Installing BIND DNS server
From rdkwiki
Contents
Info
The steps below will configure a working bind DNS-server. The steps assume that you have a (fresh) CentOS 7 server running.
Install and configure bind (named)
- sudo yum install bind bind-utils --> install bind and utils
- sudo nano /etc/named.conf --> edit basic configuration
add above block "options": acl "dnsclients" { --> a logical name you will use later on localhost; --> the server itself x.x.x.x/x; --> your local subnet (example: 192.168.1.0/24 or 10.1.0.0/16) };
change: listen-on port 53 { 127.0.0.1; x.x.x.x; }; --> add the IP (x.x.x.x) of your server here change (optional): # listen-on-v6 port 53 { ::1; }; --> disable IPv6 with a #
change: allow-query { dnsclients; }; --> change to the acl you created earlier
add: include "/etc/named/named.conf.local"; to end of the file
- sudo nano /etc/named/named.conf.local --> create the file that defines the zones
zone "testexample.com" { --> define the forward zone type master; --> type of the zone file "/etc/named/zones/db.testexample.com"; --> location of the forward zone file };
zone "xx.xx.in-addr.arpa" { --> define the reverse zone (examples: 168.192.in-addr.arpa or 0.10.in-addr.arpa) type master; file "/etc/named/zones/db.xx.xx"; location of the reverse zone file (examples: db.192.168 or db.10.0) };
Creating the forward zone-file
- sudo nano /etc/named/zones/db.testexample.com --> create the forward zone
$TTL 604800 @ IN SOA ns1.testexample.com. admin.testexample.com. ( 1000 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; ; NS-records IN NS ns1.testexample.com. ; A-records ns1.testexample.com. IN A x.x.x.x --> replace x.x.x.x with IP <host1>.testexample.com. IN A x.x.x.x --> replace x.x.x.x with IP <host2>.testexample.com. IN A x.x.x.x --> replace x.x.x.x with IP
Creating the reverse zone-file
- sudo nano /etc/named/zones/db.xx.xx --> create the reverse zone
$TTL 604800 @ IN SOA ns1.testexample.com admin.testexample.com. ( 20161012 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; ; NS-records IN NS ns1.testexample.com. ; PTR Records x.x IN PTR <host1>.testexample.com. --> replace x.x with correct part of IP x.x IN PTR <host2>.testexample.com. --> replace x.x with correct part of IP
Check the configuration for errors
- sudo named-checkconf --> if there's no output then the configuration is ok!
- sudo named-checkzone testexample.com /etc/named/zones/db.testexample.com
- sudo named-checkzone xx.xx.in-addr.arpa /etc/named/zones/db.xx.xx --> replace first "xx.xx" with right part of IP (example: 0.10.in-addr.arpa or 168.192.in-addr.arpa)
Start the bind server
- sudo systemctl start named --> start the service
- sudo systemctl enable named --> start the service at boot
Configure the firewall
- sudo firewall-cmd --permanent --add-service=dns -->allow dns through firewall
- sudo firewall-cmd --reload --> reload firewall with new configuration
Check if the DNS-server is functioning
- dig @x.x.x.x <host>.<domain>.<tld> --> replace x.x.x.x with the IP of your new bind DNS-server. It should respond.