Shulou(Shulou.com)06/02 Report--

DNS (Domain Name Server, domain name server) is a server that translates domain names (domain name) and corresponding IP addresses (IP address).

The domain name system Domain Name System, more commonly known as DNS, translates or translates a domain name into an IP address associated with that domain. DNS is the reason why you can find your favorite website by name instead of typing the IP address in your browser. This guide will show you how to configure a primary DNS system and a client.

The following are the system details used in the examples in this article:

Dns01.fedora.local (192.168.1.160)-Primary DNS server client.fedora.local (192.168.1.136)-client

DNS server configuration

Install the bind package using sudo:

$sudo dnf install bind bind-utils-y

The / etc/named.conf configuration file is provided in the bind package for you to configure the DNS server.

Edit the / etc/named.conf file:

Sudo vi / etc/named.conf

Look for the following lines:

Listen-on port 53 {127.0.0.1;}

Add the IP address of the primary DNS server, as follows:

Listen-on port 53 {127.0.0.1; 192.168.1.160;}

Look for the following lines:

Allow-query {localhost;}

Add local network scope. The IP address used by the example system is in the range of 192.168.1.X. The designation is as follows:

Allow-query {localhost; 192.168.1.0 Universe 24;}

Specify forwarding and reverse areas. The zone file Zone file is a text file with DNS information on the system, such as IP address and hostname. The forwarding zone file forward zone file makes it possible to translate hostnames into IP addresses. The reverse zone file reverse zone file is the opposite. It allows remote systems to translate IP addresses into hostnames.

Look for the following line at the bottom of the / etc/named.conf file:

Include "/ etc/named.rfc1912.zones"

Here, you will specify the area file information directly above the line, as follows:

Zone "dns01.fedora.local" IN {type master; file "forward.fedora.local"; allow-update {none;};}; zone "1.168.192.in-addr.arpa" IN {type master; file "reverse.fedora.local"; allow-update {none;};}

The forward.fedora.local and reverse.fedora.local files are the names of the zone files to be created. They can be any name.

Save and exit.

Create a zone file

Create the forwarding and reverse zone files you specified in the / etc/named.conf file:

$sudo vi / var/named/forward.fedora.local

Add the following line:

$TTL 86400 @ IN SOA dns01.fedora.local. Root.fedora.local. (2011071001; Serial 3600; Refresh 1800; Retry 604800; Expire 86400; Minimum TTL) @ IN NS dns01.fedora.local.@ IN A 192.168.1.160dns01 IN A 192.168.1.160client IN A 192.168.1.136

All LCTT content is specific to your environment. Save the file and exit. Next, edit the reverse.fedora.local file:

$sudo vi / var/named/reverse.fedora.local

Add the following line:

$TTL 86400 @ IN SOA dns01.fedora.local. Root.fedora.local. (2011071001; Serial 3600; Refresh 1800; Retry 604800; Expire 86400; Minimum TTL) @ IN NS dns01.fedora.local.@ IN PTR fedora.local.dns01 IN A 192.168.1.160client IN A 192.168.1.136160 IN PTR dns01.fedora.local.136 IN PTR client.fedora.local.

All LCTT content is specific to your environment. Save the file and exit.

You also need to configure SELinux and add the correct ownership to the configuration file.

Sudo chgrp named-R / var/namedsudo chown-v root:named / etc/named.confsudo restorecon-rv / var/namedsudo restorecon / etc/named.conf

Configure the firewall:

Sudo firewall-cmd-add-service=dns-permsudo firewall-cmd-reload

Check the configuration for syntax errors

Sudo named-checkconf / etc/named.conf

If there is no output or error returned, then your configuration is valid.

Check forward and reverse zone files.

$sudo named-checkzone forward.fedora.local / var/named/forward.fedora.local$ sudo named-checkzone reverse.fedora.local / var/named/reverse.fedora.local

You should see the response of "OK":

Zone forward.fedora.local/IN: loaded serial 2011071001 OK zone reverse.fedora.local/IN: loaded serial 2011071001 OK

Enable and start the DNS service

$sudo systemctl enable named$ sudo systemctl start named

Configure the resolv.conf file

Edit the / etc/resolv.conf file:

$sudo vi / etc/resolv.conf

Find your current nameserver line. On the example system, the modem / router is used as the name server, so it currently looks like this:

Nameserver 192.168.1.1

This requires changing the IP address of the primary DNS server:

Nameserver 192.168.1.160

Save your changes and exit.

Unfortunately, there is one thing to pay attention to. If the system is rebooted or the network is restarted, NetworkManager will overwrite the / etc/resolv.conf file. This means that you will lose all your changes.

To prevent this from happening, make / etc/resolv.conf immutable:

$sudo chattr + I / etc/resolv.conf

If you want to reset, you need to allow it to be overwritten again:

$sudo chattr-I / etc/resolv.conf

Test the DNS server

$dig fedoramagazine.org; DiG 9.11.13-RedHat-9.11.13-2.fc30 fedoramagazine.org;; global options: + cmd;; Got answer:;;-> > HEADERHEADER

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.