BIND Installation On CentOS

What is bind?

BIND is alternative software for translating domain names into IP addresses. Because domain names are alphabetic, they are easier to remember. So if we will browse the Internet we don’t need to remember IP addresses. For example, the domain name www.yourdomain.com might translate to 192.168.0.1.

1. You Can Check BIND Packet

[[email protected] named]# rpm -qa bind*

bind-libs-9.2.4-2
bind-utils-9.2.4-2
bind-9.2.4-2

2. Setting Computer NS1 With IP 192.168.0.1 As Nameserver And Domain Name yourdomain.com

[[email protected] ~]# cat /etc/resolv.conf

nameserver 192.168.0.1

3. Setting File /etc/named.conf

[[email protected] ~]# nano /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
//
options {
   directory "/var/named";
   dump-file "/var/named/data/cache_dump.db";
   statistics-file "/var/named/data/named_stats.txt";
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND 8.1 uses an unprivileged
 * port by default.
 */
 // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
 inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "localhost" IN {
   type master;
   file "localhost.zone";
   allow-update { none; };
};

zone "yourdomain.com" IN {
   type master;
   file "/var/named/yourdomain.com.zone";
   allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
   type master;
   file "/var/named/0.168.192.rev";
   allow-update { none; };
};

include "/etc/rndc.key";

4. Setting File /var/named/yourdomain.com.zone

First you must create the file yourdomain.com.zone; you can use this syntax:

[[email protected] ~]# nano /var/named/yourdomain.com.zone

$TTL            86400
@                 IN SOA            yourdomain.com.  root.yourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D )    ; minimum
@                    IN NS             ns1.yourdomain.com.
@                    IN A                 192.168.0.1
ns1                 IN A                 192.168.0.1
@                    IN MX   10      mail.yourdomain.com.
mail                IN A                 192.168.0.1
WWW               IN A                 192.168.0.1

5. Setting File /var/named/0.168.192.rev

First you must create the file 0.168.192.rev; you can use this syntax:

[[email protected] ~]# nano /var/named/0.168.192.rev

$TTL    86400
@                 IN SOA          yourdomain.com. root.yourdomain.com. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D)     ; minimum
@                IN NS            ns1.yourdomain.com.
1                 IN PTR          binggo.yourdomain.com.

6. nslookup yourdomain.com

[[email protected] ~]# nslookup yourdomain.com

Server: 192.168.0.1
Address: 192.168.0.1#53

Name: yourdomain.com
Address: 192.168.0.1

7. dig yourdomain.com

[[email protected] ~]# dig yourdomain.com

; DiG 9.2.4 yourdomain.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10576
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;yourdomain.com. IN A

;; ANSWER SECTION:
yourdomain.com. 86400 IN A 192.168.0.1

;; AUTHORITY SECTION:
yourdomain.com. 86400 IN NS ns1.yourdomain.com.

;; ADDITIONAL SECTION:
ns1.yourdomain.com. 86400 IN A 192.168.0.1
;; Query time: 8 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Aug 2 10:56:16 2008
;; MSG SIZE rcvd: 85

8. Configuration For NS 1 Is Finished

If you see errors, you can try to change the permissions of the folder /var/named.

[[email protected] ~]# chmod 777 -Rvf /var/named/

mode of `/var/named/’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.zero’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localhost.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/198.99.208.rev’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/data’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ca’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.ip6.local’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/localdomain.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/yourdomain.com.zone’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/named.broadcast’ changed to 0777 (rwxrwxrwx)
mode of `/var/named/slaves’ changed to 0777 (rwxrwxrwx)

9. Check The /var/log/messages Log To Find Out If There Are Errors

[[email protected] ~]# tail /var/log/messages

Aug 2 10:53:57 server named[20094]: listening on IPv4 interface venet0:0, 192.168.0.1#53
Aug 2 10:53:57 server named[20094]: command channel listening on 127.0.0.1#953
Aug 2 10:53:57 server named[20094]: zone 0.168.192.in-addr.arpa/IN: loaded serial 100
Aug 2 10:53:57 server named[20094]: zone yourdomain.com/IN: loaded serial 100
Aug 2 10:53:57 server named[20094]: zone localhost/IN: loaded serial 42
Aug 2 10:53:57 server named[20094]: running
Aug 2 10:53:57 server named[20094]: zone yourdomain.com/IN: sending notifies (serial 100)
Aug 2 10:53:57 server named[20094]: zone 0.168.192.in-addr.arpa/IN: sending notifies (serial 100)
Aug 2 10:53:57 server named[20094]: received notify for zone ‘yourdomain.com’
Aug 2 10:53:57 server named[20094]: received notify for zone ‘0.168.192.in-addr.arpa’

view as pdf | print

Share this page:

