr/bin/ls
web_prof:suser:cmd:::/usr/bin/wc
web_prof:suser:cmd:::/usr/bin/profiles
web_prof:suser:cmd:::/usr/bin/vi
web_prof:suser:cmd:::/usr/bin/more
web_prof:suser:cmd:::/usr/bin/id
web_prof:suser:cmd:::/usr/bin/gzip
web_prof:suser:cmd:::/usr/bin/roles
Use rolemod to assign the profile to the role
rolemod -P web_prof web_admin
Use the usermod command to assign the role to the user
usermod -R web_admin nsserver
Reset LOM Password
To overide the ALOM password on the system you will need to:
1) Attach console to Serial Management Port
2) Power on the server via the front power button. Once POST has
completed, you will need to wait 1 to 2 minutes for a timeout to
occur and the system to drop to the "ok>" prompt.
If you do not get the "Please login:" prompt (you will likely see the
SC prompt) then you must power the system off remove the battery from
the LOM board, wait a minute, and re-install everything).
Below is an example of what you might see on the console:
Please login:
SC Alert: Host System has Reset
[wait one two minutes]
Serial line login timeout, returns to console stream.
ok>
3) Boot the system to the OS level. If Solaris is not currently
installed on the server, you will need to install it at this point.
4) Use the scadm command to reset the admin password:
a) cd /usr/platform/`uname -i`/sbin
b) ./scadm userpassword admin
5) Use the escape sequence "#." to get system back to the alom login
prompt.
6) You can now log into the admin account using the password from
step 4 b).
1) Attach console to Serial Management Port
2) Power on the server via the front power button. Once POST has
completed, you will need to wait 1 to 2 minutes for a timeout to
occur and the system to drop to the "ok>" prompt.
If you do not get the "Please login:" prompt (you will likely see the
SC prompt) then you must power the system off remove the battery from
the LOM board, wait a minute, and re-install everything).
Below is an example of what you might see on the console:
Please login:
SC Alert: Host System has Reset
[wait one two minutes]
Serial line login timeout, returns to console stream.
ok>
3) Boot the system to the OS level. If Solaris is not currently
installed on the server, you will need to install it at this point.
4) Use the scadm command to reset the admin password:
a) cd /usr/platform/`uname -i`/sbin
b) ./scadm userpassword admin
5) Use the escape sequence "#." to get system back to the alom login
prompt.
6) You can now log into the admin account using the password from
step 4 b).
NAS Failover
Case: active/standby setup
In case of problems to the primary datamover the auto fail back is activated, to failback the datamover
Check the current status of the datamover
[nasadmin@fluxnasmgt1 toftp]$ nas_server -l
id type acl slot groupID state name
1 4 1000 2 2 server_2.faulted.server_3
2 1 1000 3 0 server_2
[nasadmin@fluxnasmgt1 toftp]$ /nas/sbin/getreason
10 - slot_0 primary control station
5 - slot_2 contacted
5 - slot_3 contacted
Execute the below command to make server2 active
[nasadmin@fluxnasmgt1 toftp]$ server_standby server_2 -r mover
Check the layout of the servers, it should appear as below
[nasadmin@fluxnasmgt1 toftp]$ nas_server -l
id type acl slot groupID state name
1 1 1000 2 0 server_2
2 4 1000 3 0 server_3
In case of problems to the primary datamover the auto fail back is activated, to failback the datamover
Check the current status of the datamover
[nasadmin@fluxnasmgt1 toftp]$ nas_server -l
id type acl slot groupID state name
1 4 1000 2 2 server_2.faulted.server_3
2 1 1000 3 0 server_2
[nasadmin@fluxnasmgt1 toftp]$ /nas/sbin/getreason
10 - slot_0 primary control station
5 - slot_2 contacted
5 - slot_3 contacted
Execute the below command to make server2 active
[nasadmin@fluxnasmgt1 toftp]$ server_standby server_2 -r mover
Check the layout of the servers, it should appear as below
[nasadmin@fluxnasmgt1 toftp]$ nas_server -l
id type acl slot groupID state name
1 1 1000 2 0 server_2
2 4 1000 3 0 server_3
NAS Replication
Replicate web2 file system from fluxnas2 to fluxnas1
Step 1
On NASMGMT 2 ( 192.168.221.80 ) where the file system web2 resides primarily
Do the following to create the /export/web2 50G file and export it
[nasadmin@fluxnasmgt1 nasadmin]$ nas_fs -n web2 -t uxfs -c size=50G pool=clar_r5_performance
[nasadmin@fluxnasmgt1 nasadmin]$ server_mountpoint server_2 -c /export/web2
[nasadmin@fluxnasmgt1 nasadmin]$ server_mount server_2 -o rw web2 /export/web2
[nasadmin@fluxnasmgt1 nasadmin]$ server_export server_2 -P nfs -o root=165.237.136.81:10.156.73.214:10.156.73.215:10.156.73.216 /export/web2
Step 2
On Management station nas1 (192.168.221.75)
nas_fs -n web2 -t rawfs -c size=50G pool=clar_r5_performance
server_mountpoint server_2 -c /export/web2
server_mount server_2 -o ro web2 /export/web2
use GUI on NAS2 to setup replication,
click on replication
click on new
verify the file systems on datamover server_2
Set up and start replication immediately. Initial copy will be performed
Replicate a User File System.
