how to dns server configuration in linux centos 6 step by step

how to dns server configuration in linux centos 6 step by step


Q. How to configure dns server in linux ?

Q. step by step dns server configuration in linux ?



IP  - 10.20.2.33

Hostname - khandwa.lokesh.com 

OS  - CentOS 6

PORT  - 53
The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. It's convert ip to name or name to ip.

Package install by Yum

# Yum  install bind*

Open configuration file & Configure

#vi  /etc/named.conf
// NAMED.CONF
//
// PROVIDED BY RED HAT BIND PACKAGE TO CONFIGURE THE ISC BIND NAMED(8) DNS
// SERVER AS A CACHING ONLY NAMESERVER (AS A LOCALHOST DNS RESOLVER ONLY).
//
// SEE /USR/SHARE/DOC/BIND*/SAMPLE/ FOR EXAMPLE NAMED CONFIGURATION FILES.
//
OPTIONS {
LISTEN-ON PORT 53 { 127.0.0.1; 10.20.2.33; }; ### MASTER DNS IP ###
LISTEN-ON-V6 PORT 53 { ::1; };
DIRECTORY "/VAR/NAMED";
DUMP-FILE "/VAR/NAMED/DATA/CACHE_DUMP.DB";
        STATISTICS-FILE "/VAR/NAMED/DATA/NAMED_STATS.TXT";
        MEMSTATISTICS-FILE "/VAR/NAMED/DATA/NAMED_MEM_STATS.TXT";
ALLOW-QUERY     { LOCALHOST; ANY; }; ### ANY ###
ALLOW-TRANSFER{ LOCALHOST; 10.20.2.34; }; #SLAVE DNS IP IF WE HAVE SLAVE DNS OTHERVISE DISABLE IT 
RECURSION YES;
DNSSEC-ENABLE YES;
DNSSEC-VALIDATION YES;
DNSSEC-LOOKASIDE AUTO;
/* PATH TO ISC DLV KEY */
BINDKEYS-FILE "/ETC/NAMED.ISCDLV.KEY";
MANAGED-KEYS-DIRECTORY "/VAR/NAMED/DYNAMIC";
};
LOGGING {
        CHANNEL DEFAULT_DEBUG {
                FILE "DATA/NAMED.RUN";
                SEVERITY DYNAMIC;
        };
};
ZONE "." IN {
TYPE HINT;
FILE "NAMED.CA";
};
INCLUDE "/ETC/NAMED.RFC1912.ZONES";
INCLUDE "/ETC/NAMED.ROOT.KEY";









Configure Zone file in

#vi   /etc/named.rfc1912.zone
ZONE "LOKESH.COM" IN {      #CHANGE YOUR DOMAIN NAME #
        TYPE MASTER;
        FILE "FORWARD.ZONE";    # FORWARD ZONE FILE #
        ALLOW-UPDATE { NONE; };
};
ZONE "LOCALHOST" IN {
        TYPE MASTER;
        FILE "NAMED.LOCALHOST";
        ALLOW-UPDATE { NONE; };
};
ZONE "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA" IN {
        TYPE MASTER;
        FILE "NAMED.LOOPBACK";
        ALLOW-UPDATE { NONE; };
};
ZONE "33.2.20.10.IN-ADDR.ARPA2.20.10.IN-ADDR.ARPA" IN {   # SET YOUR DNS IP
        TYPE MASTER;
        FILE "REVERSE.ZONEREVERSE.ZONE";     # REVERSE ZONE FILE #
        ALLOW-UPDATE { NONE; };
}
ZONE "0.IN-ADDR.ARPA" IN {
        TYPE MASTER;
        FILE "NAMED.EMPTY";
        ALLOW-UPDATE { NONE; };


Create forward & reverse Zone files

Copy named.localhost & named.loopback file

# cp /var/named/named.localhost /var/named/forward.zone
# cp /var/named/named.loopback /var/named/reverse.zone
Configure Forward Zone

