DNS (Domain Name System), also known as a nameserver, is a network system that associates hostnames with their respective IP addresses. For users, this has the advantage that they can refer to machines on the network by names that are usually easier to remember than the numerical network addresses called IPs. For system administrators, using the nameserver allows them to change the IP address for a host without ever affecting the name-based queries, or to decide which machines handle these queries.
DNS is usually implemented using one or more centralized servers that are authoritative for certain domains. When a client host requests information from a nameserver, it usually connects to port 53. The nameserver then attempts to resolve the name requested. If it does not have an authoritative answer, or does not already have the answer cached from an earlier query, it queries other nameservers, called root nameservers, to determine which nameservers are authoritative for the name in question, and then queries them to get the requested name. Nameserver Zones:In a DNS server such as BIND (Berkeley Internet Name Domain), all information is stored in basic data elements called resource records (RR). The resource record is usually a fully qualified domain name (FQDN) of a host, and is broken down into multiple sections organized into a tree-like hierarchy. This hierarchy consists of a main trunk, primary branches, secondary branches, and so on.Here is a simple guide to install DNS on RHEL6. Consider a fresh installation of redhat enterprise linux on a machine, to make it simple.BIND consists of a set of DNS-related programs. It contains a nameserver called named, an administration utility called rndc, and a debugging tool called dig.
Note the following:
Host machine IP Address: 10.14.153.24
Hostname: desktop24.example.com
Make following enteries in the following files:
# vim /etc/resolv.conf
nameserver 10.14.153.24
search example.com
# vim /etc/hosts
10.14.153.24 desktop24.example.com desktop24
127.0.0.1 localhost.localdomain localhost
Make sure to assign static IP address to the machine.First check the Ethernet LAN port on which the machine is connected using following commands:
# mii-tools# ethtool eth0
After that edit the network file:
# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.14.153.24
NETMASK=255.255.255.0
GATEWAY=10.14.153.1
save and quit
Now stop the service of NetworkManager and restart the service of network.
# /etc/init.d/NetworkManager stop;chkconfig NetworkManager off
#/etc/init.d/network restart;chkconfig network on
Now, make sure YUM is working on your machine.
Install the following packages on the machine using YUM.
# yum install -y bind*
When installation is completed, we proceed with the configuration,main configuration files are:
/etc/named/named.conf
/var/named/chroot/etc/named.conf
also we need to include some files, we discuss about them later.Edit the configuration file as:
# vim /var/named/chroot/etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1;10.14.153.24; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "forward.zone";
allow-update { none; };
};
zone "153.14.10.in-addr.arpa" IN {
type master;
file "reverse.zone";
allow-update { none; };
};
Save and quit the file.
Write only the above lines in the file, if you don't know how to customize DNS.
Also create the new files that you have added in the above file:
# vim /var/named/chroot/var/named/forward.zone
$TTL 1D
@ IN SOA desktop24.example.com. root.desktop24.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS desktop24.example.com.
desktop24 A 10.14.153.24
desktop23 A 10.14.153.23
save and quit.
# vim /var/named/chroot/var/named/reverse.zone
$TTL 3H
@ IN SOA desktop24.example.com. root.desktop24.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS desktop24.example.com.
24 PTR desktop24.
Make sure that the firewall and SELinux is off, also the owner ship of the above two files is as:
# cd /var/named/chroot/var/named/
# chown root.named reverse.zone
# chown root.named forward.zone
These lines may be at any sequence.
Now restart the service and send query to the DNS.
# /etc/init.d/named restart;chkconfig named on
Stopping named: [ OK ]
Starting named: [ OK ]
[root@desktop24 ~]# nslookup desktop24.example.com
Server: 10.14.153.24
Address: 10.14.153.24#53
Name: desktop24.example.com
Address: 10.14.153.24
[root@desktop24 ~]# dig desktop24.example.com
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> desktop24.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22786
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;desktop24.example.com. IN A
;; ANSWER SECTION:
desktop24.example.com. 86400 IN A 10.14.153.24
;; AUTHORITY SECTION:
example.com. 86400 IN NS desktop24.example.com.
;; Query time: 0 msec
;; SERVER: 10.14.153.24#53(10.14.153.24)
;; WHEN: Sat Oct 4 05:18:13 2014
;; MSG SIZE rcvd: 69
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> desktop23.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14385
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;desktop23.example.com. IN A
;; ANSWER SECTION:
desktop23.example.com. 86400 IN A 10.14.153.23
;; AUTHORITY SECTION:
example.com. 86400 IN NS desktop24.example.com.
;; ADDITIONAL SECTION:
desktop24.example.com. 86400 IN A 10.14.153.24
;; Query time: 0 msec
;; SERVER: 10.14.153.24#53(10.14.153.24)
;; WHEN: Sat Oct 4 05:19:32 2014
;; MSG SIZE rcvd: 95
save and quit.