How to configure DNS server on linux (CentOS /RHEL)

DNS (Domain Name System) used to covert internet names (Websites/server names) to IP address. It is the hierarchical naming system to get information about networked resources. The hierarchical structure is organized in the domain which holds the information of host and others in the resource records.

DNS Hierarchy

On the top of the DNS hierarchy is the root domain (.) . Under the root domain are top-level domains like com, org,  also known as categories. Top-Level domains are also used to recognize the country names like “in”for inida, cn for chine and de for germany. Individual or organizations can register domains names under these categories like mydomain.com / mydomain.org /mydomain.net.

Under the top-level domain are second level domains which are actually names can be registered by the individuals or organizations. for eg. in mydomain.com, mydomain is the second level domain. A second level domain can further be categorized into subdomains, generally, represents hostnames or division of domain like mail.mydomain.com.

 

DNS Terminology

  • Domain: The collection of resource records that ends in a common name.
  • Root:  Topmost in the DNS hierarchy. These are 13 in number.

List of Root Servers

HOSTNAME IP ADDRESSES MANAGER
a.root-servers.net 198.41.0.4, 2001:503:ba3e::2:30 VeriSign, Inc.
b.root-servers.net 199.9.14.201, 2001:500:200::b University of Southern California (ISI)
c.root-servers.net 192.33.4.12, 2001:500:2::c Cogent Communications
d.root-servers.net 199.7.91.13, 2001:500:2d::d University of Maryland
e.root-servers.net 192.203.230.10, 2001:500:a8::e NASA (Ames Research Center)
f.root-servers.net 192.5.5.241, 2001:500:2f::f Internet Systems Consortium, Inc.
g.root-servers.net 192.112.36.4, 2001:500:12::d0d US Department of Defense (NIC)
h.root-servers.net 198.97.190.53, 2001:500:1::53 US Army (Research Lab)
i.root-servers.net 192.36.148.17, 2001:7fe::53 Netnod
j.root-servers.net 192.58.128.30, 2001:503:c27::2:30 VeriSign, Inc.
k.root-servers.net 193.0.14.129, 2001:7fd::1 RIPE NCC
l.root-servers.net 199.7.83.42, 2001:500:9f::42 ICANN
m.root-servers.net 202.12.27.33, 2001:dc3::35 WIDE Project
  • Top-Level Domain : These are actually categories of domain names like .com, .org, .net and two letter country code domain names like .in, .us, .de
  • Subdomain : A domain name which branch within domain like mail in mydomain.com. Individual or organizations can create subdomain according to the choise. they not bounded to names.
  • Nameserver: Nameservers are responsible for the resource records in the zone.
  • Resource Record: A database of records that contains information that is managed by DNS.
  • Zone: Zone refers to the branch of DNS tree for which a specific name server is responsible.

 

Lookup Process

Each computer which is connected to the internet is configured with a DNS resolver. The DNS resolver contains the IP address of one and up to three DNS servers that are contacted when looking up DNS information on the internet. If the first is not available, the second one is contacted, then the third one. If DNS server does not know the answer to a query, the request will be tried again on another name server that is configured in the DNS resolver.

on the Linux system, you can configure resolver in the /etc/resolv.conf

An authoritative answer comes from a name server that is responsible for a zone and its records

Local Authoritive Data

Important Resource Records

Resource Record Type Use
A (IPv4 Record) Maps a hostname to IPV4 IP Address
AAAA (IPv6 Record) Maps a hostname to IPV6 IP Address
CNAME (canonical name) An alias for one name to another name
PTR (pointer) Maps IP address (IPv4 or IPv6) to hostname
NS (Name Server) Maps a domain name to DNS name server
SOA (Start of Authority) Contains generic information about how a DNS zone
works. It contains information about who is responsible for
administration of the domain.
MX (Mail Exchange) Indicates which MTA mail servers are used within a DNS
domain.
TXT (text) Maps a name to human readable text. This type of resource
record is for instance used by protocols like Send Policy
Framework, which in email is used to verify the name of the
domain an email message was received from.
SRV (service) Indicates which host to contact for specific services such as
LDAP and Kerberos.

 

Setup an Authoritative DNS server

Suppose you want to set up authoritative DNS server for your domain example.com.

  • Install DNS server
  • Change option in configuration file and set up zone
  • Create Zone file and configure
  • Test DNS server by resolving queries

INSTALL DNS SERVER

CHANGE OPTIONS IN CONFIGURATION FILE AND SETUP ZONE

CREATE ZONE FILE AND CONFIGURE RESOURCE RECORDS

after creating and updating file, restart the named server

update resolver IP in /etc/resolv.conf to 127.0.0.1 or 192.168.10.12

TEST DNS SERVER BY RESOLVING NAMES

 

 

 

 

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">