Use apt-get or yum to install Bind DNS Server.
~]# apt-get install bind9
~]# yum install bind
Enable SGID on the /var/named directory, so that newly created files will be owned by the named group.
~]# chmod 2750 /var/named
View the current mapping between the nameserver and IP address. In this example, Googles DNS servers are being used (8.8.8.8, 8.8.4.4).
~]# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
Use the touch command to create a file named forward.example.com and a file named reverse.example.com in the /var/named directory. Replace example with the name of your domain.
~]# touch /var/named/forward.example.com.zone
~]# touch /var/named/reverse.example.com.zone
Add the following to the /var/named/forward.example.com.zone file. Replace example with the name of your domain. Use the appropriate IP addresses. Before serial, use yyyymmddnn, where nn starts at 00 and increments by 1. This file should be delimited with tab.
example.com = authoritative DNS server, ns1.example.com = name server
$ORIGIN example.com.
$TTL 1D
@ IN SOA ns1.example.com. root.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ; minimum
)
@ IN NS ns1.example.com.
ns1 IN A 192.168.0.10
Add the following to the /var/named/reverse.example.com.zone file. Note the addtional last line. In this instance, the "10" is the last octet in 192.168.0.10.
$TTL 1D
@ IN SOA ns1.example.com. root.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ; minimum
)
0.168.192.in-addr.arpa. IN NS ns1.example.com.
@ IN NS ns1.example.com.
ns1 IN A 192.168.0.10
10 IN PTR ns1.example.com.
Ensure the files are owned by the named group.
~]# ll /var/named
-rw-r--r-- root named 123 Oct 8 2017 forward.example.com
Following is an example of a /etc/named.conf file.
options {
listen-on port 53 { 127.0.0.1; 192.168.0.10 };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
zone "example.com" IN {
type master;
file "/var/named/forward.example.com.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "/var/named/reverse.example.com.zone";
allow-update { none; };
};
Ensure the forward and reverse zones files do not have any configuration errors.
~]# named-checkzone example.com /var/named/forward.example.com.zone
. . .
OK
~]# named-checkzone example.com /var/named/reverse.example.com.zone
. . .
OK
The ps command can be used to determine if your system is using init or systemd. If PID 1 is init, then you will use the service command. If PID 1 is systemd, then you will use the systemctl command.
If your system is using systemd, use the systemctl command to start and enable named.
systemctl enable named
systemctl start named
systemctl status named
If your system is using init, use the chkconfig and service commands to start and enable named.
chkconfig named on
service named start
service named status
Set DNS1 to the IP address of your Bind DNS server in /etc/sysconfig/network-scripts/ifcfg-xxxxxxxxx. DNS2 can be 8.8.8.8.
DNS1=x.x.x.x
DNS2=8.8.8.8
Restart NetworkManager.
~]# systemctl restart NetworkManager
To confirm that the DNS changes have taken effect, view the /etc/resolv.conf file. The newly added DNS IP addresses should be listed.
~]# cat /etc/resolv.conf
nameserver x.x.x.x
nameserver 8.8.8.8
If iptables or firewalld are enabled, allow traffic on port 53.
To confirm that the newly added DNS server is working properly, type nslookup followed by the name of the DNS server.
~]# nslookup ns1.example.com
Server: x.x.x.x
Address: x.x.x.x:53
Name: ns1.example.com
Address: x.x.x.x
Did you find this article helpful?
If so, consider buying me a coffee over at