DNS: Configure a master name server.

Share this link

Install the bind package:

# yum install -y bind

Edit the /etc/named.conf file and change the ‘listen-on’ option from 127.0.0.1 to any:

listen-on port 53 { any; };

In the same file, change the ‘allow-query’ option from localhost to any:

allow-query { any; };

In the same file, disable the ‘dnssec-validation’ option:

dnssec-validation no;

Still in the same file, below the ‘recursion‘ option, add the two following lines (with 192.168.1.1 being the DNS IP address of your Internet provider):

forward only;
forwarders { 192.168.1.1; };

After the ‘logging‘ stanza and still in the /etc/named.conf file, add the following lines (example.com is supposed to be your domain name):

zone "example.com" {
type master;
file "example.com.zone";
allow-update { none; };
};

zone "1.168.192.in-addr.arpa" {
type master;
file "example.com.revzone";
allow-update { none; };
};

Create the /var/named/example.com.zone file and insert the following lines (where gateway is your gateway to Internet, dns your DNS server, mail your mail server and client a simple client):

$TTL 86400
@ IN SOA dns.example.com. root.example.com. (
 2013092906 ; Serial
 1d ; refresh
 2h ; retry
 4w ; expire
 1h ) ; min cache
 IN NS dns.example.com.
 IN MX 10 mail.example.com.

gateway    IN A 192.168.1.1
dns        IN A 192.168.1.5
mail       IN A 192.168.1.10
client     IN A 192.168.1.15

Create the /var/named/example.com.revzone file and insert the following lines:

$TTL 86400
@ IN SOA dns.example.com. root.example.com. (
 2013092902 ; Serial
 1d ; refresh
 2h ; retry
 4w ; expire
 1h ) ; min cache
 IN NS dns.example.com.

1     IN PTR gateway.example.com.
5     IN PTR dns.example.com.
10    IN PTR mail.example.com.
15    IN PTR client.example.com.

Check the configuration files:

# named-checkconf

Note: don’t forget to increment the serial number each time you change something in a zone file, otherwise it will not be taken into account even after restarting the named service.

Add two new rules to the firewall:

# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT

Save the firewall configuration:

# service iptables save

Activate the DNS service at boot:

# chkconfig named on

Start the DNS service:

# service named start

Check the configuration:

# nslookup cnn.com 127.0.0.1
# dig @127.0.0.1 cnn.com
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave a Reply

Be the First to Comment!

Notify of
wpDiscuz

RHCSA7: Task of the day

Allowed time: 10 minutes.
Create an EXT4 file system mounted under /vol based on a logical volume of 100MB.
Reduce the size to 60MB.

RHCE7: Task of the day

Allowed time: 5 minutes.
Set up time synchronization with default configuration.

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...

Recent Comments