Share your love
Set up and Configure BIND on AlmaLinux 8
In this article, we want to teach you how to Set up, Install, and Configure the BIND DNS Server on AlmaLinux 8.
BIND (Berkeley Internet Name Domain) is an open-source DNS server that provides DNS services on Linux distributions.
How To Set up and Configure BIND on AlmaLinux 8
To set up and configure BIND on your server you need some requirements first.
Requirements
You need to log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this, you can check our article about the Initial Server Setup with AlmaLinux 8.
A domain name that is pointed to your server’s IP address.
When you are done with these requirements, let’s start to install BIND.
Install Bind on AlmaLinux 8
To install Bind on your server, first, update the local package index with the following command:
sudo dnf update
Then, install Bind and its dependencies on AlmaLinux 8 with the following command:
sudo dnf install bind bind-utils
Start and Enable Bind on AlmaLinux 8
When your installation is finished, start the Bind service on AlmaLinux 8 with the command below:
systemctl start named
Then, enable it with the following command:
systemctl enable named
You can verify that your service is active and running with the following command:
systemctl status named
Output named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor prese> Active: active (running) since Wed 2021-11-03 06:33:26 EDT; 1min 36s ago Main PID: 52770 (named) Tasks: 5 (limit: 11409) Memory: 58.2M CGroup: /system.slice/named.service └─52770 /usr/sbin/named -u named -c /etc/named.conf
Now let’s see how to configure Bind on AlmaLinux 8.
Configure Bind on AlmaLinux 8
First of all, you need to copy the Bind configuration file with the following command:
sudo cp /etc/named.conf /etc/named.bak
Now open the file with your favorite text editor, here we use vi text editor:
sudo vi /etc/named.conf
Find the options section and comment on the two lines as shown below:
// listen-on port 53 { 127.0.0.1; }; // listen-on-v6 port 53 { ::1; };
Then, find the allow-query parameter and adjust it according to your network subnet:
allow-query { localhost; 192.168.43.0/24; };
When you are done, save and close the file.
This setting allows only the hosts in the defined network to access the DNS server and not just any other host.
Forward lookup DNS zone stores the hostname ip address relationship. When queried, it gives the IP address of the host system using the hostname.
In contrast, the reverse DNS zone returns the Fully Qualified Domain Name (FQDN) of the server in relation to its IP address.
To define the reverse and forward lookup zones, copy and paste the following content at the Bind configuration file on AlmaLinux 8 with your own domain name:
sudo vi /etc/named.conf
//forward zone zone "bind.orcacore.net" IN { type master; file "bind.orcacore.net.db"; allow-update { none; }; allow-query { any; }; }; //backward zone zone "43.168.192.in-addr.arpa" IN { type master; file "bind.orcacore.net.rev"; allow-update { none; }; allow-query { any; }; };
Save and close the file, when you are finished.
For the rest of the configuring Bind on Almalinux 8, Let’s see how to create a forward DNS zone file for the domain.
Create a Forward DNS zone file on AlmaLinux 8
You can create a Forward DNS zone file for the domain with the following command:
sudo vi /var/named/bind.orcacore.net.db
Note: Remember to replace the domain name and hostname with your own.
Then, paste the following content into the file:
$TTL 86400 @ IN SOA hostname. admin.domain-name. ( 2020011800 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) ;Name Server Information @ IN NS hostname. ;IP Address for Name Server hostname IN A 192.168.43.35 ;Mail Server MX (Mail exchanger) Record domain-name. IN MX 10 mail.domain-name. ;A Record for the following Host name www IN A 192.168.43.50 mail IN A 192.168.43.60 ;CNAME Record ftp IN CNAME www.domain-name.
When you are finished, save and close the file.
Create a Reverse DNS zone file on AlmaLinux 8
For the rest of the configuring Bind on Almalinux 8, you need to create a reverse DNS zone file for the domain.
sudo vi /var/named/bind.orcacore.net.rev
Paste the following content into the file:
$TTL 86400 @ IN SOA hostname. admin.doaminname. ( 2020011800 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) ;Name Server Information @ IN NS hostname. hostname IN A 192.168.43.35 ;Reverse lookup for Name Server 35 IN PTR hostname. ;PTR Record IP address to Hostname 50 IN PTR www.domainname 60 IN PTR mail.domainanme
When you are done, save and close the file.
Here you need to assign the necessary file permissions to the two configuration files with the following commands:
# sudo chown named:named /var/named/bind.orcacore.net.db # sudo chown named:named /var/named/bind.orcacore.net.rev
Now verify the DNS zone lookup files have no syntax errors with the following commands:
# sudo named-checkconf # sudo named-checkzone bind.orcacore.net /var/named/bind.orcacore.net.db # sudo named-checkzone 192.168.43.35 /var/named/bind.orcacore.net.rev
Restart Bind service on AlmaLinux 8
To apply these changes run the following command:
systemctl restart named
Configure Firewall
For client systems to access the system you need to add the DNS service on the firewall and thereafter reload the firewall. execute the following commands:
sudo firewall-cmd --add-service=dns --zone=public --permanent sudo firewall-cmd --reload
Test Bind from a Client system AlmaLinux 8
On a Client machine (Here our machine is AlmaLinux 8), open the /etc/resolv.conf file with your favorite text editor:
vi /etc/resolv.conf
Then edit the following parameter:
nameserver 192.168.43.35
When you are done, save and close the file.
Finally, you need to append the Bind DNS server’s IP address to the /etc/sysconfig/network-scripts/ifcfg-eth0 file as shown.
vi /etc/sysconfig/network-scripts/ifcfg-eth0
Then, Bind the DNS server’s IP address by adding this below the gateway:
...
DNS1= 192.168.43.35
Save and close the file, when you are finished.
Restart Network on AlmaLinux 8
To apply this change run the following command:
systemctl restart NetworkManager
Test Bind DNS Server
You can use the nslookup command or dig command to test the Bind DNS server on AlmaLinux 8.
nslookup 192.168.43.35
dig bind.orcacore.net
To perform a reverse DNS lookup you can use the following command:
dig -x 192.168.43.35
Also, on a windows client, you can open the internet protocol version 4 properties window and add the DNS server address:
Conclusion
At this point, you learn to Set up and Configure Bind on AlmaLinux 8. and you learn to test Bind on your Client system.
Hope you enjoy it.
You may be like these articles:
How To Set up Network bridge on Debian 11
Use YUM and RPM Package Managers on AlmaLinux 8