CentOS 5 name server [MyDNS]

This how-to will show you how to configure:

  • A MyDNS name server
  • A database to hold the DNS record information

Before starting

Please ensure that you have followed the instructions in the getting started guide here.

If you have not setup the database server yet, please follow the database how-to first.

Installing MyDNS

yum install mydns mydns-mysql
chkconfig mydns on
iptables -I RH-Firewall-1-INPUT 4 -p udp -m udp --sport 53 --dport 1024:65535 -j ACCEPT
iptables -I RH-Firewall-1-INPUT 4 -p udp -m udp --dport 53 -j ACCEPT
service iptables save

Setting up the database

MyDNS uses MySQL as its backend to store record information, so it needs a database setup before it can be configured. Start by opening a root MySQL session:

mysql -u root -p

Enter your MySQL root user's password and type at the mysql> prompt:

CREATE DATABASE mydns;
GRANT SELECT ON mydns.* TO 'mydns'@'localhost' IDENTIFIED BY 'mydns_password';
FLUSH PRIVILEGES;
EXIT;

Replace new_password with a secure password. It will be used to grant MyDNS read-only access to the record database; this ensures that no exploits can result in write access to the record store (it is recommend that you setup another MySQL user for scripted write access to the database).

Next, import the default database:

mydns --create-tables | mysql -u root -p mydns

The last step is to adjust the MyDNS configuration file to use the newly database user credentials:

sed -i.bak -e 's/db-user = username/db-user = mydns/' /etc/mydns.conf
sed -i.bak -e 's/db-password = password/db-password = mydns_password/' /etc/mydns.conf

As before, replace mydns_password with your selected MySQL user password for MyDNS.

Start the service

MyDNS is now fully configured and ready to run. The service can be started:

service mydns start

Administering the server

MyDNS will now serve records zones from the rr with records from the soa table. The daemon does not have to be restarted for changes to be recognized, so you can take advantage of this by using scripts to update your MyDNS database on-the-fly. Zone replication via SQL backups is another particularly handy side-effect of this feature.

As an example, included below is a small script I use to add new domains my servers:

#!/bin/sh
# Usage: add_dns_domain mysite.tld [mysite2.tld ...]
TIME="$(date +'%s')"
TMPFILE="$(mktemp)" || exit 1

# Set this to your primary and secondary nameservers
NS1=ns1.yourserver.com
NS2=ns2.yourserver.com

# Set this to your primary email, with the @ replaced by a single dot.
EMAIL=yourname.example.com

# Default shared IP to point domains to
SHAREDIP=1.2.3.4

for domain in "$@";do
  cat << EOF >> $TMPFILE
INSERT INTO mydns.soa (origin,ns,mbox,serial,refresh,retry,expire,minimum,ttl) VALUES('${domain}.', '${NS1}.', '${EMAIL}.', $TIME, 10800, 3600, 604800, 14400, 14400);
INSERT INTO mydns.rr (zone,name,data,aux,ttl,type) VALUES(LAST_INSERT_ID(), '${domain}.', '${NS1}.', 0, 14400, 'NS'),
                                                       (LAST_INSERT_ID(), '${domain}.', '$NS2.', 0, 14400, 'NS'),
                                                       (LAST_INSERT_ID(), '${domain}.', '${domain}.', 0, 14400, 'MX'),
                                                       (LAST_INSERT_ID(), '${domain}.', '${SHAREDIP}', 0, 14400, 'A'),
                                                       (LAST_INSERT_ID(), 'mail', '${domain}.', 0, 14400, 'CNAME'),
                                                       (LAST_INSERT_ID(), 'www', '${domain}.', 0, 14400, 'CNAME');
EOF
mysql -u root -p < $TMPFILE

# you can do some other stuff here with TMPFILE if you want

# cleanup
rm $TMPFILE
done

As you can see above, it adds a zone for each domain and then sets up default CNAME aliases for www and mail to point to the main domain. The main domain gets pointed at the default shared IP using an A record.

Resources