#vi /var/named/forward.zone
$TTL 1D
@   IN  SOA     KHANDWA.LOKESH.COM. RNAME.INVALID. (
                             0  ;SERIAL
                             1D        ;REFRESH
                             1H        ;RETRY
                             1W      ;EXPIRE
                             3H       ;MINIMUM
)
               NS          @
               A          127.0.0.1
@       IN  NS          KHANDWA.LOKESH.COM.
@       IN  NS          SECONDARYDNS.LOKESH.COM.  # SERCONDRY DNS NAME #
@       IN  A           10.20.2.33
@       IN  A           10.20.2.34# SECONDRY DNS IP #
@       IN  A           10.20.2..102
KHANDWA       IN  A   10.20.2.33
SECONDARYDNS    IN  A   10.20.2.34
CLIENT          IN  A   10.20.2.102
Configure Reverse Zone

# vi /var/named/reverse.zone
$TTL 1D
@   IN  SOA     KHANDWA.LOKESH.COM. RNAME.INVALID. (
        0  ;SERIAL
        1D        ;REFRESH
        1H        ;RETRY
        1W      ;EXPIRE
        3H )       ;MINIMUM
)
               NS          @
               A          127.0.0.1
@       IN  NS          KHANDWA.LOKESH.COM.
@       IN  NS          SECONDARYDNS.LOKESH.COM.
@       IN  PTR         LOKESH.COM.
MASTERDNS       IN  A   10.20.2.33
SECONDARYDNS    IN  A   10.20.2.34
CLIENT          IN  A   10.20.2.102
33     IN  PTR         KHANDWA.LOKESH.COM.
34     IN  PTR         SECONDARYDNS.LOKESH.COM.
102    IN  PTR        CLIENT.LOKESH.COM.

Test DNS configuration and zone files for any syntax errors
# named-checkconf /etc/named.conf
# named-checkzone lokesh.com /var/named/forward.zone
# named-checkzone lokesh.com /var/named/reverse.zone
Start the DNS service
#service named start
#chkconfig named on
Adjust iptables to allow DNS server from outside of the network
#vi /etc/sysconfig/iptables

:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -P UDP -M STATE --STATE NEW --DPORT 53 -J ACCEPT   # ADD LINE #
-A INPUT -P TCP -M STATE --STATE NEW --DPORT 53 -J ACCEPT   #ADD LINE #
-A INPUT -M STATE --STATE ESTABLISHED,RELATED -J ACCEPT
Now Restart Serveci
#service iptables restart
Test DNS Server
[root@khandwa ~]# dig khandwa.lokesh.com
; <<>> DIG 9.8.2RC1-REDHAT-9.8.2-0.30.RC1.EL6_6.3 <<>> KHANDWA.LOKESH.COM
;; GLOBAL OPTIONS: +CMD
;; GOT ANSWER:
;; ->>HEADER<<- OPCODE: QUERY, STATUS: NOERROR, ID: 11151
;; FLAGS: QR AA RD RA; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;KHANDWA.LOKESH.COM.            IN      A

;; ANSWER SECTION:
KHANDWA.LOKESH.COM.     86400   IN      A       10.20.2.33

;; AUTHORITY SECTION:
LOKESH.COM.             86400   IN      NS      KHANDWA.LOKESH.COM.

;; QUERY TIME: 0 MSEC
;; SERVER: 10.20.2.33#53(10.20.2.33)
;; WHEN: SAT JUL 11 21:26:14 2015
;; MSG SIZE  RCVD: 66
[root@khandwa ~]# nslookup lokesh.com
Server:         10.20.2.33
Address:        10.20.2.33#53
Command for Check MX Record

[root@khandwa ~]# host -t mx [hostname]

[root@khandwa ~]# host -t MX khandwa.lokesh.com
Some Useful DNS Record

TypeValueDescriptionFunction
A1Address recordReturns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host.
AAAA28IPv6 Address recordReturns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.
CNAME5Canonical name recordAlias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
DNSKEY48DNS Key RecordThe key record used in DNSSEC. Uses the same format as the KEY record.
LOC29Location recordSpecifies a geographical location associated with a domain name
MX15Mail exchange recordMaps a domain name to a list of message transfer agents for that domain
NS2Name server recordDelegates a DNS zone to use the given authoritative name servers
PTR12Pointer recordPointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.
SOA6Start of [a zone of] authority recordSpecifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
Previous
Next Post »