How to configure DNS on RHEL 6 Linux
* Package - bind*
* Daemon - named
* Global conf file - /etc/named.conf , /etc/named.rfc1912.zones,
* Zone conf file - /var/named/named.localhost & /var/named/named.loopback
(Note : We can change name of the file - "named.localhost & named.loopback" according to us like - forward.zone & revers.zone as per mentioned name in the "/etc/named.conf & /etc/named.rfc1912.zones")
* Port no. - 53
------------------------------------------------------------------
Scenario :
[A] Primary(Master) DNS Server Details:
>Operating System : CentOS release 6.6 (Final)
>Hostname : server3.deo.com
>IP Address : 192.168.1.100/24
--------------------------------------------
* Configuration of DNS Service
Step 1. Configure the hostname and network of the system.
*hostname configuration
[root@server3 ~]# vim /etc/hosts
192.168.1.100 server3.deo.com deo.com [Make the entry of hostname in the system ]
:wq [save the file and quit]
[root@server3 ~]# HOSTNAME server3.deo.com [efect the hostname without reboot the system]
* Network configuration
>IP of the system should be on static mode not on dynamic for that NetworkManager should be stop.
> Stop NetworkManager
[root@server3 ~]# /etc/init.d/NetworkManager stop
[root@server3 ~]# chkconfig NetworkManager off
[root@server3 ~]# setup
> go to the system services option > unchecked the NetworkManager option > save & quit
>Configure IP of the system.
[root@server3 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:27:1e:0c:80:7b
IPADDR=192.168.1.10
IPV6INIT=no
IPV6_AUTOCONF=no
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
GATEWAY=192.168.1.1
DNS1=192.168.1.10
TYPE=Ethernet
USERCTL=no
:wq [save and quit]
[root@server3 ~]#service network restart [After all the configuration must restart the network]
Step 2. Install the packages for DNS server though yum command.
[root@server3 ~]# yum install bind* -y [If we have already installed the dns packages, will get below message]
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
mondorescue | 1.3 kB 00:00
Package 32:bind-sdb-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-chroot-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-devel-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-libs-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-utils-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package bind-dyndb-ldap-2.3-8.el6.i686 already installed and latest version
Nothing to do
[root@server3 ~]#
Step 3. Configure the Global parameter of DNS in "/etc/named.conf " & "/etc/named.rfc1912.zones"
* Configure - /etc/named.conf
[root@server3 ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.1.100; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {192.168.1.0/24; };
allow-transfer {192.168.1.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN { [copy this four line and past any where in file to configure forward zone]
type hint;
file "named.ca";
};
zone "deo.com" IN { [I have pasted here to configure the forward zone]
type master;
file "forward.deo";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
:wq [save & quit]
* Configure - /etc/named.rfc1912.zone
[root@server3 ~]# vim /etc/named.rfc1912.zones
zone "localhost.localdomain" IN { [copy this five line and past in file to configure forward zone]
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN { [Copy these five line and past in the file to configure revers zone]
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "server3.deo.com" IN { [I have pasted here to configure the forward zone]
type master;
file "forward.deo";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN { [I have pasted here to configure the revers zone]
type master;
file "reverse.deo";
allow-update { none; };
};
: wq [save & quit]
Step 3. Configure the zones for the DNS service in > /var/named/forward.zone & /var/named/revers.zone.
> As per the mentioned file names in the /etc/named.conf for the forward zone is > file "forward.deo"; So we need to create a new file by this name in /var/named/, by default this file is not located in /var/named/ directory.
[root@server3 ~]# cd /var/named/
[root@server3 named]# ls
chroot data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@server3 named]#touch forward.deo reverse.deo
[root@server3 named] cp named.localhost forward.deo
cp: overwrite `forward.deo'? yes
> As per the mentioned file name in the /etc/named.rfc1912.zone for the revers zone is > file "reverse.deo"; So we need to create a new file by this name in /var/named, by default this file is not located in /var/named/ directory.
[root@server3 named] cp named.loopback reverse.deo
cp: overwrite 'reverse.deo'? yes
* Cofigure forward zone file in /var/named/forward.zone
[root@server3 ~]# cd /var/named/
[root@server3 named]# vim forward.deo
$TTL 1D
@ IN SOA server3.deo.com. root (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS deo.com.
deo.com. IN A 192.168.1.100
server3.deo.com IN A 192.168.1.100
:wq [Save & Quit]
*Configure revers zone file in /var/named/revers.deo
[root@server3 named]# vim reverse.deo
$TTL 1D
@ IN SOA 1.168.192.in-addr.arpa root.deo.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS deo.com.
IN PTR deo.com.
100 IN PTR server3.deo.com.
:wq [Save & Quit]
[root@server3 ~]# service named start [After all the configuration start the dns]
[root@server3 ~]# nslookup server3.deo.com [check that forward lookup service is workig or not]
Server: 192.168.1.100
Address: 192.168.1.100#53
[root@server3 ~]# nslookup 192.168.1.100 [check that revers lookup service is working or not]
Server: 192.168.1.100
Address: 192.168.1.100#53
100.1.168.192.in-addr.arpa name = server3.deo.com.
