How to Install and Configure DNS Server in CentOS

To install and configure DNS server in CentOS

A Domain Name System is a service which is used for translating the human readable domain name into a machine readable IP address. The DNS server stores all the corresponding IP addresses and facilitates the transfer of the requested IP addresses to the user.


To set up Primary DNS server

In this tutorial we have two minimal servers of CentOS 6, one is primary DNS server and the other is secondary DNS server. A Cent0S 6 desktop is used for the client configuration.
The first and foremost step to setup the Primary DNS server is to install and bind the package with the following command.

[root@primarydns ~]# yum install -y bind*
Loaded plugins: fastestmirror
Setting up Install Process
&hellip 
&hellip 
&hellip 
Installed:
  bind.x86_64 32:9.8.2-0.47.rc1.el6_8.2              bind-chroot.x86_64 32:9.8.2-0.47.rc1.el6_8.2         bind-devel.x86_64 32:9.8.2-0.47.rc1.el6_8.2         bind-dyndb-ldap.x86_64 0:2.3-8.el6        
  bind-libs.x86_64 32:9.8.2-0.47.rc1.el6_8.2         bind-sdb.x86_64 32:9.8.2-0.47.rc1.el6_8.2            bind-utils.x86_64 32:9.8.2-0.47.rc1.el6_8.2        
Dependency Installed:
  portreserve.x86_64 0:0.0.4-11.el6                                                                 postgresql-libs.x86_64 0:8.4.20-6.el6                                                                
Complete!

Now edit the name server configuration file as follows.

[root@primarydns ~]# vi /etc/named.conf

In that file add primary DNS server IP in listen on port 53 option. Enter IP range of hosts in the allow-query option. Add secondary DNS server IP in allow-transfer option.

Configure the named.conf file by adding the following line in it.

Dnssec-lookaside auto

The next step is to define the forward and reverse lookup zone for the Primary DNS server by making the following changes.

zone" linuxhelp1.local"  IN {
type master 
file " forward.linuxhelp1"  
allow-update { none  } 
} 
zone" 7.168.192.in-addr.arpa"  IN {
type master 
file " reverse.linuxhelp1"  
allow-update { none  } 
}

Now create forward zone file with the following command and then add the below mentioned lines accordingly.

[root@primarydns ~]# vi /var/named/forward.linuxhelp1

$TTL 86400
@       IN SOA  primarydns.linuxhelp1.local. root.linuxhelp1.local. (
                                2014051001        serial
                                        3600      refresh
                                        1800      retry
                                        604800    expire
                                        86400     minimum
)
@               IN      NS      primarydns.linuxhelp1.local.
@               IN      NS      secondarydns.linuxhelp1.local.
@               IN      A       192.168.7.222
@               IN      A       192.168.7.223
@               IN      A       192.168.7.235
primarydns      IN      A       192.168.7.222
secondarydns    IN      A       192.168.7.223
client          IN      A       192.168.7.235

Once the above changes are made to the forward zone file, use the following command to create a reverse zone file. Add to it the lines given below the command.

[root@primarydns ~]# vi /var/named/reverse.linuxhelp1

$TTL 86400
@       IN SOA  primarydns.linuxhelp1.local. root.linuxhelp1.local. (
                                2014051001        serial
                                        3600      refresh
                                        1800      retry
                                        604800    expire
                                        86400     minimum
)
@               IN      NS      primarydns.linuxhelp1.local.
@               IN      NS      secondarydns.linuxhelp1.local.
@               IN      PTR     linuxhelp1.local.
primarydns      IN      A       192.168.7.222
secondarydns    IN      A       192.168.7.223
client          IN      A       192.168.7.235
222             IN      PTR     primarydns.linuxhelp1.local.
223             IN      PTR     secondarydns.linuxhelp1.local.
235             IN      PTR     client.linuxhelp1.local.

Change group ownership for the two files that are created with the following command.

