Install and configure DNS & Reverse DNS Server with BIND in CentOS 7

Hi,
I’m going to show you how to install and configure Domain Name System in CentOS.
that is not straight forward process and it’s might be done with different type of configuration based on your needs.
so let’s have some agreements on Basics

Definition of DNS : The DNS (Domain Name System) is a distributed system, used for translate domain names to IP address and vice a versa (Reverse DNS to translate IP address to domain name).For example when we type domain name in browser url like “http://google.com”, Our computer sends a request to DNS and get an ip address of domain.

What is Reverse DNS (rDNS) : Reverse DNS (rDNS) is a method of resolving an IP address into a domain name. exactly reverse scenario of DNS.
you may ask what the use: One of the applications of reverse DNS is as a spam filter. for example spammer uses invalid IP address for sending mails that does not match used domain name. once the request reaches to destination server, server will run reverse DNS lookup against incoming message IP address to DNS system and check the validity of message by finding domain name match, if it doesn’t find any match, server will block the message or mark it as spam.

ok, now we now what is what. let’s assume below network scenario.

  • DNS Server IP: 181.212.94.37
  • DNS Server Name: ns1.mydomain.com, ns2.mydomain.com
  • Domain Name: mydomain.com

what we are going to do? : we have 1 stand-alone server with IP address 181.212.94.37 and we are going to point our domain(mydomain.com) to this server and then create DNS server with these NS records (ns1.mydomain.com, ns2.mydomain.com) on the same server.

First step : let’s point our domain to server IP address and NS records that we are going to create.
for this action, depend on your domain control panel, you have to update your DNS to (ns1.mydomain.com and ns2.mydomain.com) and then create two child-host with these names.

ns1.mydomain.com => pointing to server IP 181.212.94.37
ns2.mydomain.com => pointing to server IP 181.212.94.37
after this change, it will take a bit of time to propagate your changes to network.but for checking the status you can use intodns.com or nslookup  command in your terminal.

Second Step: we need to log-in to our server and install the requirement and make some configuration.
I’m considering that we have CentOS 7 as server OS. so after log-in run below commands.

  1. update yum packages
  2. install bind (Bind packages are available under default yum repositories)
  3. enabling network ports
    after installation, if you have active firewall on your OS, we need to enable bind ports on the firewall.
    bind is using port number 53 on tcp/udp, so we need to enable these ports in our firewall.
    run the below command in terminal for this activity.

    note: if you have iptables, then you need to do this action  based on iptables commands rule.
    for verifying that the port is open, run below command.

    and you will get something like this.

    as you can see, the port is open now.
  4. change the configuration
    after installing the bind, it will add one service to your OS, called “named” which is bind service.
    and this service has configuration file, stored under this path   /etc/named.conf .
    you can use vim or any other editor that you want to modify the configuration file, but please take a back-up before any changes.
    after modification you would have the below file, which I’ll describe you the changes.

    what is the change?
    first add your server IP address here  listen-on port 53 { 127.0.0.1; <strong>185.94.99.27;</strong> }; , this will tell bind to listen on which IP.
    change allow-query to any, this will allow every computer to query your DNS.  allow-query { any; };
    since we are configuring authoritative DNS server , make sure recursion is no ,  recursion no;
    set dnssec setting as below, what is dnssec? click Here

    now it’s time to create zone file and load it, what is zone file? (click Here).
    we are going to create one zone file for our domain name, and an other one for our reverse DNS and then load it in our config.
    loading domain name zone:

    load reverse DNS zone

    content of each zone file :
    note: lines starting with ; are comments.
    mydomain.com.zone

    94.212.181.in-addr.arpa.zone content:


    now we are almost done.
  5. check the configuration and restarting bind
    Before we attempt to start a bind name server with a new zone and configuration here are some tools to check if we have not done some typo or misconfiguration.
    To check a configuration files run a following command:  named-checkconf

    With this named-checkconf command the rule is: no news are good news. If no output had been produced your config files looks OK.
    now let’s check zone files with  named-checkzone



    now seems everything is fine and we just need to restart the bind service.
  6. verifying the DSN server
    to verify that DNS server is working properly, run below command in your system terminal.

    result

    Above output is showing that DNS server has successfully resolved domain mydomain.com.
    and we are finished, hope to be useful.

Leave A Comment?