How To Configure BIND as a DNS Server on RHEL7/CentOS7/Fedora26

The purpose of this guide is to explain how to Configure BIND as a DNS Server on RHEL7/CentOS7/Fedora26, in my previous guide I have explained different type of DNS Servers and role of the bind in Linux DNS. so if you are a beginner and would like to know what is master/primary, secondary and caching-only DNS server, please refer to this: Link

`

I assumed that you are aware of different types of dns server and its usage, so now lets jump directly to configuration of Master/Primary DNS server with bind

My Lab Server Details for Master/Primary DNS Server Configuration:

  • Linux Server OS: CentOS 7.3 (Minimal Install)
  • IP: 192.168.2.114
  • Server FQDN: ns1.broexperts.local
  • Domain: broexperts.local
  • Network Host Details (For DNS Testing)
  • Client IP: 192.168.1.199
  • Client’s FQDN: client.broexperts.local
  • Client OS: CentOS 7.3

Our Goal

At the end of this tutorial you will be able to know How To Configure BIND as a DNS Server on RHEL7, and finally you will test DNS server functionality over the network.

Step-1: Install BIND Package

Installed required packages bind and bind-utils using following yum command:

yum install bind bind-utils -y 

Step-2: Zone Entry in /etc/named.conf file.

After installing required bind packages, its time to edit main configuration file named.conf, which controls the behavior and functionality of BIND.

Below i have mentioned my modified /etc/named.conf file with changes as per my network and zone entry of domain “broexperts.local” as mentioned above in lab server details.

Open /etc/named.conf file

vi /etc/named.conf

you can edit your named.conf file as per your requirements by following all highlighted changes done by me as shown below

options {
        listen-on port 53 {192.168.1.114; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     {  192.168.1.0/24;};
        recursion no;
        dnssec-enable yes;
        dnssec-validation yes;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
###Forward Zone Entry###
   zone "broexperts.local" IN {#Domain Name
              type master;
              file "db.broexperts.local.fwd"; #Forward Zone File Name
              allow-update { none; };
      };
###Reverse Zone Entry###
    zone "1.168.192.in-addr.arpa" IN {# IP Address
              type master;
              file "db.broexperts.local.rev";#Reverse Zone File Name
              allow-update { none; };
      };
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

To verify configuration done in correct manners use the following command

named-checkconf

It will not throw any error if configurations are done correctly, otherwise it will show error message.

Step-2: Create Zone Files.

Now let’s create zone files for our domain “broexperts.local” as mentioned in “named.conf”. To create these files we have to use some sample files located under /var/named directory and name them as per our zone names, for forward zone we need “db.broexperts.local.fwd” and for reverse zone “db.broexperts.local.rev” file. Let’s copy sample file and create our required files.

cd /var/named
cp /var/named/named.localhost db.broexperts.local.fwd
cp /var/named/named.loopback db.broexperts.local.rev

We have just created our forward and reverse zone files under /var/named directory.

Step-3: Configure Zone Files.

a) Forward Zone File

The forward zone file will contain all DNS records for forward DNS lookups, it means DNS will look in the forward zone file whenever DNS will receive a DNS query e.g. to resolve client.broexperts.local. Let’s edit and configure forward zone file.

vi /var/named/db.broexperts.local.fwd 

Simply delete all the sample contents in forward zone file and paste below showing contents. Then update all highlighted contents with your own.

Forward lookup Zone contains IP to hostname (FQDN) information

Before you edit zone file, its important to have understanding of different types of DNS Records.

  • SOA: Stands for Start of authority. It identifies authority of zone and some parameters like serial number, refresh time, retry time, A expire time. Time To Live (TTL).
  • NS: List a name server for the zone.
  • A: Name-to-address mapping.
  • CNAME: Canonical name (for aliases)
  • PTR: Pointer records means, IP to name mapping.
  • MX: Contains mail exchanger information for particular domain.

$TTL    604800
@       IN      SOA     ns1.broexperts.local. admin.broexperts.local. (
                3          ; Serial
                604800     ; Refresh
                86400      ; Retry
                2419200    ; Expire
                604800 )   ; Negative Cache TTL

;Name Server
@       IN      NS      ns1.broexperts.local.

;A Records
ns1     IN      A       192.168.1.114
client  IN      A       192.168.1.199

Final Version in Linux Terminal

How To Configure BIND as a DNS Server on RHEL7
Primary DNS Server Forward Zone File (BIND)

Syntax check

named-checkzone broexperts.local db.broexperts.local.rev

Output:

zone broexperts.local/IN: loaded serial 3
OK

b) Reverse Zone File

The reverse zone file where we define all DNS PTR records for reverse lookup. Let’s say DNS receives a query to resolve an IP Address “192.168.1.199” into hostname, it will look into reverse lookup file and return FQDN which is client.broexperts.local in our case. Let’s configure db.broexperts.local.rev file.

vi /var/named/db.broexperts.local.rev 

Copy and paste below contents into your reverse lookup file then replace all highlighted contents as per your requirements.

Reverse lookup Zone contains hostname (FQDN) to IP information.

$TTL    604800
@       IN      SOA     ns1.broexperts.local. admin.broexperts.local. (
                3          ; Serial
                604800     ; Refresh
                86400      ; Retry
                2419200    ; Expire
                604800 )   ; Negative Cache TTL

;Name Server
@       IN      NS      ns1.broexperts.local.

;A Record
ns1     IN      A       192.168.1.114

;PTR Records
114     IN      PTR     ns1.broexperts.local.
199     IN      PTR     client.broexperts.local.

Final Version in Linux Terminal

How To Configure BIND as a DNS Server on RHEL7
Primary DNS Server Reverse Zone File (BIND)

Syntax check

named-checkzone broexperts.local db.broexperts.local.fwd

Output:

zone broexperts.local/IN: loaded serial 3
OK

Step-4: Configure permissions and ownerships on bind files

chgrp named db.broexperts.local.fwd
chgrp named db.broexperts.local.rev
restorecon -rv /var/named
restorecon /etc/named.conf

Step-5: Allow DNS Port 53 in Linux Firewall

firewall-cmd --permanent --add-service=dns
firewall-cmd --reload

Step-6: Start BIND and Enable the Service on Boot

systemctl start named
systemctl enable named

Step-7: DNS Server Testing

I have a Linux client running on my network with hostname: client.broexperts.local and IP: 192.168.1.199. Before testing, we must configure our client to use ns1.broexperts.local as a dns server, to do that, update the dns resolver file on client.

vi /etc/resolv.conf

Update the contents as showing below

search broexperts.local
nameserver 192.168.1.114

dig forward lookup command result

DNS Testing With dig command
DNS Testing With dig command

dig reverse lookup command result

DNS Testing With dig command
DNS Testing With dig command

Great.! We have successfully configured a fully functional Master/Primary DNS Server, if you face any difficulty while applying this tutorial tell us in comment section or feel free to send us email directly at admin@broexperts.com

Similar Posts