One of the more interesting services out there on a server is the DNS service. The DNS resolves human readable names (calwell.ca) to an IP address (127.0.0.1). This service makes use of a huge distributed database on the Internet to keep the list of names and IP addresses up to date. If you choose to install a server (Because Windows 2000 requires one) you may install the built-in option in Windows NT/2000, you may choose to run a third party application like Simple DNS Plus or you can opt to install a free service called BIND 8 (Berkeley Internet Name Domain). BIND is use exactly like its UNIX counterpart and is more powerful and configurable then any of the other packaged options. The installation of this service is a bit more involved then that of the previously mentioned options.

The best utility to get information from the DNS server is DIG (or Domain Internet Groper). This utility is only available on xNIX O/Ses. I have never seen a real port of this utility thought on the PC you find utilities such as PING (resolves names) and nslookup (only NT, DNS query).

Basic Installation of BIND:

• Download the BIND 8 binaries from here.
• Also, download the sample configuration files here.
• Unzip BIND8.2.3.Zip to a temp directory
• Run temp\BINDinstall.exe
• Install places the files into: c:\winnt\system32\dns\bin
• Go to the c:\winnt\system32\dns\etc directory and edit the configuration files. I will discuss the configuration files later, to get the server to start you can rename the “named.conf.master” file to named.conf and the BIND service will start. All error messages and informational messages will be placed in the NT Event Viewer in the Application log.

The included binary files in c:\winnt\system32\dns\bin:

• BINDctrl.exe A little GUI control panel for BIND.
  reload named, meaning reparse named.conf and all zone files.
  start/stop named. This utility is useful only after you get the service started and working.
• named.exe “nameserver daemon” is the program that provides the domain name service. named runs as an NT service. You cannot run this directly, you must use NET START “ISC BIND”, the Control Panel, or the BIND Ctrl to start this service.
• named-xfer.exe “nameserver daemon transfer” is a utility for performing zone transfers from another DNS to the local NT DNS.
• nsupdate.exe “nameserver update” ???

Configuration of BIND

The basic configuration example that was download from the BIND 8 website included the following named.conf file (taken from named.conf.master):

/*
BIND8 main configuration file with master zone statements: named.conf.master
*/

options
{
directory "c:\winnt\system32\dns\etc";
allow-transfer {ip_addr_list;};
};

/* remove/add the comment delimiters below to activate/disactivate logging */
logging
{
channel my_file {file "c:\winnt\system32\dns\etc\named.run"; severity debug; print-time yes; };
category default {my_file;};
category panic {my_file;};
category packet {my_file;};
category eventlib {my_file;};
category queries {my_file;};
};

zone "." IN {type hint; file "db.cache"; };

zone "anydomain.com" IN {type master; file "db.anydomain.com"; notify yes;};

zone "210.73.212.IN-ADDR.ARPA" IN {type master; file "db.212.73.210"; notify yes; also-notify {ip_addr list;};
zone "0.0.127.IN-ADDR.ARPA" IN {type master; file "db.127.0.0"; };

There are some major statements in this file that are required to get the BIND 8 configuration working right. I’ll go through the ones used in the above file:

Options {} – The options section tells the server where its configuration files and working directory are. This is done by using the directory “path”; statement. The “path” must be a full path name. The server will not run without this statement.

Logging {} – Useful for troubles hooting, the logging section allows you to track the loading and unloading of the BIND server. In the sample configuration file, the logging section is disabled by using the /* */ comment specifers. To enable logging (and I suggest it if your just starting out, take out the /* */ that begin and end the logging section. The file that is logged too is specified using the {file “c:\winnt\system32\dns\etc\named.run”; severity debug; print-time yes;} statement. You can expect to look in the c:\winnt\system32\dns\etc directory to find the named.run file that logs the activity of the DNS server. There are statements that control to granularity of logging and are beyond the scope of this article. More information can be found at the Internet Software Consortium.

The next part of the process is to add a domain database file for your new domain, in the example they give you is “db.anydomain.com”. This file needs to be created listing all of the entries in your domain as well as referred to in the configuration file (named.conf). The two statements:

zone "." IN {type hint; file "db.cache"; };
zone "anydomain.com" IN {type master; file "db.anydomain.com";

account for the reference to your domain files. The first file is reference is to the server’s cache file. This hint, or cache is created when the server first starts up and retrieves a list of the most recent list of nameservers.

The second zone statement refers to the master domain database file. This file lists the domain “anydomain.com”, the type “master” and the file name of the actual database file itself “db.anydomain.com”.

The above example loads three different zones into the DNS cache. The first is the main domain, the second and third are master domains. This is also the section you would use to setup forwarding in your DNS server.

The above configuration was enough to get the BIND service to start and understandably fail upon a request. Using the logging feature you can open the log in c:\winnt\system32\dns\named.run and see the activity of your server. By default you have set the logging at a quite verbose level in the above configuration file. Your best bet from there is to cross reference the errors you see in the named.run file with the definitions for these messages in the bind-messages.htm information downloaded with BIND docs. This will give a clearer picture of what BIND is doing and help you understand more of what is going on.

