Menu Close
Red Hat Training
A Red Hat training course is available for RHEL 8
Chapter 52. Configuring and managing a BIND DNS server
DNS (Domain Name System) is a distributed database system that associates hostnames with their respective IP addresses. BIND (Berkeley Internet Name Domain) consists of a set of DNS-related programs. It contains a name server called named. The /etc/named.conf is the main configuration file in the BIND configuration. This section focuses on installing, configuring, and managing BIND on the DNS server.
52.1. Installing BIND
The installation of the bind-utils package ensures the BIND utilities are available on the system.
Procedure
Install
BIND:# yum install bind bind-utils
Enable and start the
namedservice:# systemctl enable --now named
Verification steps
Verify the status of the
namedservice:# systemctl status named
52.2. Configuring BIND as a caching name server
The following procedure demonstrates configuring BIND as a caching name server.
Prerequisites
-
The
bindpackage is installed.
Procedure
Ensure to take backup of the original configuration file.
# cp /etc/named.conf /etc/named.conf.origEdit the
/etc/named.conffile with the following changes:In the options section, uncomment the
listen-on,listen-on-v6, anddirectoryparameters:acl clients {192.0.2.0/24;}; options { listen-on port 53 { any; }; listen-on-v6 port 53 { any; }; directory "/var/named";Set the
allow-queryparameter to your network address. Only the hosts on your local network can query the DNS server:allow-query { localhost; clients; }; allow-recursion { localhost; clients; }; recursion yes; allow-update { none; }; allow-transfer { localhost; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; };Use the package shipped file as:
include "/etc/named.rfc1912.zones";
Create an extra include for any custom zone configuration:
include "/etc/named/example.zones";
Create the
/etc/named/example.zonesfile and add the following zone configuration://forward zone zone "example.com" IN { type master; file "example.com.zone"; }; //backward zone zone "2.0.192.in-addr.arpa" IN { type master; file "example.com.rzone"; };
- type: It defines the zone’s role of the server.
- master: It is an authoritative server and maintains the master copy of the zone data.
- file: It specifies the zone’s database file.
Go to DNS data directory
/var/named/:# cd /var/named/ # ls data dynamic named.ca named.empty named.localhost named.loopback slaves
Create the
/var/named/example.com.zonefile with your forward zone parameters:$TTL 86400 @ IN SOA example.com. root ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS ns.example.com. ns IN A 192.0.2.1 station1 IN A 192.0.2.101 station2 IN A 192.0.2.102 station3 IN A 192.0.2.103
Create the
/var/named/example.com.rzonefile with your reverse zone parameters:$TTL 86400 @ IN SOA example.com. root.example.com. ( 1997022700 ; serial 28800 ; refresh 14400 ; retry 3600000 ; expire 86400 ) ; minimum IN NS ns.example.com. 101 IN PTR station1.example.com. 102 IN PTR station2.example.com. 103 IN PTR station3.example.com.
Set secure permissions on the zone files:
# chown root:named /var/named/example.com.zone /var/named/example.com.rzone # chmod 640 /var/named/example.com.zone /var/named/example.com.rzone
Restart BIND:
# systemctl restart named
Verification steps
Verify the forward zone file:
# named-checkzone example.com /var/named/example.com.zone zone example.com/IN: loaded serial xxxxxxx OK
Verify the reverse zone file:
# named-checkzone 2.0.192.in-addr.arpa /var/named/example.com.rzone zone 2.0.192.in-addr.arpa/IN: loaded serial xxxxxxx OK
Verify the configuration:
# named-checkconf /etc/named.confIf the configuration is correct, the command does not return any output.