Set up and Configure BIND on AlmaLinux 8

In this article, we want to teach you how to Set up and Configure BIND on AlmaLinux 8.

BIND (Berkeley Internet Name Domain) is an open-source DNS server that provides DNS services on Linux distributions.

How To Set up and Configure BIND on AlmaLinux 8

To set up and configure BIND on your server you need some requirements first.

Requirements

You need to log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this you can check our article about the Initial Server Setup with AlmsLinux 8.

A domain that pointed to your server’s IP address.

When you are done with these requirements, let’s start to install BIND.

Install Bind on AlmaLinux 8

To install Bind on your server, first, update the local package index with the following command:

sudo dnf update

Then, install Bind and its dependencies on AlmaLinux 8 with the following command:

sudo dnf install bind bind-utils

When your installation is finished, start the Bind service on AlmaLinux 8 with the command below:

systemctl start named

Then, enable it with the following command:

systemctl enable named

You can verify that your service is active and running with the following command:

systemctl status named
Output
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor prese>
Active: active (running) since Wed 2021-11-03 06:33:26 EDT; 1min 36s ago
Main PID: 52770 (named)
Tasks: 5 (limit: 11409)
Memory: 58.2M
CGroup: /system.slice/named.service
└─52770 /usr/sbin/named -u named -c /etc/named.conf

Now let’s see how to configure Bind on AlmaLinux 8.

Configure Bind on AlmaLinux 8

First of all, you need to copy the Bind configuration file with the following command:

sudo cp /etc/named.conf  /etc/named.bak

Now open the file with your favorite text editor, here we use vi:

sudo vi /etc/named.conf

Find the options section and comment on the two lines as shown below:

// listen-on port 53 { 127.0.0.1; }; 
// listen-on-v6 port 53 { ::1; };

Then, find the allow query parameter and adjust it according to your network subnet:

allow-query { localhost; 192.168.43.0/24; };

When you are done, save and close the file.

This setting allows only the hosts in the defined network to access the DNS server and not just any other host.

Forward lookup DNS zone stores the hostname ip address relationship. When queried, it gives the IP address of the host system using the hostname.

In contrast, the reverse DNS zone returns the Fully Qualified Domain Name (FQDN) of the server in relation to its IP address.

To define the reverse and forward lookup zones, copy and paste the following content at the Bind configuration file on AlmaLinux 8 with your own domain name:

sudo vi /etc/named.conf
//forward zone
zone "bind.orcacore.net" IN {
     type master;
     file "bind.orcacore.net.db";
     allow-update { none; };
     allow-query { any; };
};

//backward zone
zone "43.168.192.in-addr.arpa" IN {
     type master;
     file "bind.orcacore.net.rev";
     allow-update { none; };
     allow-query { any; };
};

Save and close the file, when you are finished.

At the rest of the configuring Bind on Almalinux 8, Let’s see how to create a forward DNS zone file for the domain.

How To Create a Forward DNS zone file for the Domain

You can create a Forward DNS zone file for the domain with the following command:

sudo vi /var/named/bind.orcacore.net.db

Note: Remember to replace the domain name and hostname with your own.

Then, paste the following content into the file:

$TTL 86400
@ IN SOA hostname. admin.domain-name. (
                                                2020011800 ;Serial
                                                3600 ;Refresh
                                                1800 ;Retry
                                                604800 ;Expire
                                                86400 ;Minimum TTL
)

;Name Server Information
@ IN NS hostname.

;IP Address for Name Server
hostname IN A 192.168.43.35

;Mail Server MX (Mail exchanger) Record
domain-name. IN MX 10 mail.domain-name.

;A Record for the following Host name
www  IN   A   192.168.43.50
mail IN   A   192.168.43.60

;CNAME Record
ftp  IN   CNAME www.domain-name.

When you are finished, save and close the file.

Create a Reverse DNS zone file for the Domain

At the rest of the configuring Bind on Almalinux 8, you need to create a reverse DNS zone file for the domain.

sudo vi /var/named/bind.orcacore.net.rev

Paste the following content into the file:

$TTL 86400
@ IN SOA hostname. admin.doaminname. (
                                            2020011800 ;Serial
                                            3600 ;Refresh
                                            1800 ;Retry
                                            604800 ;Expire
                                            86400 ;Minimum TTL
)
;Name Server Information
@ IN NS hostname.
hostname     IN      A       192.168.43.35

;Reverse lookup for Name Server
35 IN PTR hostname.

;PTR Record IP address to Hostname
50      IN      PTR     www.domainname
60      IN      PTR     mail.domainanme

When you are done, save and close the file.

Here you need to assign the necessary file permissions to the two configuration files with the following commands:

sudo chown named:named /var/named/bind.orcacore.net.db
sudo chown named:named /var/named/bind.orcacore.net.rev

Now verify the DNS zone lookup files have no syntax errors with the following commands:

sudo named-checkconf
sudo named-checkzone bind.orcacore.net /var/named/bind.orcacore.net.db
sudo named-checkzone 192.168.43.35 /var/named/bind.orcacore.net.rev

To apply these changes run the following command:

systemctl restart named

For client systems to access the system you need to add the DNS service on the firewall and thereafter reload the firewall. execute the following commands:

sudo firewall-cmd  --add-service=dns --zone=public  --permanent
sudo firewall-cmd --reload

Test the Bind from a Client system

On a Client machine (AlmaLinux 8), open the /etc/resolv.conf file with your favorite text editor:

vi /etc/resolv.conf

Then edit the following parameter:

nameserver 192.168.43.35

When you are done, save and close the file.

Finally, you need to append the Bind DNS server’s IP address to the /etc/sysconfig/network-scripts/ifcfg-eth0 file as shown.

vi /etc/sysconfig/network-scripts/ifcfg-eth0

Then, Bind the DNS server’s IP address by adding this below the gateway:

...
DNS1= 192.168.43.35

Save and close the file, when you are finished.

To apply this change run the following command:

systemctl restart NetworkManager

You can use the nslookup command or dig command to test the Bind DNS server on AlmaLinux 8.

nslookup 192.168.43.35
dig bind.orcacore.net

To perform a reverse DNS lookup you can use the following command:

dig -x 192.168.43.35

Also, on a windows client, you can open the internet protocol version 4 properties window and add the DNS server address:

Use DNS server address-set up bind

Conclusion

At this point, you learn to Set up and Configure Bind on AlmaLinux 8. and you learn to test Bind on your Client system.

Hope you enjoy it.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

POPULAR TAGS

Most Popular