Running Queries

Now that you have the server up and running, you might want to run query’s against your database for a domain. This will require changing the master domain database and the named.conf to your domain name. In my example, I’m going to use calwell.ca as a domain name. In this example you will not need a network card, nor will you need to be on a network to do this. The very first thing you should do before editing the configuration files is stop the services.

Open up c:\winnt\system32\dns\etc\named.conf and find the line that says:
zone “anydomain.com” IN {type master; file “db.anydomain.com”; notify yes;};
change all of the references to “anydomain.com” to calwell.ca. Your edited line would then look like:
zone “calwell.ca” IN {type master; file “db.calwell.ca”; notify yes;};
You now have changed the reference to the master database table. The next step is to create and edit the master database.

Still in the c:\winnt\system32\dns\etc\ directory, rename the DB.ANYDOMAIN.COM file to DB.calwell.ca, Don’t worry about long filenames, the DNS server can handle this.

Now that you have the filename right, open the db.calwell.ca file and edit a few lines (for now, you can change more later). First start by changing the name of the origin domain to calwell.ca. The line at the top that reads $ORIGIN anydomain.com. Should be changed to $ORIGIN calwell.ca. The lines listed below will have ip.ad.re.ss as a reference, you will need to edit that to 127.0.0.1. When finished, the four lines look like:

@ IN A 127.0.0.1
mail IN A 127.0.0.1
www IN A 127.0.0.1
ftp IN A 127.0.0.1

You can now start the server from a CMD window using the following command:

C:\>net start "ISC BIND"
The ISC BIND service is starting.
The ISC BIND service was started successfully.

With the service started, check the log file for details. The following is my log file (named.run) after startup:

31-May-2001 09:36:06.000 hint zone "" (IN) loaded (serial 0)
31-May-2001 09:36:06.000 master zone "calwell.ca" (IN) loaded (serial 2000040305)
31-May-2001 09:36:06.000 C:\WINNT\System32\dns\etc\named.conf:26: syntax error near 'ip_addr'
31-May-2001 09:36:06.000 master zone "210.73.212.IN-ADDR.ARPA" (IN) loaded (serial 2000040305)
31-May-2001 09:36:06.000 master zone "0.0.127.IN-ADDR.ARPA" (IN) loaded (serial 2000040305)
31-May-2001 09:36:06.000 unix control "%DESTRUN%/ndc" socket failed: Unknown error
31-May-2001 09:36:06.000 ctl_server: socket: Unknown error
31-May-2001 09:36:06.000 listening on [127.0.0.1].53 (3Com Megahertz 10/100 Ethernet + 56K PC Card)
31-May-2001 09:36:06.000 Forwarding source address is [0.0.0.0].2157
31-May-2001 09:36:06.000 Ready to answer queries.
31-May-2001 09:36:06.000 sysquery: sendto([192.112.36.4].53): No such file or directory

There are all sorts of interesting errors there that at this point would not stop us from running query's but would be part of a more advanced setup process.

To perform a query against your database, start the nslookup utility. If you are not on a network, you will default to the local host. If you are on a network you can tell nslookup to query the local DNS server. The resulting query looks like:

C:>nslookup
*** Default servers are not available
Default Server: UnKnown
Address: 127.0.0.1

www.calwell.ca
Server: UnKnown
Address: 127.0.0.1

Name: www.calwell.ca
Address: 127.0.0.1
>

The log shows the above query as:
31-May-2001 09:37:35.000 XX+/127.0.0.1/www.calwell.ca/A/IN

Setting up Forwarding

The most likely scenario you will be executing is the forwarding of DNS query’s to a DNS on the Internet (if of course the record is no in your local database). Forwarders (Forwarding DNS server ) are defined in the Official DNS FAQ:

“forwarders” is a list of NS records that are _prepended_ to a list of NS records to query if the data is not available locally. This allows a rich cache of records to be built up at a centralized location. This is good for sites that have sporadic or very slow connections to the Internet. (demand dial-up, for example) It’s also just a good idea for very large distributed sites to increase the chance that you don’t have to go off to the Internet to get an IP address. (sometimes for addresses across the street!)

To setup forwarding, edit the named.conf file and remove all zone options except for — and setup the options section in the following way:

options {
directory <directoryname>
forwarders {<forwarder1_addr> ; <forwarder2_addr>;}
forward-only;
};

This will tell the BIND server the <directoryname> where BIND is installed, the <forwarder1_addr> and <forwarder2_addr> IP address of the servers on the Internet that will accept query’s.

Whats Next?

Now that you have a good working knowledge of BIND, you can setup your server to forward query’s and perform local resolution while you provide a small office or your home with DNS caching capabilities. BIND is the standard in DNS servers and gaining knowledge in BIND can be transferred directly to the UNIX platform.