Setting Up DNS Server on CentOS 7

Setting Up DNS Server on CentOS 7

Scenario

Primary (Master) DNS Server Details:

Operating System     : CentOS 7 minimal server

Hostname                   : ns1.example.com

IP Address                  : 10.0.0.15/24

Client Details:

Operating System     : CentOS 7

Hostname                   : client.example.com

IP Address                  : 10.0.0.14/24

Sequence 1. Setup Primary (Master) DNS Server

  1. Install bind9 packages on your server.

yum install bind bind-utils -y

  1. Configure DNS Server by editing ‘/etc/named.conf’
vi /etc/named.conf

options {
    listen-on port 53 { 127.0.0.1; 10.0.0.15;}; # Master DNS IP
    directory     "/var/named";
    dump-file     "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query     { localhost; 10.0.0.0/24;}; # IP Range

    recursion yes;

    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;

    bindkeys-file "/etc/named.iscdlv.key";

    managed-keys-directory "/var/named/dynamic";

    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };

};


zone "." IN {
    type hint;
    file "named.ca";
};


zone "example.com" IN {
type master;
file "forward.example";
allow-update { none; };
};

zone "0.0.10.in-addr.arpa" IN {
type master;
file "reverse.example";
allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
  1. Create Zone files. Create forward and reverse zone files which we mentioned in the ‘/etc/named.conf’
    • Create Forward Zone “example”file in ‘/var/named’ directory.
vi /var/named/forward.example
$TTL 86400
@   IN  SOA     ns1.example.com. root.example.com. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)

@       IN  NS          ns1.example.com.
@       IN  A           10.0.0.15
@       IN  A           10.0.0.102
@       IN  A           10.0.0.14
ns1       IN  A   10.0.0.15
client          IN  A   10.0.0.14
    • Create Reverse Zone file “example”  in ‘/var/named’ directory.
vi /var/named/reverse.example
$TTL 86400
@   IN  SOA     ns1.example.com. root.example.com. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)

@       IN  NS          ns1.example.com.
@       IN  PTR         example.com.
ns1       IN  A   10.0.0.15
client          IN  A   10.0.0.14
14     IN  PTR         ns1.example.com.
15     IN  PTR         client.example.com.
  1. Enable and start DNS service:
systemctl enable named

systemctl start named
  1. Firewall Configuration. We must allow the DNS service default port 53 through firewall.
firewall-cmd --permanent --add-port=53/tcp

firewall-cmd --permanent --add-port=53/udp

firewall-cmd --reload
  1. Configuring Permissions, Ownership, and SELinux
chgrp named -R /var/named

chown -v root:named /etc/named.conf

restorecon -rv /var/named

restorecon /etc/named.conf
  1. Test DNS configuration and zone files for any syntax errors
# named-checkconf /etc/named.conf

If it returns nothing, your configuration file is valid.

Check Forward zone:

# named-checkzone example.com /var/named/forward.example

Sample output:

zone example.com/IN: loaded serial 2011071001
OK

Check reverse zone:

# named-checkzone example.com /var/named/reverse.example 

Sample Output:

zone example.com/IN: loaded serial 2011071001

OK
  1. Add the DNS Server details in your network interface config file.
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3
TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
NAME="enp0s3"
UUID="5d0428b3-6af2-4f6b-9fe3-4250cd839efa"
ONBOOT="yes"
HWADDR="08:00:27:19:68:73"
IPADDR0="10.0.0.15"
PREFIX0="24"
GATEWAY0="10.0.0.1"
DNS="10.0.0.15"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
  1. Edit file /etc/resolv.conf,
vi /etc/resolv.conf

nameserver      10.0.0.15
  1. Restart network service:
systemctl restart network

Sequence 2. Test DNS Server

dig ns1.example.com

Sample Output:

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> ns1.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25179
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ns1.example.com.    IN    A

;; ANSWER SECTION:
ns1.example.com. 86400    IN    A    10.0.0.15

;; AUTHORITY SECTION:
example.com.        86400    IN    NS    ns1.example.com.

;; ADDITIONAL SECTION:

;; Query time: 0 msec
;; SERVER: 10.0.0.15#53(10.0.0.15)
;; WHEN: Wed Aug 20 16:20:46 IST 2014
;; MSG SIZE  rcvd: 125
nslookup example.com
September 25, 2019

0 responses on "Setting Up DNS Server on CentOS 7"

Leave a Message

Featured Testimonial

The Skill Pedia not just prepare you for the exam but also covers lot of other topics which are important for any Linux Administrator. The Coverage of Course, the slides, the Handouts and most importantly the Interactive Videos, together, made the learning very easy.Read more

Derrick O.

Linux Administrator

Popular Courses

About The SkillPedia

The Skill Pedia is a platform for online training. It offers great learning experience for learners by offering features such as Interactive Videos, Interaction with Trainer, Assignments, Rich Audio Visuals and Handouts.

The Course Completion Certificate generated automatically based on your performance after the course is complete is an edge.

For Trainers, it is a platform for sharing your Skills which may be in the form of videos, slides, handouts, e-books or even consulting and get up to 85% of the fee you decide for the course.

The Skill Pedia - Learn or Teach a Skill

TheSkillPedia Tweets

top
WhatsApp chat

FESTIVAL OFFER!

 Avail 25% Discount on all Courses!  Offer Expiring on 31st Oct.

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

The Skill Pedia will use the information you provide on this form to be in touch with you and to provide updates and marketing.
X