BIND Installation On CentOS

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Submitted by rhein.andrea (Contact Author) (Forums) on Tue, 2010-03-16 15:29. :: BIND | CentOS | DNS

BIND Installation On CentOS

What is bind?

BIND is alternative software for translating domain names into IP addresses. Because domain names are alphabetic, they are easier to remember. So if we will browse the Internet we don’t need to remember IP addresses. For example, the domain name www.yourdomain.com might translate to 192.168.0.1.

 

1. You Can Check BIND Packet

[root@server named]# rpm -qa bind*

bind-libs-9.2.4-2
bind-utils-9.2.4-2
bind-9.2.4-2

 

2. Setting Computer NS1 With IP 192.168.0.1 As Nameserver And Domain Name yourdomain.com

[root@server ~]# cat /etc/resolv.conf

nameserver 192.168.0.1

 

3. Setting File /etc/named.conf

[root@server ~]# nano /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
//
options {
   directory "/var/named";
   dump-file "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND 8.1 uses an unprivileged
 * port by default.
 */
 // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
 inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
   allow-update { none; };
};

zone "yourdomain.com" IN {
   type master;
   file "/var/named/yourdomain.com.zone";
   allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
   type master;
   file "/var/named/0.168.192.rev";
   allow-update { none; };
};

include "/etc/rndc.key";

 

4. Setting File /var/named/yourdomain.com.zone

First you must create the file yourdomain.com.zone; you can use this syntax:

[root@server ~]# nano /var/named/yourdomain.com.zone

$TTL            86400
@                 IN SOA            yourdomain.com.  root.yourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D )    ; minimum
@                    IN NS             ns1.yourdomain.com.
@                    IN A                 192.168.0.1
ns1                 IN A                 192.168.0.1
@                    IN MX   10      mail.yourdomain.com.
mail                IN A                 192.168.0.1
WWW               IN A                 192.168.0.1

 

5. Setting File /var/named/0.168.192.rev

First you must create the file 0.168.192.rev; you can use this syntax:

[root@server ~]# nano /var/named/0.168.192.rev

$TTL    86400
@                 IN SOA          yourdomain.com. root.yourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D)     ; minimum
@                IN NS            ns1.yourdomain.com.
1                 IN PTR          binggo.yourdomain.com.

 

6. nslookup yourdomain.com

[root@server ~]# nslookup yourdomain.com

Server:         192.168.0.1
Address:        192.168.0.1#53

Name:   yourdomain.com
Address: 192.168.0.1

 

7. dig yourdomain.com

[root@server ~]# dig yourdomain.com

; DiG 9.2.4 yourdomain.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10576
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;yourdomain.com.             IN      A

;; ANSWER SECTION:
yourdomain.com.      86400   IN      A       192.168.0.1

;; AUTHORITY SECTION:
yourdomain.com.      86400   IN      NS      ns1.yourdomain.com.

;; ADDITIONAL SECTION:
ns1.yourdomain.com.  86400   IN      A       192.168.0.1
;; Query time: 8 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Aug  2 10:56:16 2008
;; MSG SIZE  rcvd: 85

 

8. Configuration For NS 1 Is Finished

If you see errors, you can try to change the permissions of the folder /var/named.

[root@server ~]# chmod 777 -Rvf /var/named/

mode of `/var/named/’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.zero’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localhost.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/198.99.208.rev’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/data’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ca’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ip6.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localdomain.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/yourdomain.com.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.broadcast’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/slaves’ changed to 0777 (rwxrwxrwx)

 

9. Check The /var/log/messages Log To Find Out If There Are Errors

[root@server ~]# tail /var/log/messages

Aug  2 10:53:57 server named[20094]: listening on IPv4 interface venet0:0, 192.168.0.1#53
Aug  2 10:53:57 server named[20094]: command channel listening on 127.0.0.1#953
Aug  2 10:53:57 server named[20094]: zone 0.168.192.in-addr.arpa/IN: loaded serial 100
Aug  2 10:53:57 server named[20094]: zone yourdomain.com/IN: loaded serial 100
Aug  2 10:53:57 server named[20094]: zone localhost/IN: loaded serial 42
Aug  2 10:53:57 server named[20094]: running
Aug  2 10:53:57 server named[20094]: zone yourdomain.com/IN: sending notifies (serial 100)
Aug  2 10:53:57 server named[20094]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 100)
Aug  2 10:53:57 server named[20094]: received notify for zone ‘yourdomain.com’
Aug  2 10:53:57 server named[20094]: received notify for zone ‘0.168.192.in-addr.arpa’


Copyright (c) 2010 Rhesa Mahendra
Permission is granted to copy, distribute and/or modify the content of
this page under the terms of the GNU Free Documentation License, Version 1.2
or any later version published by the Free Software Foundation; with no
Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
A copy of the license is available at http://www.gnu.org/licenses/fdl.html
add comment | view as pdf view as pdf | Display a printer-friendly version of this page. print |
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Chrooting bind
Submitted by Johno (not registered) on Wed, 2010-05-05 15:38.

If you are opening your DNS to the world, or have your bind installation sat on an internet connected box for a little extra security its worth installing the chrooted bind

This runs bind in its own little file system, so where you would find your named.conf normally in /etc it now resides in /var/named/chroot/etc/

and zones normally in /var/named/ will now be in /var/named/chroot/var/named

You should also no longer need to chmod files with this too :)

Oh and another major point to remember is when adding entries into your zone database (yourdomain.com.zone) or the reverse lookup, is to increment the serial number.. beginners to bind will find this a pain but trust me its good practise to start doing it so you don't forget. Otherwise you will be wondering why your updates aren't happening.

reply | view as pdf view as pdf
Sponsored Links: Turn your desk phone and mobile phone into one with Sprint Mobile Integration.
www.seamlessenterprise.com

One number. One voicemail. Seize the lead. Sprint Mobile Integration.
www.seamlessenterprise.com

One Number. One Voicemail.
Make it easier for clients to reach you. Turn your desk phone and mobile phone into one with Sprint Mobile Integration.
www.seamlessenterprise.com

One number. One voicemail. Sprint Mobile Integration.
www.seamlessenterprise.com

One number. one voicemail. Seize the lead with Sprint. Learn more

AT&T Synaptic Compute as a Service. Boost your power on demand.

Trial: IBM Cognos Express Reporting, Analysis & Planning

Learn benefits of Simpana software.
View the Gartner Video

Sprint 4G - The Ultimate Mobile Broadband
Click here

SAP-Business Objects Crystal Reports Server
Complete reporting without hidden costs. Free Trial