Home » Centos/RHEL » Installation and Configuration Bind DNS server

Installation and Configuration Bind DNS server

Bind is a free open source widely used Domain Name System (DNS) management application protocol over the INTERNET. Without DNS we can’t imagine of Internet service. Bind software basically developed by the University of California Berkeley in 1980. Bind officially supports PostgreSQL, MySQL, LDAP, Berkeley DB, and ODBC databases. Bind 4 and Bind 8 both versions had security vulnerabilities. It is most useful and suitable for production environment as well as high-volume and high-reliability applications. This article will help you to learn installation and configuration Bind DNS server on linux server.

In this tutorial we will configure Forward lookup, Reverse lookup and resolver with caching name server.

First of all we need to download and install require Bind RPM package as given below.
Require RPM package:- bind, bind-utils, caching-nameserver

[root@linuxpcf ~]# yum install bind bind-utils caching-nameserver

After installation gets completed on the server open the named.conf configuration file and append the following lines.

[root@linuxpcf ~]# vi /etc/named.conf
zone “dns.linuxpcfix.com” {
type master;
file “/var/named/dns.linuxpcfix.com.db”;
};zone “1.168.192.in-addr.arpa” {
type master;
file “/var/named/1.168.192.in-addr.arpa.db”;
};

It should be as mentioned image.

Then now change the directory /var/named/ and create the forward lookup zone.

[root@linuxpcf ~]# vi /var/named/dns.linuxpcfix.com.db

; Zone file for dns.linuxpcfix.com
$TTL 14400
dns.linuxpcfix.com. 86400 IN SOA dnshost.linuxpcfix.com. info@dns.linuxpcfix.com. (
2014092401 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
86400 ;minimum
)
dns.linuxpcfix.com. 86400 IN NS dns1.linuxpcfix.com.
dns.linuxpcfix.com. 86400 IN NS dns2.linuxpcfix.com.
dns.linuxpcfix.com. 14400 IN A 192.168.1.1
dns.linuxpcfix.com. 14400 IN MX 0 dns.linuxpcfix.com.
localhost 14400 IN A 127.0.0.1
mail 14400 IN A 192.168.1.1
www 14400 IN CNAME dns.linuxpcfix.com.
ftp 14400 IN A 192.168.1.1
forum 14400 IN A 192.168.1.1
www.forum 14400 IN A 192.168.1.1

To create reverse lookup zone

[root@linuxpcf ~]#vi /var/named/1.168.192.in-addr.arpa.db
; Zone file for 1.168.192.in-addr.arpa
$TTL 14400
1.168.192.in-addr.arpa. 86400 IN SOA dns1.linuxpcfix.com. info.dns.linuxpcfix.com. (
2011110826 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
86400 ;minimum
)
1.168.192.in-addr.arpa. 86400 IN NS dns1.linuxpcfix.com.
1.168.192.in-addr.arpa. 86400 IN NS dns2.linuxpcfix.com.
1.168.192.in-addr.arpa. 14400 IN A 192.168.1.1
localhost 14400 IN A 127.0.0.1
1.168.192.in-addr.arpa. 14400 IN MX 0 subnet0.1.168.192.in-addr.arpa.
1 14400 IN PTR dns.linuxpcfix.com.
2 14400 IN PTR dns1.linuxpcfix.com.
3 14400 IN PTR dns2.linuxpcfix.com.

Note :: make sure named.conf and zone file’s owernship must be named user.

Finally restart the named service.

[root@linuxpcf ~]# service named restart

or

[root@linuxpcf ~]#/etc/init.d/named restart

Now time to verify the named service that everything working fine or not. You can verify the same using the DIG and NSLOOKUP tools both have the great feature for testing various dns records.

To verify the domain’s A, MX, SOA NS records through nslookup use the below command.

[root@linuxpcf ~]#nslookup dns.linuxpcfix.com localhost
Server: localhost
Address: ::1#53Name: dns.linuxpcfix.com
Address: 192.168.1.1

The above command will print the domains A record.

To see the A record through DIG exectute the below command.

[root@linuxpcf ~]#dig A dns.linuxpcfix.com @localhost
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> A dns.linuxpcfix.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<;; QUESTION SECTION:
;dns.linuxpcfix.com. IN A;; ANSWER SECTION:
dns.linuxpcfix.com. 14400 IN A 192.168.1.1

;; AUTHORITY SECTION:
dns.linuxpcfix.com. 86400 IN NS dns2.linuxpcfix.com.
dns.linuxpcfix.com. 86400 IN NS dns1.linuxpcfix.com.

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jan 20 16:34:21 2015
;; MSG SIZE rcvd: 90

For print the MX record run the following command.

[root@linuxpcf ~]#dig mx dns.linuxpcfix.com @localhost
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> MX dns.linuxpcfix.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<;; QUESTION SECTION:
;dns.linuxpcfix.com. IN MX;; ANSWER SECTION:
dns.linuxpcfix.com. 14400 IN MX 0 dns.linuxpcfix.com.

;; AUTHORITY SECTION:
dns.linuxpcfix.com. 86400 IN NS dns1.linuxpcfix.com.
dns.linuxpcfix.com. 86400 IN NS dns2.linuxpcfix.com.

;; ADDITIONAL SECTION:
dns.linuxpcfix.com. 14400 IN A 192.168.1.1

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jan 20 16:34:51 2015
;; MSG SIZE rcvd: 106

For print the SOA record run the following command.

[root@linuxpcf ~]# dig soa dns.linuxpcfix.com @localhost
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> soa dns.linuxpcfix.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<;; QUESTION SECTION:
;dns.linuxpcfix.com. IN SOA;; ANSWER SECTION:
dns.linuxpcfix.com. 86400 IN SOA dnshost.linuxpcfix.com. info\@dns.linuxpcfix.com. 2014092401 86400 7200 3600000 86400

;; AUTHORITY SECTION:
dns.linuxpcfix.com. 86400 IN NS dns1.linuxpcfix.com.
dns.linuxpcfix.com. 86400 IN NS dns2.linuxpcfix.com.

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jan 20 16:35:15 2015
;; MSG SIZE rcvd: 127

For print the NS record run the following command.

[root@linuxpcf ~]# dig ns dns.linuxpcfix.com @localhost
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> ns dns.linuxpcfix.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<;; QUESTION SECTION:
;dns.linuxpcfix.com. IN NS;; ANSWER SECTION:
dns.linuxpcfix.com. 86400 IN NS dns2.linuxpcfix.com.
dns.linuxpcfix.com. 86400 IN NS dns1.linuxpcfix.com.

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jan 20 16:35:34 2015
;; MSG SIZE rcvd: 74

Now verify the reverse lookup.

[root@linuxpcf named]# dig -x 192.168.1.2 @localhost

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> -x 192.168.1.2 @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

;; QUESTION SECTION:
;2.1.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
2.1.168.192.in-addr.arpa. 14400 IN PTR dns1.linuxpcfix.com.

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS dns1.linuxpcfix.com.
1.168.192.in-addr.arpa. 86400 IN NS dns2.linuxpcfix.com.

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jan 20 16:47:34 2015
;; MSG SIZE rcvd: 108

For another IP

[root@linuxpcf named]# dig -x 192.168.1.1 @localhost

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> -x 192.168.1.1 @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

;; QUESTION SECTION:
;1.1.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
1.1.168.192.in-addr.arpa. 14400 IN PTR dns.linuxpcfix.com.

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS dns1.linuxpcfix.com.
1.168.192.in-addr.arpa. 86400 IN NS dns2.linuxpcfix.com.

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jan 20 16:48:15 2015
;; MSG SIZE rcvd: 112

Next to configuration simple dns resolver with caching name server your named.conf should be as below.

acl mynetwork {
your-network/24;
your-secondary-network/23;
localhost;
localnets;
};options {
directory “/var/named”;
version “not currently available”;
listen-on { any; };
listen-on-v6 { ::1; };
avoid-v4-udp-ports { range 1 32767; };
avoid-v6-udp-ports { range 1 32767; };
forwarders { google-dns-ip;opendns-ip; };
forward only;
dnssec-enable yes;
dnssec-validation yes;
max-ncache-ttl 300;
max-cache-ttl 86400;
recursion yes;
allow-query { mynetwork; };
allow-update-forwarding { none; };
allow-notify { none; };

};

That’s it! cheers!

About

I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry from last 7 years.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*

Time limit is exhausted. Please reload the CAPTCHA.

Categorized Tag Cloud