Installing a DNS service will bring you several advantages:
– you define machine names one for all in a centralized way, you can then better organize your workshops, build machines dedicated to a specific task (NFS server, LDAP server, etc),
– you don’t need to regularly edit the /etc/hosts file of each of them,
– you can use the machine names everywhere in an efficient way,
– you can now test postfix labs: this only point makes DNS service mandatory.
Besides making conversion between IP address and names, the DNS service provides the infrastructure necessary for mail management through the MX records.
Let’s install a DNS server for the example.com domain.
Install the bind package:
# yum install -y bind
Edit the /etc/named.conf file and change the ‘listen-on‘ option from 127.0.0.1 to any:
listen-on port 53 { any; };
In the same file, change the ‘allow-query‘ option from localhost to any:
allow-query { any; };
In the same file, disable the ‘dnssec-validation‘ option:
dnssec-validation no;
Still in the same file, below the ‘recursion‘ option, add the two following lines (with 192.168.1.1 being the DNS IP address of your Internet provider):
forward only; forwarders { 192.168.1.1; };
In the same file, add the following lines at the end:
zone "example.com" { type master; file "example.com.zone"; allow-update { none; }; }; zone "1.168.192.in-addr.arpa" { type master; file "example.com.revzone"; allow-update { none; }; };
Go to the /var/named directory:
# cd /var/named
Create the example.com.zone file and add the following lines:
$TTL 86400 @ IN SOA master.example.com. root.example.com. ( 2013110101 ; Serial 1d ; refresh 2h ; retry 4w ; expire 1h ) ; min cache IN NS master.example.com. IN MX 10 postfix.example.com. gateway IN A 192.168.1.1 master IN A 192.168.1.5 postfix IN A 192.168.1.10
Create the example.com.revzone file and add the following lines:
$TTL 86400 @ IN SOA master.example.com. root.example.com. ( 2013110102 ; Serial 1d ; refresh 2h ; retry 4w ; expire 1h ) ; min cache IN NS master.example.com. 1 IN PTR gateway.example.com. 5 IN PTR master.example.com. 10 IN PTR postfix.example.com.
Check the configuration files:
# named-checkconf
Note: don’t forget to increment the serial number (in bold in the files above) each time you change something before reloading the named service.
Set the DNS configuration:
# system-config-network
Choose ‘DNS configuration‘, then type:
Hostname: master.example.com Primary DNS: 192.168.1.5 DNS search path: example.com
Type ‘OK‘, then ‘Save&Quit‘.
Add two new rules to the firewall configuration:
# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT # iptables -I INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
Save the firewall configuration:
# service iptables restart
Activate the DNS service:
# chkconfig named on
Start the DNS service:
# service named start
Check the configuration:
# nslookup master.example.com # nslookup 192.168.1.5
This is absolutely the best site for preparing for the RHCSA that I’ve encounter. You guys are Heros.
P.s Thank you for this tip on DNS configuration. Its exactly what I’ve been looking for.
Hello,
As stated above, I am trying to setup DNS ?
but, I am not able to use,
# system-config-network —- for DNS configuration.
If you can’t use the system-config-network command, it’s because 1) you are not using RHEL 6/CentOS 6 or 2) this command is not installed yet.
If you are in the 2) case, type: # yum install system-config-network-tui
Each time, you want to install a command (here system-config-network) and don’t know the associated package, type: # yum whatprovides */system-config-network