Configure DNS (BIND) Server on CentOS 7 / RHEL 7

dns

The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities.

Most importantly, it translates domain names meaningful to humans into the numerical identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.

This guide will help you to set up DNS server on CentOS 7 / RHEL 7, focusing on master DNS server.

Assumptions:

Server Name: primary.itzgeek.local

IP Address: 192.168.12.8

Installing BIND package:

BIND stands for Berkeley Internet Name Domain is the software which provides ability to perform name to ip conversion.

# yum -y install bind bind-utils

Configuring BIND:

Configuration file of bind is /etc/named.conf, open up /etc/named.conf file. Comment out the following line, this will enable BIND to listen on all ip address’s.

#listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { :!! };

Add your network in the following line, I’ve added 192.168.12.0/24, this will allow the clients from mentioned network can query the DNS for name to ip translation.

allow-query     { localhost;192.168.12.0/24; };

If you want to transfer all zones to slave server (192.168.12.6), add the following line (Optional)

allow-transfer { 192.168.12.6; };

Creating zones:

The following is the forward zone entry in named.conf file, written for itzgeek.local domain. Edit /etc/named.conf.

# vi /etc/named.conf
 
zone "itzgeek.local" IN {
type master;
file "fwd.itzgeek.local.db";
allow-update { none; };
};

itzgeek.local – Domain name
master – Primary DNS
fwd.itzgeek.local.db – Forward lookup file
allow-update – Since this is the primary DNS, it should be none.

The following is the reverse zone entry in the named.conf file.

zone "12.168.192.in-addr.arpa" IN {
type master;
file "12.168.192.db";
allow-update { none; };
};

12.168.192.in-addr.arpa – Reverse lookup name
master – Primary DNS
12.168.192.db – Forward lookup file
allow-update – Since this is the primary DNS, it should be none.

Creating zone files:

Once zones are created in named.conf, it’s the time to create a zone files for a created zone. Default location of zone file is /var/named, if you have not mentioned full path. Create a zone file called fwd.itzgeek.local.db for forward zone under /var/named directory, all domain names should end with dot (.).

There are some special keywords for Zone Files
A – A record
NS – Name Server
MX – Mail for Exchange
CN – Canonical Name

# vi /var/named/fwd.itzgeek.local.db
 
$TTL 86400
@   IN  SOA     primary.itzgeek.local. root.itzgeek.local. (
2014112511  ;Serial
3600        ;Refresh
1800        ;Retry
604800      ;Expire
86400       ;Minimum TTL
)
;Name Server Information
@      IN  NS      primary.itzgeek.local.
;IP address of Name Server
primary IN  A       192.168.12.8
;Mail exchanger
itzgeek.local. IN  MX 10   mail.itzgeek.local.
;A - Record HostName To Ip Address
www     IN  A       192.168.12.100
mail    IN  A       192.168.12.150
;CNAME record
ftp     IN CNAME        www.itgeek.local.

Create a zone file called 12.168.192.db for reverse zone under /var/named directory, create reverse pointer to the above forward zone entries.

PTR – Pointer
SOA – Start of Authority

# vi /var/named/12.168.192.db
 
$TTL 86400
@   IN  SOA     primary.itzgeek.local. root.itzgeek.local. (
2014112511  ;Serial
3600        ;Refresh
1800        ;Retry
604800      ;Expire
86400       ;Minimum TTL
)
;Name Server Information
@ IN  NS      primary.itzgeek.local.
;Reverse lookup for Name Server
8        IN  PTR     primary.itzgeek.local.
;PTR Record IP address to HostName
100      IN  PTR     www.itzgeek.local.
150      IN  PTR     mail.itzgeek.local.

Once zone files are created, restart bind service.

# systemctl restart named.service

Enable it on system start up.

# systemctl enable named.service

Verifying zones:

Visit any client machine, add dns entry in /etc/resolv.conf if the network is not managed by Network Manager.

# vi /etc/resolv.conf
 
nameserver 192.168.12.8

If the networking is managed by NM, place the following entry in /etc/sysconfig/network-scripts/ifcfg-eXX file.

DNS1=192.168.12.8

Restart network service.

# systemctl restart NetworkManager.service

Use the following command to verify the forward lookup, where the DNS server gives 192.168.12.100 as a ip for www.itzgeek.local.

[root@client ~]# dig www.itzgeek.local
 
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.itzgeek.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35556
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.itzgeek.local.             IN      A
 
;; ANSWER SECTION:
www.itzgeek.local.      86400   IN      A       192.168.12.100
 
;; AUTHORITY SECTION:
itzgeek.local.          86400   IN      NS      primary.itzgeek.local.
 
;; ADDITIONAL SECTION:
primary.itzgeek.local.  86400   IN      A       192.168.12.8
 
;; Query time: 2 msec
;; SERVER: 192.168.12.8#53(192.168.12.8)
;; WHEN: Tue Nov 25 14:26:04 EST 2014
;; MSG SIZE  rcvd: 100

If you get command not found, install bind-utils package.

Confirm the reverse lookup, where DNS server gives www.itzgeek.local as a name for 192.168.12.100. It is now confirmed that both forward and reverse lookups are working fine.

[root@client ~]# dig -x 192.168.12.100
 
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 192.168.12.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28195
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;100.12.168.192.in-addr.arpa.   IN      PTR
 
;; ANSWER SECTION:
100.12.168.192.in-addr.arpa. 86400 IN   PTR     www.itzgeek.local.
 
;; AUTHORITY SECTION:
12.168.192.in-addr.arpa. 86400  IN      NS      primary.itzgeek.local.
 
;; ADDITIONAL SECTION:
primary.itzgeek.local.  86400   IN      A       192.168.12.8
 
;; Query time: 2 msec
;; SERVER: 192.168.12.8#53(192.168.12.8)
;; WHEN: Tue Nov 25 14:28:43 EST 2014
;; MSG SIZE  rcvd: 125

If every thing goes fine, you have successfully installed BIND on CentOS 7 / RHEL 7 as master server. Tutorial on configuring slave server will be posted in coming days.

POSTS YOU MAY LIKE -:)

Share This Post

  • Dino Conti

    be careful to have the zone files owned by root and named as otherwise Bind will not read them
    chown root:name *.local

  • block driveway sealant

    Nice weblog right here! Adfitionally your website lots up very fast!
    What web host are you using? Can I am getting your assochiate hyperlink in your host?

    I want my web site loaded upp as quickly as yours lol

  • address

    Cover with a click here photosensitive surface. It also proves to be
    washed. So I’m going to straight stitch on the other side.

  • sagar dalvi

    Thank You very much
    It is very Helpfull

  • luli

    Hi

    Nice tutorial, l just have one question ?
    how can l host second domain with one dns; or how can l add records on the zone for the second domain ?

    All the best

  • consider.elo.me

    whoah this weblog is magnificent i really like reading your posts.
    Keep up the good work! You recognize, manhy persons are searching
    around for this info, you can help them greatly.

  • Hello, how do you append this with a public DNS server (so clients can also join public hosts) ?
    In
    my case, CentOS7 is itself connected to Internet with a public DNS
    server… (on its interface configuration, there are already DNS1 and
    DNS2 lines)

Shares