This article explains the steps to configure a Domain Name System (DNS) on Oracle Linux 7u5, which contains the resolution hosts of the VIP and SCAN virtual network for Oracle Database RAC .
Tables of contents:
- Install the DNS server
- Set UP the DNS configuration:
1. Install the DNS server
This is our configuration of our DNS, More info about DNS.
- Install Named service:
# yum install bind
Loaded plugins: langpacks, ulninfo
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.9.4-74.el7_6.1 will be installed
--> Processing Dependency: bind-libs = 32:9.9.4-74.el7_6.1 for package: 32:bind-9.9.4-74.el7_6.1.x86_64
--> Processing Dependency: python-ply for package: 32:bind-9.9.4-74.el7_6.1.x86_64
--> Running transaction check
---> Package bind-libs.x86_64 32:9.9.4-61.el7 will be updated
--> Processing Dependency: bind-libs = 32:9.9.4-61.el7 for package: 32:bind-utils-9.9.4-61.el7.x86_64
---> Package bind-libs.x86_64 32:9.9.4-74.el7_6.1 will be an update
--> Processing Dependency: bind-license = 32:9.9.4-74.el7_6.1 for package: 32:bind-libs-9.9.4-74.el7_6.1.x86_64
---> Package python-ply.noarch 0:3.4-11.el7 will be installed
--> Running transaction check
---> Package bind-license.noarch 32:9.9.4-61.el7 will be updated
--> Processing Dependency: bind-license = 32:9.9.4-61.el7 for package: 32:bind-libs-lite-9.9.4-61.el7.x86_64
---> Package bind-license.noarch 32:9.9.4-74.el7_6.1 will be an update
---> Package bind-utils.x86_64 32:9.9.4-61.el7 will be updated
---> Package bind-utils.x86_64 32:9.9.4-74.el7_6.1 will be an update
--> Running transaction check
---> Package bind-libs-lite.x86_64 32:9.9.4-61.el7 will be updated
---> Package bind-libs-lite.x86_64 32:9.9.4-74.el7_6.1 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================================================================================================
Package Arch Version Repository Size
Installing:
bind x86_64 32:9.9.4-74.el7_6.1 ol7_latest 1.8 M
Installing for dependencies:
python-ply noarch 3.4-11.el7 ol7_latest 122 k
Updating for dependencies:
bind-libs x86_64 32:9.9.4-74.el7_6.1 ol7_latest 1.0 M
bind-libs-lite x86_64 32:9.9.4-74.el7_6.1 ol7_latest 741 k
bind-license noarch 32:9.9.4-74.el7_6.1 ol7_latest 86 k
bind-utils x86_64 32:9.9.4-74.el7_6.1 ol7_latest 206 k
Transaction Summary
Install 1 Package (+1 Dependent package)
Upgrade ( 4 Dependent packages)
Total download size: 4.0 M
Is this ok [y/d/N]: y
Downloading packages:
No Presto metadata available for ol7_latest
(1/6): bind-libs-9.9.4-74.el7_6.1.x86_64.rpm | 1.0 MB 00:00:01
(2/6): bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm | 741 kB 00:00:00
(3/6): bind-license-9.9.4-74.el7_6.1.noarch.rpm | 86 kB 00:00:00
(4/6): bind-utils-9.9.4-74.el7_6.1.x86_64.rpm | 206 kB 00:00:00
(5/6): python-ply-3.4-11.el7.noarch.rpm | 122 kB 00:00:04
(6/6): bind-9.9.4-74.el7_6.1.x86_64.rpm | 1.8 MB 00:00:07
Total 567 kB/s | 4.0 MB 00:00:07
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 32:bind-license-9.9.4-74.el7_6.1.noarch 1/10
Updating : 32:bind-libs-9.9.4-74.el7_6.1.x86_64 2/10
Installing : python-ply-3.4-11.el7.noarch 3/10
Installing : 32:bind-9.9.4-74.el7_6.1.x86_64 4/10
Updating : 32:bind-utils-9.9.4-74.el7_6.1.x86_64 5/10
Updating : 32:bind-libs-lite-9.9.4-74.el7_6.1.x86_64 6/10
Cleanup : 32:bind-libs-lite-9.9.4-61.el7.x86_64 7/10
Cleanup : 32:bind-utils-9.9.4-61.el7.x86_64 8/10
Cleanup : 32:bind-libs-9.9.4-61.el7.x86_64 9/10
Cleanup : 32:bind-license-9.9.4-61.el7.noarch 10/10
OSError: No such file or directory
ValueError: SELinux policy is not managed or store cannot be accessed.
