wl wus Setup Bind on CentOS 8 / RHEL8 Lab setup: + Server: CentOS 8 (minimal server) + address: 192.168.43.35, ‘+ Hots Name: dne-primary.mydomain.com + Domain: mydomain.com Step 1: Install bind DNS on CentOS 8 / RHEL 8 We begin withthe installation ofthe bind and bind-utils package. These packages constitutes dns server and is ullities responsible for querying name servers or DNS servers. Execute the command: Once successfully installed, start the DNS server using the command below: Next, enable it so that it can kick in even after a reboot Just to be sure thatthe service is running as expected, check its statuswl wus Great, the DNS server is running just perfectly. Now let's jump into configuring the Bind DNS server Step 2: Configure bind DNS server Usually best practice recommends making a backup of a configuration file before making any changes. This isso that should anything go wrong, we can always revert to the original unedited file, And its no different here, Let's take a backup of the config file /ete/named.cont 1 sp (etciranad.cont_ Jete/naned.ble Now go ahead and open the file using your preferred text ecitor. In this case, were using vim ecltor. 1 vin /etc/naned.cont Under the ‘Options’ section, ensure you comment out the lines indicated below to enable the Bind DNS server to listen to all IPs. 1) astencon port $3 ( 327.0.8.13 5 1) AAsten-on-v6 port 53 ( 2:15 J: Additionally, locate the allow-query parameter and adjust it according to your network subnet. allot-query { localhost; 192.168.43.0/28; ); This setting allows only the hosts in the defined network to access the DNS server and not just any other host. ‘A forward lookup DNS zone is one that stores the host name ip address relationship. When queried, it ives the IP address of the host system using the host name. In contrast, the reverse DNS zone returns the Fully Qualified Domain Name (FQDN) of server in relation to it's IP address. To define the reverse and forward lookup zones, copy and paste the following configuration atthe enc of Jate/named.contwl wus te { none: Ji % zone °43,468,192,40-adr.arp9" IN ( atlow-vpdate { none; }5 % ‘Stipulates the role ofthe server fora particular zone. the attribute ‘master’ implies that this ie an autharitative server. + file: Points to the forward / reverse zone file ofthe éomain, + allow-update: This attribute defined the host aystems which are permitted to forward Dynamic DNS updates. In this case, we dontt have any. After saving, exit the /eto/named.conf configuration fle. Step 3: Create a forward DNS zone file for the domain Create a forward DNS zone file for domain mydomain.com as shown below and add the following contentwl wus (1% Sok ens-arinary.myeonain. con. sonin.nyéonain.con. ( 3609 Refresh sane Server Information 2905 ens-pranary myeenain. com 1 Address for Nane Server dns-potmary IN & 192.168,43.35 ‘Math Server Wx (Hall exchanger) Record rmydonain.com, IN 19 nail nysonain. con. 1A Record for the following Host nane sce Record ftp IN CAME ws nysonain.com. Let's define some of the parameters indicated in the configuration fle: + TIL: This is short for Time-To-Live. TTL is the duration of time (or hops) that a packet exists in a network before finaly being discarded by the router + IN: This implies the Internet + SOA: Thisis short for the Start of Authority. Basically, it defines the authoritative name serve, in this case, dns: primary.mydomain.com and contact information ~ admin mydomain.com + NS: This is short for Name Server, + A:This is an A record, It points to a domain/subdomain name to the IP Adcress + Serial: This isthe attribute used by the DNS server to ensure that contents of a specific zone file are updated + Refresh: Defines the number of times that a slave DNS server should transfer a zone from the master. + Retry: Defines the number of times that a slave should retry a non-responsive zone transfer. + Expire: Specifies the duration a slave server should wait before responding to a client query when the Master is unavailable. ‘+ Minimum: This is responsible for setting the minimum TTI for a zone. ‘+ MXC This isthe Mail exchanger record. It specifies the mailserver receiving and sending emails, ‘+ CNAME: This is the Canonical Name. It maps an alias domain name to another domain name. ‘+ PTR: Short for Pointer, this attributes resolves an IP address to @ domain name, opposite to a domain name. Step 4: Create a reverse DNS zone file for the domain Similarly, we need to create a file for reverse DNS lookups. Paste the following content inthe filewl wus (1% Sok ens-arinary.myeonain. con. sonin.nyéonain.con. ( 3500 jnefesh > sane Server Information 0-290 ns-prinary myeenain. cow severse lookup for Wane Server 35 1N PTR éns-prinary nyse ey PIR atl.mydonain.con Next, assign the necessary fle permissions to the two configuration files. 1 chow raned:naned /var/naned/nydonain.con. do 1 chou naned:naned /var/nanea/nydonsin. con. rev To confirm that the DNS zone lookup files are free from any syntactical errors, run the commands shown: # maned-checkzone mydonain.con /var/aned/mydonai.con. 6 1 naned-checkzone 192.168.43.35 /var/naned/nydonain.con. rev If there ate no errors, you should get the output shown: For the changes to be reflected in the system, restart the Bind DNS server For client systems to access the system we need to add the DNS service on the firewall and thereafter reload the firewall Step 5: Test the Bind DNS server from a client system Having finalized the configuration on the DNS server let's head out toa client machine and perform a few tests. On a client machine ( CentOS 8 / RHEL 8), open the /ete/resolv.cont file anc ed the following parameter:a Ww up. Se Lastly, you need to append the Bind DNS server's IP address to the /ete/syscontig/network-seripts/fetg-enp0s3 file as showin. ‘Save and close the contig file and then restart the network manager service to make above change into the effect, Using the nslookup command test the Bind DNS server as shown The output from the nslookup command confirms thatthe forward DNS lookup is working as expected, Moreover, you can also use the dig command as shown, To perform a reverse DNS lookup, use the dig command as shown: Perfect! The reverse DNS lookup is also working as we would expect. Cette réponse était-lle pertinente? ‘9 834 utlestaurs fant touvée ule (295 Votes) Oui Non Les plus consultés IB. install PHP 7. NGINX & MySOL 5.6 0n Comos/RHEL 7.1 86.7 cni0S/ HEL 7 # yum al ells # rm Anh Install Fall2Ban on Centos 7 IB Optimize Apache on Centos 7 Intndution Apache sa eowerful and capable on-source web server designed tn pe a.wl wus + z£ Copyright © 2024 Clousfanatic. Tous dots réservés