Creating a DNS server for RHEL/CentOS using BIND
To access website, we use easy to read & remember website address but these websites addresses are not what get us to a website, these addresses are created just so we can remember them easily. On the back of these addresses, what actually get us to the websites are IP addresses. Every websites or even a system on local network is assigned an IP address, which is like a address to your home or office. Since remembering IP addresses of all these websites or system would be an issue, we assign a simple name to help us remember them. But how are these websites addresses converted to IP addresses, that’s where DNS or DOMAIN NAME SYSTEM comes in.
DNS
DNS is like a phone directory for a network. DNS contains records for all the websites or servers & if it does not have a record for a resource then it has record for DNS server that has record for the particular resource. DNS is used to resolve IP address from a name but its functionality is not limited to this & performs a number of useful & important functions like entries for mail server, to server ip addresses, to server name addresses, are also used to provide an alias name for a resource & DNS achieves all these by used of RECORDS. List of some the commonly used records is given below.
DNS records
A record are used for mapping hostname to an IPaddress,
NS (Name server) record helps us identify authoritative DNS server for zone,
MX (mail exchanger) record are used to specify mail server responsible for accepting of mail in a particular zone,
CN (canonical name) record are used to specify an alias of one name to another name,
PTR (Pointer) record are reverse A record i.e. they resolve IP address to hostname,
SOA (Start of Authority) record contains information about the DNS zones & other DNS records.
In this tutorial, we will be installing a DNS server by using BIND package on CentOS /RHEL. Steps mentioned in this tutorial can be used to create a DNS server for OS version 6 & 7 of both CentOS & RHEL. Now, let’s start with installation & configuration of DNS/BIND
Pre-requisites
To create a DNS server, we will need
- A system for installing DNS with the following details,
Server Name —– dns.unxadmschl.com IP address—– 10.20.30.100
- Create a host entry in DNS server machine. To create a host entry for the system, open /etc/hosts file & add the following line,
| $ vi /etc/hosts
10.20.30.100 dns.unxadmschl.com |
- A Client machine for testing the DNS setup with following details,
Client name —– client1.unxadmschl.com IP address—– 10.20.30.101
Step 1- Installation
As mentioned above, we need BIND package to install DNS server on our machine. So to install BIND package, run
| $ yum install bind bind-utils |
Once the BIND has been installed on machine, we will move onto the configuration part of DNS.
Step 2- Configuration
We will start configuration with /etc/named.conf, which is the mail configuration file for BIND. Open the configuration file,
| $ vi /etc/named.conf
#listen-on port 53 { 127.0.0.1; }; (Comment this line) |
These line are commented so that out DNS server listens to all the IP addresses. Then we will allow our network on the DNS, so that clients from network can query the DNS,
| allow-query { localhost;10.20.30.0/24; }; |
Next step is optional & is used when we are also setting up a Slave server,
| allow-transfer { 10.20.30.110; }; (slave IP address) |
Configurations are now complete, next we will create zone files for the DNS server.
Step 3- Configuring zone file entries
A zone file contains the various resources domain addresses and the IP addresses. We will firstly a forward zone entry in /etc/named.conf for our domain unxadmschl.com. To create a zone entry, open named.conf & add the following lines in named.conf
| $ vi /etc/named.conf
zone “unxadmschl.com” IN { |
Here,
‘unxadmschl.com’ is our Domain name,
‘master’ is denoting that this is a Primary DNS,
fwd.unxadmschl.com.db is the name of Forward lookup file,
‘allow-update’ will be none, its the primary DNS.
Now we need to create an entry for reverse zone as well in”named.conf”
| zone “1.168.192.in-addr.arpa” IN { type master; file “1.168.192.db”; allow-update { none; }; }; |
Here,
1.168.192.in-addr.arpa is Reverse lookup name,
master denotes Primary DNS,
1.168.192.db is the name of reverse lookup file,
allow-update – will be set to none, since this is the primary DNS.
Save the file ‘named.conf’ & exit. Next we will create the forward lookup zone & reverse lookup zone files.
Step 4- Creating zone files
Both the zone files will be created in the folder “/var/named”. Firstly we will create a forward zone file “fwd.unxadmschl.com.db” & add the following
| z$ cd /var/named $ vi fwd.unxadmschl.com.db$TTL 86400 @ IN SOA primary.unxadmschl.com. root.unxadmschl.com. ( 2014112511 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL );Name Server Information @ IN NS primary.unxadmschl.com. ;IP address of Name Server primary IN A 10.20.30.100;Mail exchanger unxadmschl.com. IN MX 10 mail.unxadmschl.com. ;A – Record HostName To Ip Address www IN A 10.20.30.105 mail IN A 10.20.30.120 ;CNAME record |
Next create reverse zone file named “1.168.192.db” in “/var/named” folder with the following content
| # vi 1.168.192.db
$TTL 86400 ;Name Server Information ;Reverse lookup for Name Server ;PTR Record IP address to HostName |
After both the zone files have been created, save the files & restart the bind service i.e. named,
| $ service named restart ,or, $ systemctl restart named.service |
Step 5- Verifying the zones
We have a client machine i.e. client1.unxadmschl.com, that we will be using to verify our zone files. We will first add the DNS address on the client machine, to do so open file “/etc/resolve.conf” and create an entry for DNS server
| $ vi /etc/resolve.conf nameserver 10.20.30.100 |
Or change the DNS entry in /etc/sysconfig/network-scripts/ifcfg-e….
| $ vi /etc/sysconfig/network-scripts/ifcfg-e… DNS1=10.20.30.100 |
and restart your network services
| $ service network restart ,or, $ systemctl restart network |
Next we will run a query against our web server i.e. “www.unxadmschl.com” with ‘dig’ command. www.unxadmschl.com. For those of you who have not used dig command in past, it is useful tool that is used for querying the DNS information,
| $ dig www.unxadmschl.com |
IF we receive an successful output i.e. output with our DNS server address, web server ip etc, than it means that our DNS has been properly configured. Now, we will run the same test for reverse zone to make sure that its working,
| $ dig –x 10.20.30.105 |
This again should provide information related to our DNS and webserver etc.
NOTE :- If you receive an error while running “DIG” command that is because it’s a part of install “bind-utils” package, which might not be installed on the machine. Install the package to resolve the error.
That’s it guys, we now have a working DNS server for our environment which can be used for IP to name resolution or vice versa among other purposes.
Comment On Blog