DNS Server installation and configuration on CentOS/RHEL

0
1213

DNS Server

DNS stands for Domain Name System, which can be used to resolve the hostnames into IP ADDRESS. For example, if we need to access the website www.google.com, our computer needs the IP address of google server. DNS server or Name Server can be used to resolve the IP address of the GOOGLE Server. It uses the port 53/UDP or 53/TCP.

The Domain Name contains one or more parts, separated by dots i.e mail.techbuddies.com. Each part can have 63 alphanumeric characters, but the Domain Name can’t exceed 253 characters. In Domain Name the part or label on the right most is the TLD(Top Level Domain). The Next one is the sub domain of TLD.

There are several types of DNS Servers such as

  • Master or Primary DNS Server
  • Slave DNS Server
  • Caching-only DNS server

In this article, we will be known about the installation Primary DNS Server installation on Redhat Servers.

Before we going to install DNS Server make sure that system is up to date and the Bind Package is installed.

#yum -y update
#yum -y install bind bind-utils
Loaded plugins: fastestmirror, langpacks
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.9.4-29.el7 will be updated
--> Processing Dependency: bind = 32:9.9.4-29.el7 for package: 32:bind-chroot-9.9.4-29.el7.x86_64
---> Package bind.x86_64 32:9.9.4-38.el7_3.2 will be an update
--> Processing Dependency: bind-libs = 32:9.9.4-38.el7_3.2 for package: 32:bind-9.9.4-38.el7_3.2.x86_64
--> Processing Dependency: libGeoIP.so.1()(64bit) for package: 32:bind-9.9.4-38.el7_3.2.x86_64
---> Package bind-utils.x86_64 32:9.9.4-29.el7 will be updated
---> Package bind-utils.x86_64 32:9.9.4-38.el7_3.2 will be an update
--> Running transaction check
---> Package GeoIP.x86_64 0:1.5.0-11.el7 will be installed
---> Package bind-chroot.x86_64 32:9.9.4-29.el7 will be updated
---> Package bind-chroot.x86_64 32:9.9.4-38.el7_3.2 will be an update
---> Package bind-libs.x86_64 32:9.9.4-29.el7 will be updated
---> Package bind-libs.x86_64 32:9.9.4-38.el7_3.2 will be an update
--> Processing Dependency: bind-license = 32:9.9.4-38.el7_3.2 for package: 32:bind-libs-9.9.4-38.el7_3.2.x86_64
--> Running transaction check
---> Package bind-license.noarch 32:9.9.4-29.el7 will be updated
--> Processing Dependency: bind-license = 32:9.9.4-29.el7 for package: 32:bind-libs-lite-9.9.4-29.el7.x86_64
---> Package bind-license.noarch 32:9.9.4-38.el7_3.2 will be an update
--> Running transaction check
---> Package bind-libs-lite.x86_64 32:9.9.4-29.el7 will be updated
---> Package bind-libs-lite.x86_64 32:9.9.4-38.el7_3.2 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================================================
 Package                           Arch                      Version                                 Repository                  Size
======================================================================================================================================
Updating:
 bind                              x86_64                    32:9.9.4-38.el7_3.2                     updates                    1.8 M
 bind-utils                        x86_64                    32:9.9.4-38.el7_3.2                     updates                    202 k
Installing for dependencies:
 GeoIP                             x86_64                    1.5.0-11.el7                            base                       1.1 M
Updating for dependencies:
 bind-chroot                       x86_64                    32:9.9.4-38.el7_3.2                     updates                     85 k
 bind-libs                         x86_64                    32:9.9.4-38.el7_3.2                     updates                    1.0 M
 bind-libs-lite                    x86_64                    32:9.9.4-38.el7_3.2                     updates                    730 k
 bind-license                      noarch                    32:9.9.4-38.el7_3.2                     updates                     83 k

Transaction Summary
======================================================================================================================================
Install             ( 1 Dependent package)
Upgrade  2 Packages (+4 Dependent packages)

Total size: 4.9 M
Total download size: 3.8 M
Downloading packages:
updates/7/x86_64/prestodelta                                                                                   | 430 kB  00:00:04
Delta RPMs reduced 3.5 M of updates to 1.0 M (70% saved)
(1/6): bind-license-9.9.4-38.el7_3.2.noarch.rpm                                                                |  83 kB  00:00:01
(2/6): bind-libs-9.9.4-29.el7_9.9.4-38.el7_3.2.x86_64.drpm                                                     | 335 kB  00:00:01
(3/6): bind-chroot-9.9.4-38.el7_3.2.x86_64.rpm                                                                 |  85 kB  00:00:01
(4/6): bind-utils-9.9.4-38.el7_3.2.x86_64.rpm                                                                  | 202 kB  00:00:00
(5/6): bind-9.9.4-29.el7_9.9.4-38.el7_3.2.x86_64.drpm                                                          | 456 kB  00:00:03
(6/6): bind-libs-lite-9.9.4-29.el7_9.9.4-38.el7_3.2.x86_64.drpm                                                | 255 kB  00:00:04
Finishing delta rebuilds of 3 package(s) (3.5 M)
--------------------------------------------------------------------------------------------------------------------------------------

