8.2 Migration

This section provides information on migrating from NetWare 6.5 DNS server to SLES/OES DNS server.

8.2.1 Critical Differences Between NetWare and Linux

Before proceeding with migration of DNS from NetWare to Linux, it is important to note the following critical differences between DNS on NetWare and DNS on Linux:

  • In Linux, NetWare features like eDirectory™ integration, dynamic reconfiguration, fault tolerance, SNMP, auditing, and the iManager plug-in for configuring DNS are not available.

  • In NetWare, logging information is captured in the named.run file; however on SLES/Linux, logging channels must be configured. For information on configuring logging channels, refer to Step 1.

  • In Linux, the path for the zone.db files is specified in the named.conf file. It is not required in NetWare.

  • To contact root servers and to get local host information, three additional zones are present by default in the named.conf file. Zone.db files for these zones are installed as part of the DNS installation on SLES.

  • DNS server is loaded on SLES/OES by using the rcnamed script. When run on Linux, this script has a different set of parameters.

    For more details on the parameters used in the SLES/OES Linux environment, refer to the SLES Documentation Web site.

  • To support dynamic updates on SLES, TSIG keys must be generated and specified in the named.conf file. For more details on creating keys, refer to Step 2.

  • SLES DNS cannot receive dynamic updates from NetWare DHCP. Because of this, when a primary zone is migrated from NetWare to the SLES/OES environment, the DHCP server must also be migrated from NetWare.

  • The following command line parameters associated with named on NetWare are not available on Linux.

    
FT on/off

    jsize

    -r on/off

    dc

    zi

    -qstats

    -pa

    -info

    -rp

    -v [volume name]

    In the Linux environment there are some options that have the same name as options on NetWare but have a different function. For example, The -v option on Linux gives the version number, but on NetWare this option is used to specify volumes on which the named configuration files are to be created.

    NetWare also has several options that are supported on Linux under a different name.

    The following table describes the distinctions between options on NetWare and Linux:

    Table 8-2 Differences in Between Options on NetWare and Linux

    Option on Netware

    Functionality on NetWare

    Corresponding Option on Linux

    -mstat

    Lists memory usage statistics in the etc\dns\named.mem file

    -s

    -s

    Supports screen logging

    -g

    -dl

    Supports specifying debug levels

    -d

8.2.2 Server Options

The following table lists the server options on NetWare and their equivalents on Linux:

Table 8-3 Server Options on NetWare and Their Equivalents on Linux

NetWare

Linux

additional-from-auth;

additional-from-auth

additional-from-cache

additional-from-cache

also-notify

also-notify

allow-notify

allow-notify

allow-query

allow-query

allow-recursion

allow-recursion

allow-transfer

allow-transfer

blackhole

blackhole

cleaning-interval

cleaning-interval

forward

forward

forwarders

forwarders. Linux permits a maximum of 3 forwarders

listen-on

listen-on

novell_audit-level

N/A

max-cache-size

max-cache-size

max-cache-ttl

max-cache-ttl

max-ncache-ttl

max-ncache-ttl

minimal-responses

minimal-responses

notify

notify

notify-source

notify-source

novell_nofwd-list

N/A

novell_server-dn

N/A

novell_server-dnsname

N/A

novell_server-mod-time

N/A

novell_snmp-trap

N/A

recursive-clients

recursive-clients

8.2.3 Zone Options

The following table lists the zone options on NetWare and their equivalents on Linux

Table 8-4 Zone Options on NetWare and Their Equivalents on Linux

Netware Zone Option

Linux Zone Option

novell_designated-server

N/A

novell_zone-servers

N/A

Type

type

Allow-update

allow-update

Allow-query

allow-query

forward

forward

also-notify

also-notify

notify

notify

Zone-statistics

zone-statistics

notify-source

notify-source

novell_zone-mod-time

N/A

novell_zone-creation-time

N/A

novell_zone-dn

N/A

Masters

masters

transfer-source

transfer-source

8.2.4 Migration Process

This section details the migration process from a NetWare 6.5 DNS server to a SLES/OES DNS server.

