207.1 Basic DNS server configuration (weight: 3)

Tech Tutorial: 207.1 Basic DNS Server Configuration #

Introduction #

The Domain Name System (DNS) is a critical component of internet infrastructure, providing a way to resolve domain names into IP addresses and vice versa. Configuring a DNS server properly is essential for network operations and ensuring that users can access resources efficiently. In this tutorial, we’ll cover the basics of setting up a DNS server using BIND (Berkeley Internet Name Domain), the most widely used DNS software on the Internet.

Key Knowledge Areas: #

  • Installation and configuration of BIND
  • Understanding zone files and their syntax
  • Managing a running BIND server
  • DNS troubleshooting

Utilities: #

  • named
  • named-checkconf
  • named-checkzone
  • dig
  • rndc

Step-by-Step Guide #

Step 1: Installing BIND #

BIND can be installed from the package repositories on most Linux distributions. Here’s how you can install it on Ubuntu and CentOS:

On Ubuntu: #

sudo apt update
sudo apt install bind9 bind9utils bind9-doc

On CentOS: #

sudo yum install bind bind-utils

Step 2: Configuring BIND #

BIND’s configuration files are located in /etc/bind on Ubuntu and /etc/named on CentOS. The main configuration file is named named.conf.

Basic Configuration #

Here’s a simple example of a named.conf file that configures BIND as a caching name server:

options {
    directory "/var/named";
    listen-on port 53 { any; };
    allow-query { any; };

    forwarders {
        8.8.8.8;  // Google's DNS server
        1.1.1.1;  // Cloudflare's DNS server
    };

    recursion yes;
};

zone "." IN {
    type hint;
    file "named.ca";
};

This configuration tells BIND to listen on port 53 for DNS requests from any IP address, use Google and Cloudflare’s DNS servers as forwarders, and enable recursion.

Step 3: Creating Zone Files #

Zone files store DNS records for a domain. Here’s an example of a zone file for example.com:

$TTL    86400
@       IN      SOA     ns1.example.com. hostmaster.example.com. (
                              2023010101         ; Serial
                              3600               ; Refresh
                              1800               ; Retry
                              604800             ; Expire
                              86400 )            ; Negative Cache TTL
;
@       IN      NS      ns1.example.com.
@       IN      NS      ns2.example.com.

ns1     IN      A       192.0.2.1
ns2     IN      A       192.0.2.2

www     IN      A       198.51.100.1
mail    IN      A       198.51.100.2
@       IN      MX 10   mail.example.com.

Step 4: Checking Configuration and Zone Files #

Before starting BIND, it’s important to check the configuration and zone files for syntax errors.

Checking named.conf: #

sudo named-checkconf /etc/bind/named.conf

Checking the zone file: #

sudo named-checkzone example.com /var/named/example.com.zone

Step 5: Managing BIND Service #

To start, stop, restart, and check the status of the BIND service:

# On Ubuntu
sudo systemctl start bind9
sudo systemctl stop bind9
sudo systemctl restart bind9
sudo systemctl status bind9

# On CentOS
sudo systemctl start named
sudo systemctl stop named
sudo systemctl restart named
sudo systemctl status named

Step 6: Using rndc for Real-time DNS Management #

rndc stands for Remote Name Daemon Control. It allows you to manage the BIND server remotely. Here’s how to reload the zone files without restarting the server:

sudo rndc reload

Step 7: Testing DNS Resolution #

Use the dig command to test DNS resolution:

dig @localhost www.example.com

Conclusion #

Setting up and configuring a DNS server with BIND involves installing the software, setting up configuration files, creating and validating zone files, and managing the service. This tutorial has walked you through each of these steps with detailed examples to help you get started with your own DNS server. Remember, DNS configuration can be complex, especially in larger environments, so always test configurations in a controlled environment before deploying them into production.