Setting-up DNS Server(Name Server) & Client On RHEL 6/CentOS.


My setup at home consists of 2 Linux Servers (RHEL 6.2) & 1 Windows 2008 Server. Why Windows? 😉 Well, for Samba sharing 😉 And??? DNS 😦 It has always been overwhelming for me to setup DNS on Linux 😦 That’s why I chose to set it up on Windows Server. But that’s an added burden. For LDAP & other similar stuff, we need a dedicated DNS server & it means switching on an additional machine, which, in turn, would lead to resource shortage 😦 And my plain old sweet laptop dosen’t have much resources to support 3 VMs running at the same time.

All this changed last week when I finally managed to setup DNS on Linux & it works like charm 😉 You need 2 Linux VMs for this tutorial. 1 will act as DNS server & other one will act as a client. So, below is how we can do this. Read On!! 🙂

DNS Server Configuration : – Hostname server.shashank.com(192.168.0.123)

1. Install bind package.

[root@server ~]# yum list bind*
Loaded plugins: refresh-packagekit, security, verify, versionlock
rhel-source | 4.0 kB 00:00 ...
testpkg | 1.3 kB 00:00 ...
Installed Packages
bind.x86_64 32:9.7.3-8.P3.el6 @rhel-source
bind-chroot.x86_64 32:9.7.3-8.P3.el6 @rhel-source
bind-dyndb-ldap.x86_64 0.2.0-7.el6 @rhel-source
bind-libs.x86_64 32:9.7.3-8.P3.el6 @anaconda-RedHatEnterpriseLinux-201111171049.x86_64/6.2
bind-utils.x86_64 32:9.7.3-8.P3.el6 @anaconda-RedHatEnterpriseLinux-201111171049.x86_64/6.2

2. Edit /etc/named.conf file.

Pay special attention to the syntax, other-wise service named won’t start. Below is the section that needs to be edited. Its always a better idea to backup configuration files first. I have bold-marked the entries that need to be changed from default.

options {
listen-on port 53 { 127.0.0.1; 192.168.0.123; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.0.0/24; any; }; #All the clients in the subnet.
recursion yes;

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};
zone"shashank.com" IN {
 type master;
 file "forward.shashank";
 allow-update { none; }; #shashank.com is the domain name & forward.shashank is file-name for forward look-up zone.
 };
 zone"0.168.192.in-addr.arpa" IN {
 type master;
 file "reverse.shashank"; #reverse look-up zone file.
 allow-update { none; };
 };
#include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

PS- I have commented out the 2nd last line as zones had already been defined in rfc1912.zones files earlier, but I was unsuccessful in setting DNS up. If its your first attempt at setting up DNS, uncomment it.

3. Copy /var/named/named.localhost file to /var/named/forward.shashank &  /var/named/named.loopback file to /var/named/reverse.shashank

These files are template zone look-up files. You many choose any name above but make sure you mention the exact name in zone section of named.conf (step 2).

4. Edit forward.shashank file with the content shown in screenshot.

192.168.0.125 is IP address of our client machine with hostname client.shashank.com. The values mentioned are in seconds. Time To Live/TTL is 1 Day (24*60*60) or 86400. NS refers to Name Server. ‘A’ refers to hostname-to-IP resolution. @ IN NS etc. are tab separated values. Be careful.

Forward Lookup Zone

5. Edit reverse.shashank file with the content shown in screenshot.

PTR or Pointer refers to IP-to-hostname resolution.

Reverse Lookup Zone

6. Check named.conf & look-up files configuration by issuing below commands.

In case you run into trouble, look at the error message. Mostly it is due to wrong syntax. That’s why I told you to be extra cautious while editing these files. Make sure to use correct case & be careful about semi-colons.

[root@server ~]# named-checkconf /etc/named.conf
[root@server ~]# named-checkzone shashank.com /var/named/forward.shashank
zone shashank.com/IN: loaded serial 0
OK
[root@server ~]# named-checkzone 0.168.192.in-addr.arpa /var/named/reverse.shashank
zone 0.168.192.in-addr.arpa/IN: loaded serial 1
OK

7. Start named service by issuing service named start command.

If your syntax is correct, you will see that named service is running fine now. I ran into a few problems, though 😦 One problem was with previously modified rfc1912.zones file (discussed above). Other was with the fact that I was using a Windows Server as DNS, so my Linux Server itself was client to that 😉 So, I just changed the network settings & voila!! named service started.

8. Test DNS Server.

[root@server ~]# dig server.shashank.com

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> server.shashank.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER< ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;server.shashank.com. IN A

;; ANSWER SECTION:
server.shashank.com. 86400 IN A 192.168.0.123

;; AUTHORITY SECTION:
shashank.com. 86400 IN NS client.shashank.com.
shashank.com. 86400 IN NS server.shashank.com.

;; ADDITIONAL SECTION:
client.shashank.com. 86400 IN A 192.168.0.125

;; Query time: 75 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Apr 11 00:50:32 2015
;; MSG SIZE rcvd: 104
[root@server ~]# nslookup client
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: client.shashank.com
Address: 192.168.0.125
[root@server ~]# ping client
PING client.shashank.com (192.168.0.125) 56(84) bytes of data.
64 bytes from client.shashank.com (192.168.0.125): icmp_seq=1 ttl=64 time=1.34 ms
64 bytes from client.shashank.com (192.168.0.125): icmp_seq=2 ttl=64 time=0.478 ms
64 bytes from client.shashank.com (192.168.0.125): icmp_seq=3 ttl=64 time=0.793 ms

That’s all from Server side. Lets move on to Client side configuration.

DNS Client Configuration : – Hostname client.shashank.com(192.168.0.125)

Client side configuration is simple. Just issue system-config-network command & make changes to DNS settings. These screenshots are from my other lab where server IP is 192.168.0.1. Make changes accordingly. Restart network service & check DNS with below mentioned commands.

DNS Client Setting DNS Client Setting2

[root@client ~]# ping server
PING server.shashank.com (192.168.0.123) 56(84) bytes of data.
64 bytes from server.shashank.com (192.168.0.123): icmp_seq=1 ttl=64 time=1.04 ms
64 bytes from server.shashank.com (192.168.0.123): icmp_seq=2 ttl=64 time=0.921 ms
64 bytes from server.shashank.com (192.168.0.123): icmp_seq=3 ttl=64 time=0.681 ms
64 bytes from server.shashank.com (192.168.0.123): icmp_seq=4 ttl=64 time=0.712 ms
^C
--- server.shashank.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3314ms
rtt min/avg/max/mdev = 0.681/0.840/1.047/0.152 ms
[root@client ~]# nslookup server
Server: 192.168.0.123
Address: 192.168.0.123#53

Name: server.shashank.com
Address: 192.168.0.123
[root@client ~]# dig server.shashank.com

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> server.shashank.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER< ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;server.shashank.com. IN A

;; ANSWER SECTION:
server.shashank.com. 86400 IN A 192.168.0.123

;; AUTHORITY SECTION:
shashank.com. 86400 IN NS server.shashank.com.
shashank.com. 86400 IN NS client.shashank.com.

;; ADDITIONAL SECTION:
client.shashank.com. 86400 IN A 192.168.0.125

;; Query time: 2 msec
;; SERVER: 192.168.0.123#53(192.168.0.123)
;; WHEN: Sat Apr 11 01:11:13 2015
;; MSG SIZE rcvd: 104
Advertisements

One thought on “Setting-up DNS Server(Name Server) & Client On RHEL 6/CentOS.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s