latest Trending updates

I am a highly skilled and experienced administrator with a strong background in both Windows and Linux systems. I have a deep understanding of network infrastructure, security, and system administration, and am able to effectively troubleshoot and resolve a wide range of technical issues. I am also well-versed in various scripting languages, including PowerShell and Bash, and am able to automate repetitive tasks and improve system efficiency.

Full width home advertisement

Post Page Advertisement [Top]

                 


                                   Domain Name Server Configuration in RHEL 8 


DNS is a service that helps to resolve a fully qualified domain name (FQDN) into an IP address and additionally, perform a reverse translation- translation of an IP address to a user-friendly domain name.

 

Step 1: Install bind DNS packages.

# dnf install bind bind-utils

 

Start the DNS server using the command below:

# systemctl start named

 

Next, enable it so that it can kick in even after a reboot

# systemctl enable named

 

Just to be sure that the service is running as expected, check its status

# systemctl status named

 

Step 2:  Configure bind DNS server

Let’s take a backup of the config file  /etc/named.conf

# cp /etc/named.conf  /etc/named.bak

 

Now go ahead and open the file using your preferred text editor.

# vim /etc/named.conf

 

Under the ‘Options’  section, ensure you comment out the lines indicated below to enable the Bind DNS server to listen to all IPs.

 

// listen-on port 53 { 127.0.0.1; };

// listen-on-v6 port 53 { ::1; };

 

Additionally, locate the allow-query parameter and adjust it according to your network subnet.

 

allow-query { localhost; 192.168.1.0/24; };

 

This setting allows only the hosts in the defined network to access the DNS server and not just any other host.

 

To define the reverse and forward lookup zones, copy and paste the following configuration at the end of /etc/named.conf

 

//forward zone

zone "Vishnubane.local" IN {

  type master;

  file "Vishnubane.local.db";

  allow-update { none; };

  allow-query { any; };

};

 

//backward zone

zone "1.168.192.in-addr.arpa" IN {

  type master;

  file "Vishnubane.local.rev";

  allow-update { none; };

  allow-query { any; };

};

 

Step 3: Create a forward DNS zone file for the domain

 

# vim /var/named/Vishnubane.local.db

$TTL 86400

@ IN SOA primary-dns.Vishnubane.local. admin.Vishnubane.local. (

                                                2020011800 ;Serial

                                                3600 ;Refresh

                                                1800 ;Retry

                                                604800 ;Expire

                                                86400 ;Minimum TTL

)

 

;Name Server Information

@ IN NS primary-dns.Vishnubane.local.

 

;IP Address for Name Server

primary-dns IN A 192.168.1.115

 

;Mail Server MX (Mail exchanger) Record

Vishnubane.local. IN MX 10 mail.Vishnubane.local.

 

;A Record for the following Host name

www  IN   A   192.168.1.50

mail IN   A   192.168.1.60

 

;CNAME Record

ftp  IN   CNAME www.Vishnubane.local.

 

 

Step 4: Create a reverse DNS zone file for the domain

 

# vim /var/named/Vishnubane.local.rev

$TTL 86400

@ IN SOA primary-dns.Vishnubane.local. admin.Vishnubane.local. (

                                            2020011800 ;Serial

                                            3600 ;Refresh

                                            1800 ;Retry

                                            604800 ;Expire

                                            86400 ;Minimum TTL

)

;Name Server Information

@ IN NS primary-dns.Vishnubane.local.

primary-dns IN      A   192.168.1.115

 

;Reverse lookup for Name Server

35 IN PTR primary-dns.Vishnubane.local.

 

;PTR Record IP address to Hostname

50  IN      PTR www.Vishnubane.local

60  IN      PTR mail.Vishnubane.local

 

Next, assign the necessary file permissions to the two configuration files.

# chown named:named /var/named/Vishnubane.local.db

# chown named:named /var/named/Vishnubane.local.rev

 

To confirm that the DNS zone lookup files are free from any syntactical errors, run the commands shown:

 

# named-checkconf

# named-checkzone Vishnubane.local /var/named/Vishnubane.local.db

# named-checkzone 192.168.1.115 /var/named/Vishnubane.local.rev

 

For the changes to be reflected in the system, restart the Bind DNS server

 

# systemctl restart named

 

Add Firewall Rule.

 

# firewall-cmd  --add-service=dns --zone=public  --permanent

# firewall-cmd --reload

 

Step 5: Test the Bind DNS server from a client system

 

# vim /etc/resolv.conf

nameserver 192.168.1.115

 

# vim /etc/sysconfig/networkk-scripts/ifcfg-ens033

DNS=192.168.1.115

 

# systemctl restart NetworkManager

 

Using the nslookup command test the Bind DNS server as shown:

 

# nslookup primary-dns.Vishnubane.local

# nslookup mail.Vishnubane.local

# nslookup www.Vishnubane.local

# nslookup ftp.Vishnubane.local

# nslookup 192.168.1.115

 

 

The output from the nslookup command confirms that the forward DNS lookup is working as expected.

 

Moreover, you can also use the dig command as shown

 

# dig primary-dns.Vishnubane.local

 

To perform a reverse DNS lookup, use the dig command as shown:

 

# dig -x 192.168.1.115

 

Perfect! The reverse DNS lookup is also working as we would expect.


Tags:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Bottom Ad [Post Page]

Copyright 2018, latest Trending updates. All rights Reserved. Template by Colorlib.