- Linux DNS Configuration
- Installation
- Firewall
- SELinux
- Configure a caching-only name server
- Configure a caching-only name server to forward DNS queries
- /etc/resolv.conf
- What’s next?
- How to Set Up a Bind DNS Server on Oracle Linux
- How to Set Up a Bind DNS Server on Oracle Linux
- 1. Introduction to Bind DNS Server
- 2. Prerequisites
- 3. Installing Bind on Oracle Linux
- 4. Configuring Bind
- 5. Setting up Forward and Reverse DNS Zones
- Forward DNS Zone
- Reverse DNS Zone
- 6. Testing and Troubleshooting
- 7. Conclusion
Linux DNS Configuration
This article provides a very brief introduction to Domain Name System (DNS) (BIND) configuration on Linux, with specific reference to the information needed for the RHCE EX300 certification exam.
Remember, the exams are hands-on, so it doesn’t matter which method you use to achieve the result, so long as the end product is correct.
Installation
The BIND DNS service is installed from a Yum repository using the following command.
Depending on your plans for the DNS, you might also find it useful to install the following two packages.
# yum install bind-libs bind-utils
In RHEL5 and Fedora distributions there is a GUI tool called system-config-bind , but this has been removed from RHEL6. In my opinion this is no major loss as I found it more confusing to use than adjusting the configuration files directly.
Turn on the DNS (named) server and make sure it starts automatically on reboot.
# service named start # chkconfig named on
DNS is configured by altering the contents of the «/etc/named.conf» file and the contents of the «/var/named» directory. Configuration changes have to be followed by a reload or a restart of the DNS service.
# service named restart # # or # service named reload # /etc/init.d/named reload
Firewall
If you are using the Linux firewall, you need to open port 53 specifically. Assuming you are using a firewall setup file, as described here, you can include the following additions to the INPUT chain.
# Open ports for DNS. iptables -A INPUT -p tcp --dport 53 -j ACCEPT iptables -A INPUT -p udp --dport 53 -j ACCEPT
SELinux
If you are using SELinux, you will need to consider the following points.
The SELinux booleans associated with the DNS service are displayed using the getsebool command.
# getsebool -a | grep named named_write_master_zones --> off #
The setsebool command is used to set a specific boolean value.
# setsebool named_write_master_zones on # setsebool named_write_master_zones off
More information on SELinux can be found here.
Configure a caching-only name server
By default the contents of the «/etc/named.conf» file configure a caching-only name server that is restricted to the local machine. This is indicated by the following entries in the «options» section of the configuration file.
allow-query < localhost; >; recursion yes;
To extend this amend the «allow-query» entry, adding a «;» separated list of IP addresses or wildcards to signify which machines can query the DNS server. Alternatively, use the «any» value.
# Everything. The default if the allow-query entry is missing. allow-query < any; >; # Specific allow-query < localhost; 192.168.0.1; 192.168.0.2; >; # Wildcards allow-query < localhost; 192.168.0.0/24; >;
Remember to reload the configuration before testing the change.
Configure a caching-only name server to forward DNS queries
Adding the «forwarders» parameter to the «options» section of the «/etc/named.conf» file allows the DNS to forward any unresolved names to alternative DNS servers. This is commonly used when a company DNS resolves all internal company names, but forwards external names to the DNS provided by an internet service provider.
allow-query < any; >; forwarders < 194.168.4.100; 194.168.8.100; >; recursion yes;
If the DNS is only used as a forwarder, the «forward only» setting should be used.
allow-query < any; >; forward only; forwarders < 194.168.4.100; 194.168.8.100; >; recursion yes;
Remember to reload the configuration before testing the change.
/etc/resolv.conf
The «/etc/resolv.conf» file tells a Linux machine which DNS server to use when attempting to resolve machine names.
# Generated by NetworkManager search localdomain nameserver 192.168.0.4
Multiple entries are allowed if you have multiple DNS servers.
# Generated by NetworkManager search localdomain nameserver 192.168.0.4 nameserver 192.168.0.5 nameserver 192.168.0.6
What’s next?
The requirements for the RHCE EX300 certification exam are extremely limited, so you’ve already covered what you need to know.
If you actually want to use BIND for something more interesting than a caching DNS server, you should probably check out this article on DNS Configuration for the SCAN used with Oracle RAC Database 11g Release 2. That introduces the entries necessary to resolve names on your local network.
Hope this helps. Regards Tim.
Created: 2013-01-07 Updated: 2015-06-27
How to Set Up a Bind DNS Server on Oracle Linux
Managing your own Domain Name System (DNS) server can give you more control and flexibility over your domain names. Bind is a popular DNS server software that has been widely used for many years. In this article, we will walk you through the process of how to set up a Bind DNS server on Oracle Linux. We will also discuss some key concepts and configurations for better understanding and management.
