This document has been placed in the public domain by Sam Trenholme

Using MaraDNS as an authoritative DNS server

Requirments

In order to set up an authoritative DNS server, one needs one or more static IP addresses. With most registries, two or more static IP addresses are needed.

In addition, the machine(s) with the static IP addresses need to be running an authoritative DNS server, such as MaraDNS.

What is a domain zone?

A name like www.example.com is part of the domain zone example.com. The name www.yahoo.com, as another example, is part of the domain zone yahoo.com. www.maradns.org is part of the domain zone maradns.org.

Setting up a domain with MaraDNS

Compile and install MaraDNS on the system which will act as an authoritative DNS server.

After doing this, the mararc file needs to be changed before MaraDNS will function as an authoritative DNS server.

How to a make a mararc file which can be used to serve the domain zones that one wishes to have control over:

The domain zone files which are pointed to in /etc/mararc are, by default, in the directory /etc/maradns (the directory is determined by the value of chroot_dir in the mararc file).

Setting up a domain zone file

Let us suppose that we are setting up a domain for example.com, where we have the following services: The zone file for this setup would be as follows. Note that lines which start with the # symbol are comments, in other words lines ignored by MaraDNS, allowing one to add human-readable notes in the file in question.
# This is an example zone file for the imaginary domain example.com.

# The following line is here because other DNS servers (but not MaraDNS)
# actually use the information in this record, and is required to be in
# a DNS zone.
Sexample.com.|86400|example.com.|hostmaster@example.com.|19770616|7200|3600|604800|1800
# The following two records, which also need to be in a zone file, tell
# other DNS servers the names of what DNS servers serve example.com:
Nexample.com.|86400|ns1.example.com.
Nexample.com.|86400|ns2.example.com.
# Because of the way DNS is set up, we need to give IPs to the above
# NS records:
Ans1.example.com.|86400|10.10.10.11
Ans2.example.com.|86400|10.10.10.17

# We now have two records which handle the serving of web pages.  These
# are simple name-to-ip translations.  In other words, we have one
# record which states "The IP for exmaple.com.
Aexample.com.|86400|10.10.10.12
Awww.example.com.|86400|10.10.10.12

# We also need to set up an IP for the machine that serves email for
# example.com.  Becuase of how DNS is designed, we both need
# a record which states "The machine which handles mail for 
# exmaple.com is called mail1.example.com" and a record which states
# "The IP address for mail1.example.com is 10.10.10.15":
@example.com.|86400|10|mail1.example.com.
Amail1.example.com.|86400|10.10.10.15
Now, to adapt this file to another zone, we need to simply make the following changes:

The format of a Domain Zone file

Here are some example lines in a domain zone file, which is an example of someone using the same IP multiple times. For example, if one is using 10.10.10.19 as one of the DNS servers, the mail server, and the web server, one would have records like this:
Nexample.com.|86400|ns1.example.com.
Ans1.example.com.|86400|10.10.10.19
Aexample.com.|86400|10.10.10.19
Awww.example.com.|86400|10.10.10.19
@example.com.|86400|10|mail1.example.com.
Amail1.example.com.|86400|10.10.10.19
Translated in english, the above lines say:

A line in a domain zone file contains a single DNS record. The data has multiple fields separated by a | character, and is in this format:

The reason to use different names for different functions is to minimize the number of problems one will encounter, should one need to change their IPs at a later time.

The % character shortcut

If one is setting up multiple domain zones, all of which have more or less the same data, it is convenient to have a template domain file which different zones can use without needing to modify the file in question.

MaraDNS has support for this by using the % symbol. Whenever MaraDNS sees a % in a csv1 zone file, MaraDNS knows to replace the percent symbol with the name of the zone in question. For example, if the file in question is the zone file for example.com, the % is exanded out to "example.com.". If the zone file in question is for maradns.org, the % is expanded out to "maradns.org.". Hence, we could, provided that the zone file is for example.com, have a zone file like this:

# The following line is here because other DNS servers (but not MaraDNS)
# actually use the information in this record, and is required to be in
# a DNS zone.
S%|86400|%|hostmaster@%|19770616|7200|3600|604800|1800
# The following two records, which also need to be in a zone file, tell
# other DNS servers the names of what DNS servers serve example.com:
N%|86400|ns1.%
N%|86400|ns2.%
# Because of the way DNS is set up, we need to give IPs to the above
# NS records:
Ans1.%|86400|10.10.10.11
Ans2.%|86400|10.10.10.17

# We now have two records which handle the serving of web pages.  These
# are simple name-to-ip translations.  
A%|86400|10.10.10.12
Awww.%|86400|10.10.10.12

# We also need to set up an IP for the machine that serves email for
# out zone.  Becuase of how DNS is designed, we both need
# a record which states "The machine which handles mail for 
# out zone is called mail1." and a record which states
# "The IP address for mail1. is 10.10.10.15":
@%|86400|10|mail1.example.com.
Amail1.%|86400|10.10.10.15
This zone file would function identically to the first example zone file above.

Getting connected to the root name servers

An authoritative DNS server will not effectively serve a domain unless the root name servers are aware that a given DNS server serves a given domain name.

When a recursive DNS server attempts to find the IP for, say, www.example.com, it firsts asks the root nameservers for this IP. The root name servers send out a reply which says "We do not know that answer to this question, but you can contact the DNS server at 10.1.2.3 for the answer". At this point, the recursive DNS server contacts 10.1.2.3, asking it for the IP for www.example.com.

In order that the entire internet community may be aware of a domain, the domain must be registered with the root name servers, so that the root name servers know that IPs of the machines which are authoritative DNS servers for the domain in question.

The exact policies which one needs to confirm to to register their domain depend on the register in question. To register a domain under the generic domain names (presently .com, .net, .org, and .info) one simply needs to register their name with a register, and follow some guidelines when designing the zone files for their domain.

There are a number of competing registrars which server domain names. One which I have extremely happy with is Net Wizards; domains can be reigstered at http://domains.netwiz.net/. In order to register a domain, make sure that: