Domain Name Service (DNS) is a service that resolves IP addresses to fully qualified domain names (FQDN) and vice versa.
BIND is the common program used for configuring a name-server on Linux. Full-Form of BIND is Berkley Internet Naming Daemon.
Lets Decryptinfo regarding Configuration of Primary DNS Server
OS – CentOS (Minimal Server)
Hostname – primarydns.test.com
IP Address – 192.168.1.200/24
Execute command to install bind package
Step 1:
Configure DNS Server
The configuration of the DNS will look like below. Edit and add the entries below which are marked
as bold in this configuration file.
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen‐on port 53 { 127.0.0.1; 192.168.1.200;}; ## Master listen‐on‐v6 port 53 { ::1; };
directory “/var/named”;
dump‐file “/var/named/data/cache_dump.db”;
statistics‐file “/var/named/data/named_stats.txt”;
memstatistics‐file “/var/named/data/named_mem_stats.txt”;
allow‐query { localhost; 192.168.1.0/24; }; ## IP Range allow‐transfer { localhost; 192.168.1.201; }; ## Slave recursion yes;
dnssec‐enable yes;
dnssec‐validation yes;
dnssec‐lookaside auto;
/* Path to ISC DLV key */
bindkeys‐file “/etc/named.iscdlv.key”;
managed‐keys‐directory “/var/named/dynamic”;
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “test.com” IN {
type master;
file “fwd.test.com”;
allow‐update { none; };
};
zone “1.168.192.in‐addr.arpa” IN {
type master;
file “rev.test.com”;
allow‐update { none; };
};
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;
Step 2:
Create Zone files
Now we should create forward and reverse zone files which we mentioned in the ‘/etc/named.conf’ file.
Create ‘fwd.test.com’ file in the ‘/var/named’ directory and add the entries for the forward zone as below.
## vi /var/named/fwd.test.com
@ IN SOA primarydns.test.com. root.test.com. (
2020071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS primarydns.test.com.
primarydns IN A 192.168.1.200
Create Reverse Zone
Create ‘rev.test.com’ file in the ‘/var/named’ directory and add the entries for the reverse zone as shown below.
# vi /var/named/rev.test.com
@ IN SOA primarydns.test.com. root.test.com. (
2020071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS primarydns.test.com.
primarydns IN A 192.168.1.200
200 IN PTR primarydns.test.com.
Step:3
# service named start
Output: Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
# chkconfig named on (enabling named service at system boot)
Step 4:
Configure DNS Server request via iptables
# Firewall configuration written by system‐config‐firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
‐A INPUT ‐p udp ‐m state ‐‐state NEW ‐‐dport 53 ‐j ACCEPT
‐A INPUT ‐p tcp ‐m state ‐‐state NEW ‐‐dport 53 ‐j ACCEPT
‐A INPUT ‐m state ‐‐state ESTABLISHED,RELATED ‐j ACCEPT
‐A INPUT ‐p icmp ‐j ACCEPT
‐A INPUT ‐i lo ‐j ACCEPT
‐A INPUT ‐m state ‐‐state NEW ‐m tcp ‐p tcp ‐‐dport 22 ‐j ACCEPT
‐A INPUT ‐j REJECT ‐‐reject‐with icmp‐host‐prohibited
‐A FORWARD ‐j REJECT ‐‐reject‐with icmp‐host‐prohibited
COMMIT
Step 5:
Output :
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
Step 6:
Test DNS Server
; <<>> DiG 9.8.2rc1‐RedHat‐9.8.2‐0.10.rc1.el6_3.6 <<>> primarydns.test.com
;; global options: +cmd
;; Got answer:
;; ‐>>HEADER<<‐ opcode: QUERY, status: NOERROR, id: 11496
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;primarydns.test.com. IN A
;; ANSWER SECTION:
primarydns.test.com. 86400 IN A 192.168.1.200
;; AUTHORITY SECTION:
test.com. 86400 IN NS primarydns.test.com.
test.com. 86400 IN NS slavedns.test.com.
;; ADDITIONAL SECTION:
slavedns.test.com. 86400 IN A 192.168.1.201
;; Query time: 5 msec
;; SERVER: 192.168.1.200#53(192.168.1.200)
;; WHEN: Sun Mar 3 12:48:35 2013
;; MSG SIZE rcvd: 110
3 Replies to “How To Configure DNS Server In Linux”