Configure Authoritative DNS Server using BIND in CentOS 7 - CentLinux

Latest

Saturday, 10 August 2019

Configure Authoritative DNS Server using BIND in CentOS 7

Configure Authoritative DNS Server using BIND in CentOS 7

BIND is most widely used DNS (Domain Name Server) software. Its name originates as an acronym of Berkeley Internet Name Domain. BIND is also called by it service name i.e. named (or Name Daemon). BIND latest version 9 is available now and distributed under Mozilla Public License (MPL). BIND is developed and maintained by Internet Systems Consortium (ISC).

Almost every Internet connection starts with a DNS lookup. Hostname to IP resolution is necessary before sending an email or browsing a website and BIND is the preferred DNS server for Unix/Linux operating systems.

In this article, we are configuring Primary (Master) and Secondary (Slave) DNS servers using BIND 9 on CentOS 7. This article will let you configure a working DNS server (Master/Slave). To start learning BIND and to build a strong foundation, we recommend you to read DNS and BIND (5th Edition) by O'Reilly Media.

 

This Article Provides:

     

    Environment Specifications:

    We are using two CentOS 7 virtual machines in this article.

    Primary (Master) DNS Server:

    • CPU - 3.4 Ghz (1 Core)
    • Memory - 1 GB
    • Storage - 20 GB
    • Hostname - dns-01.example.com
    • IP Address - 192.168.116.4 /24
    • Operating System – CentOS 7.6

    Secondary (Slave) DNS Server:

    • CPU - 3.4 Ghz (1 Core)
    • Memory - 1 GB
    • Storage - 20 GB
    • Hostname - dns-02.example.com
    • IP Address - 192.168.116.5 /24
    • Operating System – CentOS 7.6

     

    Installing BIND 9 DNS Server on CentOS 7:

    Connect with dns-01.example.com using ssh as root user.

    BIND 9 is available through CentOS 7 official yum repository. Therefore, we can easily install it using yum command.

