DNS Master and Slave

Posted on
Hi, Good morning, <br />
Here is cannot ping to host IP

[root@rhel-8-7 dhcp]# arp
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.1.7                      (incomplete)                              enp4s0
192.168.1.5                      (incomplete)                              enp4s0
192.168.1.1                     ether: 11:11:11:11:11:11:            C        enp4s0           

I want DNS , Name Server deployment in RHEL 8.7
My router is IP 192.168.1.1 is NAT with Public IP address.
My Server Host IP 192.168.1.22 is:  RHEL-8-7.foysalisp.net
I cannot DNS NAMED daemon run it's failed.

My 3 domain: www.foysal.name, www.foysalisp.net, www.foysalisp.com

#1. This configuration file is :  named.rfc1912.zones

zone "foysalisp.net" IN {
       type master;
       file "forward.zone";
       allow-update { none; };
};

zone "22.168.192.in-addr-arpa" IN {
       type master;
       file "reverse.zone";
       allow-update { none; };
};

#2. This file is: FORWARD.ZONE

$ORIGIN foysalisp.net.
 $TTL 1D
@   IN SOA  foysalisp.net. root.foysalisp.net. (

                                        0   ; serial
                                        1D  ; refresh
                                        1H  ; retry
                                        1W  ; expire
                                        3H )    ; minimum
;name server records
        IN  NS  foysalisp.net.
        IN  MX  10  mail.foysalisp.net.
;host records
    IN  A  192.168.1.22
mail    IN  A  192.168.1.22
www     IN      CNAME  mail
www     IN  A  www.foysalisp.net


#3. This file is: REVERSE.ZONE

$ORIGIN foysalisp.net.
$TTL 1D
        IN SOA foysalisp.net. root.foysalisp.net. (

                                        0   ; serial
                                        1D  ; refresh
                                        1H  ; retry
                                        1W  ; expire
                                        3H )    ; minimum

;name server records
30        IN    NS        foysalisp.net.
;host records
30        IN    A       192.168.1.22
#mail    IN     A       192.168.1.22
#90      IN      PTR    mail.foysalisp.net
#www    IN      A       foysalisp.net.


#4. This configurations file is : named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
#       hostname (foysalisp.net;);
        listen-on port 53 { localhost; 192.168.1.0/24; };
       listen-on-v6 port 53 { ::1; any ; };
        directory   "/var/named";
        dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
       allow-query     { localhost; 192.168.1.22; };
       allow-query-cache {localhost; 192.168.1.22; };
        /*
         - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
         - If you are building a RECURSIVE (caching) DNS server, you need to enable
           recursion.
         - If your recursive DNS server has a public IP address, you MUST enable access
           control to limit queries to your legitimate users. Failing to do so will
           cause your server to become part of large scale DNS amplification
 attacks. Implementing BCP38 within your network would greatly
           reduce such attack surface
        */
    recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
#       dnssec-lookaside auto; 
        managed-keys-directory "/var/named/dynamic";
#       disable-empty-zone yes;
#       empty-zones-enable yes;
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
       /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
        include "/etc/crypto-policies/back-ends/bind.config";
};

logging {
       channel default_debug {
              file "data/named.run";
              severity dynamic;
        };
};

#view localhost_resolver {
#        match-clients         { localhost; any; };
#        match-destinations    { localhost; any; };
#        recursion yes;
#        include "/etc/named.zones";
#};

zone "." IN {
    type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";


Jan 25 01:29:57 rhel-8-7 systemd[1]: named.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- The unit named.service has entered the 'failed' state with result 'exit-code'.
Jan 25 01:29:57 rhel-8-7 systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
-- Subject: Unit named.service has failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- Unit named.service has failed.
-- 
-- The result is failed.
Jan 25 01:30:09 rhel-8-7 systemd[1]: Starting system activity accounting tool...
-- Subject: Unit sysstat-collect.service has begun start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- Unit sysstat-collect.service has begun starting up.
Jan 25 01:30:09 rhel-8-7 systemd[1]: sysstat-collect.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- The unit sysstat-collect.service has successfully entered the 'dead' state.
Jan 25 01:30:09 rhel-8-7 systemd[1]: Started system activity accounting tool.
-- Subject: Unit sysstat-collect.service has finished start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- Unit sysstat-collect.service has finished starting up.
-- 
-- The start-up result is done.
lines 1713-1747/1747 (END)

Any solutions for this configurations.
Thank you