archive:centos_install_bind_nameserver
Setting up a primary nameserver on CentOS
Installing Bind
yum install bind bind-utils
Modify configuration files
Next modify the configuration file to your liking. Edit /etc/named.conf the following example configuration file shows a primary DNS configuration file for parknet.
// ###############################################################################################
masters secondary { 10.0.235.13; 10.0.235.48; };
masters cache { 10.0.235.11; 10.0.235.27; };
masters ns3 { 10.0.235.189; 78.47.19.130; };
acl secondary { 10.0.235.13; 10.0.235.48; };
acl cache { 10.0.235.11; 10.0.235.27; };
acl ns3 { 10.0.235.189; 78.47.19.130; };
acl me { localhost; 127.0.0.1; 100.64.0.50; 10.0.235.140; };
key "rndc-key" { algorithm hmac-md5; secret "9OA4ZDxli6IQL0rYWZgh+A=="; };
// ###############################################################################################
options {
listen-on { any; };
listen-on-v6 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
bindkeys-file "/etc/named.iscdlv.key";
// Upstream DNS servers *Note* only "me" can do recursvive lookups
forwarders { 8.8.8.8; 8.8.4.4; 2001:4860:4860::8888; 2001:4860:4860::8844; };
// When a zone is updated, only send NOTIFY to hosts in the zone's "also-notify" part
notify explicit;
// Set "GLOBAL" safe default policy.
allow-transfer { none; };
// allow-update { none; };
allow-query { me; };
allow-recursion { me; };
// Configure rndc to allow it to add zones.
// allow-new-zones yes;
// Comment out below if you don't want DNSSEC.
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;
};
// ###############################################################################################
// Who's allowed to control this nameserver
controls { inet * port 953 allow { me; } keys { "rndc-key"; }; };
// Logging
logging {
channel simple_log { file "data/named.run" versions 3 size 5m; severity warning; print-time yes; print-severity yes; print-category yes; };
category default{ simple_log; };
};
// Root Name Servers
zone "." IN { type hint; file "named.ca"; };
// Parknet zones Rfc zones and keys files.
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/named.internal";
include "/etc/named.public";
// ###############################################################################################
NOTE: You need to create the included files above yourself, but here are som examples (named.internal) and (named.public)
Start Bind
systemctl start named
Enable binds at boot time
systemctl enable named
Reloading Bind
Bind is reloaded like this1)
rndc freeze rndc reload rndc thaw
archive/centos_install_bind_nameserver.txt · Last modified: 24/11/2023 12:39 by Allan