Set up and Configure BIND on AlmaLinux 8

In this article, we want to teach you how to Set up, Install, and Configure the BIND DNS Server on AlmaLinux 8.

BIND (Berkeley Internet Name Domain) is an open-source DNS server that provides DNS services on Linux distributions.

How To Set up and Configure BIND on AlmaLinux 8

To set up and configure BIND on your server you need some requirements first.

Requirements

You need to log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this, you can check our article about the Initial Server Setup with AlmaLinux 8.

A domain name that is pointed to your server’s IP address.

When you are done with these requirements, let’s start to install BIND.

Install Bind on AlmaLinux 8

To install Bind on your server, first, update the local package index with the following command:

sudo dnf update

Then, install Bind and its dependencies on AlmaLinux 8 with the following command:

sudo dnf install bind bind-utils

Start and Enable Bind on AlmaLinux 8

When your installation is finished, start the Bind service on AlmaLinux 8 with the command below:

systemctl start named

Then, enable it with the following command:

systemctl enable named

You can verify that your service is active and running with the following command:

systemctl status named
Output
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor prese>
Active: active (running) since Wed 2021-11-03 06:33:26 EDT; 1min 36s ago
Main PID: 52770 (named)
Tasks: 5 (limit: 11409)
Memory: 58.2M
CGroup: /system.slice/named.service
└─52770 /usr/sbin/named -u named -c /etc/named.conf

Now let’s see how to configure Bind on AlmaLinux 8.

Configure Bind on AlmaLinux 8

First of all, you need to copy the Bind configuration file with the following command:

sudo cp /etc/named.conf  /etc/named.bak

Now open the file with your favorite text editor, here we use vi text editor:

sudo vi /etc/named.conf

Find the options section and comment on the two lines as shown below:

// listen-on port 53 { 127.0.0.1; }; 
// listen-on-v6 port 53 { ::1; };

Then, find the allow-query parameter and adjust it according to your network subnet:

allow-query { localhost; 192.168.43.0/24; };

When you are done, save and close the file.

This setting allows only the hosts in the defined network to access the DNS server and not just any other host.

Forward lookup DNS zone stores the hostname ip address relationship. When queried, it gives the IP address of the host system using the hostname.

In contrast, the reverse DNS zone returns the Fully Qualified Domain Name (FQDN) of the server in relation to its IP address.

To define the reverse and forward lookup zones, copy and paste the following content at the Bind configuration file on AlmaLinux 8 with your own domain name:

sudo vi /etc/named.conf
//forward zone
zone "bind.orcacore.net" IN {
     type master;
     file "bind.orcacore.net.db";
     allow-update { none; };
     allow-query { any; };
};

//backward zone
zone "43.168.192.in-addr.arpa" IN {
     type master;
     file "bind.orcacore.net.rev";
     allow-update { none; };
     allow-query { any; };
};

Save and close the file, when you are finished.

For the rest of the configuring Bind on Almalinux 8, Let’s see how to create a forward DNS zone file for the domain.

Create a Forward DNS zone file on AlmaLinux 8

You can create a Forward DNS zone file for the domain with the following command:

sudo vi /var/named/bind.orcacore.net.db

Note: Remember to replace the domain name and hostname with your own.

Then, paste the following content into the file:

$TTL 86400
@ IN SOA hostname. admin.domain-name. (
                                                2020011800 ;Serial
                                                3600 ;Refresh
                                                1800 ;Retry
                                                604800 ;Expire
                                                86400 ;Minimum TTL
)

;Name Server Information
@ IN NS hostname.

;IP Address for Name Server
hostname IN A 192.168.43.35

;Mail Server MX (Mail exchanger) Record
domain-name. IN MX 10 mail.domain-name.

;A Record for the following Host name
www  IN   A   192.168.43.50
mail IN   A   192.168.43.60

;CNAME Record
ftp  IN   CNAME www.domain-name.

When you are finished, save and close the file.

Create a Reverse DNS zone file on AlmaLinux 8

For the rest of the configuring Bind on Almalinux 8, you need to create a reverse DNS zone file for the domain.

sudo vi /var/named/bind.orcacore.net.rev

Paste the following content into the file:

$TTL 86400
@ IN SOA hostname. admin.doaminname. (
                                            2020011800 ;Serial
                                            3600 ;Refresh
                                            1800 ;Retry
                                            604800 ;Expire
                                            86400 ;Minimum TTL
)
;Name Server Information
@ IN NS hostname.
hostname     IN      A       192.168.43.35

;Reverse lookup for Name Server
35 IN PTR hostname.

;PTR Record IP address to Hostname
50      IN      PTR     www.domainname
60      IN      PTR     mail.domainanme

When you are done, save and close the file.

Here you need to assign the necessary file permissions to the two configuration files with the following commands:

# sudo chown named:named /var/named/bind.orcacore.net.db
# sudo chown named:named /var/named/bind.orcacore.net.rev

Now verify the DNS zone lookup files have no syntax errors with the following commands:

# sudo named-checkconf
# sudo named-checkzone bind.orcacore.net /var/named/bind.orcacore.net.db
# sudo named-checkzone 192.168.43.35 /var/named/bind.orcacore.net.rev
Restart Bind service on AlmaLinux 8

To apply these changes run the following command:

systemctl restart named
Configure Firewall

For client systems to access the system you need to add the DNS service on the firewall and thereafter reload the firewall. execute the following commands:

sudo firewall-cmd  --add-service=dns --zone=public  --permanent
sudo firewall-cmd --reload

Test Bind from a Client system AlmaLinux 8

On a Client machine (Here our machine is AlmaLinux 8), open the /etc/resolv.conf file with your favorite text editor:

vi /etc/resolv.conf

Then edit the following parameter:

nameserver 192.168.43.35

When you are done, save and close the file.

Finally, you need to append the Bind DNS server’s IP address to the /etc/sysconfig/network-scripts/ifcfg-eth0 file as shown.

vi /etc/sysconfig/network-scripts/ifcfg-eth0

Then, Bind the DNS server’s IP address by adding this below the gateway:

...
DNS1= 192.168.43.35

Save and close the file, when you are finished.

Restart Network on AlmaLinux 8

To apply this change run the following command:

systemctl restart NetworkManager
Test Bind DNS Server

You can use the nslookup command or dig command to test the Bind DNS server on AlmaLinux 8.

nslookup 192.168.43.35
dig bind.orcacore.net

To perform a reverse DNS lookup you can use the following command:

dig -x 192.168.43.35

Also, on a windows client, you can open the internet protocol version 4 properties window and add the DNS server address:

Use DNS server address-set up bind

Conclusion

At this point, you learn to Set up and Configure Bind on AlmaLinux 8. and you learn to test Bind on your Client system.

Hope you enjoy it.

You may be like these articles:

How To Set up Network bridge on Debian 11

Use YUM and RPM Package Managers on AlmaLinux 8

Differences between YUM and DNF package managers

How to Set up a YUM repository on Centos 7

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Stay informed and not overwhelmed, subscribe now!