DNS server or The Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain namesassigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for the purpose of locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System is an essential component of the functionality of the Internet.

The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet resources by designating authoritative name servers for each domain. Network administrators may delegate authority over sub-domains of their allocated name space to other name servers. This mechanism provides distributed and fault tolerant service and was designed to avoid a single large central database.

The Domain Name System also specifies the technical functionality of the database service that is at its core. It defines the DNS protocol, a detailed specification of the data structures and data communication exchanges used in the DNS, as part of the Internet Protocol Suite. Historically, other directory services preceding DNS were not scalable to large or global directories as they were originally based on text files, prominently the HOSTS.TXT resolver. The Domain Name System has been in use since the 1980s.  ( Wikipedia)

Environment :

hostnames and  Ip adresses

Systems  are  : Centos  7 Minimal Installation 

screenshot_20161027_195700

 

1-Setup  packages  for  Primary  DNS Server (master) 

1-1-Configure DNS  Server  (Master)

vi  /etc/named.com

[[email protected] named]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
listen-on port 53 { 127.0.0.1; 192.168.0.101;};
listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
allow-query { localhost; 192.168.0.0/24;};
allow-transfer{ localhost; 192.168.0.102; }; ### Slave DNS IP ###
recursion yes;
/*
– If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
– If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
– If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/

dnssec-enable yes;
dnssec-validation yes;

/* Path to ISC DLV key */
bindkeys-file “/etc/named.iscdlv.key”;

managed-keys-directory “/var/named/dynamic”;

pid-file “/run/named/named.pid”;
session-keyfile “/run/named/session.key”;
};

logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};

zone “.” IN {
type hint;
file “named.ca”;
};
zone “jointux.local” IN {
type master;
file “forward.jointux”;
allow-update { none; };
};
zone “1.168.192.in-addr.arpa” IN {
type master;
file “reverse.jointux”;
allow-update { none; };
};

include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;

 

1-2-Add  Zone files

We  dont need zone files,  we have already add the zone config in the named.conf

1-3-Create Forward zone

add  new  files ib /var/names/ called forward.jointux

and  the   following

screenshot_20161024_213046

1-4-Create Reverse Zone

create the  file reverse.jointux  under /var/names  with the following  code

vi  /var/named/reverse.jointux

 

screenshot_20161024_213228

1-5-Configure Ownership  and Selinux

1-6-Firewall Configuration:

1-7-Enable and start DNS service:

e) Edti    /etc/resolv.conf 

f)Restart   Network Service  to  use the  new   network settings  and  Test  DNS  server 

g)Try  Nslookup

h)Please  dont  Panic if  you    get 

g)try an  internet  nslookup

Your  Server  is  working  fine

2-Install  and Configure  Secondary(Slave) DNS Server

Install  the  needed packages bind bind-utils

 

2-1-Configure   Slave  DNS  server 

Edit file ‘/etc/named.conf’

 

2-2-Restart   DNS  Services 

If  your   Configuration is good.  two files   will be  created  automatically under  /var/named/slaves/

screenshot_20161024_221608

2-4-Set   DNS  configurations 

2-5-Restart   Network  and  Configure the  Firewall to Allow  DNS  ports 

2-6-Change  Ownership and  configure Selinux 

2-7-Now   TEST Dns Server   from the  Secondary  Server (Slave)

screenshot_20161024_230249

c)Nslookup  Jointux,local 

very  nice 🙂 !!!

3-Configure The  Centos  Client  

3-1-Please add  the  DNS  server to  your  Ethernet  card   and  restart   network 

3-2-Restart network service  and make  some test .

 3-4-Restart   Network   and make some tests 

 

New resolv.onf  file should be  generated 

Nice  results  ! 🙂 

 

 

 

 

 

SHARE
Linux Engineer, born in Morocco, living in Amsterdam. with large knowledge of TUX and opensource. am Working with Linux from very long time , i have created this blog to serve people. please join us

LEAVE A REPLY

Please enter your comment!
Please enter your name here