DNS Server Configuration | Linux | CentOS | RHEL

Linux

DNS Server Configuration on Centos 8

In Red Hat Linux (and most other Linux and UNIX systems), you implement DNS services by using the Berkeley Internet Name Domain (BIND) software. The Internet Software Consortium maintains BIND

The basic components of BIND include the following:

DNS server daemon (/usr/sbin/named):The named daemon listens on a port (port number 53 by default) for DNS service requests and then fulfills those requests based on information in the configuration files that you create. Mostly, named receives requests to resolve the host names in your domain to IP addresses.

DNS configuration files (/etc/named.conf and /var/named/*): The /etc/named.conf file is where you add most of the general configuration information that you need to define the DNS services for your domain. Separate files in the /var/named directory contain specific zone information.

DNS lookup tools: You can use several tools to check that your DNS server is resolving host names properly. These include commands such as host, dig, and nslookup (which are part of the bind-utils software package).

Quick-starting a DNS server

The DNS server software that comes with the current Red Hat Linux is Berkeley Internet Name Daemon (BIND) the following components:

  • Configuration file (/etc/named.conf) :The main DNS server configuration file.
  • Zone directory (/var/named) : The directory containing files that keep information about  (named.ca file) the zones that you create for your DNS server.
  • Daemon process (/usr/sbin/named): The daemon process that listens for DNS requests and responds with information that the named.conf file presents.
  • Debugging tools (named-checkconf, and named-checkzone) : use to determine whether you created your DNS configuration correctly.

The basic steps in creating a DNS server are as follows:

  • Identifying  DNS servers
  • Creating DNS Configuration files (named.conf and /var/names/*)
  • Starting the named daemon
  • Monitoring named activities.

Step 1: Install BIND DNS Server

By default, the bind package is available in the CentOS 8 standard repository. You can install it by running the following command:

Sudo yum install bind bind-utils –y

Set hostname for your server using following command

# hostnamectl set-hostname your-new-hostname

Step 2: Configure BIND DNS Server

 

By default, the BIND server is listening on localhost only. So you will need to configure it to listen on all network interfaces. You can configure it by editing the file /etc/named.conf.

For example:

options {

        listen-on port 53 { 127.0.0.1;10.0.2.15; };

        listen-on-v6 port 53 { ::1; };

        directory       “/var/named”;

        dump-file       “/var/named/data/cache_dump.db”;

        statistics-file “/var/named/data/named_stats.txt”;

        memstatistics-file “/var/named/data/named_mem_stats.txt”;

        secroots-file   “/var/named/data/named.secroots”;

        recursing-file  “/var/named/data/named.recursing”;

        allow-query     { localhost;10.0.2.0/24; };

Step 3: Create Forward and Reverse DNS Zone

A Forward Zone is used to resolve the hostname to IP address while a Reverse Zone is used to resolve the IP address to hostname. Generally, all normal DNS queries are forward lookup queries. You can define the forward and reverse lookup zones in the /etc/named.conf file.

//Forward Zone

zone “abc.local” IN {

           type master; 

           file “bca.local.db”;

           allow-update { none; }; 

};

//Reverse Zone

zone “2.0.10.in-addr.arpa” IN {

             type master; 

             file “10.0.2.db”;             

             allow-update { none; };

};

Step 4: Create Forward and Reverse Zone Files

First, create a forward zone file with the following command:

nano /var/named/bca.local.db

Step 5: Start the BIND service and enable it to start at system reboot:

systemctl start named

systemctl enable named

Step 6: Verify DNS Configuration

 

After configuring all zone files, you will need to verify the configuration files.

First, validate the main configuration file with the following command:

named-checkconf /etc/named.conf

If everything is fine, you don’t see any error.

Next, verify the forward zone file with the following command:

named-checkzone bca.local /var/named/bca.local.db

You should get the following output:

zone bca.local/IN: loaded serial 2003040701
OK

Step 7: Configure Firewall

 

Next, you will need to create a firewall rule for port 53 to allow DNS queries from client machines. You can create it with the following command:

firewall-cmd --permanent --add-port=53/udp 

Next, reload the filewall service to apply the changes:

firewall-cmd –reload

Step 8: Verify DNS Server

At this point, the BIND DNS server is installed and configured. It’s time to check whether it is working or not.

First, edit your /etc/resolv.conf file and add your DNS server IP:

nano /etc/resolv.conf

Add the following line at the beginning of the file:

nameserver 10.0.2.15

Save and close the file then verify the forward lookup using the dig command:

dig www.rosehosting.local
www.bca.local

How to Display DNS on Windows

  1. Go to run 
  2. Type CMD and enter.

Type:

ipconfig /displaydns

 

This will display DNS cache by your computer.

ipconfig /flushdns

This is flush your computer DNS cache.

Leave Comment

Your email address will not be published.