Tag: bind

Wildcard DNS zone in bind
Wildcard DNS zone will act as authoritative DNS for any domain name. This is useful when you have a service like domain name parking service, where customers will change name servers of their domain name to your private label name servers. You need all thse domains get resolved to a specific IP address with out manually configuring DNS zone for each of the domain name.

Install Bind DNS server.

On Ubuntu/Debian
```
apt-get install bind9
```
On CentOS/RHEL
```
yum install bind9
```
Create a Catch-All zone file.
```
vi  /etc/bind/catch-all.zone
```
Add following content to the file
```
@ IN SOA ns1.yourdomain.com. hostmaster.yourdomain.com. ( 1 3h 1h 1w 1d )
  IN NS YOUR_IP_ADDR_HERE
* IN A YOUR_IP_ADDR_HERE
```
In above, replace

YOUR_IP_ADDR_HERE = IP you need all domains resolve to.
yourdomain.com = replace with your private label name server domain.

To make this zone active, you need to add it to named.conf, edit

On CentOS
```
vi  /etc/bind/named.conf.local
```
On Debian
```
vi  /etc/bind/named.conf
```
At the end of the file, add
```
zone "." IN {
        type master;
        file "/etc/bind/catch-all.zone";
};
```
Verify there is no error.
```
named-checkconf
```
Restart bind
```
systemctl restart bind9
```
Now verify Catch all DNS zone works with
```
nslookup serverok.in YOUR_DNS_SERVER_IP_HERE
```
It should resolve to the IP address specified in DNS zone file catch-all.zone. In above example, i used serverok.in for testing, you can use any domain, that should resolve to the IP address.

If you need to set MX rcord for the domains, you can add following to end of catch-all.zone file
```
  IN    MX      0       mx1.mail-server.com.
  IN    MX      5       mx2.mail-server.com.
```
See bind
August 19, 2020

Install bind in CentOS 7

bind is a DNS server. To install bind on CentOS 7, run

yum install bind bind-utils -y

Enable bind to start on boot

systemctl enable named

Start bind

systemctl start named

You can see status with

systemctl status named

Setup firewall

You need to allow DNS ports UDP/TCP 53 in firewall. On CentOS 7, you can run

firewall-cmd --zone=public --permanent --add-service=dns
firewall-cmd --reload

Configure bind

By default bind only listens to local IP, to make it accessable from outside, you need to edit named.conf

vi /etc/named.conf

Find

        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };

Comment out those two lines by adding # at start of the lines.

        #listen-on port 53 { 127.0.0.1; };
        #listen-on-v6 port 53 { ::1; };

We need our DNS server access query from anyone on internet. For this, find

        allow-query     { localhost; };

Replace with

        allow-query     { any; };

Since we only want our DNS server resolve domains hosted on our server, disable recursion.

Find

        recursion yes;

Replace with

        recursion no;

Now restart bind with

systemctl restart bind

Adding Domain to bind

To server a domain, you need to add the domain to bind. For this edit file

vi /etc/named.conf

at end of the file, add

zone "DOMAIN.EXTN" IN {
   type master;
   file "/var/named/DOMAIN.EXTN.zone";
   allow-update { none; };
};

Now create zone file

vi /var/named/DOMAIN.EXTN.zone

Add following

$TTL            86400
@                 IN SOA            DOMAIN.EXT.  admin.DOMAIN.EXT. (
100     ; serial
1H      ; refresh
1M      ; retry
1W      ; expiry
1D )    ; minimum
@                   IN NS             ns1.DOMAIN.EXT.
@                   IN A                 YOUR_IP_ADDR_HERE
ns1                 IN A                 YOUR_IP_ADDR_HERE
@                   IN MX   10      mail.DOMAIN.EXT.
mail                IN A                 YOUR_IP_ADDR_HERE
www                 IN A                 YOUR_IP_ADDR_HERE

Restart bind

vi /var/named/DOMAIN.EXTN.zone

You can verify domain is resolving with command

nslookup DOMAIN.EXT SERVER_IP_HERE

See bind

July 24, 2020

Tag: bind

Wildcard DNS zone in bind

Install bind in CentOS 7

Setup firewall

Configure bind

Adding Domain to bind