click continue
select fluxnas1 as destination
source is web2
src int 165.237.139.51
dest int 165.237.139.50
click ok
Show the status on nas mgmt nas2
watch --i 20 fs_copy -l
Execute the following on the command prompt
server_export server_2 -P nfs -o root=165.237.136.81:10.156.73.214:10.156.73.215:10.156.73.216 /export/web2
Command processes/Verify the replication details
[nasadmin@fluxnasmgt1 nasadmin]$ fs_replicate -l
Step 1
On NASMGMT 2 ( 192.168.221.80 ) where the file system web2 resides primarily
Do the following to create the /export/web2 50G file and export it
[nasadmin@fluxnasmgt1 nasadmin]$ nas_fs -n web2 -t uxfs -c size=50G pool=clar_r5_performance
[nasadmin@fluxnasmgt1 nasadmin]$ server_mountpoint server_2 -c /export/web2
[nasadmin@fluxnasmgt1 nasadmin]$ server_mount server_2 -o rw web2 /export/web2
[nasadmin@fluxnasmgt1 nasadmin]$ server_export server_2 -P nfs -o root=165.237.136.81:10.156.73.214:10.156.73.215:10.156.73.216 /export/web2
Step 2
On Management station nas1 (192.168.221.75)
nas_fs -n web2 -t rawfs -c size=50G pool=clar_r5_performance
server_mountpoint server_2 -c /export/web2
server_mount server_2 -o ro web2 /export/web2
use GUI on NAS2 to setup replication,
click on replication
click on new
verify the file systems on datamover server_2
Set up and start replication immediately. Initial copy will be performed
Replicate a User File System.
click continue
select fluxnas1 as destination
source is web2
src int 165.237.139.51
dest int 165.237.139.50
click ok
Show the status on nas mgmt nas2
watch --i 20 fs_copy -l
Execute the following on the command prompt
server_export server_2 -P nfs -o root=165.237.136.81:10.156.73.214:10.156.73.215:10.156.73.216 /export/web2
Command processes/Verify the replication details
[nasadmin@fluxnasmgt1 nasadmin]$ fs_replicate -l
Wednesday, April 2, 2008
Link Aggregation
Features of Link Aggregation
Increased bandwidth – The capacity of multiple links is combined into one logical link.
Automatic failover/failback – Traffic from a failed link is failed over to working links in the aggregation.
Load balancing – Both inbound and outbound traffic is distributed according to user selected load-balancing policies, such as source and destination MAC or IP addresses.
Support for redundancy – Two systems can be configured with parallel aggregations.
Improved administration – All interfaces are administered as a single unit.
Less drain on the network address pool – The entire aggregation can be assigned one IP address.
Link aggregation configuration is bound by the following requirements:
Use dladm command to configure aggregations.
An interface that has been plumbed cannot become a member of an aggregation.
Interfaces must be of the GLDv3 type: xge, e1000g, and bge.
All interfaces in the aggregation must run at the same speed and in full-duplex mode.
Set the value for MAC addresses to “true” in the EEPROM parameter local-mac-address?
Create a aggregation
dladm create-aggr -d bge0 -d bge1 1
Configure and plumb the new aggregation
ifconfig aggrkey plumb IP-address up
Check the aggregation
dladm show-aggr
For link aggregations with IPv4 addresses, create an /etc/hostname.aggr.key file
#dladm show-link
# dladm create-aggr -d bge0 -d bge1 1
# ifconfig aggr1 plumb 192.168.84.14 up
# dladm show-aggr
Increased bandwidth – The capacity of multiple links is combined into one logical link.
Automatic failover/failback – Traffic from a failed link is failed over to working links in the aggregation.
Load balancing – Both inbound and outbound traffic is distributed according to user selected load-balancing policies, such as source and destination MAC or IP addresses.
Support for redundancy – Two systems can be configured with parallel aggregations.
Improved administration – All interfaces are administered as a single unit.
Less drain on the network address pool – The entire aggregation can be assigned one IP address.
Link aggregation configuration is bound by the following requirements:
Use dladm command to configure aggregations.
