207.2 Create and maintain DNS zones (weight: 3)

Tech Tutorial: 207.2 Create and Maintain DNS Zones #

Introduction #

DNS (Domain Name System) is a critical component of the internet’s infrastructure, responsible for translating human-readable domain names into IP addresses that computers use to identify each other on the network. Managing DNS involves creating and maintaining zones, which contain records for mapping domain names to IP addresses and other resources. In this tutorial, we’ll cover how to set up and maintain DNS zones using BIND (Berkeley Internet Name Domain), the most widely used DNS software.

Key Knowledge Areas #

  • Understanding DNS zones and records
  • Configuring primary and secondary DNS zones
  • DNS zone file syntax and record types
  • Tools for managing and troubleshooting DNS

Utilities #

  • named
  • named-checkzone
  • named-checkconf
  • dig
  • nslookup

Step-by-Step Guide #

Step 1: Installing BIND #

Before you can create and maintain DNS zones, you need to install BIND on your server. Here’s how to install BIND on a Linux system using apt-get (for Debian-based systems) or yum (for Red Hat-based systems):

# Debian-based systems
sudo apt-get update
sudo apt-get install bind9

# Red Hat-based systems
sudo yum update
sudo yum install bind

Step 2: Configuring a Primary DNS Zone #

A primary DNS zone is where you maintain your original read-write copies of DNS zone files. Here’s an example of how to configure a primary zone for example.com.

  1. Create the Zone File

First, you’ll need to create a zone file in /etc/bind/zones. If the directory doesn’t exist, create it:

sudo mkdir /etc/bind/zones

Create the zone file db.example.com:

sudo nano /etc/bind/zones/db.example.com

Add the following contents to the zone file:

$TTL    86400
@       IN      SOA     ns1.example.com. admin.example.com. (
                              2023010101         ; Serial
                              3600               ; Refresh
                              1800               ; Retry
                              604800             ; Expire
                              86400 )            ; Negative Cache TTL
;
@       IN      NS      ns1.example.com.
@       IN      NS      ns2.example.com.

@       IN      A       192.168.1.1
ns1     IN      A       192.168.1.2
ns2     IN      A       192.168.1.3
www     IN      A       192.168.1.4
  1. Configure the Named Configuration

Edit the BIND configuration file:

sudo nano /etc/bind/named.conf.local

Add the following to declare the zone:

zone "example.com" {
    type master;
    file "/etc/bind/zones/db.example.com";
};

Step 3: Checking Zone Configuration #

Use named-checkzone to check the syntax of your zone files:

sudo named-checkzone example.com /etc/bind/zones/db.example.com

Step 4: Restart BIND #

After configuring your zones, restart BIND to apply the changes:

sudo systemctl restart bind9

Step 5: Testing the DNS Zone #

Use dig or nslookup to test the DNS resolution:

dig @localhost example.com

nslookup example.com localhost

Conclusion #

Creating and maintaining DNS zones is a fundamental task for network and system administrators. By following the steps outlined in this tutorial, you can set up a primary DNS zone with BIND, configure DNS records, and ensure that your DNS service is running correctly. Remember to regularly check and update your DNS configurations to adapt to any changes in your network infrastructure or to improve performance and security.