Table of Contents
- Introduction to Bind DNS Server
- Prerequisites
- Installing Bind on Oracle Linux
- Configuring Bind
- Setting up Forward and Reverse DNS Zones
- Testing and Troubleshooting
- Conclusion
How to Set Up a Bind DNS Server on Oracle Linux
1. Introduction to Bind DNS Server
Bind (Berkeley Internet Name Domain) is an open-source software that enables you to manage your DNS records. It can be configured as a primary or secondary DNS server, allowing you to resolve domain names to IP addresses and vice versa. A well-configured Bind DNS server can significantly improve the performance of your network and websites by caching DNS queries and reducing latency.
2. Prerequisites
Before we begin, ensure that you have the following:
- A running Oracle Linux server with root access
- A registered domain name (e.g., example.com)
- Basic understanding of DNS concepts and configurations
If you haven’t set up your Oracle Linux server yet, you can follow the guides on how to install KVM on Oracle Linux or how to install LAMP stack on Oracle Linux.
3. Installing Bind on Oracle Linux
To install Bind on Oracle Linux, follow these steps:
sudo yum install -y bind bind-utils
sudo systemctl enable named sudo systemctl start named
sudo systemctl status named
4. Configuring Bind
The main configuration file for Bind is located at /etc/named.conf . Before making any changes, create a backup of the original file:
sudo cp /etc/named.conf /etc/named.conf.backup
Now, open the configuration file with your favorite text editor, such as vim:
In the options section, add or modify the following directives:
- listen-on port : Specify the port number on which the server should listen. The default is 53.
- listen-on : Specify the IP addresses the server should listen on. You can use the any keyword to allow all IP addresses, or you can specify individual IPs.
- allow-query : Specify the IP addresses or networks that are allowed to query the server. You can use the any keyword to allow all IPs, or you can specify individual IPs or networks.
5. Setting up Forward and Reverse DNS Zones
After configuring Bind, you need to create forward and reverse DNS zones for your domain.
Forward DNS Zone
A forward DNS zone maps domain names to IP addresses. To create a forward DNS zone, follow these steps:
sudo vim /var/named/forward.example.com.db
- Add the following records to the zone file, replacing example.com with your domain name and the corresponding IP addresses:
$TTL 86400 @ IN SOA ns1.example.com. admin.example.com. ( 2022041101 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) @ IN NS ns1.example.com. @ IN A 192.168.1.10 ns1 IN A 192.168.1.10
Reverse DNS Zone
A reverse DNS zone maps IP addresses to domain names. To create a reverse DNS zone, follow these steps:
sudo vim /var/named/reverse.example.com.db
- Add the following records to the zone file, replacing example.com with your domain name and the corresponding IP addresses:
$TTL 86400 @ IN SOA ns1.example.com. admin.example.com. ( 2022041101 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) @ IN NS ns1.example.com. 10 IN PTR ns1.example.com.
After creating your forward and reverse zone files, update the /etc/named.conf file with the zone information:
zone "example.com" IN < type master; file "/var/named/forward.example.com.db"; >; zone "1.168.192.in-addr.arpa" IN < type master; file "/var/named/reverse.example.com.db"; >;
Restart the Bind service to apply the changes:
sudo systemctl restart named
6. Testing and Troubleshooting
To test your Bind DNS server, you can use the dig and nslookup utilities. Replace example.com and 192.168.1.10 with your domain name and IP address.
nslookup -type=ns example.com
If you encounter any issues, check the Bind logs in the /var/log/messages file for any error messages:
sudo grep named /var/log/messages
7. Conclusion
Congratulations! You have successfully set up a Bind DNS server on Oracle Linux. Now you have more control over your domain names and can improve the performance of your network and websites by caching DNS queries and reducing latency. For more Oracle Linux tutorials, check out our guides on how to install Ansible on Oracle Linux and how to set up a MySQL database server on Oracle Linux.
Remember that DNS configuration is an essential part of any network and server infrastructure, so always keep your server up-to-date and monitor its performance.
To enhance your Oracle Linux system even further, explore our other tutorials on topics such as how to install a LAMP stack on Oracle Linux, how to install FTP server on Oracle Linux, and how to install PowerDNS on Oracle Linux.
For those interested in virtualization, we have tutorials on how to install KVM on Oracle Linux and how to build a file server on Oracle Linux.
Finally, if you want to learn about other essential tools and utilities, explore our guides on how to install Ruby on Oracle Linux, how to install wget on Oracle Linux, and how to install vim on Oracle Linux.
By continuing to learn and improve your Oracle Linux skills, you’ll be better equipped to manage and maintain a high-performance, secure, and reliable server environment.