How to install and configure bind as an Authoritative Name Server on Centos
To install and configure bind as an Authoritative Name Server on Centos
Bind is a DNS Server which can be configured as a recursive name server and also an authoritative name server. Here an Authoritative name server is a name server where a Fully Qualified Domain Name gets resolved into an IP address. This is the part where we get the actual IP for domains we are looking for. In this tutorial, we will cover the installation & configuration of a bind as Authoritative Name Server on Centos
Installation
Let' s start with the installation of Bind name server using the following command
[root@ns1 ~]# yum install bind* -y
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Determining fastest mirrors
* base: centos.myfahim.com
* extras: centos.myfahim.com
* updates: centos.myfahim.com
base | 3.7 kB 00:00
extras | 3.4 kB 00:00
extras/primary_db | 30 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 6.4 MB 00:00
Package 32:bind-libs-9.8.2-0.62.rc1.el6_9.5.x86_64 already installed and latest version
Package 32:bind-utils-9.8.2-0.62.rc1.el6_9.5.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package bind.x86_64 32:9.8.2-0.62.rc1.el6_9.5 will be installed
---> Package bind-chroot.x86_64 32:9.8.2-0.62.rc1.el6_9.5 will be installed
---> Package bind-devel.x86_64 32:9.8.2-0.62.rc1.el6_9.5 will be installed
---> Package bind-dyndb-ldap.x86_64 0:2.3-8.el6 will be installed
---> Package bind-sdb.x86_64 32:9.8.2-0.62.rc1.el6_9.5 will be installed
--> Processing Dependency: libpq.so.5()(64bit) for package: 32:bind-sdb-9.8.2-0.62.rc1.el6_9.5.x86_64
--> Running transaction check
.
.
.
Installed:
bind.x86_64 32:9.8.2-0.62.rc1.el6_9.5 bind-chroot.x86_64 32:9.8.2-0.62.rc1.el6_9.5 bind-devel.x86_64 32:9.8.2-0.62.rc1.el6_9.5 bind-dyndb-ldap.x86_64 0:2.3-8.el6
bind-sdb.x86_64 32:9.8.2-0.62.rc1.el6_9.5
Dependency Installed:
postgresql-libs.x86_64 0:8.4.20-8.el6_9
Complete!
Now we need to configure the forward and reverse lookup for the fully qualified domain name of your name server.
For example, let' s take ns1.example.com. Open bind configuration and follow the below mentioned steps
[root@ns1 ~]# vim /etc/named.conf
Now, add your IP address of the DNS server and allow your client IP address to query your DNS by editing the below lines
listen-on port 53 { 127.0.0.1 192.168.7.222 }
allow-query { localhost 192.168.7.0/24 }
Now add an entry for forward and reverse lookup
zone " ns1.example.com" IN { type master file " fwd.ns1.example.com" } zone " 7.168.192.in-addr.arpa" IN { type master file " rev.ns1.example.com" }
Now create a forward zone file
[root@ns1 ~]# vim /var/named/fwd.ns1.example.com
$TTL 86400
@ IN SOA ns1.example.com. root.ns1.example.com. (
2011071001 Serial
3600 Refresh
1800 Retry
604800 Expire
86400 Minimum TTL
)
@ IN NS ns1.example.com.
@ IN A 192.168.7.222
ns1 IN A 192.168.7.222
And then create a Reverse zone file
[root@ns1 ~]# vim /var/named/rev.ns1.example.com
Entry:
$TTL 86400
@ IN SOA ns1.example.com. root.ns1.example.com. (
2011071001 Serial
3600 Refresh
1800 Retry
604800 Expire
86400 Minimum TTL
)
@ IN NS ns1.example.com.
@ IN PTR ns1.example.com.
ns1 IN A 192.168.7.222
222 IN PTR ns1.example.com.
Now start and enable the named service using the following command
[root@ns1 ~]# service named start Generating /etc/rndc.key: [ OK ] Starting named: [ OK ] [root@ns1 ~]# chkconfig named on
Now the DNS is up and running, now let’ s go to the client machine and set your DNS IP address then ping your name server’ s hostname
[root@ns1 ~]# ping ns1.example.com
PING ns1.example.com (192.168.7.222) 56(84) bytes of data.
64 bytes from ns1.example.com (192.168.7.222): icmp_seq=1 ttl=64 time=0.214 ms
64 bytes from ns1.example.com (192.168.7.222): icmp_seq=2 ttl=64 time=0.029 ms
64 bytes from ns1.example.com (192.168.7.222): icmp_seq=3 ttl=64 time=0.030 ms
Once done, check forward lookup configuration
[root@ns1 ~]# nslookup ns1.example.com
Server: 192.168.7.222
Address: 192.168.7.222#53
Name: ns1.example.com
Address: 192.168.7.222
And check reverse lookup configuration
[root@ns1 ~]# nslookup 192.168.7.222
Server: 192.168.7.222
Address: 192.168.7.222#53
222.7.168.192.in-addr.arpa name = ns1.example.com.
Now let’ s create a new domain for this authoritative name server. For example domain1.example.com
[root@ns1 ~]# vim /etc/named.conf
zone " domain1.example.com" IN {
type master
file " domain1.example.com"
}
And create forward zone file for that new domain
[root@ns1 ~]# vim /var/named/domain1.example.com
$TTL 86400
@ IN SOA ns1.example.com. root.ns1.example.com. (
2011071001 Serial
3600 Refresh
1800 Retry
604800 Expire
86400 Minimum TTL
)
@ IN NS ns1.example.com.
@ IN A 192.168.7.100
domain1 IN A 192.168.7.100
Now restart named service
[root@ns1 ~]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
Now check the domain
[root@ns1 ~]# ping domain1.example.com
PING domain1.example.com (192.168.7.100) 56(84) bytes of data.
64 bytes from 192.168.7.100: icmp_seq=1 ttl=64 time=1.07 ms
64 bytes from 192.168.7.100: icmp_seq=2 ttl=64 time=0.362 ms
64 bytes from 192.168.7.100: icmp_seq=3 ttl=64 time=0.402 ms
Check forward zone configuration
[root@ns1 ~]# nslookup domain1.example.com
Server: 192.168.7.222
Address: 192.168.7.222#53
Name: domain1.example.com
Address: 192.168.7.100
with this, the method to install and configure Bind as an Authoritative Name Server comes to an end.
authoritative data from its own store, if any (this may include either positive responses or NXDOMAIN or NOERROR/NODATA)
non-authoritative data that has been cached as a result of a prior recursive query, if any
data retrieved from remote authoritative name servers, which can then be cached and reused in response to future queries.