Setup DNS Server step by step in CentOS 6.3 \/ RHEL 6.3<\/p>\n
DNS (Domain Name System) is the core component of network infrastructure. The DNS service resolves hostname into ip address and vice versa. For example if we type http:\/\/www.rmohan.com in browser, the DNS server translates the domain name into its corresponding ip address. So it makes us easy to remember the domain names instead of its ip address.<\/p>\n
DNS Server Installation in CentOS 6.3:<\/p>\n
This how-to tutorial will shows you how to install and configure DNS server. In this scenario my dns server FQDN (Fully Qualified Domain Name) and
ip-address are webserver.rmohan.com and 192.168.1.100 respectively. The steps provided here are tested in CentOS 6.3, but it should work in RHEL 6.x(x stands for version) and Scientific Linux 6.x too.<\/p>\n
Prerequisites:<\/p>\n
Before proceed, check the following properly.<\/p>\n
1. Check FQDN (Fully Qualified Name) of the server.<\/p>\n
[root@webserver ~]# hostname
webserver.rmohan.com
2. Check IP Address of the Server.<\/p>\n
[root@webserver ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 08:00:27:1B:84:3A
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1b:843a\/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7785 errors:0 dropped:0 overruns:0 frame:0
TX packets:3635 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:729396 (712.3 KiB) TX bytes:461240 (450.4 KiB)
3. Enter the resolver IP (DNS Server IP i.e 192.168.1.100 in our example) in \/etc\/resolv.conf file.<\/p>\n
[root@webserver ~]# nano \/etc\/resolv.conf
# Generated by NetworkManager
search rmohan.com
nameserver 192.168.1.100
4. Disable Firewall.<\/p>\n
[root@webserver ~]# service iptables stop
[root@webserver ~]# chkconfig iptables off
[root@webserver ~]# service ip6tables stop
[root@webserver ~]# chkconfig ip6tables off
5.Disable selinux.<\/p>\n
Set SELINUX=disabled to disable the Selinux in the \/etc\/selinux\/config file..
[root@webserver ~]# nano \/etc\/selinux\/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing – SELinux security policy is enforced.
# permissive – SELinux prints warnings instead of enforcing.
# disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted – Targeted processes are protected,
# mls – Multi Level Security protection.
SELINUXTYPE=targeted
Reboot the server to save the changes.<\/p>\n
6.Check Firewall and Selinux Status:<\/p>\n
[root@webserver ~]# service iptables status
iptables: Firewall is not running.
[root@webserver ~]# service ip6tables status
ip6tables: Firewall is not running.
[root@webserver ~]# sestatus
SELinux status: disabled
Well, all the services are disabled now.
Install bind9 package:<\/p>\n
[root@webserver ~]# yum install bind*
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
localrepo | 1.3 kB 00:00 …
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package bind.i686 32:9.8.2-0.10.rc1.el6 will be installed
–> Processing Dependency: portreserve for package: 32:bind-9.8.2-0.10.rc1.el6.i686
—> Package bind-chroot.i686 32:9.8.2-0.10.rc1.el6 will be installed
—> Package bind-devel.i686 32:9.8.2-0.10.rc1.el6 will be installed
—> Package bind-dyndb-ldap.i686 0:1.1.0-0.9.b1.el6 will be installed
