Set up BIND on HP-UX

About

This is a short guide in getting a DNS server up and running on a HP-UX system. The obvious choice for DNS server software is BIND as pre-compiled bundles are provided by HPE.

Download software depots

• BIND C.9.11.1.1.0: https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=BIND
• OpenSSL A.01.00.02h or later: https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I
• KRB5 client: https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=KRB5CLIENT

Copy the download depot files to /var/opt/depots (or to appropriate network location)

Install software

# swinstall -s /var/opt/depots OpenSSL,r=A.01.00.02k.001

# swinstall -s /var/opt/depots KRB5CLIENT

# swinstall -s /var/opt/depots HPUX-NameServer,r=C.9.11.1.1.0

# swlist | grep -E -e "NameServer" -e "krb5client" -e "openssl"

krb5client                            E.1.6.2.10       Kerberos V5 Client Version 1.6.2.10
openssl                               A.01.00.01p.001  Secure Network Communications Protocol (PA: 0.9.8zf, IA: 1.0.1p)
HPUX-NameServer                       C.9.11.1.1.0     HP-UX Name Server

Configure BIND

1. Create named directories:

# mkdir /etc/named.data
# chmod 755 /etc/named.data
# cd /etc/named.data

2. Create a param file for hosts_to_named. The hosts_to_named utility is a powerful tool for building DNS database.

# vi /etc/named.data/param

-d acme.com
-n 10.40.1
-z 10.40.1.44
-b /etc/named.conf

3. Create the DNS data and boot files with hosts_to_named. The hosts_to_named utility automatically creates all the DNS data files needed to resolve host names and IP addresses in your domain using your /etc/hosts file, and the options defined in your param file.

# /etc/named.data/hosts_to_named -f param

Translating /etc/hosts to lower case ...
Collecting network data ...
    10.40.1
Creating list of multi-homed hosts ...
Creating "A" data (name to address mapping) for net 10.40.1 ...

The following lines were left out of the database:
Creating "PTR" data (address to name mapping) for net 10.40.1 ...
Creating "MX" (mail exchanger) data ...
Building default named.boot file ...
Building default db.cache file ...

WARNING: db.cache must be filled in with
         the name(s) and address(es) of the
         rootserver(s)

Building default boot.sec.save for secondary servers ...
Building default boot.sec for secondary servers ...
Building default boot.cacheonly for caching only servers ...
Done

4. Check the data directory:

# ls -l /etc/named.data
total 192
-rw-r--r--   1 root       sys            153 Jan  5 10:19 boot.cacheonly
-rw-r--r--   1 root       sys            229 Jan  5 10:19 boot.sec
-rw-r--r--   1 root       sys            249 Jan  5 10:19 boot.sec.save
-rw-r--r--   1 root       sys            187 Jan  5 10:19 conf.cacheonly
-rw-r--r--   1 root       sys            187 Jan  5 10:19 conf.sec
-rw-r--r--   1 root       sys            368 Jan  5 10:19 conf.sec.save
-rw-r--r--   1 root       sys           1376 Jan  5 10:19 db.10.40.1
-rw-r--r--   1 root       sys            274 Jan  5 10:19 db.127.0.0
-rw-r--r--   1 root       sys            134 Jan  5 10:19 db.cache
-rw-r--r--   1 root       sys           3353 Jan  5 10:19 db.acme
-rw-r--r--   1 root       sys            223 Jan  5 10:19 named.boot
-rw-r--r--   1 root       sys             58 Jan  5 10:19 param

5. Add/delete records for the corresponding domain, e.g. acme.com.

6. Check the named configuration file:

# cat /etc/named.conf
#
# type domain source file
#

options {
    directory "/etc/named.data";
};

zone "0.0.127.IN-ADDR.ARPA" {
    type master;
    file "db.127.0.0";
};

zone "acme.com" {
    type master;
    file "db.acme";
};

zone "76.40.1.IN-ADDR.ARPA" {
    type master;
    file "db.10.40.1";
};

zone "." {
    type hint;
    file "db.cache";
};

7. Enable the DNS service at boot time:

# vi /etc/rc.config.d/namesvrs_dns
NAMED=1
NAMED_ARGS=""

Start BIND service

Start the named daemon. A reboot is not required.

# /sbin/init.d/named start
named  root

Configure DNS clients

Add the DNS nameserver to /etc/resolv.conf on all client hosts.

Check DNS service

1. Try host resolution for acme.com:

# nsquery hosts serv1

Using "files [NOTFOUND=continue UNAVAIL=continue] dns" for the hosts policy.

Searching /etc/hosts for serv1
serv1 was NOTFOUND

Switch configuration: Allows fallback

Searching dns for serv1
Hostname: serv1.acme.com
Aliases:
Address: 10.40.1.10
Switch configuration: Terminates Search

Host resolution checks out OK.

2. Check rndc status:

# rndc status

version: BIND 9.11.1 <id:e3dc2e7>
running on serv1:
configuration file: /etc/named.conf
CPUs found: 4
worker threads: 4
UDP listeners per interface: 3
number of zones: 4 (0 automatic)
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/900/1000
tcp clients: 0/150
server is up and running

Server status checks out OK.