{"id":576,"date":"2019-04-15T06:07:35","date_gmt":"2019-04-15T06:07:35","guid":{"rendered":"https:\/\/www.secureethics.com\/?p=576"},"modified":"2019-11-02T13:46:52","modified_gmt":"2019-11-02T13:46:52","slug":"how-to-configure-dns-server-on-centos-7","status":"publish","type":"post","link":"https:\/\/secureethics.com\/?p=576","title":{"rendered":"How to configure DNS server on Centos 7"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]Domain Name System(DNS) is a name resolution server. its basic function is translated (convert) the IP address into domain name or translated (convert) the domain name into IP address. it has a collection of domain names with mapped IP addresses[\/vc_column_text][vc_column_text]<strong>Step 1 :<\/strong><\/p>\n<p>Install the necessary package for DNS server configuration.<\/p>\n<pre class=\"theme:dark-terminal lang:default decode:true \"># yum update\r\n# yum install bind bind-utils\r\n\r\n<\/pre>\n<p>&nbsp;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-598\" src=\"https:\/\/www.secureethics.com\/wp-content\/uploads\/2019\/04\/Centos_package_instatlion.png\" alt=\"\" width=\"1204\" height=\"528\" srcset=\"https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/Centos_package_instatlion.png 1204w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/Centos_package_instatlion-300x132.png 300w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/Centos_package_instatlion-768x337.png 768w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/Centos_package_instatlion-1024x449.png 1024w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/Centos_package_instatlion-520x228.png 520w\" sizes=\"auto, (max-width: 1204px) 100vw, 1204px\" \/>[\/vc_column_text][vc_column_text]<strong>Step: 2<\/strong><\/p>\n<p>Configure the DNS server configuration ( \/etc\/named.conf).<\/p>\n<pre class=\"theme:dark-terminal lang:default decode:true \"># vim \/etc\/named.conf<\/pre>\n<pre class=\"theme:familiar font:times font-size:17 lang:default decode:true\">options {\r\n\tlisten-on port 53 { 127.0.0.1; 192.168.200.3; }; \/\/ ##### Add DNS server IP address here #########\r\n\tlisten-on-v6 port 53 { ::1; };\r\n\tdirectory \t\"\/var\/named\";\r\n\tdump-file \t\"\/var\/named\/data\/cache_dump.db\";\r\n\tstatistics-file \"\/var\/named\/data\/named_stats.txt\";\r\n\tmemstatistics-file \"\/var\/named\/data\/named_mem_stats.txt\";\r\n\trecursing-file  \"\/var\/named\/data\/named.recursing\";\r\n\tsecroots-file   \"\/var\/named\/data\/named.secroots\";\r\n\tallow-query     { localhost; 192.168.200.0\/24; };  \/\/ ##### Add your network subnets here for allowing the DNS queries ###### \r\n\r\n\trecursion yes;\r\n\r\n\tdnssec-enable yes;\r\n\tdnssec-validation yes;\r\n\r\n\t\/* Path to ISC DLV key *\/\r\n\tbindkeys-file \"\/etc\/named.iscdlv.key\";\r\n\r\n\tmanaged-keys-directory \"\/var\/named\/dynamic\";\r\n\r\n\tpid-file \"\/run\/named\/named.pid\";\r\n\tsession-keyfile \"\/run\/named\/session.key\";\r\n};\r\n\r\nlogging {\r\n        channel default_debug {\r\n                file \"data\/named.run\";\r\n                severity dynamic;\r\n        };\r\n};\r\n\r\nzone \".\" IN {\r\n\ttype hint;\r\n\tfile \"named.ca\";\r\n};\r\n\r\n\/\/ ##########  Add below line into end of the file ############\r\n\r\nzone \"secureethics.com\" IN {\r\n\ttype master;\r\n\tfile \"\/etc\/named\/forward.secureethics.com\";\r\n\tallow-update { none; };\r\n};\r\n\r\nzone \"200.168.192.in-addr.arpa\" IN {\r\n\ttype master;\r\n\tfile \"\/etc\/named\/reverse.secureethics.com\";\r\n\tallow-update { none; };\r\n};\r\n\r\n\/\/ ########## Add above line into end of the file ############\r\n\r\ninclude \"\/etc\/named.rfc1912.zones\";\r\ninclude \"\/etc\/named.root.key\";\r\n<\/pre>\n<p>[\/vc_column_text][vc_column_text]<strong>Step: 3<\/strong><\/p>\n<p>Configure forward zone file (\/etc\/named\/forward.secureethics.com)<\/p>\n<pre class=\"theme:dark-terminal lang:default decode:true \"># vim \/etc\/named\/forward.secureethics.com<\/pre>\n<p>&nbsp;<\/p>\n<pre class=\"theme:familiar font:times font-size:17 lang:default decode:true \" title=\"Forward zone file\">$TTL 1D\r\n@\tIN SOA\tmasterdns.secureethics.com. root.secureethics.com. (\r\n\t\t\t\t\t05152019\t; serial\r\n\t\t\t\t\t1D\t; refresh\r\n\t\t\t\t\t1H\t; retry\r\n\t\t\t\t\t1W\t; expire\r\n\t\t\t\t\t3H )\t; minimum\r\n@\tIN\tNS\tmasterdns.secureethics.com.