Linux, Windows, Virtualization, OpenSource & Blogging

Configure DNS (BIND) Server on CentOS 7 / RHEL 7

7

The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities.

Most importantly, it translates domain names meaningful to humans into the numerical identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.

This guide will help you to set up DNS server on CentOS 7 / RHEL 7.

Assumptions

Server Name: primary.itzgeek.local

IP Address: 192.168.12.8

Install BIND package

BIND stands for Berkeley Internet Name Domain, a software which provides an ability to perform name to ip conversion.

# yum -y install bind bind-utils

Configure BIND

Configuration file of bind is /etc/named.conf, open up /etc/named.conf file. Comment out the following line, and this will enable BIND to listen on all ip addresses.

#listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { ::1; };

Add your network in the following line. I’ve added 192.168.12.0/24, and this will allow clients from the mentioned network can query the DNS for the name to ip translation.

allow-query     { localhost;192.168.12.0/24; };

If you want to transfer all zones to slave server (192.168.12.6), add the following line (Optional)

allow-transfer { 192.168.12.6; };

Create Zones

The following is the forward zone entry in named.conf file, written for the itzgeek.local domain. Edit /etc/named.conf.

# vi /etc/named.conf

zone "itzgeek.local" IN {
type master;
file "fwd.itzgeek.local.db";
allow-update { none; };
};

itzgeek.local – Domain name
master – Primary DNS
fwd.itzgeek.local.db – Forward lookup file
allow-update – Since this is the primary DNS, it should be none

The following is the reverse zone entry in the named.conf file.

zone "12.168.192.in-addr.arpa" IN {
type master;
file "12.168.192.db";
allow-update { none; };
};

12.168.192.in-addr.arpa – Reverse lookup name
master – Primary DNS
12.168.192.db – reverse lookup file
allow-update – Since this is the primary DNS, it should be none

Create zone files

Now, it’s the time to create a lookup file for a created zone. By default, zone lookup files are placed under /var/named directory. Create a zone file called fwd.itzgeek.local.db for forward lookup under /var/named directory. All domain names should end with a dot (.).

There are some special keywords for Zone Files

A – A record
NS – Name Server
MX – Mail for Exchange
CNAME – Canonical Name

# vi /var/named/fwd.itzgeek.local.db

$TTL 86400
@   IN  SOA     primary.itzgeek.local. root.itzgeek.local. (
2014112511  ;Serial
3600        ;Refresh
1800        ;Retry
604800      ;Expire
86400       ;Minimum TTL
)
;Name Server Information
@      IN  NS      primary.itzgeek.local.
;IP address of Name Server
primary IN  A       192.168.12.8
;Mail exchanger
itzgeek.local. IN  MX 10   mail.itzgeek.local.
;A - Record HostName To Ip Address
www     IN  A       192.168.12.100
mail    IN  A       192.168.12.150
;CNAME record
ftp     IN CNAME        www.itgeek.local.

Create a zone file called 12.168.192.db for reverse zone under /var/named directory, create a reverse pointer to the above forward zone entries.

PTR – Pointer
SOA – Start of Authority

# vi /var/named/12.168.192.db

$TTL 86400
@   IN  SOA     primary.itzgeek.local. root.itzgeek.local. (
2014112511  ;Serial
3600        ;Refresh
1800        ;Retry
604800      ;Expire
86400       ;Minimum TTL
)
;Name Server Information
@ IN  NS      primary.itzgeek.local.
;Reverse lookup for Name Server
8        IN  PTR     primary.itzgeek.local.
;PTR Record IP address to HostName
100      IN  PTR     www.itzgeek.local.
150      IN  PTR     mail.itzgeek.local.

Once zone files are created, restart bind service.

# systemctl restart named.service

Enable it on system startup.

# systemctl enable named.service

Verify zones

Visit any client machine and add a DNS server ip address in /etc/resolv.conf if Network Manager does not manage the network.

# vi /etc/resolv.conf

nameserver 192.168.12.8

If Network Manager manages the networking then place the following entry in /etc/sysconfig/network-scripts/ifcfg-eXX file.

DNS1=192.168.12.8

Restart network service.

# systemctl restart NetworkManager.service

Use the following command to verify the forward lookup, where the DNS server gives 192.168.12.100 as an ip for www.itzgeek.local.

[root@client ~]# dig www.itzgeek.local

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.itzgeek.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35556
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.itzgeek.local.             IN      A

;; ANSWER SECTION:
www.itzgeek.local.      86400   IN      A       192.168.12.100

;; AUTHORITY SECTION:
itzgeek.local.          86400   IN      NS      primary.itzgeek.local.

;; ADDITIONAL SECTION:
primary.itzgeek.local.  86400   IN      A       192.168.12.8

;; Query time: 2 msec
;; SERVER: 192.168.12.8#53(192.168.12.8)
;; WHEN: Tue Nov 25 14:26:04 EST 2014
;; MSG SIZE  rcvd: 100

Install bind-utils package to get nslookup or dig command.

Confirm the reverse lookup, where DNS server gives www.itzgeek.local as a name for 192.168.12.100. It is now confirmed that both forward and reverse lookups are working fine.

[root@client ~]# dig -x 192.168.12.100

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 192.168.12.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28195
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;100.12.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
100.12.168.192.in-addr.arpa. 86400 IN   PTR     www.itzgeek.local.

;; AUTHORITY SECTION:
12.168.192.in-addr.arpa. 86400  IN      NS      primary.itzgeek.local.

;; ADDITIONAL SECTION:
primary.itzgeek.local.  86400   IN      A       192.168.12.8

;; Query time: 2 msec
;; SERVER: 192.168.12.8#53(192.168.12.8)
;; WHEN: Tue Nov 25 14:28:43 EST 2014
;; MSG SIZE  rcvd: 125

That’s All. You have successfully installed BIND on CentOS 7 / RHEL 7 as the master server.  You can find a tutorial on configuring slave server here.

POSTS YOU MAY LIKE -:)

You might also like
  • Dino Conti

    be careful to have the zone files owned by root and named as otherwise Bind will not read them
    chown root:name *.local

  • block driveway sealant

    Nice weblog right here! Adfitionally your website lots up very fast!
    What web host are you using? Can I am getting your assochiate hyperlink in your host?

    I want my web site loaded upp as quickly as yours lol

  • address

    Cover with a click here photosensitive surface. It also proves to be
    washed. So I’m going to straight stitch on the other side.

  • sagar dalvi

    Thank You very much
    It is very Helpfull

  • luli

    Hi

    Nice tutorial, l just have one question ?
    how can l host second domain with one dns; or how can l add records on the zone for the second domain ?

    All the best

  • consider.elo.me

    whoah this weblog is magnificent i really like reading your posts.
    Keep up the good work! You recognize, manhy persons are searching
    around for this info, you can help them greatly.

  • Hello, how do you append this with a public DNS server (so clients can also join public hosts) ?
    In
    my case, CentOS7 is itself connected to Internet with a public DNS
    server… (on its interface configuration, there are already DNS1 and
    DNS2 lines)

Configure DNS (BIND) Server on CentOS 7 / RHEL 7

7