Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
1K views

How To Install and Configure DNS Server in Linux

The document explains how to install and configure a DNS server on Linux. It involves installing the bind9 package, configuring it as a caching nameserver to forward queries to public DNS servers, and then configuring it as a primary/master nameserver for a domain. This involves creating configuration files that define the domain name, hosts, and IP address mappings for both forward and reverse lookups. The DNS server is tested by resolving hostnames within the domain.

Uploaded by

senthilvael4070
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
1K views

How To Install and Configure DNS Server in Linux

The document explains how to install and configure a DNS server on Linux. It involves installing the bind9 package, configuring it as a caching nameserver to forward queries to public DNS servers, and then configuring it as a primary/master nameserver for a domain. This involves creating configuration files that define the domain name, hosts, and IP address mappings for both forward and reverse lookups. The DNS server is tested by resolving hostnames within the domain.

Uploaded by

senthilvael4070
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

How to Install and Configure DNS Server in Linux

Domain Name Service (DNS) is an internet service that maps IP addresses to fully qualified domain names (FQDN) and vice versa. BIND stands for Berkley Internet Naming Daemon. BIND is the most common program used for maintaining a name server on Linux. In this tutorial, we will explain how to install and configure a DNS server. If you are new to DNS, you should first understand the fundamentals of DNS and how it works.

1. Network Information
In this tutorial, we are going to setup a local DNS server for the network shown in the below diagram. Well use thegeekstuff.net domain as an example for this DNS installation. mail, web, ns are the hosts that resides within this domain. It is possible to configure a single system to act as a caching name server, primary/master and secondary/slave. We will configure this DNS as a Primay/Master as well as Caching DNS server. Well be installing DNS server on 10.42.0.83.

2. Install Bind
Install the bind9 package using the appropriate package management utilities for your Linux distributions. On Debian/Ubuntu flavors, do the following:
$ sudo apt-get install bind9

On Redhat/CentOS/Fedora flavors, do the following:


# yum install bind9

All the DNS configurations are stored under /etc/bind directory. The primary configuration is /etc/bind/named.conf which will include other needed files. The file named /etc/bind/db.root describes the root nameservers in the world.

3. Configure Cache NameServer


The job of a DNS caching server is to query other DNS servers and cache the response. Next time when the same query is given, it will provide the response from the cache. The cache will be updated periodically. Please note that even though you can configure bind to work as a Primary and as a Caching server, it is not advised to do so for security reasons. Having a separate caching server is advisable. All we have to do to configure a Cache NameServer is to add your ISP (Internet Service Provider)s DNS server or any OpenDNS server to the file /etc/bind/named.conf.options. For Example, we will use googles public DNS servers, 8.8.8.8 and 8.8.4.4. Uncomment and edit the following line as shown below in /etc/bind/named.conf.options file.
forwarders { 8.8.8.8; 8.8.4.4; };

After the above change, restart the DNS server.


$ sudo service bind9 restart

4. Test the Cache NameServer


You can use the dig command to test DNS services. DIG command examples explains more about how to perform DNS lookups.

$ dig ubuntu.com ;; Query time: 1323 msec

Now when the second time you execute the dig, there should be an improvement in the Query time. As you see below, it took only 3 msec the second time, as it is getting the info from our caching DNS server.
$ dig ubuntu.com ;; Query time: 3 msec

5. Configure Primary/Master Nameserver


Next, we will configure bind9 to be the Primary/Master for the domain/zone thegeekstuff.net. As a first step in configuring our Primary/Master Nameserver, we should add Forward and Reverse resolution to bind9. To add a DNS Forward and Reverse resolution to bind9, edit /etc/bind9/named.conf.local.
zone "thegeekstuff.net" { type master; file "/etc/bind/db.thegeekstuff.net"; }; zone "0.42.10.in-addr.arpa" { type master; notify no; file "/etc/bind/db.10"; };

Now the file /etc/bind/db.thegeekstuff.net will have the details for resolving hostname to IP address for this domain/zone, and the file /etc/bind/db.10 will have the details for resolving IP address to hostname.

