The Do-It-Yourself DNS server setup

Introduction

In preparation for an Oracle Real Application Clusters (RAC) setup I decided to install a private DNS server, so my SCAN information for RAC could be serviced without relying on 3rd parties such as the local IT department. This blog shows the steps to take to set up a minimal DNS server for use with e.g. a development RAC environment. Detailed configuration of DNS falls outside of the scope of this blog.

For the demonstration on how to set up such a DNS server, the following assumptions are made:

• the DNS server is running Oracle Enterprise Linux 5 Update 9. Red Hat Enterprise Linux 5 (or any derivatives) should also be usable; for other types of systems, consult the documentation on what utilities to use and system packatges to install, and at what locations the various configuration files are located
• the DNS server will service a domain called ztm.nl
• the DNS server will have a fixed IP address of 192.168.128.254
• the DNS server will service addresses in the 192.168.128.x subnet
• the subnet gateway is located at 192.168.128.1
• the RAC SCAN name to be registered is clusscan, and 3 SCAN IP addresses will be configured for RAC use
• for sake of the example, 4 additional hosts (resp. clus1, clus2, clus1-vip, and clus2-vip) will be registered in the DNS server

The following steps I took to set up a minimal DNS server environment:

Step 1: Installing Linux

The first step is to install Enterprise Linux. For this, a minimal installation is chosen, based on Oracle Enterprise Linux 5 Update 9. After having installed the Linux system, the Oracle public YUM repository is configured for any updates using:

# cd /etc/yum.repos.d
# wget http://public-yum.oracle.com/public-yum-el5.repo

Step 2: Configuring the system with a fixed IP address

The next step is to make sure that your to-be DNS server has a static IP address. This can be done by using the system-config-network utility or by manually setting the IP address using ifconfig, like in:

# ifconfig eth0 192.168.128.254

The end result should look similar to:

Configuring a fixed IP address

Step 3: Install missing packages

After these initial installation steps, any missing packages necessary for the DNS environment should be installed:

# yum install bind-chroot
# yum install caching-nameserver
# yum install system-config-bind

Step 4: Initial DNS configuration file creation

Then the configuration files for the DNS server will be created with initial data (which will be modified to match our domain):

# cd /var/named/chroot/var/named/
# cp localdomain.zone for.ztm.nl
# cp named.local rev.ztm.nl
# chown root:named for.ztm.nl
# chown root:named rev.ztm.nl
# cd /var/named/chroot/etc
# cp named.caching-nameserver.conf named.conf
# chown root:named named.conf

Step 5: Editing of the DNS configuration

Edit the following files and add/modify the respective lines displayed (in case they are missing or have different values):

• /etc/sysconfig/network:
  
  HOSTNAME=dns.ztm.nl
• /etc/sysconfig/network-scripts/ifcfg-eth0:
  
  PEERDNS=no
• /etc/resolv.conf:
  
  search ztm.nl
  nameserver 192.168.128.254
• /etc/hosts:
  
  192.168.128.254 dns.ztm.nl dns
• /var/named/chroot/etc/named.conf:
  
  options {
          listen-on port 53 { 127.0.0.1; 192.168.128.254; };
          allow-query { localhost; 192.168.128.0/24; }
          ...
  };
  and:
  
  view localhost_resolver {
          match-clients { localhost; 192.168.128.0/24; };
          match-destinations { localhost; 192.168.128.0/24; };
          ...
  };
• /etc/named.rfc1912.zones:
  
  zone "ztm.nl" IN {
          type master;
          file "for.ztm.nl";
          allow-update { none; };
  };
  
  zone "128.168.192.in-addr.arpa" IN {
          type master;
          file "rev.ztm.nl";
          allow-update { none; };
  };
• /var/named/chroot/var/named/for.ztm.nl:
  
  $TTL    86400
  @               IN SOA  dns.ztm.nl. root.dns.ztm.nl. (
                                        42        ; serial (d. adams)
                                        3H        ; refresh
                                        15M       ; retry
                                        1W        ; expiry
                                        1D )      ; minimum
                  IN NS           dns.ztm.nl.
  dns             IN A            192.168.128.254
  clus1           IN A            192.168.128.101
  clus1-vip       IN A            192.168.128.102
  clus2           IN A            192.168.128.103
  clus2-vip       IN A            192.168.128.104
  clusscan        IN A            192.168.128.105
  clusscan        IN A            192.168.128.106
  clusscan        IN A            192.168.128.107
• /var/named/chroot/var/named/rev.ztm.nl:
  
  $TTL    86400
  @       IN      SOA     dns.ztm.nl. root.dns.ztm.nl.   (
                                        1997022700 ; Serial
                                        28800      ; Refresh
                                        14400      ; Retry
                                        3600000    ; Expire
                                        86400 )    ; Minimum
          IN      NS      dns.ztm.nl.
  254     IN      PTR     dns.ztm.nl.
  101     IN      PTR     clus1.ztm.nl.
  102     IN      PTR     clus1-vip.ztm.nl.
  103     IN      PTR     clus2.ztm.nl.
  104     IN      PTR     clus2-vip.ztm.nl.
  105     IN      PTR     clusscan.ztm.nl.
  106     IN      PTR     clusscan.ztm.nl.
  107     IN      PTR     clusscan.ztm.nl.

