Configure DNS (BIND) Server on CentOS 7
/ RHEL 7
The Domain Name System (DNS) is a hierarchical distributed naming system for
computers, services, or any resource connected to the Internet or a private network. It
associates various information with domain names assigned to each of the participating
entities.
Most importantly, it translates domain names meaningful to humans into the numerical
identifiers associated with networking equipment for the purpose of locating and addressing
these devices worldwide.
This guide will help you to set up DNS server on CentOS 7 / RHEL 7, focusing on master
DNS server.
Assumptions:
Server Name: [Link]
IP Address: [Link]
Installing BIND package:
BIND stands for Berkeley Internet Name Domain is the software which provides ability to
perform name to ip conversion.
# yum -y install bind bind-utils
Configuring BIND:
Configuration file of bind is /etc/[Link], open up /etc/[Link] file. Comment out the
following line, this will enable BIND to listen on all ip addresss.
#listen-on port 53 { [Link]; };
#listen-on-v6 port 53 { :!! };
Add your network in the following line, Ive added [Link]/24, this will allow the clients
from mentioned network can query the DNS for name to ip translation.
allow-query
{ localhost;[Link]/24; };
If you want to transfer all zones to slave server ([Link]), add the following line
(Optional)
allow-transfer { [Link]; };
�Creating zones:
The following is the forward zone entry in [Link] file, written for [Link] domain.
Edit /etc/[Link].
# vi /etc/[Link]
zone "[Link]" IN {
type master;
file "[Link]";
allow-update { none; };
};
[Link] Domain name
master Primary DNS
[Link] Forward lookup file
allow-update Since this is the primary DNS, it should be none.
The following is the reverse zone entry in the [Link] file.
zone "[Link]" IN {
type master;
file "[Link]";
allow-update { none; };
};
[Link] Reverse lookup name
master Primary DNS
[Link] Forward lookup file
allow-update Since this is the primary DNS, it should be none.
Creating zone files:
Once zones are created in [Link], its the time to create a zone files for a created
zone. Default location of zone file is /var/named, if you have not mentioned full path. Create
a zone file called [Link] for forward zone under /var/named directory, all
domain names should end with dot (.).
There are some special keywords for Zone Files
A A record
NS Name Server
MX Mail for Exchange
CN Canonical Name
# vi /var/named/[Link]
$TTL 86400
@
IN SOA
2014112511
3600
1800
604800
86400
[Link]. [Link]. (
;Serial
;Refresh
;Retry
;Expire
;Minimum TTL
;Name Server Information
@
IN NS
[Link].
�;IP address of Name Server
primary IN A
[Link]
;Mail exchanger
[Link]. IN MX 10
[Link].
;A - Record HostName To Ip Address
www
IN A
[Link]
mail
IN A
[Link]
;CNAME record
ftp
IN CNAME
[Link].
Create a zone file called [Link] for reverse zone under /var/named directory, create
reverse pointer to the above forward zone entries.
PTR Pointer
SOA Start of Authority
# vi /var/named/[Link]
$TTL 86400
@
IN SOA
2014112511
3600
1800
604800
86400
[Link]. [Link]. (
;Serial
;Refresh
;Retry
;Expire
;Minimum TTL
;Name Server Information
@ IN NS
[Link].
;Reverse lookup for Name Server
8
IN PTR
[Link].
;PTR Record IP address to HostName
100
IN PTR
[Link].
150
IN PTR
[Link].
Once zone files are created, restart bind service.
# systemctl restart [Link]
Enable it on system start up.
# systemctl enable [Link]
Verifying zones:
Visit any client machine, add dns entry in /etc/[Link] if the network is not managed by
Network Manager.
# vi /etc/[Link]
nameserver [Link]
If the networking is managed by NM, place the following entry in /etc/sysconfig/networkscripts/ifcfg-eXX file.
DNS1=[Link]
Restart network service.
# systemctl restart [Link]
�Use the following command to verify the forward lookup, where the DNS server gives
[Link] as a ip for [Link].
[root@client ~]# dig [Link]
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> [Link]
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35556
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;[Link].
IN
;; ANSWER SECTION:
[Link].
86400
IN
[Link]
;; AUTHORITY SECTION:
[Link].
86400
IN
NS
[Link].
;; ADDITIONAL SECTION:
[Link].
86400
IN
[Link]
;;
;;
;;
;;
Query time: 2 msec
SERVER: [Link]#53([Link])
WHEN: Tue Nov 25 [Link] EST 2014
MSG SIZE rcvd: 100
If you get command not found, install bind-utils package.
Confirm the reverse lookup, where DNS server gives [Link] as a name for
[Link]. It is now confirmed that both forward and reverse lookups are working fine.
[root@client ~]# dig -x [Link]
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x [Link]
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28195
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;[Link].[Link].
IN
PTR
;; ANSWER SECTION:
[Link].[Link]. 86400 IN
PTR
[Link].
;; AUTHORITY SECTION:
[Link]. 86400
IN
NS
[Link].
;; ADDITIONAL SECTION:
[Link].
IN
[Link]
;; Query time: 2 msec
86400
�;; SERVER: [Link]#53([Link])
;; WHEN: Tue Nov 25 [Link] EST 2014
;; MSG SIZE rcvd: 125
If every thing goes fine, you have successfully installed BIND on CentOS 7 / RHEL 7 as
master server. Tutorial on configuring slave server will be posted in coming days.
