Latest

Saturday, 1 December 2018

Setup a Caching-only DNS Server in RHEL/CentOS 7

Setup a Caching-only DNS Server in RHEL 7

DNS (Domain Name System) is a hierarchical decentralized naming system for computer, devices, services or other resources connected to the Internet/Intranet. DNS translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocol.

A Caching-only DNS server is a special type of DNS server. It is not authoritative for any domain. Instead it forwards all DNS resolution requests to some other server and provide the results to the requested client as received from that server. It is also cache the results of DNS queries for fast resolution of repeating queries.

Configuring a Caching-only DNS server is a trivial task in Linux as compare to a Authoritative DNS Server, because, you don’t have to add any DNS records, whereas the DNS queries are forwarded and satisfied by some other authoritative or Caching-only DNS Servers.

BIND (Berkeley Internet Name Domain) is a famous DNS server in RHEL 7 and previous releases. BIND was used to configure Authoritative DNS servers as well caching-only DNS servers. However, In RHEL 7 we also have unbound to easily configure a Caching-only DNS Server. We recommend the use of unbound DNS Server, because it is simple and convenient.

Setup a Caching-only DNS Server in RHEL 7

Configure unbound as Caching-only DNS Server:

Connect to the dns-01.example.com with ssh and check current DNS Settings of the Server.

# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain example.com
nameserver 192.168.116.2

Above command shows us the DNS server in use. Install unbound to configure a Caching-only DNS server.

# yum install -y unbound

Configure unbound DNS server settings.

# vi /etc/unbound/unbound.conf

Find and adjust following settings in the above file.

interface: 0.0.0.0
access-control: 0.0.0.0/0 allow
domain-insecure: "example.com"
forward-zone:
       name: "."
       forward-addr: 192.168.116.2

Check unbound Configurations for possible syntax errors.

# unbound-checkconf
unbound-checkconf: no errors in /etc/unbound/unbound.conf

Start and enable unbound service.

# systemctl start unbound ; systemctl enable unbound

Allow DNS service in Linux firewall.

# firewall-cmd --permanent --add-service=dns ; firewall-cmd --reload
success
success

Set newly configured DNS Server as the primary DNS server for the machine.

# nmcli connection modify eno16777728 ipv4.dns 192.168.116.11

# nmcli connection down eno16777728 ; nmcli connection up eno16777728
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)

# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain example.com
nameserver 192.168.116.11

Check DNS Server by pinging an Internet Server by hostname.

# ping www.yahoo.com
PING atsv2-fp.wg1.b.yahoo.com (98.137.246.8) 56(84) bytes of data.
64 bytes from media-router-fp2.prod1.media.vip.gq1.yahoo.com (98.137.246.8): icmp_seq=2 ttl=128 time=275 ms
64 bytes from media-router-fp2.prod1.media.vip.gq1.yahoo.com (98.137.246.8): icmp_seq=3 ttl=128 time=271 ms

Our Caching-only DNS Server in RHEL 7 has been configured successfully.

If you find this article useful? Don't you mind support us by Buy Me A Coffee


2 comments:

© 2022 CentLinux. All Rights Reserved.