—> Package bind-libs.i686 32:9.8.2-0.10.rc1.el6 will be installed
—> Package bind-sdb.i686 32:9.8.2-0.10.rc1.el6 will be installed
–> Processing Dependency: libpq.so.5 for package: 32:bind-sdb-9.8.2-0.10.rc1.el6.i686
—> Package bind-utils.i686 32:9.8.2-0.10.rc1.el6 will be installed
–> Running transaction check
—> Package portreserve.i686 0:0.0.4-9.el6 will be installed
—> Package postgresql-libs.i686 0:8.4.11-1.el6_2 will be installed
–> Finished Dependency Resolution
Dependencies Resolved
===================================================
Package Arch Version Repository Size
===================================================
Installing:
bind i686 32:9.8.2-0.10.rc1.el6 localrepo 4.0 M
bind-chroot i686 32:9.8.2-0.10.rc1.el6 localrepo 70 k
bind-devel i686 32:9.8.2-0.10.rc1.el6 localrepo 375 k
bind-dyndb-ldap i686 1.1.0-0.9.b1.el6 localrepo 63 k
bind-libs i686 32:9.8.2-0.10.rc1.el6 localrepo 881 k
bind-sdb i686 32:9.8.2-0.10.rc1.el6 localrepo 305 k
bind-utils i686 32:9.8.2-0.10.rc1.el6 localrepo 180 k
Installing for dependencies:
portreserve i686 0.0.4-9.el6 localrepo 22 k
postgresql-libs i686 8.4.11-1.el6_2 localrepo 201 k
Transaction Summary
===================================================
Install 9 Package(s)
Total download size: 6.0 M
Installed size: 13 M
Is this ok [y\/N]: y
Downloading Packages:
——————————————————————————–
Total 16 MB\/s | 6.0 MB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : 32:bind-libs-9.8.2-0.10.rc1.el6.i686 1\/9
Installing : portreserve-0.0.4-9.el6.i686 2\/9
Installing : 32:bind-9.8.2-0.10.rc1.el6.i686 3\/9
Installing : postgresql-libs-8.4.11-1.el6_2.i686 4\/9
Installing : 32:bind-chroot-9.8.2-0.10.rc1.el6.i686 5\/9
Installing : 32:bind-devel-9.8.2-0.10.rc1.el6.i686 6\/9
Installing : 32:bind-sdb-9.8.2-0.10.rc1.el6.i686 7\/9
Installing : bind-dyndb-ldap-1.1.0-0.9.b1.el6.i686 8\/9
Installing : 32:bind-utils-9.8.2-0.10.rc1.el6.i686 9\/9
Verifying : 32:bind-utils-9.8.2-0.10.rc1.el6.i686 1\/9
Verifying : 32:bind-chroot-9.8.2-0.10.rc1.el6.i686 2\/9
Verifying : 32:bind-devel-9.8.2-0.10.rc1.el6.i686 3\/9
Verifying : postgresql-libs-8.4.11-1.el6_2.i686 4\/9
Verifying : 32:bind-sdb-9.8.2-0.10.rc1.el6.i686 5\/9
Verifying : portreserve-0.0.4-9.el6.i686 6\/9
Verifying : 32:bind-9.8.2-0.10.rc1.el6.i686 7\/9
Verifying : 32:bind-libs-9.8.2-0.10.rc1.el6.i686 8\/9
Verifying : bind-dyndb-ldap-1.1.0-0.9.b1.el6.i686 9\/9
Installed:
bind.i686 32:9.8.2-0.10.rc1.el6 bind-chroot.i686 32:9.8.2-0.10.rc1.el6
bind-devel.i686 32:9.8.2-0.10.rc1.el6 bind-dyndb-ldap.i686 0:1.1.0-0.9.b1.el6
bind-libs.i686 32:9.8.2-0.10.rc1.el6 bind-sdb.i686 32:9.8.2-0.10.rc1.el6
bind-utils.i686 32:9.8.2-0.10.rc1.el6
Dependency Installed:
portreserve.i686 0:0.0.4-9.el6 postgresql-libs.i686 0:8.4.11-1.el6_2
Complete!
Configuration:<\/p>\n
The main configuration of the DNS will look like below. Edit and add the entries below which are marked as bold in this configuration files.<\/p>\n
[root@webserver ~]# nano \/etc\/named.conf
\/\/
\/\/ named.conf
\/\/
\/\/ Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
\/\/ server as a caching only nameserver (as a localhost DNS resolver only).
\/\/
\/\/ See \/usr\/share\/doc\/bind*\/sample\/ for example named configuration files.
