DNS server installation and configuration on Redhat 6 64 bi
Example Configuration
DNS Server Details:
Operating System : Redhat 6.5 64 bit
Hostname :
tn.example.gov.in
IP Address :
192.168.1.161/24
Client Details:
Operating System : Redhat 6.5 64 bit
Hostname :
tn2.example.gov.in
IP Address :
192.168.1.221/24
DNS installation
Steps:
1.
Install
Bind Chroot DNS server :
# yum install bind-chroot bind -y
2.
Copy all
bind related files to prepare bind chrooted environments :
# cp -R /usr/share/doc/bind-*/sample/var/named/*
/var/named/chroot/var/named/
3.
Create
bind related files into chrooted directory :
# touch /var/named/chroot/var/named/data/cache_dump.db
# touch /var/named/chroot/var/named/data/named_stats.txt
# touch /var/named/chroot/var/named/data/named_mem_stats.txt
# touch /var/named/chroot/var/named/data/named.run
# mkdir /var/named/chroot/var/named/dynamic
# touch /var/named/chroot/var/named/dynamic/managed-keys.bind
4.
Bind
lock file should be writeable, therefore set the permission to make it writable
as below :
# chmod -R 777 /var/named/chroot/var/named/data
# chmod -R 777 /var/named/chroot/var/named/dynamic
5.
Set
if you do not use IPv6 :
# echo 'OPTIONS="-4"' >> /etc/sysconfig/named
6.
Copy
/etc/named.conf chrooted bind config folder :
# cp -p /etc/named.conf /var/named/chroot/etc/named.conf
7.
Configure
main bind configuration in /etc/named.conf. Append the example.gov.in
information to the file :
# vi /var/named/chroot/etc/named.conf
a.
Add
bind DNS IP addresses :
..
listen-on port 53 { 127.0.0.1;192.168.1.161;192.168.1.0; };
..
b.
Create
forward and reverse zone :
..
..
zone "example.gov.in" {
type master;
file "example.gov.in.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.zone";
};
..
..
Full configuration for named.conf :
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1;192.168.1.161;192.168.1.0; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.1.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.gov.in" {
type master;
file "example.gov.in.zone";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.zone";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
8.
Create
Forward and Reverse zone files for domain example.gov.in.
a.
Create
Forward Zone :
# vi /var/named/chroot/var/named/example.gov.in.zone
;
; Addresses and other host information.
;
$TTL 86400
@ IN
SOA ns1.example.gov.in.
root.example.gov.in. (
2013042201 ; Serial
43200 ; Refresh
3600 ; Retry
3600000 ; Expire
2592000 ) ; Minimum
; Define the nameservers and the mail
servers
IN NS
ns1.example.gov.in.
IN A
192.168.1.161
IN MX
10 mail.example.gov.in.
tn IN A
192.168.1.161
mail IN A
192.168.1.161
ns1 IN A
192.168.1.161
tn2 IN A
192.168.1.221
b.
Create
Reverse Zone :
# vi /var/named/chroot/var/named/192.168.1.zone
;
; Addresses and other host information.
;
$TTL 86400
@ IN SOA ns1.example.gov.in. root.example.gov.in. (
2013042201 ; Serial
43200 ; Refresh
3600 ; Retry
3600000 ; Expire
2592000 ) ; Minimum
@ IN NS ns1.example.gov.in.
@ IN PTR example.gov.in.
ns1 IN A 192.168.1.161
161 IN PTR mail.example.gov.in.
161 IN PTR ns1.example.gov.in.
161 IN PTR tn.example.gov.in.
221 IN PTR tn2.example.gov.in.
9.
Start
Bind service :
# /etc/init.d/named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
10.
Configure
Bind auto start at boot :
# chkconfig --levels 235 named on
11.
Test
and verify Bind DNS setup :
a.
Test
and verify using host command :
# host -t ns example.gov.in
# host -t mx example.gov.in
b.
Test
and verify using nslookup command :
# nslookup
Ø
Set type=any
Ø
Example.gov.in
Ø
Exit
c.
Test
and verify using dig command :
# dig example.gov.in