Migrating the Primary Zone

To migrate the zone configuration of a master zone from a NetWare 6.5 DNS server to a SLES/OES DNS server:

  1. Edit named.conf on NetWare and copy the entire master zone configuration as shown below to the named.conf file on SLES. 

    
zone “example.com” in 

    {    

    ...

    ...

    type master;

    ...

    ...

    };

  2. Delete specific NetWare options from the zone configuration. Refer to Table 8-3.

  3. Copy the zone.db file from sys:/etc/DNS on NetWare DNS to /var/lib/named/master on the SLES DNS server.

  4. Add the following file path to the zone configuration in the named.conf file 

    
zone “example.com” in

    {

    file “/var/lib/named/master/example.com.db”;

    };

    Example.com.db is the file that was copied in Step 3.

  5. Open the example.com.db file, then find and replace all occurrences of the old server name with the name of the new Linux server.

  6. Save the named .conf file and the example.com.db file.

  7. Start the DNS Server by using the rcnamed.start command

Migrating the Secondary Zone

  1. Edit named.conf on the NetWare server and copy the entire secondary zone configuration as shown below to named.conf on SLES/OES. 

    
zone “example.com” in 

    {

    ....

    ....

    type slave;

    ....

    ....

    };

  2. Delete specific NetWare options from the zone configuration. Refer to Table 8-4.

  3. Add the file path in named.conf file as follows:

    
zone “example.com” in

    {

    file “/var/lib/named/slave/example.com.db”;

    };

  4. Save the named .conf file.

  5. Start the DNS Server with rcnamed.start command.

The zone.db file is created in the slave folder.

Migrating the Server Configuration

All DNS Server configurations and settings are saved in sys:/etc/dns/named.con on NetWare and /etc/named.conf in SLES.

The named.conf entries with default configurations for a DNS server appears as follows on NetWare.


options 

{

novell_server-dnsname "test-dns-2.blr.novell.com";

novell_server-mod-time 1126157362;

novell_server-dn "test-dns-2.novell";

};

The basic Linux configuration file and options are described in the SUSE Linux Enterprise Server 9 Administration Guide

To migrate a server to Linux, all the options with a "novell_ " prefix in the option name must be deleted because they are specific to NetWare only.

8.2.5 Post Migration Steps

  1. Configure the logging channel in the named.conf file

    Use the channel option within the logging statement to create a customized type of log, with its own filename, size limit, versioning, and level of importance. After a customized channel has been defined, a category option is used to categorize the channel and begin logging when named is restarted.

    By default, named.run logs standard messages to the syslog daemon, which places them in /var/log/messages folder. This occurs because several standard channels are built into BIND with various severity levels, such as one that handles informational logging messages (default_syslog) and another that specifically handles debugging messages (default_debug). The default category uses the built-in channels to do normal logging without any special configuration.

    Customizing the logging process requires detailed information that is beyond the scope of this manual. For information on creating custom BIND logs, refer to the BIND 9 Administrator Reference Manual.

  2. Use TSIG to create keys to enable dynamic updating.

    Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server and server-to-client communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, in particular responses and updates.TSIG is simple to configure, lightweight for resolvers and name servers to use, and flexible to secure DNS messages and dynamic updates. For dynamic updates, it is mandatory to create a TSIG key in Linux and this can be done by following instructions described in the BIND 9 Administrator Reference Manual

8.2.6 Useful Tools

The following tools help you to easily manage the Linux environment

Table 8-5 Useful Tools on Linux

Tools

Usage

Yast

WebMin

RNDC

These tools can be used for management of DNS on SLES. YaST doesn't support all the configuration options, so WebMin can be used for Web-based management or editing files.

A utility that lets you administer a named daemon from the local host or from a remote host.

Dig

Host

nsupdate

nslookup

Used to verify the setup after migration

rcnamed-status

rcnamed-info

Useful for verifying a Named setup.