This document provides instructions for installing and configuring BIND (DNS) on a CentOS 6 server. It describes how to configure the IP address, hostname, and DNS settings. It also explains how to install and configure BIND, including creating forward and reverse DNS zones for the dragongang.com domain. The configuration is tested using nslookup and dig to verify name resolution.
How to Troubleshoot Apps for the Modern Connected Worker
DNS (BIND) on CentOS
1. How to Install DNS (BIND) on CentOS 6.x
Here is the required information which will be used in configuration
9 IP Address : 191.140.30.15
9 Hostname : ns1
9 Domain Name : dragongang.com
9 FQDN : ns1.dragongang.com
9 BIND Listen Port : 53
9 BIND Forward Zone : fwd.dragongang.com
9 BIND Reverse Zone : rev.dragongang.com
¾ IP Address Configuration:
o Assume that you have fresh centos installed on your box and logged in as root user.
o Now from terminal check your ip address setting with following command
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0”
BOOTPROTO=”dhcp”
HWADDR=”DE:AD:BE:EF:CA:FE”
IPV6INIT=”yes”
NM_CONTROLLED=”yes”
ONBOOT=”yes”
TYPE=”Ethernet”
UUID=”here will be something”
o Now turn off network manager by following command
service NetworkManager stop && chkconfig NetworkManager off
o Now configure IP address as required by following command
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0”
BOOTPROTO=”none”
HWADDR=”DE:AD:BE:EF:CA:FE”
IPV6INIT=”yes”
NM_CONTROLLED=”no”
ONBOOT=”yes”
TYPE=”Ethernet”
UUID=”here will be something”
IPADDR=191.140.30.15
NETMASK=255.255.255.0
GATEWAY=191.140.30.1
DNS1=191.140.30.15
DNS2=8.8.8.8
USERCTL=no
o Now restart the networking service
service network restart
¾ Hostname Configuration:
o Change your hostname with the following command
echo "191.140.30.15 ns1 ns1.dragongang.com" >/etc/hosts
¾ Resolver Configuration:
o Change the /etc/resolv.conf file with the following command
vim /etc/resolv.conf
domain dragongang.com
2. search dragongang.com
nameserver 191.140.30.15
nameserver 8.8.8.8
¾ Local Repository Create:
o Now mount installation disk into /mnt, create a folder (localrepo) in / directory and copy all file
from /mnt to /localrepo
mount /dev/sr0 /mnt
mkdir /localrepo
cp -R /mnt/* /localrepo/
o Wait until finish copying all files into disk
o Now Create repo file with your desired name
mkdir /repos
mv /etc/yum.repos.d/* /repos/
vim /etc/yum.repos.d/dragon.repo
[dragonrepo]
name=Linux Local Repo for Dragongang
baseurl=file:///localrepo
enabled=1
gpgcheck=0
yum clean all
¾ Install BIND
o Now Install bind using below command and follow the steps
yum install bind bind-chroot bind-dyndb-ldap bind-utils*
¾ Configure BIND
o Change the blue marked lines as desired
vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 191.140.30.15; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
recursion no;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
3. managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
//Forward Zone File Declaration
zone “dragongang.com” IN {
type master;
file “fwd.dragongang.com”;
};
//Reverse Zone File Declaration
zone “30.140.191.in-addr.arpa” IN {
type master;
file “rev.dragongang.com”;
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
o Now Create Zone Files as stated in /etc/named.conf
cp /var/named/named.localhost /var/named/fwd.dragongang.com
cp /var/named/named.loopback /var/named/rev.dragongang.com
vim /var/named/fwd.dragongang.com
$TTL 1D
@ IN SOA dragongang.com. root.dragongang.com. (
2014091401 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.dragongang.com.
ns1 IN A 191.140.30.15
vim /var/named/rev.dragongang.com
$TTL 1D
@ IN SOA dragongang.com. root.dragongang.com. (
2014091401 ; serial
1D ; refresh
1H ; retry
1W ; expire
4. 3H ) ; minimum
@ IN NS ns1.dragongang.com.
ns1 IN A 191.140.30.15
15 IN PTR ns1.dragongang.com.
o Now Change the file owner and permission
chown named:named /var/named/fwd.dragongang.com /var/named/rev.dragongang.com
/etc/named.conf
chmod 755 /var/named/fwd.dragongang.com /var/named/rev.dragongang.com /etc/named.conf
o Now Start BIND Service by following command
service named start && chkconfig named on
o Now check using nslookup
nslookup ns1.dragongang.com
dig dragongang.com
¾ IPTables Configuration
o Accept Traffic for 53 port from tcp and udp protocol using following command
iptables -A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
service iptables save
service iptables restart
o Similarly Accept Traffic for you desired port
o Now Reboot your server and check the services.