Subscribe Us

How to configure a DNS server in Rhel 6 | centos 6 using BIND | Step by Step

DNS (Domain Name System) is the core component of network infrastructure. The DNS service resolves hostname into ip address and vice versa.
For example if we type www.howtoconfigure.blogspot.com in browser, the DNS server translates the domain name into its corresponding ip address. So it makes us easy to remember the domain names instead of its ip address.

Scenario
Here are my test setup scenario :
Operating System              : RHEL 6
Internal LAN IP of DNS Server : 192.168.10.2
Hostname                      : server1.howtoc.com

Indication
blue character : means linux command.
bold character : means you have to change/output in files to particulate line or paragraph.
Normal character : means output of linux command or files.

1. Setup a network-script files :
[root@server1 ~]# vim /etc/sysconfig/netwprk-scripts/ifcfg-eth0
DEVICE="eth0"
NM_CONTROLLED="yes"
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03
IPADDR=192.168.10.2
PREFIX=24
GATEWAY=10.102.1.1
DNS1=192.168.10.2
HWADDR=00:16:EC:38:25:3D

2. Setup a hosts file :
[root@server1  ~]# vim /etc/hosts
192.168.10.2 server1.howtoc.com server1 # Added by NetworkManager
127.0.0.1 localhost.localdomain localhost
::1 server1.howtoc.com server1 localhost6.localdomain6 localhost6

[root@server1  ~]# vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=server1.howtoc.com

3. Add the nameserver in resolve file :
[root@server1 ~]# vim /etc/resolve.conf

search howtoc.com
nameserver 192.168.10.2

4. Now time to install BIND packages from yum :
[root@server1  ~]# yum -y install bind*

[root@server1  ~]# updatedb

 # Find the named.conf file(Main configuration file of BIND)
[root@server1  ~]# locate named.conf
/etc/named.conf 
/usr/share/doc/bind-9.7.0/named.conf.default
/usr/share/doc/bind-9.7.0/sample/etc/named.conf 
/usr/share/logwatch/default.conf/services/named.conf
/usr/share/man/man5/named.conf.5.gz

# Go to below path
[root@server1  ~]# cd /var/named/chroot/
[root@server1  chroot]# cd etc
[root@server1  etc]# pwd
/var/named/chroot/etc

5. Copy named.conf file from BIND lib. & Change the group of named.conf :
[root@server1  etc]# cp /usr/share/doc/bind-9.7.0/named.conf.default named.conf 
[root@server1  etc]# chgrp named named.conf 
[root@server1  etc]# ll named.conf
f -rw-r--r--. 1 root named 930 Aug 3 07:58 named.conf 

6. Edit the BIND configuration file :
[root@server1  etc]# vim  named.conf 

[root@server1  etc]# grep listen named.conf   
 listen-on port 53 { 127.0.0.1; };
Comment it # //         listen-on-v6 port 53 { ::1; }; 

[root@server1  etc]# vim  named.conf 

[root@server1  etc]# grep listen named.conf 

 listen-on port 53 { 127.0.0.1; 192.168.10.2; };  
Comment it # //       listen-on-v6 port 53 { ::1; }; 

7. Restart the name(BIND) service :
[root@server1  etc]# /etc/init.d/named restart 
Stopping named: [ OK ] 
Starting named: [ OK ] 

8. Edit the named.conf file & add the zone :
# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
 listen-on port 53 { 127.0.0.1;192.168.10.2; };
 /*listen-on-v6 port 53 { ::1; };*/
 directory  "/var/named";
 dump-file  "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
 allow-query     { localhost;192.168.10.0/24; };
 # transfer range ( set it if you have secondary DNS )
 allow-transfer { localhost; 192.168.10.0/24; };,
 recursion yes;

 dnssec-enable yes;
 dnssec-validation yes;
 dnssec-lookaside auto;

 /* Path to ISC DLV key */
 bindkeys-file "/etc/named.iscdlv.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
 type hint;
 file "named.ca";
};

zone "howtoc.com" IN {
                type master;
                file "forward.zone";
                allow-update { none; };
        };
zone "10.168.192.in-addr.arpa" IN {
                type master;
                file "reverse.zone";
                allow-update { none; };
        };

include "/etc/named.rfc1912.zones";