11 Comment(s)

Add comment

Comments

By: Johno

If you are opening your DNS to the world, or have your bind installation sat on an internet connected box for a little extra security its worth installing the chrooted bind

This runs bind in its own little file system, so where you would find your named.conf normally in /etc it now resides in /var/named/chroot/etc/

and zones normally in /var/named/ will now be in /var/named/chroot/var/named

You should also no longer need to chmod files with this too :)

Oh and another major point to remember is when adding entries into your zone database (yourdomain.com.zone) or the reverse lookup, is to increment the serial number.. beginners to bind will find this a pain but trust me its good practise to start doing it so you don't forget. Otherwise you will be wondering why your updates aren't happening.

By: Anonymous

IANA requires two or more DNS servers for each domain. If you run your own primary DNS server, but do not have an additional server for serving as secondary, you can use one of the free secondary DNS services available online.

Adding one or more external services improves the availability of your domain, but can introduce inconsistencies after you add or change entries to your primary. The only service that minimizes this problem is BuddyNS. See www.buddyns.com

By: mark

Thanks it Helps a lot for a newbie like me..

I just have a little question on this which confuse me a lot: okay, i already configured DNS on the server, i do nslookup on the server and it resolves addresses but why is it that if going to use the dns ip on xp machine and do nslookup it cannot resolve the address? Here's some info:

My DNS Server IP: 192.168.0.100

XP Machine: IP Address: 192.168.0.5 / Gateway: 192.168.0.1 / Pref. DNS 1: 192.168.0.100 / Workgroup: Workgroup..

HOpe you can help me.... Thanks in advance....

By: mafatahna

|it that if going to use the dns ip on xp machine and do nslookup it cannot resolve the address? Here's some info:

yups, i have same problem with you, maybe can help me?

but, if i try with 2 IP Address (Public and Local) it's work.

By: mafatahna

my problem is done, check your recursion

By: Vijay

Thanks for your post If need to use multiple domains like yourdomain.com and yourdomain.net. I configured for yourdomain.com and how can i add yourdomain.net ? Whethere i need to add in named.conf or can i create separate zone files..?

By: Tips

Hi,

Thanks for the article, but its for CentOS 5. in CentoS 6.3 its different like directories etc. also, you have not mentioned that we need to add Domain=domain and HOSTNAME=hostname.domain.com into /etc/hosts file in order to resolve them. as well the DNS entries in /etc/sysconfig/network-scripts/eth0 in ethernet file DNS1=1.1.1.1 and DNS2=1.1.1.2

I have install bind 9 in centos 6.3 and add the proper configuration via webmin. as well point the domain in domain registrar to my ns1 and ns2. but i have stil not got any nslookup to my domain in SSH into VPS.

Please post centos 6.3 bind dns configuration article with all steps.

By:

Hi;

I have a network with 80 computers and I want to serve DNS cache in my firewall. I'm using squid on linux Centos 6.4 32 bits, and I installed bind. However, when I run: '/etc/init.d/named status/start/stop', the system is very slow to give me an answer of the status the service. So, I have an little question. For to serve dns cache in my network, just have the bind package installed will be resolved, or I have to configure any file?

Thank's, and sorry my english :)

By: Anonymous

it's works greatfull sir..

By: Ahmed

Great walk through. It took me back to an old config which helped me resolve my issue.

By: Unixwolf

You are asking for trouble if you set the permissions on ANY FILES to "777". Anyone with access to the machine can do whatever they want to your name server. UNIX security is there for a purpose. If you think you've tripped over it, you should find out what has really gone wrong and fix it.

If you can't figure it out, you should not be pretending you know enough about it to post a "how to" on the Net.

You're in the wrong job. Go and do a IT security course. Understand that one of your major responsibilities is to maintain system security not to sabotage it!

I don't usually flame people in on-line comments, but I've put this up to warn other people who might stumble on this one.

Log in or Sign up

On this page