    [root@dns-01 ~]# yum install -y bind bind-utils Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.excellmedia.net * extras: centos.excellmedia.net * updates: centos.excellmedia.net Resolving Dependencies --> Running transaction check ---> Package bind.x86_64 32:9.9.4-74.el7_6.2 will be installed --> Processing Dependency: bind-libs = 32:9.9.4-74.el7_6.2 for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: python-ply for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: policycoreutils-python for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: policycoreutils-python for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: liblwres.so.90()(64bit) for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: libisccfg.so.90()(64bit) for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: libisccc.so.90()(64bit) for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: libisc.so.95()(64bit) for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: libdns.so.100()(64bit) for package: 32:bind-9.9.4-74.el7_6.2.x86_64 --> Processing Dependency: libbind9.so.90()(64bit) for package: 32:bind-9.9.4-74.el7_6.2.x86_64 ---> Package bind-utils.x86_64 32:9.9.4-74.el7_6.2 will be installed --> Running transaction check ---> Package bind-libs.x86_64 32:9.9.4-74.el7_6.2 will be installed --> Processing Dependency: bind-license = 32:9.9.4-74.el7_6.2 for package: 32:bind-libs-9.9.4-74.el7_6.2.x86_64 ---> Package policycoreutils-python.x86_64 0:2.5-29.el7_6.1 will be installed --> Processing Dependency: policycoreutils = 2.5-29.el7_6.1 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: setools-libs >= 3.3.8-4 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libsemanage-python >= 2.5-14 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 --> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64 ---> Package python-ply.noarch 0:3.4-11.el7 will be installed --> Running transaction check ---> Package audit-libs-python.x86_64 0:2.8.4-4.el7 will be installed ---> Package bind-license.noarch 32:9.9.4-72.el7 will be updated --> Processing Dependency: bind-license = 32:9.9.4-72.el7 for package: 32:bind-libs-lite-9.9.4-72.el7.x86_64 ---> Package bind-license.noarch 32:9.9.4-74.el7_6.2 will be an update ---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed ---> Package libcgroup.x86_64 0:0.41-20.el7 will be installed ---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed ---> Package policycoreutils.x86_64 0:2.5-29.el7 will be updated ---> Package policycoreutils.x86_64 0:2.5-29.el7_6.1 will be an update ---> Package python-IPy.noarch 0:0.75-6.el7 will be installed ---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed --> Running transaction check ---> Package bind-libs-lite.x86_64 32:9.9.4-72.el7 will be updated ---> Package bind-libs-lite.x86_64 32:9.9.4-74.el7_6.2 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: bind x86_64 32:9.9.4-74.el7_6.2 updates 1.8 M bind-utils x86_64 32:9.9.4-74.el7_6.2 updates 206 k Installing for dependencies: audit-libs-python x86_64 2.8.4-4.el7 base 76 k bind-libs x86_64 32:9.9.4-74.el7_6.2 updates 1.0 M checkpolicy x86_64 2.5-8.el7 base 295 k libcgroup x86_64 0.41-20.el7 base 66 k libsemanage-python x86_64 2.5-14.el7 base 113 k policycoreutils-python x86_64 2.5-29.el7_6.1 updates 456 k python-IPy noarch 0.75-6.el7 base 32 k python-ply noarch 3.4-11.el7 base 123 k setools-libs x86_64 3.3.8-4.el7 base 620 k Updating for dependencies: bind-libs-lite x86_64 32:9.9.4-74.el7_6.2 updates 742 k bind-license noarch 32:9.9.4-74.el7_6.2 updates 87 k policycoreutils x86_64 2.5-29.el7_6.1 updates 916 k Transaction Summary ================================================================================ Install 2 Packages (+9 Dependent packages) Upgrade ( 3 Dependent packages) Total download size: 6.5 M Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. (1/14): audit-libs-python-2.8.4-4.el7.x86_64.rpm | 76 kB 00:00 (2/14): bind-libs-9.9.4-74.el7_6.2.x86_64.rpm | 1.0 MB 00:07 (3/14): bind-9.9.4-74.el7_6.2.x86_64.rpm | 1.8 MB 00:07 (4/14): bind-license-9.9.4-74.el7_6.2.noarch.rpm | 87 kB 00:00 (5/14): bind-utils-9.9.4-74.el7_6.2.x86_64.rpm | 206 kB 00:00 (6/14): libcgroup-0.41-20.el7.x86_64.rpm | 66 kB 00:01 (7/14): libsemanage-python-2.5-14.el7.x86_64.rpm | 113 kB 00:00 (8/14): bind-libs-lite-9.9.4-74.el7_6.2.x86_64.rpm | 742 kB 00:03 (9/14): checkpolicy-2.5-8.el7.x86_64.rpm | 295 kB 00:03 (10/14): python-ply-3.4-11.el7.noarch.rpm | 123 kB 00:00 (11/14): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:02 (12/14): policycoreutils-python-2.5-29.el7_6.1.x86_64.rpm | 456 kB 00:03 (13/14): policycoreutils-2.5-29.el7_6.1.x86_64.rpm | 916 kB 00:07 (14/14): setools-libs-3.3.8-4.el7.x86_64.rpm | 620 kB 00:05 -------------------------------------------------------------------------------- Total 376 kB/s | 6.5 MB 00:17 Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : 32:bind-license-9.9.4-74.el7_6.2.noarch 1/17 Installing : 32:bind-libs-9.9.4-74.el7_6.2.x86_64 2/17 Installing : setools-libs-3.3.8-4.el7.x86_64 3/17 Updating : policycoreutils-2.5-29.el7_6.1.x86_64 4/17 Installing : checkpolicy-2.5-8.el7.x86_64 5/17 Installing : libcgroup-0.41-20.el7.x86_64 6/17 Installing : libsemanage-python-2.5-14.el7.x86_64 7/17 Installing : python-IPy-0.75-6.el7.noarch 8/17 Installing : python-ply-3.4-11.el7.noarch 9/17 Installing : audit-libs-python-2.8.4-4.el7.x86_64 10/17 Installing : policycoreutils-python-2.5-29.el7_6.1.x86_64 11/17 Installing : 32:bind-9.9.4-74.el7_6.2.x86_64 12/17 Installing : 32:bind-utils-9.9.4-74.el7_6.2.x86_64 13/17 Updating : 32:bind-libs-lite-9.9.4-74.el7_6.2.x86_64 14/17 Cleanup : 32:bind-libs-lite-9.9.4-72.el7.x86_64 15/17 Cleanup : 32:bind-license-9.9.4-72.el7.noarch 16/17 Cleanup : policycoreutils-2.5-29.el7.x86_64 17/17 Verifying : 32:bind-9.9.4-74.el7_6.2.x86_64 1/17 Verifying : audit-libs-python-2.8.4-4.el7.x86_64 2/17 Verifying : python-ply-3.4-11.el7.noarch 3/17 Verifying : policycoreutils-python-2.5-29.el7_6.1.x86_64 4/17 Verifying : python-IPy-0.75-6.el7.noarch 5/17 Verifying : libsemanage-python-2.5-14.el7.x86_64 6/17 Verifying : libcgroup-0.41-20.el7.x86_64 7/17 Verifying : 32:bind-license-9.9.4-74.el7_6.2.noarch 8/17 Verifying : checkpolicy-2.5-8.el7.x86_64 9/17 Verifying : 32:bind-utils-9.9.4-74.el7_6.2.x86_64 10/17 Verifying : policycoreutils-2.5-29.el7_6.1.x86_64 11/17 Verifying : 32:bind-libs-9.9.4-74.el7_6.2.x86_64 12/17 Verifying : 32:bind-libs-lite-9.9.4-74.el7_6.2.x86_64 13/17 Verifying : setools-libs-3.3.8-4.el7.x86_64 14/17 Verifying : 32:bind-license-9.9.4-72.el7.noarch 15/17 Verifying : policycoreutils-2.5-29.el7.x86_64 16/17 Verifying : 32:bind-libs-lite-9.9.4-72.el7.x86_64 17/17 Installed: bind.x86_64 32:9.9.4-74.el7_6.2 bind-utils.x86_64 32:9.9.4-74.el7_6.2 Dependency Installed: audit-libs-python.x86_64 0:2.8.4-4.el7 bind-libs.x86_64 32:9.9.4-74.el7_6.2 checkpolicy.x86_64 0:2.5-8.el7 libcgroup.x86_64 0:0.41-20.el7 libsemanage-python.x86_64 0:2.5-14.el7 policycoreutils-python.x86_64 0:2.5-29.el7_6.1 python-IPy.noarch 0:0.75-6.el7 python-ply.noarch 0:3.4-11.el7 setools-libs.x86_64 0:3.3.8-4.el7 Dependency Updated: bind-libs-lite.x86_64 32:9.9.4-74.el7_6.2 bind-license.noarch 32:9.9.4-74.el7_6.2 policycoreutils.x86_64 0:2.5-29.el7_6.1 Complete!

