Chapter 46. Configuring and managing a BIND DNS server

DNS (Domain Name System) is a distributed database system that associates hostnames with their respective IP addresses. BIND (Berkeley Internet Name Domain) consists of a set of DNS-related programs. It contains a name server called named. The /etc/named.conf is the main configuration file in the BIND configuration. This section focuses on installing, configuring, and managing BIND on the DNS server.

46.1. Installing BIND

The installation of the bind-utils package ensures the BIND utilities are available on the system.

Procedure

  1. Install BIND:

    # yum install bind bind-utils
  2. Enable and start the named service:

    # systemctl enable --now named

Verification steps

  • Verify the status of the named service:

    # systemctl status named

46.2. Configuring BIND as a caching name server

The following procedure demonstrates configuring BIND as a caching name server.

Prerequisites

  • The BIND package is installed.

Procedure

  1. Ensure to take backup of the original configuration file.

    # cp /etc/named.conf /etc/named.conf.orig
  2. Edit the named.conf file with the following changes:

    • In the options section, uncomment the listen-on, listen-on-v6, and directory parameters:

      acl clients {192.0.2.0/24;};
      
      options {
              listen-on port 53 { any; };
      
              listen-on-v6 port 53 { any; };
      
              directory       /var/named;
    • Set the allow-query parameter to your network address. Only the hosts on your local network can query the DNS server.

          allow-query     { localhost; clients; };
          allow-recursion { localhost; clients; };
          recursion yes;
          allow-update { none; };
          allow-transfer { localhost; };
      };
      logging {
              channel default_debug {
                      file data/named.run;
                      severity dynamic;
              };
      };
    • Use the package shipped file as:

      include /etc/named.rfc1912.zones;
    • Create an extra include for any custom zone configuration.

      include /etc/named/example.zones;
  3. Create the /etc/named/example.zones file and add the following zone configuration.

    //forward zone
    zone _example.com_ IN {
            type master;
            file _example.com.zone_;
    
    };
    
    //backward zone
    zone "2.0.192.in-addr.arpa" IN {
            type master;
            file _example.com.rzone_;
    
    };
    • type: It defines the zone’s role of the server.
    • master: It is an authoritative server and maintains the master copy of the zone data.
    • file: It specifies the zone’s database file.
  4. Go to DNS data directory /var/named/.

    # cd /var/named/
    # ls
    
    data    dynamic  named.ca  named.empty    named.localhost    named.loopback  slaves
  5. Create the DNS record file and add the DNS record data.

    # cp -p named.localhost example.com.zone
  6. Edit the example.com.zone with your forward zone parameters.

    $TTL    86400
    @               IN SOA  example.com. root (
    42              ; serial
    3H              ; refresh
    15M             ; retry
    1W              ; expiry
    1D )            ; minimum
                    IN NS           ns
    ;use IP address of named machine for ns
    ns       IN A          192.0.2.1
    station0        IN A            192.168.x.xxx
    station1        IN A            192.168.x.xxx
    station2        IN A            192.168.x.xxx
    station3        IN A            192.168.x.xxx
  7. Create the example.com.rzone file.

    # cp -p named.localhost example.com.rzone
  8. Edit the example.com.rzone file with your reverse zone parameters.

    $TTL    86400
        @       IN      SOA     example.com. root.example.com.  (
        1997022700 ; serial
        28800      ; refresh
        14400      ; retry
        3600000    ; expire
        86400 )    ; minimum
                IN      NS      ns.example.com.
        101     IN      PTR     station1.example.com.
        102     IN      PTR     station2.example.com.
        103     IN      PTR     station3.example.com.
        104     IN      PTR     station4.example.com.

    Verification steps

    • Verify the zone file

      # named-checkzone example.com example.com.zone
      
      zone example.com/IN: loaded serial xxxxxxx
      OK
    • Verify the configuration.

      # named-checkconf /etc/named.conf

      If the configuration is correct, the command does not return any output.