Primary DNS configuration RHEL6

Assumptions :-
Internet address configured as below
eth0
 IP address - 192.168.1.254
 Subnet mask - 255.255.255.0
 Gateway - 192.168.1.1 
 DNS server - 192.168.1.1

Intranet address configured as below

eth1
 IP address – 16.10.1.21
 Subnet mask - 255.255.255.0
 DNS server – 16.10.1.21

DNS Server  srvprd1

Configuration :-

Packages required -
 bind-9.7.0-5.P2.el6.x86_64.rpm
 bind-chroot-9.7.0-5.P2.el6.x86_64.rpm

# yum install bind*

Configuration files -
/var/named/chroot/etc/named.conf

Configuration Steps :-

# vim /var/named/chroot/etc/named.conf
===========================================================================
// Red Hat BIND Configuration Tool
 // Default initial "Caching Only" name server configuration
 acl "example" { 16.10.1.0/16; };
 options {
 listen-on port 53 { 16.10.1.21; };
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 allow-recursion { example; };
 allow-transfer { none; };
 allow-query { any; };
 notify no;
 transfer-format many-answers;
 interface-interval 0;
 max-transfer-time-in 60;
 version "Not Available";
 /*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND 8.1 uses an unprivileged
 * port by default.
 */
 // query-source address * port 53;
 dnssec-enable yes;
 dnssec-validation yes;
 dnssec-lookaside . trust-anchor dlv.isc.org.;
 };
 // a caching only nameserver config
 controls {
 inet 127.0.0.1 allow { localhost; } keys { rndckey; rndc-key; };
 };
 server 16.10.1.21 {
 keys { rndckey; };
 };
 zone "." IN {
 type hint;
 file "named.root";
 };
 // Now register your domain name and database/zone file
 // record better before the line "include /etc/rndc.key"
 // You can include separate zone entry
 // file with "include /etc/myinternalzonefile.zones" within this named.conf file.
 //Name Zone Registration
 zone "example.com" IN {
 type master;
 file "example.for";
 allow-transfer { none; };
 };
 // Reverse Zone Rsegistration
zone "1.10.16.in-addr.arpa" IN {
 type master;
 file "example.rev";
 allow-transfer { none; };
 };
//include the rndc key like below (copy-past from rndc.key created earlier)
 key rndckey {
 algorithm hmac-md5;
 secret "Hi1V+y3WixmfEfGqrebKRA==";
 };
 key rndc-key {
 algorithm hmac-md5;
 secret "AoXEyjm6UUKu4cKqFoFMRg==";
 };
 trusted-keys {
 dlv.isc.org. 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URkY62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboMQKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VStTDN0YUuWrBNh";
 };
===========================================================================

# ln –s /var/named/chroot/etc/named.conf /etc/named.conf
# vim /var/named/chroot/var/named/example.for
===========================================================================

$TTL 86400
@       IN      SOA     srvprd1.example.com.    root.example.com (
                        2010041106 ; Serial
                        1H         ; Refresh
                        1M         ; Retry
                        1W         ; Expire
                        1D         ; Minimum time to TTL
                        )
@       IN      NS      srvprd1.example.com.
mail    IN      A       16.10.1.21
srvprd1 IN      A       16.10.1.21
lnxsrv1 IN      A       16.10.1.10
storage1 IN     A       16.10.1.15
==========================================================================

