Menu Close
Red Hat Training
A Red Hat training course is available for RHEL 8
Chapter 52. Configuring and managing a BIND DNS server
DNS (Domain Name System) is a distributed database system that associates hostnames with their respective IP addresses. BIND
(Berkeley Internet Name Domain) consists of a set of DNS-related programs. It contains a name server called named
. The /etc/named.conf
is the main configuration file in the BIND configuration. This section focuses on installing, configuring, and managing BIND
on the DNS server.
52.1. Installing BIND
The installation of the bind-utils
package ensures the BIND
utilities are available on the system.
Procedure
Install
BIND
:# yum install bind bind-utils
Enable and start the
named
service:# systemctl enable --now named
Verification steps
Verify the status of the
named
service:# systemctl status named
52.2. Configuring BIND as a caching name server
The following procedure demonstrates configuring BIND
as a caching name server.
Prerequisites
-
The
bind
package is installed.
Procedure
Ensure to take backup of the original configuration file.
# cp /etc/named.conf /etc/named.conf.orig
Edit the
/etc/named.conf
file with the following changes:In the options section, uncomment the
listen-on
,listen-on-v6
, anddirectory
parameters:acl clients {192.0.2.0/24;}; options { listen-on port 53 { any; }; listen-on-v6 port 53 { any; }; directory "/var/named";
Set the
allow-query
parameter to your network address. Only the hosts on your local network can query the DNS server:allow-query { localhost; clients; }; allow-recursion { localhost; clients; }; recursion yes; allow-update { none; }; allow-transfer { localhost; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; };
Use the package shipped file as:
include "/etc/named.rfc1912.zones";
Create an extra include for any custom zone configuration:
include "/etc/named/example.zones";
Create the
/etc/named/example.zones
file and add the following zone configuration://forward zone zone "example.com" IN { type master; file "example.com.zone"; }; //backward zone zone "2.0.192.in-addr.arpa" IN { type master; file "example.com.rzone"; };
- type: It defines the zone’s role of the server.
- master: It is an authoritative server and maintains the master copy of the zone data.
- file: It specifies the zone’s database file.
Go to DNS data directory
/var/named/
:# cd /var/named/ # ls data dynamic named.ca named.empty named.localhost named.loopback slaves
Create the
/var/named/example.com.zone
file with your forward zone parameters:$TTL 86400 @ IN SOA example.com. root ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS ns.example.com. ns IN A 192.0.2.1 station1 IN A 192.0.2.101 station2 IN A 192.0.2.102 station3 IN A 192.0.2.103
Create the
/var/named/example.com.rzone
file with your reverse zone parameters:$TTL 86400 @ IN SOA example.com. root.example.com. ( 1997022700 ; serial 28800 ; refresh 14400 ; retry 3600000 ; expire 86400 ) ; minimum IN NS ns.example.com. 101 IN PTR station1.example.com. 102 IN PTR station2.example.com. 103 IN PTR station3.example.com.
Set secure permissions on the zone files:
# chown root:named /var/named/example.com.zone /var/named/example.com.rzone # chmod 640 /var/named/example.com.zone /var/named/example.com.rzone
Restart BIND:
# systemctl restart named
Verification steps
Verify the forward zone file:
# named-checkzone example.com /var/named/example.com.zone zone example.com/IN: loaded serial xxxxxxx OK
Verify the reverse zone file:
# named-checkzone 2.0.192.in-addr.arpa /var/named/example.com.rzone zone 2.0.192.in-addr.arpa/IN: loaded serial xxxxxxx OK
Verify the configuration:
# named-checkconf /etc/named.conf
If the configuration is correct, the command does not return any output.