Setup a simple DNS server in CentOS

shemasurge

shema-surge

Posted on April 10, 2023

Setup a simple DNS server in CentOS

Let's Begin with a simple question,

WHAT IS DNS?

DNS (Domain Name System) is like a phonebook for the internet. It is very difficult to remember the phone number of all your contacts but it is easy to remember their names.
To make calling people easier, a phonebook matches your contact's name or alias to their phone number so that you don't have to remember their numbers.

Same goes for the internet, it is easy to remember the domain name of a website like https://dev.to than it is to remember its IP address. But computers do not recognize each other on a network using domain names, they use IP adresses. Therefore, the primary role of the DNS is to translate a domain name to an IP address.

For a more detailed explanation of how DNS works, checkout this link https://www.cloudflare.com/learning/dns/what-is-dns/

We will be using bind, a suite of software for interacting with DNS

Step 1: Login as root



su


Enter fullscreen mode Exit fullscreen mode

Step 2: Install Bind

BIND (Berkeley Internet Name Domain) is the most widely used DNS (Domain Name System) server software on the Internet. It is an open-source implementation of the DNS protocol, originally developed at the University of California, Berkeley, and now maintained by the Internet Systems Consortium.



yum install bind bind-utils -y


Enter fullscreen mode Exit fullscreen mode

Step 3: Change ip address to static

After installing bind, we will change the dynamically allocated ip address to a static one, 192.168.1.2/24.

To do this, edit the ifcfg file for your network interface (enp0s3 or eth0 or ....):

Note: Network interfaces can vary in naming, my centos came with enp0s3 so i'll stick with it.



vim /etc/sysconfig/network-scripts/ifcfg-enp0s3


Enter fullscreen mode Exit fullscreen mode

Now, we'll add the ip address,network mask, and a default gateway and a DNS server address:



IPADDR=192.168.1.2
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=192.168.1.2


Enter fullscreen mode Exit fullscreen mode

Notice that the DNS i gave it matches the ip address of the server such that it can query itself.

Now edit BOOTPROTO and change it from dhcp to none,since we no longer optain an ip address from a dhcpd server.



BOOTPROTO=none


Enter fullscreen mode Exit fullscreen mode

IP configuration

After that, we'll need to restart NetworkManager



systemctl restart NetworkManager


Enter fullscreen mode Exit fullscreen mode

and bing up our network interface



ifup enp0s3


Enter fullscreen mode Exit fullscreen mode

To test if it works ping yourself



ping 192.168.1.2


Enter fullscreen mode Exit fullscreen mode

Step 4: DNS Configuration

First, we'll edit the named.conf file



vim /etc/named.conf


Enter fullscreen mode Exit fullscreen mode

in the vim editor do :set number to show line numbers

In the options section on line 13, add your the server ip address to the list of ip addresses bind listens to.

listen-on port 53 {127.0.0.1; 192.168.1.2; };

And add the 192.168.1.0/24 subnet to the list of ip addresses allowed to query our DNS on line 21:

allow-query {localhost; 192.168.1.0/24; };

Now all clients with an ip address in 192.168.1.0/24 subnet can query our DNS

After line 57, add the following lines,



zone "example.com" {
    type master;
    file "forward.example.zone";
    allow-update {none;};
};


Enter fullscreen mode Exit fullscreen mode

named.conf sample

This specifies our domain to be example.com, type master signifies that the DNS Server has autority over this zone and can allow or block queries to this zone

forward.example.zone is a forward zone file for example.com, it contains information that allows the DNS to resolve example.com to 192.168.1.2

Now we'll create the forward zone file for example.com,



cp /var/named/named.localhost /var/named/forward.example.zone


Enter fullscreen mode Exit fullscreen mode

change the forward zone file's group to named group



chgrp named /var/named/forward.example.zone


Enter fullscreen mode Exit fullscreen mode

Now edit your forward zone file,



vim /var/named/forward.example.com


Enter fullscreen mode Exit fullscreen mode

forward zone file

NOTE: please remember to end every domain name with a "." in the zone file, or else you'll get errors.

To check if the named.conf file does not have errors,



named-checkconf /etc/named.conf


Enter fullscreen mode Exit fullscreen mode

No output means there are not errors.

To check if the zone file is correctly configured,



named-checkzone example.com /var/named/forward.example.com


Enter fullscreen mode Exit fullscreen mode

When the output says zone example.com/IN: loaded serial 0, OK, then it was configured correctly.

Note: named-checkzone takes the domain specified in the /etc/named.conf file as a parameter.

Now we'll need to restart named.service



systemctl restart named.service


Enter fullscreen mode Exit fullscreen mode

Step5: testing our DNS

nslookup is a command-line tool used to query the Domain Name System (DNS) to obtain information about DNS records for a specific domain name or IP address



nslookup example.com


Enter fullscreen mode Exit fullscreen mode

The output should like this,

nslookup output

dig command-line tool is used to query DNS servers to obtain information about domain names, IP addresses, and DNS records. "dig" is short for "domain information groper".



dig example.com


Enter fullscreen mode Exit fullscreen mode

The above command should provide details about the DNS Server

DIG output

I hope you learnt something, until next time.

💖 💪 🙅 🚩
shemasurge
shema-surge

Posted on April 10, 2023

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related