# ln –s /var/named/chroot/var/named/example.for /var/named/example.for
# vim /var/named/chroot/var/named/example.rev
=================================================================================
$TTL 86400
@       IN      SOA        srvprd1.example.com.   root.example.com (
                                        2010041102 ; Serial
                                        1H         ; Refresh
                                        1M         ; Retry
                                        1W         ; Expire
                                        1D         ; Minimum time to live
                                        )
@        IN     NS   srvprd1.example.com.
srvprd1  IN     A       16.10.1.21
21       IN     PTR     srvprd1.
10      IN      PTR     lnxsrv1.
15      IN      PTR     storage1.
==================================================================================
# ln –s /var/named/chroot/var/named/example.rev /var/named/example.rev
# mv /var/named/named.ca /var/named/chroot/var/named/named.root
# ln –s /var/named/chroot/var/named/named.root /var/named/named.root
# mv /var/named/named.ca /var/named/chroot/var/named/named.ca
# ln –s /var/named/chroot/var/named/named.ca /var/named/named.ca
# mv /var/named/named.empty /var/named/chroot/var/named/named.empty
# ln –s /var/named/chroot/var/named/named.empty /var/named/named.empty
# mv /var/named/named.localhost /var/named/chroot/var/named/named.localhost
# ln –s /var/named/chroot/var/named/named.localhost /var/named/named.localhost
# mv /var/named/named.loopback /var/named/chroot/var/named/named.loopback
# ln –s /var/named/chroot/var/named/named.loopback /var/named/named.loopback

check the syntax error of your current configuration
# named-checkzone example.com /var/named/chroot/var/named/example.for
# named-checkzone example.com /var/named/chroot/var/named/example.rev
Client side configuration
Check  “/etc/resolv.conf” file
# vim /etc/resolv.conf

 ==========================================================================
 # Generated by NetworkManager
 search example.com
 nameserver 172.16.0.1
 nameserver 192.168.1.1
 ==========================================================================
check “/etc/hosts” file
# vim /etc/hosts

 ==========================================================================
 192.168.1.254   server.example.com      server  # Added by NetworkManager
 127.0.0.1        localhost.localdomain   localhost
 ::1             localhost6.localdomain6 localhost6
 172.16.0.1      server.example.com      server
 ==========================================================================
also check “/etc/sysconfig/network” file
# vim /etc/sysconfig/network

 ==========================================================================
 NETWORKING=yes
 NETWORKING_IPV6=no
 HOSTNAME=server.example.com
 ==========================================================================
IP tables and Selinux configuration  Either disable or configure accordingly for Iptables and Selinux. Here I disabled those.
# service iptables stop
# chkconfig iptables off
# setenforce 0     <To set Selinux Permissive temporarily.>
# vi /etc/sysconfig/selinux
SELINUX=permissive     <save and quit for permanent change>
Now start the service bind.
# service named start
# chkconfig named on


Verify that  dns server is answer queries using “nslookup” and “dig” tools.
[root@srvprd1 ~]# dig example.com NS

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> example.com NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62009
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;example.com.                   IN      NS

;; ANSWER SECTION:
example.com.            86400   IN      NS      srvprd1.example.com.

;; ADDITIONAL SECTION:
srvprd1.example.com.    86400   IN      A       16.10.1.21

;; Query time: 6 msec
;; SERVER: 16.10.1.21#53(16.10.1.21)
;; WHEN: Mon Jun 11 20:35:21 2012
;; MSG SIZE  rcvd: 67


[root@srvprd1 ~]# nslookup mail.example.com
Server:         16.10.1.21
Address:        16.10.1.21#53

Name:   mail.example.com
Address: 16.10.1.21

 [root@srvprd1 ~]# nslookup lnxsrv1.example.com
Server:         16.10.1.21
Address:        16.10.1.21#53

Name:   lnxsrv1.example.com
Address: 16.10.1.10

Thus the DNS Primary server configured. Good Luck J .....

Comments

Popular posts from this blog

AIX Firefox Installation

AIX Commands

How to increase swap size on CentOS 8 / RHEL 8

How to configure NTP in RHEL8 or CentOS 8 by chronyd.

How to find big files in Linux, Unix, AIX

How to enable VNC server (get GUI remotely) in CentOS 7, RHEL 7, CentOS 8 and RHEL 8 servers.

Remote X11 forwarding for AIX in command line.

How to manage Linux systems through web browser (cockpit for Linux): CentOS 7, CentOS 8, RHEL 7, RHEL 8, Fedora, Ubuntu and Debian systems.

YUM configuration in AIX.

Upgrade curl 7.29 to 7.69 in CentOS 7 or RedHat 7