[root@primarydns ~]# chgrp named /var/named/forward.linuxhelp1
[root@primarydns ~]# chgrp named /var/named/reverse.linuxhelp1

If you want to check for the errors in the conf and zone files, use the following commands.

[root@primarydns ~]# named-checkconf /etc/named.conf
[root@primarydns ~]# named-checkzone linuxhelp1.local /var/named/forward.linuxhelp1
Zone linuxhelp1.local/IN: loaded serial 2014051001
OK
[root@primarydns ~]# named-checkzone 7.168.192.in-addr.arpa  /var/named/reverse.linuxhelp1
Zone linuxhelp1.local/IN: loaded serial 2014051001
OK

Start the DNS service with the following command.

[root@secondarydns ~]# service named start

Generating /etc/rndc.key:                                  [  OK  ]
Starting named:                                            [  OK  ]

You can run the following command to start the DNS service at boot.

[root@secondarydns ~]#chkconfig named on

Add the following rules to the /etc/sysconfig/iptables file so that you can configure the iptables rules.

-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -j DROP

The above lines should be added in between the OUTPUT ACCEPT and COMMIT.

Use the following command to save the iptables rules.

[root@primarydns named]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]

The next step is to edit the resolv.conf file by adding the below mentioned Nameservers to it.

Search linuxhelp1.local
Nameserver 192.168.7.222
Nameserver 192.168.7.223

Invoke the dig command to check the DNS server

[root@primarydns named]# dig primarydns.linuxhelp1.local

  < < > >  DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.2 < < > >  primarydns.linuxhelp1.local
   global options: +cmd
   Got answer:
   -> > HEADER<

You can check for the available hosts in the DNS with the following command.

[root@primarydns named]# nslookup linuxhelp1.local
Server:        192.168.7.222
Address:    192.168.7.222#53
Name:    linuxhelp1.local
Address: 192.168.7.235
Name:    linuxhelp1.local
Address: 192.168.7.222
Name:    linuxhelp1.local
Address: 192.168.7.223


To setup secondary dns server

To set up the secondary DNS, you have to install the bind package as follows.

[root@primarydns ~]# yum install -y bind*

Loaded plugins: fastestmirror
Setting up Install Process
&hellip 
&hellip 
&hellip 
Installed:
  bind.x86_64 32:9.8.2-0.47.rc1.el6_8.2              bind-chroot.x86_64 32:9.8.2-0.47.rc1.el6_8.2         bind-devel.x86_64 32:9.8.2-0.47.rc1.el6_8.2         bind-dyndb-ldap.x86_64 0:2.3-8.el6        
  bind-libs.x86_64 32:9.8.2-0.47.rc1.el6_8.2         bind-sdb.x86_64 32:9.8.2-0.47.rc1.el6_8.2            bind-utils.x86_64 32:9.8.2-0.47.rc1.el6_8.2        
Dependency Installed:
  portreserve.x86_64 0:0.0.4-11.el6                                                                 postgresql-libs.x86_64 0:8.4.20-6.el6                                                                
Complete!

Now edit the named.conf file by adding the secondary DNS server IP to the listen on port 53 option, and then define the IP range for the hosts in the allow-query option. After it is done, add the following line into the conf file.

Dnssec-lookaside auto

Once it is done, define forward and reverse lookup zone for the secondary DNS server as follows.

zone" linuxhelp1.local"  IN {
type slave 
file " slaves/linuxhelp1.fwd"  
masters { 192.168.7.222  } 
} 
zone" 7.168.192.in-addr.arpa"  IN {
type slave 
file " slaves/linuxhelp1.rev"  
masters { 192.168.7.222  } 
}

Start the named service with the following command.

[root@secondarydns ~]# service named start

Generating /etc/rndc.key:                                  [  OK  ]
Starting named:                                            [  OK  ]

You can start the DNS service at boot with the following command.