Dependency Installed:
  GeoIP.x86_64 0:1.5.0-11.el7

Updated:
  bind.x86_64 32:9.9.4-38.el7_3.2                                bind-utils.x86_64 32:9.9.4-38.el7_3.2

Dependency Updated:
  bind-chroot.x86_64 32:9.9.4-38.el7_3.2      bind-libs.x86_64 32:9.9.4-38.el7_3.2     bind-libs-lite.x86_64 32:9.9.4-38.el7_3.2
  bind-license.noarch 32:9.9.4-38.el7_3.2

Complete!

Once the installation of  bind package completes edit the file named.conf under the directory /etc/ and change the content as follows

#vi /etc/named.conf

Now find the entry options and change it to as follows, Here 10.10.16.191 is the current system ip address.

options {
        listen-on port 53 { 127.0.0.1,10.10.16.191; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost,10.0.0.0/8; };

Now edit the file named.rfc1912.zones under the same directory and then add or change the content as follows

#vi /etc/named.rfc1912.zones

Before Change

zone "localhost.localdomain" IN {
        type master;
        file "named.localhost";
        allow-update { none; };
};

zone "1.0.0.127.in-addr.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};

After Change

zone "techbuddies.com" IN {
        type master;
        file "techbuddies.forward";
        allow-update { none; };
};

zone "16.10.10.in-addr.arpa" IN {
        type master;
        file "techbuddies.reverse";
        allow-update { none; };
};

Now change to the directory /var/named and create the files techbuddies.forward and techbuddies.reverse as follows

[root@mail ~]# cd /var/named/
[root@mail named]# ls
chroot  data  dynamic  dyndb-ldap  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@mail named]# cp named.localhost techbuddies.forward
[root@mail named]# cp named.loopback techbuddies.reverse

Now edit the file techbuddies.forward and change the content as follows
#vi techbuddies.forward

$TTL 1D
@       IN SOA  mail.techbuddies.com.    root.mail.techbuddies.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum

@                       IN      NS      mail.techbuddies.com.
@                       IN      A       10.10.16.191
@                       IN      MX 10   mail.techbuddies.com.
mail.techbuddies.com.   IN      A       10.10.16.191
webmail                 IN      CNAME   mail.techbuddies.com.


Now also edit Techbuddies.reverse and change as follows
#vi techbuddies.reverse

$TTL 1D
@       IN SOA  mail.techbuddies.com.   root.mail.techbuddies.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@        IN     NS      mail.techbuddies.com.
@        IN     A       10.10.16.191
@        IN     PTR     mail.techbuddies.com.
@        IN     PTR     techbuddies.com.
191      IN     PTR     mail.techbuddies.com.

Now change the permissions of these files by using following command

[root@mail named]# chown -R root:named techbuddies.forward
[root@mail named]# chown -R root:named techbuddies.reverse

We can check the configuration errors by using following command

# /usr/sbin/named-checkconf -z /etc/named.conf

Now add the firewall rules
#firewall-cmd –permanent –add-port=53/tcp
#firewall-cmd –permanent –add-port=53/udp
#firewall-cmd –reload

Now enable and start DNS Service(Named Service) as follows

#systemctl enable named
#systemctl start named

We can check the status of services by using systemctl status named command. Now configure the SELinux as follows

[root@mail named]# getsebool -a|grep named
named_tcp_bind_http_port --> off
named_write_master_zones --> off
[root@mail named]# setsebool -P named_tcp_bind_http_port on
[root@mail named]# setsebool -P named_write_master_zones on
[root@mail named]# getsebool -a|grep named
named_tcp_bind_http_port --> on
named_write_master_zones --> on
[root@mail named]#

Now add the server ip address as DNSSEREVR address and also check the resolve.conf file under /etc. Directory

Now check with nslookup command as follows

[root@mail ~]#nslookup techbuddies.com
Server:		10.10.16.191
Address:	10.10.16.191#53
Name:	techbuddies.com
Address: 10.10.16.191 
[root@mail ~]#nslookup 10.10.16.191
Server:		10.10.16.191
Address:	10.10.16.191#53
191.16.10.10.in-addr.arpa 	name=mail.techbuddies.com

Enjoy DNS Server, If you want to join this discussion, feel free to leave a comment!

SHARE
Previous articleHow to install and configure Mail Server on Centos 7/RHEL 7
This is Naga Ramesh Reddy from Bangalore (India).I have 4+ years of experience in System and Network Administration field. I like to read and write about Linux, Cisco, Microsoft and DevOps technologies and the latest software releases. Particularly I am very interested about Linux flavors like Centos, RHEL, Ubuntu and Linux Mint.