warning: %posttrans(bind-32:9.9.4-74.el7_6.1.x86_64) scriptlet failed, exit status 1
Non-fatal POSTTRANS scriptlet failure in rpm package 32:bind-9.9.4-74.el7_6.1.x86_64
Verifying : 32:bind-libs-9.9.4-74.el7_6.1.x86_64 1/10
Verifying : python-ply-3.4-11.el7.noarch 2/10
Verifying : 32:bind-9.9.4-74.el7_6.1.x86_64 3/10
Verifying : 32:bind-utils-9.9.4-74.el7_6.1.x86_64 4/10
Verifying : 32:bind-license-9.9.4-74.el7_6.1.noarch 5/10
Verifying : 32:bind-libs-lite-9.9.4-74.el7_6.1.x86_64 6/10
Verifying : 32:bind-license-9.9.4-61.el7.noarch 7/10
Verifying : 32:bind-libs-9.9.4-61.el7.x86_64 8/10
Verifying : 32:bind-libs-lite-9.9.4-61.el7.x86_64 9/10
Verifying : 32:bind-utils-9.9.4-61.el7.x86_64 10/10
Installed:
bind.x86_64 32:9.9.4-74.el7_6.1
Dependency Installed:
python-ply.noarch 0:3.4-11.el7
Dependency Updated:
bind-libs.x86_64 32:9.9.4-74.el7_6.1 bind-libs-lite.x86_64 32:9.9.4-74.el7_6.1 bind-license.noarch 32:9.9.4-74.el7_6.1
bind-utils.x86_64 32:9.9.4-74.el7_6.1
Complete!
[root@ol-7u5 ~]#
2. Set UP the Configuration of DNS:
- Add our domain resolution /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 127.0.0.1;192.0.2.53;};
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.0.2.0/24;};
/* - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion. - If you are building a RECURSIVE (caching) DNS server, you need to enable recursion. - If your recursive DNS server has a public IP address, you MUST enable access control to limit queries to your legitimate users. Failing to do so will cause your server to become part of large scale DNS amplification attacks. Implementing BCP38 within your network would greatly reduce such attack surface */ recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "oranux.com.tn" IN {
type master;
file "forward.oranux.com.tn";
allow-update { none; };
};
zone "2.0.192.in-addr.arpa" IN {
type master;
file "reverse.oranux.com.tn";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
- The forword configuration /var/named/forward.oranux.com.tn
$TTL 86400
@ IN SOA san-gns.oranux.com.tn. root.oranux.com.tn. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS san-gns.oranux.com.tn.
@ IN A 192.0.2.1
@ IN A 192.0.2.2
@ IN A 192.0.2.3
@ IN A 192.0.2.4
@ IN A 192.0.2.5
@ IN A 192.0.2.12
@ IN A 192.0.2.53
san-gns IN A 192.0.2.53
host01 IN A 192.0.2.1
host02 IN A 192.0.2.2
host03 IN A 192.0.2.3
host04 IN A 192.0.2.4
host05 IN A 192.0.2.5
em12 IN A 192.0.2.12
cluster01 IN A 192.0.2.155
cluster01-scan IN A 192.0.2.101
cluster01-scan IN A 192.0.2.102
cluster01-scan IN A 192.0.2.103
host01-vip IN A 192.0.2.104
host02-vip IN A 192.0.2.105
host03-vip IN A 192.0.2.106
- The reverse configuration /var/named/reverse.oranux.com.tn
$TTL 86400
@ IN SOA san-gns.oranux.com.tn. root.oranux.com.tn. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS san-gns.oranux.com.tn.
@ IN PTR oranux.com.tn.
53 IN NS san-gns.oranux.com.tn.
1 IN PTR host01.oranux.com.tn.
2 IN PTR host02.oranux.com.tn.
3 IN PTR host03.oranux.com.tn.
4 IN PTR host04.oranux.com.tn.
5 IN PTR host05.oranux.com.tn.
12 IN PTR em12.oranux.com.tn.
155 IN PTR cluster01.oranux.com.tn.
101 IN PTR cluster01-scan.oranux.com.tn.
102 IN PTR cluster01-scan.oranux.com.tn.
103 IN PTR cluster01-scan.oranux.com.tn.
104 IN PTR host01-vip.oranux.com.tn.
105 IN PTR host02-vip.oranux.com.tn.
106 IN PTR host03-vip.oranux.com.tn.
- Restart our DNS
# systemctl restart named
Conclusion:
This article lists the configuration files of the Linux DNS for RAC as example.
Pingback: Check prerequisites before installing Oracle Grid Infrastructure on 3 nodes | Wadhah DAOUEHI