Installation Of BIND As A Secondary (Slave) DNS Server On CentOS

After we have installed BIND as a master DNS server (NS1) (as explained in my recent post), we can now try to set up a secondary DNS server (NS2) with BIND on CentOS. NS2 acts as a backup if there are problems with NS1.

Make sure you've successfully set up NS1, as described in my previous post!

NS1 with IP 192.168.0.1
NS2 with IP 192.168.0.2
Our domain: yourdomain.com

Now we can try setting up NS2.

1. Check your Bind package

[root@server ~]# rpm -qa bind*

bind-libs-9.2.4-2

bind-utils-9.2.4-2

bind-9.2.4-2

2. Setting file /etc/resolv.conf

[root@server ~]# nano /etc/resolv.conf

nameserver 192.168.0.1

3. Setting file /etc/named.conf

[root@server ~]# nano /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
//

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";

/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/

// query-source address * port 53;
allow-transfer {208.99.198.184/32;};
};

//
// a caching only nameserver config
//

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "yourdomain.com" IN {
type slave;
file "/var/named/yourdomain.com.zone";
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };
};

zone "0.168.192.in-addr.arpa" IN {
type slave;
file "/var/named/0.168.192.rev";
// allow-update { none; };
allow-transfer { 192.168.0.1/32; };
masters { 192.168.0.1; };
};

include "/etc/rndc.key";

4. Change permission of the directory /var/named

[root@server ~]# chmod 777 -Rvf /var/named/

mode of `/var/named/’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.zero’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/localhost.zone’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/data’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.local’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.ca’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.ip6.local’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/localdomain.zone’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/named.broadcast’ changed to 0777 (rwxrwxrwx)

mode of `/var/named/slaves’ changed to 0777 (rwxrwxrwx)

5. The files /var/named/yourdomain.com and /var/named/0.168.192.rev will automatically be copied to NS2.

6. Running service named

[root@server ~]# service named restart

Stopping named: [ OK ]

Starting named: [ OK ]

7. And check in log file what’s the matter???

[root@server ~]# tail /var/log/messages

Aug 3 04:25:42 server named[9362]: listening on IPv4 interface venet0:0, 192.168.0.2#53
Aug 3 04:25:42 server named[9362]: command channel listening on 127.0.0.1#953
Aug 3 04:25:42 server named[9362]: zone localhost/IN: loaded serial 42
Aug 3 04:25:42 server named[9362]: running
Aug 3 04:25:42 server named[9362]: zone yourdomain.com/IN: transferred serial 100
Aug 3 04:25:42 server named[9362]: transfer of ‘yourdomain.com/IN’ from 192.168.0.1#53: end of transfer
Aug 3 04:25:42 server named[9362]: zone yourdomain.com/IN: sending notifies (serial 100)
Aug 3 04:25:43 server named[9362]: zone 0.168.192.in-addr.arpa/IN: transferred serial 100
Aug 3 04:25:43 server named[9362]: transfer of ‘0.168.192.in-addr.arpa/IN’ from 192.168.0.1#53: end of transfer
Aug 3 04:25:43 server named[9362]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 100)

Looking at this log, you can see that the yourdomain.com zone gets transferred. Actually this file is copied to NS2 so, if NS1 is dead or has a problem, NS2 has a backup configuration.