DNS can also be managed using the Bind configuration GUI. For this, configure the DNS server environment by issuing:

# system-config-bind

Step 6: Firewall configuration

In case the Linux firewall is turned on, the firewall should be configured to allow access to the DNS server. For this, start the firewall configuration utility:

# system-config-securitylevel

In the "Other ports" section on the "Firewall Options" tab, add port 53 with protocol UDP. Then press the Apply (or OK) button for the firewall configuration changes to take effect.

Adding the DNS port to the firewall configuration

Step 7: Restart the DNS server and test the setup

Restart the DNS daemon, make sure it's started at system startup, and check if the addresses can be resolved properly:

# service named restart
# chkconfig named on
# dig -x 192.168.128.254

If you get all four sections (question, answer, additional, and authority) reported as "1", the DNS server has been configured properly.

Checking the DNS name resolution

Otherwise, check for failures in configuring the DNS server using the previous steps.

Step 8: Client configuration

On the client machines (in this case the RAC cluster members) the name resolution file /etc/resolv.conf should be altered to contain:

search ztm.nl
nameserver 192.168.128.254

Here again with dig (or any other name resolution tool such as nslookup) the resolution can be tested to see if everything has been set up properly. You should get the same responses as on the DNS server itself. Any errors (i.e. sections not being reported properly) indicate a DNS setup failure.

Leave a comment in case you benefited from this blog.

Successfully Installing Oracle 11g Release 2 on Windows 7

The installation document is finished, including screen shots and all!  The document covers the installation of the Oracle11g Release 2 11.2.0.3 database and software installation on Windows 7 and any manual Database Control configuration afterwards. Database Control - the standalone Enterprise Manager interface - allows for easy database management and maintenance operations and simplifies DBA tasks dramatically by allowing automation of most common jobs done (such as performance measurement, backup & recovery, storage management, etc.).

Major hurdles during the installation - as outlined in this document - were the inability to manage the Oracle related system services due to lack of privileges and the failure of the Enterprise Manager configuration during the initial software installation. For more experienced DBAs apart from these problems the installation is relatively straight-forward.

The document explains all steps for a so-called advanced installation of the Oracle11g Release 2 Enterprise Edition (the most complex installation type) including an explanation on what the various installation screens contain and what kinds of selections can be made all along the installation. A so-called typical installation is left out as this is a very simple type of installation with minimal user input.

Future documents will include more detailed information on managing an Oracle RDBMS environment on Windows type systems.

Leave a comment or mail me at mvweb@ziggo.nl to discuss how to purchase this document (cost: EUR 2.50 or $ 3,-).

Installing Oracle11g Release 2 on Microsoft Windows 7 - finished

After seeing many questions and/or problems with an Oracle RDBMS installation on Microsoft Windows 7 I decided to start this blog to get people up to speed.

The blog efforts will in the end result in a document with clear steps on how to properly install the Oracle 11g Release 2 software on 64-bit Windows 7. The individual flavors of Windows (Ultimate, Enterprise, or Professional - other versions are not supported - or 32-bit vs. 64-bit Windows) do not matter that much. However, it is important to adhere to the requirements found in chapter 2 of the Oracle Installation Guide (available at http://docs.oracle.com).

Step 1 in the whole process is to install Microsoft Windows and be able to administer the system with the Administrator account (or an account with equal privileges). Administration privileges are required to be able to start and stop the database instance.

After installation of Windows 7 the blog will continue with the database installation itself.

May 27th update: I made a new post (http://mverheij.blogspot.com/2013/05/successfully-installing-oracle-11g.html), detailing more information on how to obtain the installation information from me.

OCP 11g is obtained; preparing for OCM

Finally some time again to update my blog.

The OCP 11g is obtained, with a passing score of 98%! There was a lot to study, but as experiene helped a lot and with the help of the Kaplan text exam in the end 1.5 weeks of study proved to be sufficient.

For the moment preparing some virtual machines to check out RAC and Data Guard. The next hurdle will be OCM 11g.