\/\/
options {
listen-on port 53 { 127.0.0.1; 192.168.1.100; };
listen-on-v6 port 53 { ::1; };
directory “\/var\/named”;
dump-file “\/var\/named\/data\/cache_dump.db”;
statistics-file “\/var\/named\/data\/named_stats.txt”;
memstatistics-file “\/var\/named\/data\/named_mem_stats.txt”;
allow-query { localhost; 192.168.1.0\/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
\/* Path to ISC DLV key *\/
bindkeys-file “\/etc\/named.iscdlv.key”;
managed-keys-directory “\/var\/named\/dynamic”;
};
logging {
channel default_debug {
file “data\/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “rmohan.com” IN {
type master;
file “fwd.rmohan.com”;
allow-update { none; };
};
zone “1.168.192.in-addr.arpa” IN {
type master;
file “rev.rmohan.com”;
allow-update { none; };
};
include “\/etc\/named.rfc1912.zones”;
include “\/etc\/named.root.key”;
Create Zone files:<\/p>\n
Now we should create forward and reverse zone files which we mentioned in the \/etc\/named.conf file.
Create Forward Zone:<\/p>\n
Create fwd.rmohan.com file in the \/var\/named directory and add the entries for forward zone as shown below.<\/p>\n
[root@webserver ~]# nano \/var\/named\/fwd.rmohan.com
$TTL 86400
@ IN SOA webserver.rmohan.com. root.rmohan.com. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
IN NS webserver.rmohan.com.
IN A 192.168.1.100
webserver IN A 192.168.1.100
Save and exit the file by pressing the keys CTRL+O and CTRL+X.<\/p>\n
Create Reverse Zone:<\/p>\n
Create rev.rmohan.com file in the \/var\/named directory and add the entries for reverse zone as shown below.<\/p>\n
[root@webserver ~]# nano \/var\/named\/rev.rmohan.com
$TTL 86400
@ IN SOA webserver.rmohan.com. root.rmohan.com. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
IN NS webserver.rmohan.com.
IN PTR rmohan.com.
IN A 255.255.255.0
100 IN PTR webserver.rmohan.com.
Save and exit by pressing the keys CTRL+O and CTRL+X.<\/p>\n
Start the bind service.<\/p>\n
[root@webserver ~]# service named start
Generating \/etc\/rndc.key: [ OK ]
Starting named: [ OK ]
[root@webserver ~]# chkconfig named on
Test DNS Server:<\/p>\n
[root@webserver ~]# dig webserver.rmohan.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> webserver.rmohan.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 217
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;webserver.rmohan.com. IN A
;; ANSWER SECTION:
webserver.rmohan.com. 86400 IN A 192.168.1.100
;; AUTHORITY SECTION:
rmohan.com. 86400 IN NS webserver.rmohan.com.
;; Query time: 3 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Fri Jan 25 16:50:45 2013
;; MSG SIZE rcvd: 72
[root@webserver ~]# dig -x 192.168.1.100
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> -x 192.168.1.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3272
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;100.1.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
100.1.168.192.in-addr.arpa. 86400 IN PTR webserver.rmohan.com.
;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS webserver.rmohan.com.
;; ADDITIONAL SECTION:
webserver.rmohan.com. 86400 IN A 192.168.1.100
;; Query time: 4 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Fri Jan 25 16:52:13 2013
;; MSG SIZE rcvd: 112
If you get all the four sections QUESTION, ANSWER, AUTHORITY, ADDITIONAL as 1, you\u2019re done. Otherwise check the steps again for any mistakes.<\/p>\n
Thats it. Have a good day!!!<\/p>\n","protected":false},"excerpt":{"rendered":"
Setup DNS Server step by step in CentOS 6.3 \/ RHEL 6.3<\/p>\n
DNS (Domain Name System) is the core component of network infrastructure. The DNS service resolves hostname into ip address and vice versa. For example if we type http:\/\/www.rmohan.com in browser, the DNS server translates the domain name into its corresponding ip address. So […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/1867"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1867"}],"version-history":[{"count":3,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/1867\/revisions"}],"predecessor-version":[{"id":1872,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/1867\/revisions\/1872"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}