[root@secondarydns ~]#chkconfig  named on

Invoke the following command to list the file in the secondary DNS server.
It isn' t required to create a zone file here as it will be resolved from Master Server when the Named Service is started.

[root@secondarydns ~]# ls -l /var/named/slaves/

total 8
-rw-r--r-- 1 named named 508 Oct 25 06:10 linuxhelp1.fwd
-rw-r--r-- 1 named named 603 Oct 25 06:11 linuxhelp1.rev

Use the following command to view the forward file.

[root@secondarydns ~]# cat /var/named/slaves/linuxhelp1.fwd
$ORIGIN .
$TTL 86400      1 day
linuxhelp1.local    IN SOA    primarydns.linuxhelp1.local. root.linuxhelp1.local. (
                0            serial
                86400        refresh (1 day)
                3600         retry (1 hour)
                604800       expire (1 week)
                10800        minimum (3 hours)
                )
            NS    primarydns.linuxhelp1.local.
            NS    secondarydns.linuxhelp1.local.
            A    192.168.7.222
            A    192.168.7.223
            A    192.168.7.235
$ORIGIN linuxhelp1.local.
client            A    192.168.7.235
primarydns        A    192.168.7.222
secondarydns        A    192.168.7.223

In case you want to see the reverse file, use the following command.

[root@secondarydns ~]# cat /var/named/slaves/linuxhelp1.rev
$ORIGIN .
$TTL 86400      1 day
7.168.192.in-addr.arpa    IN SOA    primarydns.linuxhelp1.local. root.linuxhelp1.local. (
                0            serial
                86400        refresh (1 day)
                3600         retry (1 hour)
                604800       expire (1 week)
                10800        minimum (3 hours)
                )
            NS    primarydns.linuxhelp1.local.
            NS    secondarydns.linuxhelp1.local.
            PTR    linuxhelp1.local.
$ORIGIN 7.168.192.in-addr.arpa.
222            PTR    primarydns.linuxhelp1.local.
223            PTR    secondarydns.linuxhelp1.local.
235            PTR    client.linuxhelp1.local.
client            A    192.168.7.235
primarydns        A    192.168.7.222
secondarydns        A    192.168.7.223

You can setup the client machine by invoking the following command.
Set the DNS server for the client machine using setup command.

[root@localhost Desktop]# hostname
Localhost.localdomain

Now restart the network and check the Hostname.

[root@localhost Desktop]# hostname
Client.linuxhelp1.local

You can now see the host name assigned from the DNS server.

Tag : CentOS DNS hosting
FAQ
Q
During Configure DNS Server in CentOS if suddenly primary DNS fails what will happen?
can you please explain the other dns zones like stub zone
can we configure the stubzone in linux?
A
Slave will act as Primary it has all replicated information of Primary on Configure DNS Server in CentOS
Q
is it mandatory to configure slave dns when we need to test dns from client end during Configuration of DNS Server in CentOS ??
A
No need of client DNS for testing purpose, you can test DNS with dig or nslookup commands
Q
During Configuration of DNS Server in CentOS

Error: bind97-libs conflicts with bind-libs
Error: bind97-devel conflicts with bind-libbind-devel
Error: bind97-chroot conflicts with bind-chroot
Error: bind97-utils conflicts with bind-utils
A
Looks package conflict please remove the bind packages and reinstall it.
Q
I have a VPS server with iniz.com. On the VPS I'm running a webserver and I manage web accounts with Cpanel and Whm.
Do you think I need to run my own Name servers?
A
WHM installs a nameserver and configures it automatically. You will just need to set up glue records for ns1/ns2.yourdomain.com to point to your cPanel VPS.
Q
Good illustration but things as Serial number where do they come from are they important If I leave 0, default on Configure DNS Server in CentOS?
A
You can’t leave it 0 instead you need to start from 00 which represent the date. If we are about to add new entry it’s good to increase the serial number by an incremental method.