Configuring Your Tier 2 Server
Configuring Your Name Server
Here are some basic instructions on configuring your name server to access, and serve, the
OpenNIC Top-Level Domains (TLDs). This page has, at the moment, instructions for only a limited range of nameservers. If you've configured another DNS server to use
OpenNIC, please post some instructions to the
discussion list (or edit this page!) so we can expand this page.
Configuration entails a simple modification of the default configuration file to access the new Top-Level Domains (TLDs) by using the root (
Tier1) servers administered by
OpenNIC.
Note: In any place in the information below where you would normally see an IP number, those numbers have been replaced with a link to the page of
Public Name Servers. Please see this list to choose the appropriate server for your use.
You should also join the appropriate
MailingLists so you'll be notified of changing situations which may affect your operation..
BIND (8/9)
Most Unix systems put the BIND configuration file at either /etc/named.conf (as most Linux distributions do) or ar /var/named/named.conf (as the bind8 port installer for
OpenBSD does).
In the named.conf (or one of its includes), you should find a block that looks like this:
zone "." in
{
type hint;
file "root.cache";
};
This specifies a hint zone named '.', the root zone. Hints specified int he root.cache file are used to locate root servers and perform recursive queries. The root.cache file may also be called named.cache. To switch from the IANA root servers to
OpenNIC root servers, fetch
http://smtp.jdcomputers.com.au/hints/db.root and replace your hint file with its contents.
BIND will query a root server in the hints file for the NS records for '.' (the root zone), and use that list of root servers to perform queries. This is how a normal recursive DNS server operates, even outside of
OpenNIC. This is the easiest way to configure BIND to use the
OpenNIC root.
Alternatively (slightly experimental), you can slave the root zone from root servers that allow transfer of the root zone. This may not be supported by all root servers. Note that slaving a zone via AXFR or IXFR uses a TCP connection, which requires more resources than a regular DNS query (via the connectionless UDP protocol). Note that historically, the only reason BIND 8/9 users were encouraged to slave the root was due to BIND mysteriously reverting to the IANA root servers. This behavior has not been fully documented and is presumed not to exist in current versions of BIND software.
Change it to look like this (you can have from 1 to many entries in the "master" section; we recommend at least 3
Master Pool (Tier 1) servers):
zone "." in
{
type slave;
file "tld-root";
masters { [server IP number]; [server IP number]; [server IP number]; };
notify no;
};
BIND 4
Most Unix systems put the BIND 4 configuration file at either /etc/named.boot (as most Linux distributions do) or ar /var/named/named.boot (as the default install for
OpenBSD does).
In the named.boot, you should have a line that looks like this:
Change it to look like this (please choose the nearest
Tier 1 server for this):
secondary . [server IP number] tld-root
DJBDNS
Instructions provided by Alan Hodgson, .geek hostnaster.
1) Change into your dnscache root/servers directory.
# cd /service/dnscache/root/servers
2) Replace your root servers file (root/servers/@) with the IP numbers of the
OpenNIC Tier 1 servers, obtained by using dnsq to query the Tier 0 IP number (this step can be done manually, as well).
# cp -f @ /tmp/@.saved
# dnsq ns . [Server IP number] | grep -iv ns0.opennic.glue \
| awk '{ if (/^additional/) print $5}' > /tmp/@.new
# cat /tmp/@.new
3) If it looks okay (i.e. a list of IP addresses), replace the file.
4) Restart dnscache
# svc -t /service/dnscache
5) Verify that it's working
Windows 2000 DNS Server
Contributed by
Michael Patrick.
- Bring up the DNS Administrator from Administrative Tools...
- Bring up the properties of the DNS Server
- Go to the "Root Hints" tab
- Remove the root server entries
- Replace them with the Tier 1 servers from here.
- Stop and Start the DNS service
- If needed, clear and refresh your view of the cache and you should see .glue
- try it out on http://www.opennic.glue.