An interface that has been plumbed cannot become a member of an aggregation.
Interfaces must be of the GLDv3 type: xge, e1000g, and bge.
All interfaces in the aggregation must run at the same speed and in full-duplex mode.
Set the value for MAC addresses to “true” in the EEPROM parameter local-mac-address?
Create a aggregation
dladm create-aggr -d bge0 -d bge1 1
Configure and plumb the new aggregation
ifconfig aggrkey plumb IP-address up
Check the aggregation
dladm show-aggr
For link aggregations with IPv4 addresses, create an /etc/hostname.aggr.key file
#dladm show-link
# dladm create-aggr -d bge0 -d bge1 1
# ifconfig aggr1 plumb 192.168.84.14 up
# dladm show-aggr
VLAN Tagging
Solaris 10 VLAN Tagging
During VLAN configuration, you have to specify the physical point of attachment, or PPA, of the VLAN. You obtain the PPA value by using this formula:
Interface (driver name) + VID * 1000 + device instance
For example for interface ce1 to configure on vlan 456
ce + 456 * 1000 + 1 = ce456001
ifconfig ce456001 plumb 10.0.0.2 up
Create hostname.interface-ppa so that the information is persistent across the reboot
cat hostname.ce456001
10.0.0.2
Verify the interface information
dladm show-link
During VLAN configuration, you have to specify the physical point of attachment, or PPA, of the VLAN. You obtain the PPA value by using this formula:
Interface (driver name) + VID * 1000 + device instance
For example for interface ce1 to configure on vlan 456
ce + 456 * 1000 + 1 = ce456001
ifconfig ce456001 plumb 10.0.0.2 up
Create hostname.interface-ppa so that the information is persistent across the reboot
cat hostname.ce456001
10.0.0.2
Verify the interface information
dladm show-link
DNS Configuration
Named configuration on Solaris 10
Create the root servers by running the below
dig > db.cache
File: /etc/named.conf
options {
//
//doggy.com
//
directory "/etc/named";
forward only;
forwarders { 8.9.9.9; };
};
zone "." in {
type hint;
file "db.cache";
};
zone "doggy.com" in {
type master;
file "named.hosts";
};
zone "0.8.9.in-addr.arpa" in {
type master;
file "named.rev";
allow-transfer { 1.1.1.1; 1.2.3.1 };
};
named.hosts
;
; Authoritative data for doggy.COM ( ORIGIN assumed doggy.COM )
;
$TTL 86400
@ IN SOA nsadmin.doggy.com. postmaster.doggy.com. (
2008030405 ; Serial Number
7200 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ); Minimum TTL of 1 day
IN NS nsadmin.doggy.com.
IN MX 10 mail.doggy.com.
localhost IN A 127.0.0.1
ns IN A 10.156.72.249
nsadmin IN A 10.156.72.249
Additional Domain
manint1% more doggydog.hosts
$TTL 86400
@ IN SOA ns.doggydog.com. postmaster.doggydog.com. (
200803091000 ; Serial Number
7200 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
0 ) ; Minimum TTL of 1 day
IN NS nsadmin.doggy.com.
ns IN A 1.1.1.1
www IN A 2.2.2.2
janus IN A 2.2.2.2
doggydog.com. IN A 2.2.2.2
Create the root servers by running the below
dig > db.cache
File: /etc/named.conf
options {
//
//doggy.com
//
directory "/etc/named";
forward only;
forwarders { 8.9.9.9; };
};
zone "." in {
type hint;
file "db.cache";
};
zone "doggy.com" in {
type master;
file "named.hosts";
};
zone "0.8.9.in-addr.arpa" in {
type master;
file "named.rev";
allow-transfer { 1.1.1.1; 1.2.3.1 };
};
named.hosts
;
; Authoritative data for doggy.COM ( ORIGIN assumed doggy.COM )
;
$TTL 86400
@ IN SOA nsadmin.doggy.com. postmaster.doggy.com. (
2008030405 ; Serial Number
7200 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ); Minimum TTL of 1 day
IN NS nsadmin.doggy.com.
IN MX 10 mail.doggy.com.
localhost IN A 127.0.0.1
ns IN A 10.156.72.249
nsadmin IN A 10.156.72.249
Additional Domain
manint1% more doggydog.hosts
$TTL 86400
@ IN SOA ns.doggydog.com. postmaster.doggydog.com. (
200803091000 ; Serial Number
7200 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
0 ) ; Minimum TTL of 1 day
IN NS nsadmin.doggy.com.
ns IN A 1.1.1.1
www IN A 2.2.2.2
janus IN A 2.2.2.2
doggydog.com. IN A 2.2.2.2
Subscribe to:
Posts (Atom)
