DNS Server in Linux : Setup, Configuration and Interview Tips

Today in this post, we will look what is DNS server, and how to setup a DNS server in RHEL(Red Hat enterprise Linux) or on CentOS.

1. What is DNS Server ?
DNS or Domain Name System:- As its name suggests, it helps to resolve the names of different computer systems or devices connected in the network.
It provides a decentralized(i.e. ditributed on different locations across the globe under different domains) naming convention to computers, and other network devices.

The DNS Server builds a tree like structure to name and resolve the different domains or sub domains that are defined in a network.
Each part of the tree is referred as label.

Sample Hierarchy

. --> com --> ngelinux 
		  --> google
		  --> yahoo --> mail
		  --> amazon
  --> in  --> amazon
		  --> co    --> google


Why DNS software named as BIND ?
Evolution of DNS :- In 1984, few Berkeley students came up with the first ever Unix name server implementation and hence named it as “Berkeley Internet Name Domain”, referred as BIND.


2. Packages required on RHEL or CentOS 6
We require two packages for DNS server i.e. BIND and BIND-UTILS.

# yum install bind bind-utils


3. Edit Main DNS Configuration File
/etc/named.conf file contains global DNS options and an entry of reference files corrosponding to forward and reverse name queries’ resolution.

### Global options
### Change IP address with the IP address of secondary DNS server.
options {
	    listen-on port 53 {; };
        listen-on-v6 port 53 { ::1; };
        directory	"/var/named";
        dump-file	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
		allow-query { any; };
        allow-transfer     { localhost;; };
        recursion no;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

### Adding a new domain forward resoltion file path.
### type master defines this is master DNS server.

 zone "ngelinux.com" IN {
                type master;
                file "forward";
                allow-update { none; };

### Adding a reverse lookup file

 zone "24.172.in-addr.arpa" IN {
                type master;
                file "reverse";
                allow-update { none; };


4. Define domain names in forward and reverse files.

### Go to /var/named.
### And define the file forward as mentioned in named.conf file above.

# cd /var/named
# cp localhost.zone forward
# cp named.local reverse

# cat forward

### Now define the entries.
### First for Address of IPs
@		IN	A
www		IN	A

ns1		IN	A
ns2		IN	A

### Specifying nameservers
		IN	NS		ns1.ngelinux.com.
		IN	NS		ns2.ngelinux.com.

### Define Pointers IN  PTR   host1.ngelinux.com.
2.0   					 IN  PTR   host2.ngelinux.com.


5. Restart named service.

# service named restart
# chkconfig named on


Slave Server Configuration

Simlilar to the above, to configure slave DNS server, we can define above similar configuration by mentioning “slave” in place of “master” in named.conf file.

Interview Questions

1. BIND Stands for ?
Berkeley Internet Name Domain.

2. Default port of BIND
53 both TCP and UPD.

3. Types of DNS Server 
Master: Keeps master copy of domain zone data.
Slave:  Keeps backup copy of zone date.
Caching: Keeps a cache copy of fequently accessed zones.
If zone not found here, its forwarded to Master/Slave DNS server.

4. Check syntax of named.conf
$ named-checkconf /etc/named.conf
-t "chroot path" in case of chroot environment.

5. Comments in named.conf
Starts with semi-colon i.e. ";"

6. Zone Files
Files that contain data served by the DNS Server.
It is necessary to have a SOA record and can contain other records as well.

7. SOA Record
Start of authority for a zone.
Determines name server which provides an authoritative source of 
information for a particular domain.
Tip: How to get SOA record of a domain. $ dig SOA ngelinux.com ; <<>> DiG 9.8.3-P1 <<>> SOA ngelinux.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20355 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;ngelinux.com. IN SOA ;; ANSWER SECTION: ngelinux.com. 86400 IN SOA ns9.geniushost.in. host.geniushost.in. 2019013003 3600 7200 1209600 86400 ;; Query time: 771 msec ;; SERVER: ;; WHEN: Tue Feb 5 12:02:35 2019 ;; MSG SIZE rcvd: 88
8. Types of Records in DNS File. NS – name server (address to name mapping) A – name-to-address mapping PTR – address-to-name mapping CNAME – canonical name (defines aliases) SOA - Start of Authority MX – mail exchanger TXT – textual info WKS – well known services HINFO – host information RP – contact person for this zone 9. Load balancing in DNS Load balancing can be done by using multiple records say multiple A records
with different DNS IPs for one domain name. Now the request will flow in round robin fashion and thereby providing
load balancing. 10. Domain delegation in Bind Fully delegate or hand-over the responsibility for a domain/sub-domain to
another name server. It usually happens when we take domain name and hosting from two different providers. squid_new.ngelinux.com IN NS ns2.ngelinux.com 11. What is "A" Record A (Address records) maps an IP addresses to the particular domain name. IP address cannot contain a dot at the end. 12. What is a CNAME Record ? CNAME stands for canonical name, it is used to create synonym
or canonical domain name of an existing domain/subdomain. 13. PTR Record PTR record helps in translating an IP address into a domain name. 14. What are MX Records ? MX i.e. Mail exchanger refers to the Mail exchange server for
our domain which helps in routing the emails for a domain. 15. HINFO Record HINFO also refers to Hardware Info which stores the DNS server hardware and
software information. It has two parts(inside datapart) where one part contains information about software,
and the other part contains information about hardware. 16. TXT Record A TXT record is used to store other general text information
about our domain. 17. How to check zone file entries ? named-checkzone utility can be used. # named-checkzone [-dgv] [-c class] zone [filename] 18. What is Non-Authoritative DNS Server ? Non authoritative DNS server keeps a cache file that is constructed while
querying DNS master/slave servers and don't have any zone files instead.

Leave a Reply

Your email address will not be published.