Scribd Logo
Upload

Welcome to Scribd!

  • 2 views

    DNS S

    Uploaded by

    arafislam83

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    DNS S

    Uploaded by

    arafislam83
    2 views4 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    2 views4 pages

    DNS S

    Uploaded by

    arafislam83

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 4

    Step-by-Step DNS Server Configuration Using BIND on Linux

    1. Install BIND DNS Software

    For Debian/Ubuntu-based systems:

    bash
    Copy code
    sudo apt update
    sudo apt install bind9 bind9utils bind9-doc

    For CentOS/RHEL-based systems:

    bash
    Copy code
    sudo yum install bind bind-utils

    2. Configure the BIND DNS Server

    The main configuration file for BIND is typically located at /etc/bind/named.conf (on
    Debian/Ubuntu) or /etc/named.conf (on CentOS/RHEL).

    1. Edit the main configuration file:

    bash
    Copy code
    sudo nano /etc/bind/named.conf.options # Debian/Ubuntu
    sudo nano /etc/named.conf # CentOS/RHEL

    2. Set up the Options Block:

    Within the configuration file, you can define options like DNS forwarding, directory, and
    ACLs. Here’s an example of what this block may look like:

    plaintext
    Copy code
    options {
    directory "/var/cache/bind";
    allow-query { any; };
    recursion yes;
    forwarders {
    8.8.8.8; # Google DNS
    8.8.4.4;
    };
    };

    3. Create DNS Zone Files:

    DNS zones contain the mapping of IP addresses to domain names. You’ll need to set up
    forward and reverse lookup zones.
    o Forward Lookup Zone (maps domain name to IP):

    In the named.conf.local file (or similar), add a new zone configuration:

    plaintext
    Copy code
    zone "example.com" {
    type master;
    file "/etc/bind/zones/db.example.com";
    };

    Then, create the file /etc/bind/zones/db.example.com with the following


    content:

    plaintext
    Copy code
    $TTL 604800
    @ IN SOA ns1.example.com. admin.example.com. (
    3 ; Serial
    604800 ; Refresh
    86400 ; Retry
    2419200 ; Expire
    604800 ) ; Negative Cache TTL

    ; Name servers
    @ IN NS ns1.example.com.

    ; A records for name servers


    ns1 IN A 192.168.1.10

    ; A records for domain


    @ IN A 192.168.1.10
    www IN A 192.168.1.10

    o Reverse Lookup Zone (maps IP to domain name):

    For reverse DNS, add the following to named.conf.local:

    plaintext
    Copy code
    zone "1.168.192.in-addr.arpa" {
    type master;
    file "/etc/bind/zones/db.192.168.1";
    };

    Then create /etc/bind/zones/db.192.168.1:

    plaintext
    Copy code
    $TTL 604800
    @ IN SOA ns1.example.com. admin.example.com. (
    3 ; Serial
    604800 ; Refresh
    86400 ; Retry
    2419200 ; Expire
    604800 ) ; Negative Cache TTL

    ; Name servers
    @ IN NS ns1.example.com.

    ; PTR records
    10 IN PTR example.com.

    4. Set Permissions and Restart BIND

    1. Set correct permissions for the zone files:

    bash
    Copy code
    sudo chown bind:bind /etc/bind/zones/db.example.com
    sudo chown bind:bind /etc/bind/zones/db.192.168.1

    2. Restart the BIND service to apply changes:

    bash
    Copy code
    sudo systemctl restart bind9 # Debian/Ubuntu
    sudo systemctl restart named # CentOS/RHEL

    3. Enable BIND to start on boot:

    bash
    Copy code
    sudo systemctl enable bind9 # Debian/Ubuntu
    sudo systemctl enable named # CentOS/RHEL

    5. Testing the DNS Server

    To test the DNS server, you can use dig or nslookup commands from a client computer:

     For Forward Lookup:

    bash
    Copy code
    dig @your_server_ip example.com

     For Reverse Lookup:

    bash
    Copy code
    dig @your_server_ip -x 192.168.1.10

    Additional Notes
     Firewall Rules: Ensure that port 53 (UDP/TCP) is open on your firewall.
     Set Up Secondary DNS (Optional): For redundancy, set up a secondary DNS server that
    pulls zone information from the primary server.

    This setup should give you a functioning DNS server using BIND. Let me know if you need help
    with specific aspects or advanced features!

    You might also like