How to install and set-up Master Named (BIND) DNS server in Fedora 22

How to install and set-up Master Named (BIND) DNS server in Fedora 22

In this tutorial we will show you how to install and set-up Master Named (BIND) DNS server in Fedora 22 VPS.

To be more specific, in this case, we will setting up the master DNS server for the “mylinuxvps.com” domain name in a chrooted environment.


LET’S START!

First, you will need to log in to your VPS as ROOT via SSH. Once you are in you can clean-up dnf (this is not a necessary step but it won’t hurt). To do that just type:

dnf clean all

Another step that you can take and it is always a good practice is to update your packages. To do that just type:

dnf -y update

Next we will need to install bind-chroot package using dnf:

dnf install bind-chroot

Now we will need to edit the BIND (named) main configuration file in /etc/named.conf, but first, just in case, backup the file:

cp /etc/named.conf{,.orig}

and edit with:

nano /etc/named.conf

once the file is in the edit mode add the following

/*
* Deny transfers by default except for the listed hosts.
*/
acl "xfer" {
        <SLAVE_IP_ADDRESS>;
};

/*
* trusted hosts which are allowed to use the cache 
* and perform recursive queries/lookups
*/
acl "trusted" {
        127.0.0.0/8;
};

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        dnssec-enable yes;
        dnssec-lookaside auto;

        listen-on-v6 { none; };
        listen-on { any; };

        /*
         * Accept queries from "trusted" ACL.  
         */
        allow-query {
                trusted;
        };

        /* Use the cache for the "trusted" ACL. */
        allow-query-cache {
                trusted;
        };

        /* Only trusted addresses are allowed to use recursion. */
        allow-recursion {
                trusted;
        };

        /* Zone tranfers are denied by default. */
        allow-transfer {
                none;
        };

        /* Don't allow updates, e.g. via nsupdate. */
        allow-update {
                none;
        };

        /* if you have problems and are behind a firewall: */
        //query-source address * port 53;

        dnssec-validation auto;
        auth-nxdomain no; # conform to RFC1035

        /* forward to ISP's DNS */
        // forwarders {
        // 0.0.0.0;
        // };
};

include "/etc/named.zones";

Save and close the file. Since I’m running BIND (named) in a chrooted environment, I need to set-up things within /var/named/chrootdirectory, so first create the directory:

mkdir -p /var/named/chroot/etc/

edit the file:

nano /var/named/chroot/etc/named.zones

and add:

zone "mylinuxvps.com" {
    type master;
    file "/var/named/mylinuxvps.com.zone";
    allow-query { any; };
    allow-transfer { xfer; };
};

Save and close the file:

Next, create the zone file for mylinuxvps.com in /var/named/chroot/var/named/:

nano /var/named/chroot/var/named/mylinuxvps.com.zone

and add:

@ 14400 IN SOA ns1.mylinuxvps.com. admin.mylinuxvps.com. (
2014011501 ; serial, todays date+todays
28800 ; refresh, seconds
7200 ; retry, seconds
360000 ; expire, seconds
86400 ) ; minimum, seconds

ns1.mylinuxvps.com. 14400 IN A MASTER_IP_ADDRESS;
ns2.mylinuxvps.com. 14400 IN A SLAVE_IP_ADDRESS;

mylinuxvps.com. 14400 IN NS ns1.mylinuxvps.com.
mylinuxvps.com. 14400 IN NS ns2.mylinuxvps.com.

mylinuxvps.com. 14400 IN A MASTER_IP_ADDRESS;
mail.mylinuxvps.com. 14400 IN A SLAVE_IP_ADDRESS;

mylinuxvps.com. 14400 IN MX 0 mail.mylinuxvps.com.

www 14400 IN CNAME mylinuxvps.com.
imap 14400 IN CNAME mail.mylinuxvps.com.
smtp 14400 IN CNAME mail.mylinuxvps.com.

mylinuxvps.com. 14400 IN TXT "v=spf1 a mx ~all"
mylinuxvps.com. 14400 IN SPF "v=spf1 a mx ~all"

Close and ave the file, and check if the zone file is valid for the domain in question with:

named-checkzone mylinuxvps.com /var/named/chroot/var/named/mylinuxvps.com.zone

Next set-up te directories under the chroot with:

mkdir /var/named/chroot/var/named/{dynamic,data}

set the correct permisions:

chown named: -R /var/named/

And start the DNS server with:

systemctl start named-chroot

You can also add it to system’s start-up using systemctl. To do that type:

systemctl enable named-chroot

To test the set-up you can queryi the DNS server for the domain’s zone that has been set-up previously:

dig @MASTER_IP_ADDRESS; mylinuxvps.com

If you’re one of our Linux VPS Hosting customers we can install and set-up Master Named (BIND) DNS server on your virtual server for you free of charge. Just contact us and some of our experts will complete your request immediately.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>