Linux BIND DNS - Part 4: Common BIND Files - Named.local, named.conf, db.127.0.0 etc

Article Reads:30684

So far we have covered in great detail the main files required for the firewall.cx domain. These files, which we named db.firewall.cx and db.192.168.0, define all the resouce records and hosts available in the firewall.cx domain.

We will be analysing these files in this article, to help you understand why they exist and how they fit into the big picture :

Our Common Files

There are 3 common files that we're going to look at, of which the first two files contents change slightly depending on the domain. This happens because they must be aware of the various hosts and the domain name for which they are created. The third file in the list below, is always the same amongst all DNS servers and we will explain more about it later on.

So here are our files:

named.local or db.127.0.0
named.conf
named.ca or db.cache

The Named.local File

The named.local file, or db.127.0.0 as some might call it, is used to cover the loopback network. Since no one was given the responsibility for the 127.0.0.0 network, we need this file to make sure there are no errors when the DNS server needs to direct traffic to itself (127.0.0.1 IP Address - Loopback).

When installing BIND, you will find this file in your caching example directory: /var/named/caching-example, so you can either create a new one or modify the existing one to meet your requirements.

The file is no different than our example db.addr file we saw previously:

$TTL 86400

0.0.127.in-addr.arpa. IN SOA voyager.firewall.cx. admin.firewall.cx. (

                1 ; Serial
                3h ; Refresh after 3 hours
                1h ; Retry after 1 hour
                1w ; Expire after 1 week
                1h ) ; Negative caching TTL of 1 hour

0.0.127.in-addr.arpa. IN NS voyager.firewall.cx.
0.0.127.in-addr.arpa. IN NS gateway.firewall.cx.
1.0.0.127.in-addr.arpa. IN PTR localhost.

That's all there is for named.local file !

The Named.ca File

The named.ca file (also known as the "root hints file") is created when you install BIND and dosen't need to be modified unless you have an old version of BIND or it's been a while since you installed BIND.

The purpose of this file is to let your DNS server know about the Internet ROOT Servers. There is no point displaying all of the file's content because it's quite big, so we will show an entry of a ROOT server to get the idea what it looks like:

; last update: Aug 22, 2011
; related version of root zone: 1997082200
; formerly NS.INTERNIC.NET

. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
The domain name "." refers to the root zone and the value 3600000 is the explicit time to live (TTL) for the records in the file, but it is sometime ignored by DNS clients.

The rest of the entries are self explanatory. If you want to grab a new copy of the root hint file you can ftp to ftp.rs.internic.net (198.41.0.6) and log on anonymously, there you will find the latest up to date version.

The Named.conf File

The named.conf file is usually located in the /etc directory and is the key file that ties all the zone data files together and lets the DNS server know where they are located in the system. This file is automatically created during the installation but you must edit it in order to add new entries that will point to any new zone files you have created.

Let's have a close look at the named.conf file and explain:

options {
directory "/var/named";

};

// Root Servers
zone "." IN {
type hint;
file "named.ca";
};

// Entry for Firewall.cx - name to ip mapping
zone "firewall.cx" IN {
type master;
file "db.firewall.cx";
};

// Entry for Firewall.cx - ip to name mapping
zone "0.168.192.in-addr.arpa" IN {
type master;
file "db.192.168.0";
};

// Entry for Local Loopback
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
};

At first glance it might seem a maze, but it's a lot simpler than you think. Break down each paragraph and you can see clearly the pattern that follows.

Starting from the top, the options section simply defines the directory where all the files to follow are located, the rest are simply comments.

The root servers section tells the DNS server where to find the root hints file, which contains all the root servers.

Next up is the entry for our domain firewall.cx, we let the DNS server know which file contains all the zone entries for this domain and let it know that it will act as a master DNS server for the domain. The same applies for the entry to follow, which contains the IP to Name mappings, this is the 0.168.192.in-addr.arpa zone.

The last entry is required for the local loopback. We tell the DNS server which file contains the local loopback entries.

Notice the "IN" class that is present in each section? If we accidentally forget to include it in our zone files, it wouldn't matter because the DNS server will automatically figure out the class from our named.conf file. It's imperative not to forget the "IN" (Internet) class in the named.conf, whereas it really doesnt matter if you don't put it in the zone files. It's good practice still to enter it in the zone files as we did, just to make sure you don't have any problems later on.

And that ends our discussion for the common DNS (BIND) files. Next up is the configuration of our Linux BIND Slave/Secondary DNS server.