\r\n@\tIN\tA\t192.168.200.3\r\nmasterdns\tIN\t A  192.168.200.3 \r\n<\/pre>\n<p>[\/vc_column_text][vc_column_text]<strong>Step: 4<\/strong><\/p>\n<p>Configure forward zone file (\/etc\/named\/reverse.secureethics.com)<\/p>\n<pre class=\"theme:dark-terminal lang:default decode:true \"># vim \/etc\/named\/reverse.secureethics.com<\/pre>\n<pre class=\"theme:familiar font:times lang:default decode:true \" title=\"Reverse zone file\">$TTL 1D\r\n@\tIN SOA\tmasterdns.secureethics.com. root.secureethics.com. (\r\n\t\t\t\t\t06152019\t; serial\r\n\t\t\t\t\t1D\t; refresh\r\n\t\t\t\t\t1H\t; retry\r\n\t\t\t\t\t1W\t; expire\r\n\t\t\t\t\t3H )\t; minimum\r\n@\tIN\tNS\tmasterdns.secureethics.com.\r\n@\tIN\tA\t192.168.200.3\r\nmasterdns\tIN\tA\t192.168.200.3\r\n3\tIN\tPTR\tmasterdns.secureethics.com.<\/pre>\n<p>[\/vc_column_text][vc_column_text]<strong>Step: 5<\/strong><\/p>\n<p>Check the error of DNS server configuration and zone file configuration.<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Check the DNS Server configuration file (named.conf)<\/strong><\/span><\/p>\n<p><strong># named-<\/strong>checkconf<strong> \/etc\/named.conf<\/strong><\/p>\n<p>The output should not get any error messages. if there is no error then you will get below output<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-633\" src=\"https:\/\/www.secureethics.com\/wp-content\/uploads\/2019\/04\/check_named.png\" alt=\"\" width=\"940\" height=\"53\" srcset=\"https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/check_named.png 940w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/check_named-300x17.png 300w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/check_named-768x43.png 768w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/check_named-520x29.png 520w\" sizes=\"auto, (max-width: 940px) 100vw, 940px\" \/><\/p>\n<p>Check\u00a0 the\u00a0 forward zone configuration error. if no error then you will get below ouput<\/p>\n<p><strong># named-<\/strong>checkzone<strong> secureethics.com \/etc\/named\/forward.secureethics.com<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-634\" src=\"https:\/\/www.secureethics.com\/wp-content\/uploads\/2019\/04\/forward_zone.png\" alt=\"\" width=\"1005\" height=\"84\" srcset=\"https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/forward_zone.png 1005w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/forward_zone-300x25.png 300w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/forward_zone-768x64.png 768w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/forward_zone-520x43.png 520w\" sizes=\"auto, (max-width: 1005px) 100vw, 1005px\" \/><\/p>\n<p>Check\u00a0 the reverse zone configuration error. if no error then you will get below ouput<\/p>\n<p><strong># named-<\/strong>checkzone<strong> secureethics.com \/etc\/named\/reverse.secureethics.com<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-635\" src=\"https:\/\/www.secureethics.com\/wp-content\/uploads\/2019\/04\/reverse_zone.png\" alt=\"\" width=\"1106\" height=\"68\" srcset=\"https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/reverse_zone.png 1106w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/reverse_zone-300x18.png 300w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/reverse_zone-768x47.png 768w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/reverse_zone-1024x63.png 1024w, https:\/\/secureethics.com\/wp-content\/uploads\/2019\/04\/reverse_zone-520x32.png 520w\" sizes=\"auto, (max-width: 1106px) 100vw, 1106px\" \/><\/p>\n<p>[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text]Domain Name System(DNS) is a name resolution server. its basic function is translated (convert) the IP address into domain name or translated (convert) the domain name into IP address. it has a collection of domain names with mapped IP addresses[\/vc_column_text][vc_column_text]Step&#46;&#46;&#46;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-576","post","type-post","status-publish","format-standard","hentry","category-centos"],"_links":{"self":[{"href":"https:\/\/secureethics.com\/index.php?rest_route=\/wp\/v2\/posts\/576","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secureethics.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secureethics.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secureethics.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secureethics.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=576"}],"version-history":[{"count":0,"href":"https:\/\/secureethics.com\/index.php?rest_route=\/wp\/v2\/posts\/576\/revisions"}],"wp:attachment":[{"href":"https:\/\/secureethics.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=576"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secureethics.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=576"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secureethics.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=576"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}