Install bind in CentOS 7

bind is a DNS server. To install bind on CentOS 7, run

yum install bind bind-utils -y

Enable bind to start on boot

systemctl enable named

Start bind

systemctl start named

You can see status with

systemctl status named

Setup firewall

You need to allow DNS ports UDP/TCP 53 in firewall. On CentOS 7, you can run

firewall-cmd --zone=public --permanent --add-service=dns
firewall-cmd --reload

Configure bind

By default bind only listens to local IP, to make it accessable from outside, you need to edit named.conf

vi /etc/named.conf

Find

        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };

Comment out those two lines by adding # at start of the lines.

        #listen-on port 53 { 127.0.0.1; };
        #listen-on-v6 port 53 { ::1; };

We need our DNS server access query from anyone on internet. For this, find

        allow-query     { localhost; };

Replace with

        allow-query     { any; };

Since we only want our DNS server resolve domains hosted on our server, disable recursion.

Find

        recursion yes;

Replace with

        recursion no;

Now restart bind with

systemctl restart bind

Adding Domain to bind

To server a domain, you need to add the domain to bind. For this edit file

vi /etc/named.conf

at end of the file, add

zone "DOMAIN.EXTN" IN {
   type master;
   file "/var/named/DOMAIN.EXTN.zone";
   allow-update { none; };
};

Now create zone file

vi /var/named/DOMAIN.EXTN.zone

Add following

$TTL            86400
@                 IN SOA            DOMAIN.EXT.  admin.DOMAIN.EXT. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D )    ; minimum
@                   IN NS             ns1.DOMAIN.EXT.
@                   IN A                 YOUR_IP_ADDR_HERE
ns1                 IN A                 YOUR_IP_ADDR_HERE
@                   IN MX   10      mail.DOMAIN.EXT.
mail                IN A                 YOUR_IP_ADDR_HERE
www                 IN A                 YOUR_IP_ADDR_HERE

Restart bind

vi /var/named/DOMAIN.EXTN.zone

You can verify domain is resolving with command

nslookup DOMAIN.EXT SERVER_IP_HERE

See bind

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *