Configuring KNOT

1. Log into your AUTH1 machine (10.X.1.1) and :

    # cd /etc/knot/

    Now edit the file knot.conf, and make the following changes:

	Now let's add your TLD zone.  Insert the following lines,
	replacing the appropriate values for your own and slave zones:

- - - - - - - - - - - - - - - cut below - - - - - - - - - - - - - 

  remotes {
    master0 { address 10.Y.1.1@53; }
    slave0 { address 10.Y.1.1@53; }
    all { address 0.0.0.0/0; }
  }
		
  zones {

  MYTLD {
     file "/etc/bind/master/MYTLD";
     xfr-out slave0, all;
     notify-out slave0;
  }

  OTHERTLD {
     file "OTHERTLD";
     xfr-in master0;
     notify-in master0;
  }

  }
  
- - - - - - - - - - - - - - - cut above - - - - - - - - - - - - - 

        10.Y.1.1 is the master server for OTHERTLD and typically
	your slave.  It is assumed you have completed the BIND
	exercize and hence the zonefile is in /etc/bind/master/MYTLD

	Note: Knot likes lower case names in the conf file so
	make sure to replace MYTLD with your tld in lower case.
	Same for the TLD you are slave for OTHERTLD.

	- Save the file, exit

	Increment the SOA serial in /etc/bind/master/MYTLD so
	that we can see chages on the slave.

	For more info, "man knot.conf"

2. Start KNOT !

    If BIND is running, disable starting it

    # update-rc.d bind9 disable

    and stop it.

    # service bind9 stop

    If NSD is running, disable starting it

    # echo "manual" > /etc/init/nsd.override

    and stop it.

    # service nsd stop
    
    Make sure KNOT is not disabled by removing:

    # rm /etc/init/knot.override
    
    Next start KNOT.
    
    # service knot start

    and check that knot is running with

    # tail /var/log/syslog
    # ps ax | grep knot

    Errors can be checked with:

    # knotc checkconf
    # knotc checkzone
    
    Correct and errors and restart knot.

    # service knot restart

3. Test that your new server is answering:

    # dig @127.0.0.1 MYTLD SOA

4. Controlling KNOT

   To cause the KNOT daemon to reload the zone:

   # knotc reload

   To stop the KNOT program:

   # knotc stop

   To check if it is running:

   # ps ax | grep knot
   OR
   # knotc zonestatus

5. Verify that your slave has picked up a new copy of the zone:

   # dig @10.Y.1.1 SOA MYTLD

   and on the class resolver...
   
   # dig @10.192.0.230 SOA MYTLD

   Do the SOA serial numbers match?

6. Return to using BIND for the rest of the class labs.

   # service knot stop
   # echo "manual" > /etc/init/knot.override
   # update-rc.d bind9 enable
   # service bind9 start