6. Build the Forward Resolution for Primary/Master NameServer


Now we will add the details which is necessary for forward resolution into /etc/bind/db.thegeekstuff.net. First, copy /etc/bind/db.local to /etc/bind/db.thegeekstuff.net
$ sudo cp /etc/bind/db.local /etc/bind/db.thegeekstuff.net

Next, edit the /etc/bind/db.thegeekstuff.net and replace the following. 1. In the line which has SOA: localhost. This is the FQDN of the server in charge for this domain. Ive installed bind9 in 10.42.0.83, whose hostname is ns. So replace the localhost. with ns.thegeekstuff.net.. Make sure it ends with a dot(.).

2. In the line which has SOA: root.localhost. This is the E-Mail address of the person who is responsible for this server. Use dot(.) instead of @. Ive replaced with lak.localhost. 3. In the line which has NS: localhost. This is defining the Name server for the domain (NS). We have to change this to the fully qualified domain name of the name server. Change it to ns.thegeekstuff.net.. Make sure you have a . at the end. Next, define the A record and MX record for the domain. A record is the one which maps hostname to IP address, and MX record will tell the mailserver to use for this domain. Once the changes are done, the /etc/bind/db.thegeekstuff.net file will look like the following:
$TTL @ IN 604800 SOA ns.thegeekstuff.net. lak.localhost. ( 1024 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL 10 mail.thegeekstuff.net.

; @ IN NS ns.thegeekstuff.net. thegeekstuff.net. IN MX ns IN A 10.42.0.83 web IN A 10.42.0.80 mail IN A 10.42.0.70

6. Build the Reverse Resolution for Primary/Master NameServer


We will add the details which are necessary for reverse resolution to the file /etc/bind/db.10. Copy the file /etc/bind/db.127 to /etc/bind/db.10
$ sudo cp /etc/bind/db.127 /etc/bind/db.10

Next, edit the /etc/bind/db.10 file, and basically changing the same options as /etc/bind/db.thegeekstuff.net
$TTL @ IN 604800 SOA ns.thegeekstuff.net. root.localhost. ( 20 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL NS ns.

; @

IN

Next, for each A record in /etc/bind/db.thegeekstuff.net, add a PTR record.


$TTL @ IN 604800 SOA ns.thegeekstuff.net. root.thegeekstuff.net. ( 20 ; Serial 604800 ; Refresh

86400 2419200 604800 ) ; @ 83 70 80 IN IN IN IN NS PTR PTR PTR

; Retry ; Expire ; Negative Cache TTL

ns. ns.thegeekstuff.net. mail.thegeekstuff.net. web.thegeekstuff.net.

Whenever you are modifying the file db.thegeekstuff.net and db.10, you need to increment the Serial number as well. Typically admin uses DDMMYYSS for serial numbers and when they modify, the change the serial number appropriately. Finally, restart the bind9 service:
$ sudo service bind9 restart

7. Test the DNS server


Now we have configured the DNS server for our domain. We will test our DNS server by pinging mail.thegeekstuff.net from web.thegeekstuff.net. If the ping is success, then we have configured the DNS successfully. You can also use nslookup and dig to test DNS servers. On web.thegeekstuff.net server, add the following to /etc/resolv.conf
nameserver 10.42.0.83

Now ping, mail.thegeekstuff.net, which should resolve the address appropriately from the DNS server that we just configured.
$ ping mail.thegeekstuff.net PING mail.thegeekstuff.net (10.42.0.70) 56(84) bytes of data. 64 bytes from mail.thegeekstuff.net (10.42.0.70): icmp_req=1 ttl=64 time=0.482 ms 64 bytes from mail.thegeekstuff.net (10.42.0.70): icmp_req=2 ttl=64 time=0.532 ms

You might also like