At the end of this tutorial you will be able to know How To Configure BIND as a DNS Server on RHEL7, and finally you will test DNS server functionality over the network.
How To Configure BIND as a DNS Server on RHEL7/CentOS7/Fedora26
1. How To
Configure BIND as a
Primary DNS Server
on RHEL7 / CentOS7
Author: Hafiz Haider
Website: www.BroExperts.com
Email: admin@broexperts.com
Step by Step Guide By : BroExperts.com
2. Introduction:
What is DNS?
DNS(Domain NameSystem) is a hierarchical structurethat is responsible for resolving hostnames into theirnumerical IPaddresses
for computer systems and vice versa.
• Domain NameSystemhasbeenused ontheinternet and inthe privatenetworks aswell.
Primary or Master DNS Server
A Primaryor Master DNSserver has authority of its domain and it is maintainerof domain’s original zonedata. Domain zone files are
maintainedon the primary DNSservers and theycan propagate domain’s record to secondary servers.
For More Free Linux Guides Visit: www.broexperts.com
3. For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
Lab Network Details:
Client For DNSTesting
IP: 192.168.199
FQDN: client.broexperts.local
OS: CentOS7.3(Min Install)
Lab Server
Domain: broexperts.local
IP: 192.168.1.114
FQDN: ns1.broexperts.local
OS: CentOS7.3(Min Install)
4. Our Goal:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
At the endof this tutorial you will beable to know How
To ConfigureBIND as a DNS Serveron RHEL7, and
finally you will test DNS serverfunctionality over the
network.
5. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
Step-1: InstallBIND Package
Installed requiredpackages bind and bind-utils using following yumcommand:
# yum install bind bind-utils -y
Step-2: ZoneEntryin /etc/named.conf file
After installing requiredbind packages, its time to edit main configuration file named.conf, which controls the
behavior and functionality of BIND.
Below i havementioned mymodified /etc/named.conf file with changesas per mynetworkand zone entryof
domain “broexperts.local” as mentioned above in lab server details.
Open /etc/named.conf file
6. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# vi /etc/named.conf
youcan edit your named.conf file as per yourrequirements by following all highlighted changesdone by meas
shown below
options {
listen-on port 53 {192.168.1.114; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.1.0/24;};
recursion no;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
7. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
###Forward Zone Entry###
zone "broexperts.local" IN {#Domain Name
type master;
file "db.broexperts.local.fwd"; #Forward Zone File Name
allow-update { none; };
};
###Reverse Zone Entry###
zone "1.168.192.in-addr.arpa" IN {# IP Address
type master;
file "db.broexperts.local.rev";#Reverse Zone File Name
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
8. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# named-checkconf
To verifyconfiguration done in correctmannersuse the following command
It will not throw anyerrorif configurations are done correctly, otherwise it will show errormessage.
Step-2: CreateZoneFiles.
Now let’s create zone files for ourdomain “broexperts.local” as mentioned in “named.conf”. To createthese
files we haveto use some sample files located under /var/named directory and namethemas per our zone
names, for forward zonewe need “db.broexperts.local.fwd” and for reversezone
“db.broexperts.local.rev” file. Let’s copy sample file and createour requiredfiles.
9. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# cd /var/named
# cp /var/named/named.localhost db.broexperts.local.fwd
# cp /var/named/named.loopback db.broexperts.local.rev
Wehave just created our forward and reversezone files under /var/named directory.
Step-2: Step-3: Configure Zone Files.
a) Forward Zone File
Theforward zone file will containall DNSrecords for forward DNS lookups, it means DNSwill look in
the forward zonefile wheneverDNS will receive a DNSquerye.g. to resolve client.broexperts.local.
Let’s edit and configure forward zonefile.
10. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# vi /var/named/db.broexperts.local.fwd
Simply delete all thesample contents in forward zonefile and paste below showing contents. Then update all
highlighted contents with yourown.
• ForwardlookupZonecontainsIPtohostname(FQDN)information
11. BIND Installation & Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
DNSRecords
SOA:
Stands for Start of authority. It identifies authority of zoneandsome parameters like serial
number,refresh time, retrytime, A expire time. TimeTo Live (TTL).
A: Name-to-address mapping.
CNAME: Canonicalname (for aliases)
PTR: Pointer records means, IP to namemapping.
MX: Contains mail exchangerinformation for particular domain.
12. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
$TTL 604800
@ IN SOA ns1.broexperts.local. admin.broexperts.local. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;Name Server
@ IN NS ns1.broexperts.local.
;A Records
ns1 IN A 192.168.1.114
client IN A 192.168.1.199
Forward Lookup Zone File Contents (/var/named/db.broexperts.local.fwd)
13. BIND Installation & Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
b) Reverse Zone File
Thereversezone file wherewedefine all DNS PTRrecords for reverse lookup. Let’s say DNSreceives a
queryto resolve an IPAddress “192.168.1.199”into hostname, it will look into reverse lookup file and
returnFQDNwhich is client.broexperts.local in ourcase. Let’s configure db.broexperts.local.rev
file.
# vi /var/named/db.broexperts.local.rev
Copyand paste below contents into yourreverselookup file then replace all highlighted contents as per your
requirements.
• ReverselookupZonecontainshostname(FQDN)toIPinformation.
14. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
$TTL 604800
@ IN SOA ns1.broexperts.local. admin.broexperts.local. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;Name Server
@ IN NS ns1.broexperts.local.
;A Record
ns1 IN A 192.168.1.114
;PTR Records
114 IN PTR ns1.broexperts.local.
199 IN PTR client.broexperts.local.
ReverseLookup Zone File Contents (/var/named/db.broexperts.local.rev)
15. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# named-checkzone broexperts.local db.broexperts.local.fwd
# named-checkzone broexperts.local db.broexperts.local.rev
Syntaxcheck
# zone broexperts.local/IN: loaded serial 3
OK
Output:
Both files syntax checkresult should beas showing above, if there is any syntax error
it will show errormessage.
16. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# chgrp named db.broexperts.local.fwd
# chgrp named db.broexperts.local.rev
# restorecon -rv /var/named
# restorecon /etc/named.conf
Step-4:Configure permissionsand ownerships on bind files
# firewall-cmd --permanent --add-service=dns
# firewall-cmd --reload
Step-5: Allow DNS Port 53 in Linux Firewall
17. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
# systemctl start named
#systemctl enable named
Step-6:Start BIND and Enable the Serviceon Boot
Step-7: DNS Server Testing
I have a Linuxclient runningon mynetwork with hostname: client.broexperts.local and IP: 192.168.1.199.
Before testing, we must configureour client to use ns1.broexperts.local as a dns server, to do that, update the
dns resolver file on client.
# vi /etc/resolv.conf
Update the contents as showing below
search broexperts.local
nameserver 192.168.1.114
20. BIND Installation& Configuration:
For More Free Linux Guides Visit: www.broexperts.com 9/23/2017
Great.! Wehavesuccessfully configureda fullyfunctional Master/PrimaryDNS Server, if youface any
difficulty while applying this tutorial tell us in commentsection orfeel freeto send us email directly at
admin@broexperts.com
Want More Free Linux Stuff ?
Visit: BroExperts.com