9. Now edit the rfc1912.zones which define in named.conf :
# vim /etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package 
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
// 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

zone "howtoc.com" IN {
 type master;
 file "forward.zone";
 allow-update { none; };
};

zone "localhost" IN {
 type master;
 file "named.localhost";
 allow-update { none; };
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
 type master;
 file "named.loopback";
 allow-update { none; };
};

zone "10.168.192.in-addr.arpa" IN {
 type master;
 file "reverse.zone";
 allow-update { none; };
};

zone "0.in-addr.arpa" IN {
 type master;
 file "named.empty";
 allow-update { none; };
};

10. Copy the zone file from BIND Lib :
[root@server1 named]#cp named.localhost  forward.zone
[root@server1 named]#cp named.loopback reverse.zone

11. Edit the forward zone (name to ip Addr) :
[root@server1 named]#vim /var/named/forward.zone
$TTL 1D
@ IN SOA server1.howtoc.com. root.howtoc.com. (
     0 ; serial
     1D ; refresh
     1H ; retry
     1W ; expire
     3H ) ; minimum
                  IN    NS server1.howtoc.com.
    IN     A    192.168.10.2
server1           IN       A 192.168.10.2

12. Edit the reverse zone (ip Addr to name) :
[root@server1 named]#vim /var/named/reverse.zone
$TTL 1D
@ IN SOA server1.howtoc.com. root.howtoc.com. (
     0 ; serial
     1D ; refresh
     1H ; retry
     1W ; expire
     3H ) ; minimum
         IN        NS server1.howtoc.com.
         IN        PTR howtoc.com.
         IN        A 255.255.255.0
2         IN        PTR server1.howtoc.com.

12. Change the group permission & restart the service :
[root@server1 named]#chgrp named  forward.zone
[root@server1 named]#chgrp named  reverse.zone
[root@server1 named]#/etc/init.d/named  restart

13. Test your DNS server using dig command :
@ forward lookup
[root@server1 named]# dig server1.howtoc.com
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> server1.howtoc.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50351
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;server1.howtoc.com.           IN      A

;; ANSWER SECTION:
server1.howtoc.com.    86400   IN      A       192.168.10.2

;; AUTHORITY SECTION:
howtoc.com.              86400   IN      NS      server1.howtoc.com.

;; Query time: 0 msec
;; SERVER: 192.168.10.2#53(192.168.10.2)
;; WHEN: Tue Oct 16 10:13:40 2012
;; MSG SIZE  rcvd: 67

@ reverse lookup
[root@server1 named]# dig -x 192.168.10.2

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> -x 192.168.10.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45077
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;2.10.168.192.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
2.10.168.192.in-addr.arpa. 86400 IN     PTR     server1.howtoc.com.

;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 86400  IN      NS      server1.howtoc.com.

;; ADDITIONAL SECTION:
server1.howtoc.com.    86400   IN      A       192.168.10.2

;; Query time: 1 msec
;; SERVER: 192.168.10.2#53(192.168.10.2)
;; WHEN: Tue Oct 16 10:13:08 2012
;; MSG SIZE  rcvd: 106

@ Using nslookup command with also working in windows family
[root@server1 named]# nslookup
> server1.howtoc.com
Server:         192.168.10.2
Address:        192.168.10.2#53

Name:   server1.howtoc.com
Address: 192.168.10.2
> 192.168.10.2
Server:         192.168.10.2
Address:        192.168.10.2#53

2.10.168.192.in-addr.arpa       name = server1.howtoc.com.
>

Enjoy

Post a Comment

19 Comments

  1. Greate pieces. Keep writing such kind of info on
    your site. Im really impressed by it.
    Hello there, You have performed an excellent job.
    I will certainly digg it and for my part suggest to my friends.

    I'm confident they will be benefited from this web site.

    Feel free to visit my web-site ... question and answer

    ReplyDelete
  2. Excellent work very good documentation Thank a lot and god mercy and blessing be upon you

    ReplyDelete
  3. failed after restart to named.......pls guide.....

