June 24, 2021

Decrypt Info

Because we care, we're security aware.

How To Configure DNS Server In Linux

0 0
3 min read
DNS-decryptinfo.com
0 0
Read Time:3 Minute, 49 Second

Domain Name Service (DNS) is a service that resolves IP addresses to fully qualified domain names (FQDN) and vice versa.

BIND is the common program used for configuring a name-server on Linux. Full-Form of BIND is Berkley Internet Naming Daemon.

Lets Decryptinfo regarding Configuration of Primary DNS Server

Primary DNS Server Details
OS – CentOS (Minimal Server)
Hostname – primarydns.test.com
IP Address – 192.168.1.200/24

Execute command to install bind package

#yum install bind* -y

Step 1:

Configure DNS Server

The configuration of the DNS will look like below. Edit and add the entries below which are marked
as bold in this configuration file.

#vi /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen‐on port 53 { 127.0.0.1; 192.168.1.200;}; ## Master listen‐on‐v6 port 53 { ::1; };
directory “/var/named”;
dump‐file “/var/named/data/cache_dump.db”;
statistics‐file “/var/named/data/named_stats.txt”;
memstatistics‐file “/var/named/data/named_mem_stats.txt”;
allow‐query { localhost; 192.168.1.0/24; }; ## IP Range allow‐transfer { localhost; 192.168.1.201; }; ## Slave recursion yes;
dnssec‐enable yes;
dnssec‐validation yes;
dnssec‐lookaside auto;
/* Path to ISC DLV key */
bindkeys‐file “/etc/named.iscdlv.key”;
managed‐keys‐directory “/var/named/dynamic”;
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “test.com” IN {
type master;
file “fwd.test.com”;
allow‐update { none; };
};
zone “1.168.192.in‐addr.arpa” IN {
type master;
file “rev.test.com”;
allow‐update { none; };
};
include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;

Step 2:

Create Zone files
Now we should create forward and reverse zone files which we mentioned in the ‘/etc/named.conf’ file.

Create ‘fwd.test.com’ file in the ‘/var/named’ directory and add the entries for the forward zone as below.
## vi /var/named/fwd.test.com

$TTL 86400
@ IN SOA primarydns.test.com. root.test.com. (
2020071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS primarydns.test.com.

primarydns IN A 192.168.1.200


Create Reverse Zone

Create ‘rev.test.com’ file in the ‘/var/named’ directory and add the entries for the reverse zone as shown below.

# vi /var/named/rev.test.com

$TTL 86400
@ IN SOA primarydns.test.com. root.test.com. (
2020071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS primarydns.test.com.
primarydns IN A 192.168.1.200
200 IN PTR primarydns.test.com.

Step:3

Start the named service
# service named start
Output: Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
# chkconfig named on (enabling named service at system boot)

Step 4:

Configure DNS Server request via iptables

# vim /etc/sysconfig/iptables
# Firewall configuration written by system‐config‐firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
‐A INPUT ‐p udp ‐m state ‐‐state NEW ‐‐dport 53 ‐j ACCEPT
‐A INPUT ‐p tcp ‐m state ‐‐state NEW ‐‐dport 53 ‐j ACCEPT
‐A INPUT ‐m state ‐‐state ESTABLISHED,RELATED ‐j ACCEPT
‐A INPUT ‐p icmp ‐j ACCEPT
‐A INPUT ‐i lo ‐j ACCEPT
‐A INPUT ‐m state ‐‐state NEW ‐m tcp ‐p tcp ‐‐dport 22 ‐j ACCEPT
‐A INPUT ‐j REJECT ‐‐reject‐with icmp‐host‐prohibited
‐A FORWARD ‐j REJECT ‐‐reject‐with icmp‐host‐prohibited
COMMIT

Step 5:

# service iptables restart
Output :
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]


Step 6:

Test DNS Server

#dig primarydns.test.com
; <<>> DiG 9.8.2rc1‐RedHat‐9.8.2‐0.10.rc1.el6_3.6 <<>> primarydns.test.com
;; global options: +cmd
;; Got answer:
;; ‐>>HEADER<<‐ opcode: QUERY, status: NOERROR, id: 11496
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;primarydns.test.com. IN A
;; ANSWER SECTION:
primarydns.test.com. 86400 IN A 192.168.1.200
;; AUTHORITY SECTION:
test.com. 86400 IN NS primarydns.test.com.
test.com. 86400 IN NS slavedns.test.com.
;; ADDITIONAL SECTION:
slavedns.test.com. 86400 IN A 192.168.1.201
;; Query time: 5 msec
;; SERVER: 192.168.1.200#53(192.168.1.200)
;; WHEN: Sun Mar 3 12:48:35 2013
;; MSG SIZE rcvd: 110
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

2 thoughts on “How To Configure DNS Server In Linux

Leave a Reply