How to install and configure Bind DNS Cluster in Linux
- Category : Linux Helpline (Easy Guide)
- Posted on : Mar 09, 2019
- Views : 1,936
- By : Odalis J.
1. Introduction
Short for Domain Name System (or Service or Server), an internet service that converts domain names into IP addresses. Domain names are much easier to remember than IP addresses.
Information from all the domain name servers across the Internet are gathered together and housed at the Central Registry. Host companies and Internet Service Providers interact with the Central Registry on a regular schedule to get updated DNS information.
2. Requirements
For master DNS Server:
OS : Centos 7
IP Address : 192.168.1.18
For slave DNS Server:
OS : Ubuntu 14.04
IP Address : 192.168.1.19
3. Setup Master DNS Server
Install the bind packages
# yum install bind* -y
To configure the DNS server follow the below step.
# vi /etc/named.conf // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { 127.0.0.1; 192.168.1.18; }; ## MASTER ## listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 138.201.3.0/24; }; ## RANGE ## allow-transfer { localhost; 192.168.1.19; }; ## SLAVE ## /* . . . . zone "." IN { type hint; file "named.ca"; }; zone "inhouse.inc" IN { type master; file "forward.zone"; allow-update { none; }; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
To create zone files as mentioned in /etc/named.conf, follow the steps below.
Important: Please make sure that you replace ‘@’ with ‘inhouse.inc.’ in both the zone files.
Create forward zone file.
# vi /var/named/forward.zone $TTL 86400 @ IN SOA masterdns.inhouse.inc. root.inhouse.inc. ( 2011071001 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) @ IN NS masterdns.inhouse.inc. @ IN NS secondarydns.inhouse.inc. @ IN A 192.168.1.18 @ IN A 192.168.1.19 masterdns IN A 192.168.1.18 secondarydns IN A 192.168.1.19
Create reverse zone file.
# vi /var/named/reverse.zone $TTL 86400 @ IN SOA masterdns.inhouse.inc. root.inhouse.inc. ( 2011071001 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) @ IN NS masterdns.inhouse.inc. @ IN NS secondarydns.inhouse.inc. @ IN PTR inhouse.inc. masterdns IN A 192.168.1.18 secondarydns IN A 192.168.1.19 18 IN PTR masterdns.inhouse.inc. 19 IN PTR secondarydns.inhouse.inc.
Add the following line in /etc/resolv.conf
# vi /etc/resolv.conf nameserver 192.168.1.18
Now start the named service
# systemctl named start # chkconfig named on
Verify DNS configuration and zone files for any syntax errors
# named-checkconf /etc/named.conf # named-checkzone inhouse.inc /var/named/forward.zone
Output is as follows:
zone inhouse.inc/IN: loaded serial 2011071001 OK
Now we need to check the reverse zone.
# named-checkzone inhouse.inc /var/named/reverse.zone
Output is as follows:
zone inhouse.inc/IN: loaded serial 2011071001 OK
Now you can test the DNS server using the following commands. Testing with any one of the command is fine.
$~ dig masterdns.inhouse.inc ; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> masterdns.inhouse.inc ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57668 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;masterdns.inhouse.inc. IN A ;; AUTHORITY SECTION: inhouse.inc. 86400 IN SOA ns1.inhouse.inc. sherin.centriohost.com. 2015112001 86400 7200 3600000 86400 ;; Query time: 0 msec ;; SERVER: 10.0.0.10#53(10.0.0.10) ;; WHEN: Fri Jan 15 02:23:30 IST 2016 ;; MSG SIZE rcvd: 108
Do an nslook for the domain name inhouse.inc
# nslookup inhouse.inc Server: 192.168.1.18 Address: 192.168.1.18#53 Name: inhouse.inc Address: 192.168.1.18 Name: inhouse.inc Address: 192.168.1.19
4. Setup slave DNS server
Install the bind packages.
# apt-get install bind9 bind9utils bind9-doc
To configure slave DNS server follow the below step.
# vi /etc/bind/named.conf
Make sure it contains the following lines. If not, add them.
include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones";
Save and quit the file.
# vi /etc/bind/named.conf.local
Add the following lines to it
zone"inhouse.inc" { type slave; file "/var/named/forward.zone"; masters { 192.168.1.18; }; };
Add the following line in /etc/resolv.conf
# vi /etc/resolv.conf nameserver 192.168.1.18
Give permissions and change ownership
# chmod -R 755 /etc/bind # chown -R bind:bind /etc/bind
Now restart the bind service
# service bind9 restart
Add dns-nameservers in /etc/network/interfaces
# vi /etc/network/interfaces auto venet0:0 iface venet0:0 inet static address 192.168.1.19 netmask 255.255.255.0 broadcast 138.201.3.255 gateway 138.201.3.1 dns-nameservers 192.168.1.18 dns-nameservers 192.168.1.19 dns-search home
Now test the DNS server using the following commands. Testing with any one of the command is fine.
$~ dig masterdns.inhouse.local ; <<>> DiG 9.9.5-3ubuntu0.6-Ubuntu <<>> masterdns.inhouse.local ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21775 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;masterdns.inhouse.local. IN A ;; AUTHORITY SECTION: . 6364 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2016011401 1800 900 604800 86400 ;; Query time: 0 msec ;; SERVER: 192.168.1.19#53(192.168.1.19) ;; WHEN: Fri Jan 15 00:02:14 MSK 2016 ;; MSG SIZE rcvd: 127 -------------------------------------------------- $~ dig secondarydns.inhouse.local ; <<>> DiG 9.9.5-3ubuntu0.6-Ubuntu <<>> secondarydns.inhouse.local ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2592 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;secondarydns.inhouse.local. IN A ;; AUTHORITY SECTION: . 6600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2016011401 1800 900 604800 86400 ;; Query time: 0 msec ;; SERVER: 192.168.1.19#53(192.168.1.19) ;; WHEN: Fri Jan 15 00:02:50 MSK 2016 ;; MSG SIZE rcvd: 130 ---------------------------------------- # nslookup inhouse.inc Server: 192.168.1.19 Address: 192.168.1.19#53 Name: inhouse.inc Address: 192.168.1.18 Name: inhouse.inc Address: 192.168.1.19
5. Finishing point
BIND includes a utility called rndc which allows command line administration of the named daemon from the localhost or a remote host.
You can now reload rndc on both servers.
# rndc reload
Categories
Subscribe Now
10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!Archive Calendar
Sat | Sun | Mon | Tue | Wed | Thu | Fri |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | 20 |
21 | 22 | 23 | 24 | 25 | 26 | 27 |
28 | 29 | 30 | 31 |
Recent Articles
-
Posted on : Jul 25
-
Posted on : Jul 07
-
Posted on : Apr 07
-
Posted on : Mar 19
Optimized my.cnf configuration for MySQL 8 (on cPanel/WHM servers)
Tags
- layer 7
- tweak
- kill
- process
- sql
- Knowledge
- vpn
- seo vpn
- wireguard
- webmail
- ddos mitigation
- attack
- ddos
- DMARC
- server load
- Development
- nginx
- php-fpm
- cheap vpn
- Hosting Security
- xampp
- Plesk
- cpulimit
- VPS Hosting
- smtp
- smtp relay
- exim
- Comparison
- cpu
- WHM
- mariadb
- encryption
- sysstat
- optimize
- Link Building
- apache
- centos
- Small Business
- VPS
- Error
- SSD Hosting
- Networking
- optimization
- DNS
- mysql
- ubuntu
- Linux