    [root@testnfs ~]# /etc/init.d/named restart
    Stopping named: [ OK ]
    Starting named:
    Error in named configuration:
    /etc/named.conf:48: zone '0.168.192.in-addr.arpa': already exists previous definition: /etc/named.conf:43
    /etc/named.rfc1912.zones:31: zone '0.168.192.in-addr.arpa': already exists previous definition: /etc/named.conf:43
    [FAILED]
    [root@testnfs ~]#

    ReplyDelete
  4. ÔŒreetings! I've been followwing your site fÖ…r a while noww and finally got the Æ…ravery
    to go ɑhead ɑnd gie you a shout out from Lubbock Texaѕ!
    Just wanted to sɑy keep up the good job!

    My web pasge ... ebony webcam (http://www.ebonywebcam1.com/)

    ReplyDelete
  5. // named.rfc1912.zones:
    //
    // Provided by Red Hat caching-nameserver package
    //
    // ISC BIND named zone configuration for zones recommended by
    // RFC 1912 section 4.1 : localhost TLDs and address zones
    // and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
    // (c)2007 R W Franks
    //
    // See /usr/share/doc/bind*/sample/ for example named configuration files.
    //

    zone "example.com" IN {
    type master;
    file "forward.zone";
    allow-update { none; };
    };

    zone "localhost" IN {
    type master;
    file "named.localhost";
    allow-update { none; };


    u might have commited a mistake in this part

    ReplyDelete
  6. This is really interesting, You are a very skilled blogger.
    I've joined your feed and look forward to
    seeking more of your fantastic post. Also, I have
    shared your site in my social networks!

    Feel free to surf to my webpage - güvenilir bahis siteleri

    ReplyDelete
  7. Hey very nice blog!

    Here is my blog en iyi bahis siteleri

    ReplyDelete
  8. I enjoy what you guys are up too. This sort of clever work and coverage!
    Keep up the good works guys I've included you guys to our
    blogroll.

    Feel free to visit my web-site canlı casinolar

    ReplyDelete
  9. I read this piece of writing completely concerning the resemblance of hottest and preceding technologies, it's awesome
    article.

    My page; canlı casinolar

    ReplyDelete
  10. Wonderful blog! I found it while browsing on Yahoo News.
    Do you have any tips on how to get listed in Yahoo News?

    I've been trying for a while but I never seem to get there!
    Thanks

    my web site :: güvenilir bahis siteleri

    ReplyDelete
  11. I am regular visitor, how are you everybody?
    This paragraph posted at this website is genuinely pleasant.


    Also visit my weblog ... Tee Inspector review

    ReplyDelete
  12. Hi! This post could not be written any better! Reading this post reminds me of my previous room mate!
    He always kept talking about this. I will forward this post
    to him. Pretty sure he will have a good read. Thanks for sharing!


    Also visit my web site: Tee Inspector

    ReplyDelete
  13. " Today's Internet Marketing world allows you to create and implement a marketing strategy for your product or service for very little money, especially when compared to traditional advertising models. There's plenty of newsletters out there being run by your average person, a hobbyist who is passionate about a topic, that will happily accept a small payment in exchange for putting my advertisement in their Ezine. Nervous or ill-at-ease people make others feel uncomfortable.

    Also visit my webpage :: frank kern perfect day exercise

    ReplyDelete
  14. I simply could not depart your website prior to suggesting that I extremely enjoyed
    the standard info an individual supply for your visitors?

    Is going to be back steadily to investigate cross-check new
    posts

    My website: online games selections

    ReplyDelete
  15. i also got the same error
    error in named conbfiguration
    /etc/named.rfc.zones:13 zone example.com: already exists previous definition : /etc/named.conf:40
    /etc/named.rfc.zones:31 zone 0.0.10.in-addr-arpa: already exists previous definition : /etc/named.conf:47

    please guide me i have checked all the things everything seems to be correct and i have also uninstalled and reinstalled and tryied to configure again but i am getting the same error
    thank you

    ReplyDelete