[root@server3 ~]# chkconfig names on [on the dns service for permanent]
-------------------------------------------------------------------------------------------------------------------------
* Package - bind*
* Daemon - named
* Global conf file - /etc/named.conf , /etc/named.rfc1912.zones,
* Zone conf file - /var/named/named.localhost & /var/named/named.loopback
(Note : We can change name of the file - "named.localhost & named.loopback" according to us like - forward.zone & revers.zone as per mentioned name in the "/etc/named.conf & /etc/named.rfc1912.zones")
* Port no. - 53
------------------------------------------------------------------
Scenario :
[A] Primary(Master) DNS Server Details:
>Operating System : CentOS release 6.6 (Final)
>Hostname : server3.deo.com
>IP Address : 192.168.1.100/24
--------------------------------------------
* Configuration of DNS Service
Step 1. Configure the hostname and network of the system.
*hostname configuration
[root@server3 ~]# vim /etc/hosts
192.168.1.100 server3.deo.com deo.com [Make the entry of hostname in the system ]
:wq [save the file and quit]
[root@server3 ~]# HOSTNAME server3.deo.com [efect the hostname without reboot the system]
* Network configuration
>IP of the system should be on static mode not on dynamic for that NetworkManager should be stop.
> Stop NetworkManager
[root@server3 ~]# /etc/init.d/NetworkManager stop
[root@server3 ~]# chkconfig NetworkManager off
[root@server3 ~]# setup
> go to the system services option > unchecked the NetworkManager option > save & quit
>Configure IP of the system.
[root@server3 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:27:1e:0c:80:7b
IPADDR=192.168.1.10
IPV6INIT=no
IPV6_AUTOCONF=no
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
GATEWAY=192.168.1.1
DNS1=192.168.1.10
TYPE=Ethernet
USERCTL=no
:wq [save and quit]
[root@server3 ~]#service network restart [After all the configuration must restart the network]
Step 2. Install the packages for DNS server though yum command.
[root@server3 ~]# yum install bind* -y [If we have already installed the dns packages, will get below message]
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
mondorescue | 1.3 kB 00:00
Package 32:bind-sdb-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-chroot-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-devel-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-libs-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package 32:bind-utils-9.8.2-0.37.rc1.el6_7.4.i686 already installed and latest version
Package bind-dyndb-ldap-2.3-8.el6.i686 already installed and latest version
Nothing to do
[root@server3 ~]#
Step 3. Configure the Global parameter of DNS in "/etc/named.conf " & "/etc/named.rfc1912.zones"
* Configure - /etc/named.conf
[root@server3 ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.1.100; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {192.168.1.0/24; };
allow-transfer {192.168.1.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN { [copy this four line and past any where in file to configure forward zone]
type hint;
file "named.ca";
};
zone "deo.com" IN { [I have pasted here to configure the forward zone]
type master;
file "forward.deo";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
:wq [save & quit]
* Configure - /etc/named.rfc1912.zone
[root@server3 ~]# vim /etc/named.rfc1912.zones
zone "localhost.localdomain" IN { [copy this five line and past in file to configure forward zone]
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN { [Copy these five line and past in the file to configure revers zone]
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "server3.deo.com" IN { [I have pasted here to configure the forward zone]
type master;
file "forward.deo";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN { [I have pasted here to configure the revers zone]
type master;
file "reverse.deo";
allow-update { none; };
};
: wq [save & quit]
Step 3. Configure the zones for the DNS service in > /var/named/forward.zone & /var/named/revers.zone.
> As per the mentioned file names in the /etc/named.conf for the forward zone is > file "forward.deo"; So we need to create a new file by this name in /var/named/, by default this file is not located in /var/named/ directory.
[root@server3 ~]# cd /var/named/
[root@server3 named]# ls
chroot data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@server3 named]#touch forward.deo reverse.deo
[root@server3 named] cp named.localhost forward.deo
cp: overwrite `forward.deo'? yes
> As per the mentioned file name in the /etc/named.rfc1912.zone for the revers zone is > file "reverse.deo"; So we need to create a new file by this name in /var/named, by default this file is not located in /var/named/ directory.
[root@server3 named] cp named.loopback reverse.deo
cp: overwrite 'reverse.deo'? yes
* Cofigure forward zone file in /var/named/forward.zone
[root@server3 ~]# cd /var/named/
[root@server3 named]# vim forward.deo
$TTL 1D
@ IN SOA server3.deo.com. root (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS deo.com.
deo.com. IN A 192.168.1.100
server3.deo.com IN A 192.168.1.100
:wq [Save & Quit]
*Configure revers zone file in /var/named/revers.deo
[root@server3 named]# vim reverse.deo
$TTL 1D
@ IN SOA 1.168.192.in-addr.arpa root.deo.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS deo.com.
IN PTR deo.com.
100 IN PTR server3.deo.com.
:wq [Save & Quit]
[root@server3 ~]# service named start [After all the configuration start the dns]
[root@server3 ~]# nslookup server3.deo.com [check that forward lookup service is workig or not]
Server: 192.168.1.100
Address: 192.168.1.100#53
[root@server3 ~]# nslookup 192.168.1.100 [check that revers lookup service is working or not]
Server: 192.168.1.100
Address: 192.168.1.100#53
100.1.168.192.in-addr.arpa name = server3.deo.com.
[root@server3 ~]# chkconfig names on [on the dns service for permanent]
-------------------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment