RHEL7: Configure a caching-only name server.

Share this link

Note: This is an RHCE 7 exam objective.

Presentation of Caching-only Name Server

A cache-only name server keeps a cache of all the results of the previous requests to the root DNS servers.

Configuration Procedure

Install the bind package:

# yum install -y bind

Edit the /etc/named.conf file and change the listen-on option from 127.0.0.1 to any:

listen-on port 53 { any; };

In the same file, change the allow-query option from localhost to any:

allow-query { any; };

In the same file, disable the dnssec-validation option:

dnssec-validation no;

Check the configuration file:

# named-checkconf

Add a new service to the firewall:

# firewall-cmd --permanent --add-service=dns
success

Reload the firewall configuration:

# firewall-cmd --reload
success

Activate the DNS service:

# systemctl enable named

Start the DNS service:

# systemctl start named

Time to Test

Check the configuration:

# nslookup cnn.com 127.0.0.1
# dig @127.0.0.1 cnn.com

Additional Resources

You can also read this nice article from Zytrax.com about the different DNS Configuration Types.
If you want to go any further, check the master DNS server tutorial.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave a Reply

16 Comments on "RHEL7: Configure a caching-only name server."

Notify of
Sort by:   newest | oldest
Shikaz
Member
Shikaz

In one of the tutorials I have seen they are installing unbound instead of bind, do you thing from the RHCE perspective it will matter to install bind or unbound?

Jaz
Member
Jaz

What if I put my interface ip address in listen-on port directive and add my network ip in allow-query directive during the exam even if not asked in the question?
Because ‘any’ means no restriction.

dan
Member
dan

why set dnssec-validation to no?

power
Member
power

Hi Guys,
I haven’t seen any DNS question on RHCE mock test. Do you think that might be included in the exam ?

Thank you

Lisenet
Member

It might be as it’s a part of RHCE exam objectives.

I’ve put a sample RHCE example exam here: https://www.lisenet.com/2016/rhce-sample-exam-for-rhel-7/ feel free to give it a try.

mairj23
Member
mairj23

Hi everyone, when I configure a cache only dns server it doesn’t resolve any domain, but it works correctly when I add forwarders any ideas? If I ping a domain from shell it works…
Thanks in advance

asifshabir
Member
asifshabir

This cache only DNS server is supposed to work when you don’t have internet connection i.e. it should resolve the domain even if net is down.

I have followed this guide. Everything mentioned in this guide works perfectly. But, when I disable Internet, it does not resolve any domain.

Please correct me if I am on a wrong line.

Lisenet
Member

“This cache only DNS server is supposed to work when you don’t have internet connection i.e. it should resolve the domain even if net is down.”

This is incorrect.

When a DNS server resolves a query, it returns the answer to the client. The DNS server also stores the answer in its cache for the period of time that was allowed by the records’ TTL value. This way any subsequent requests are processed faster when the nameserver is asked to resolve the same names again. This is about storing the answers in cache – nothing do to with lost internet connection.

asifshabir
Member
asifshabir

thank you for your reply,

Just to rephrase the question.
we have resolved some domains with cache only DNS . Now internet is down…. those resolved domains should also get resolved while cache DNS is offline ( No internet )??

I just wanted to know proper way of testing this server.

Lisenet
Member

Yes, the domain names that were resolved while the server had internet connection will still be served from cache even though internet is down as long as TTL is valid.

Sam
Member
Sam

I don’t think there is a simple way of testing this. If you can’t wait, set up a local DNS, and propagate it with local domain names. Unless you can wait for your internet to become live again.

Lisenet
Member

There is. You log into your caching-only DNS server, the resolve some domain name of your choice, then disable networking simulating “the loss of internet”, and try to resolve the same domain name again. It will be served from local DNS cache as long as TTL is valid.

wpDiscuz

RHCSA7: Task of the day

Allowed time: 5 minutes.
Create two users "tom" and "engine". "tom" has the UID/GID 3000 and "engine" the UID/GID 4000. "engine" doesn't have an interactive shell.

RHCE7: Task of the day

Allowed time: 10 minutes.
Set up a caching-only DNS server.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...