    BIND 9 has been installed on CentOS 7 server.

     

    Configure Primary (Master) DNS Server on CentOS 7:

    By default named.service run on localhost. Since, we are configuring an authoritative DNS server for our Domain, therefore, we need to configure named.service to run on the interface that was connected with our network.

    [root@dns-01 ~]# vi /etc/named.conf

    Under options directive set following parameter to allow named.service to run on our network interface.

    listen-on port 53 { 127.0.0.1; 192.168.116.4; };

    We are also required to enable our named.service to allow client queries. Therefore, find and set following parameter in options directives.

    allow-query { localhost; 192.168.116.0/24; };

    To keep the named.conf file clean, we are defining our DNS zones in a separate file.

    [root@dns-01 ~]# vi /etc/named.conf.local

    and add following directives in this file.

    zone "example.com" { type master; file "/var/named/example.com"; }; zone "116.168.192.in-addr.arpa" { type master; file "/var/named/116.168.192.in-addr.arpa"; };

    We have defined two DNS zones here, one is a Forward DNS zone and the other is Reverse DNS zone.

    Include our named.conf.local file in the default named.conf file, so it will be called at the time of service startup.

    [root@dns-01 ~]# echo 'include "/etc/named.conf.local";' >> /etc/named.conf

    Configure forward zone for our Domain.

    [root@dns-01 ~]# vi /var/named/example.com

    and add following settings therein.

    $TTL 1h @ IN SOA example.com. root.example.com. ( 2019080901 ; Serial YYYYMMDDnn 24h ; Refresh 2h ; Retry 28d ; Expire 2d ) ; Minimum TTL ;Name Servers @ IN NS dns-01 ;Mail Servers @ IN MX 0 mail-01 ;Other Servers dns-01 IN A 192.168.116.4 mail-01 IN A 192.168.116.6 web-01 IN A 192.168.116.3 ;Canonical Names www IN CNAME web-01 mail IN CNAME mail-01

    Check forward zone file for any possible error.

    [root@dns-01 ~]# named-checkzone example.com /var/named/example.com zone example.com/IN: loaded serial 2019080901 OK

    Configure a reverse zone for our Domain.

    [root@dns-01 ~]# vi /var/named/116.168.192.in-addr.arpa

    and add following settings therein.

    $TTL 1h @ IN SOA 116.168.192.in-addr.arpa root.example.com. ( 2019080901 ; Serial YYYYMMDDnn 24h ; Refresh 2h ; Retry 28d ; Expire 2d ) ; Minimum TTL ;Name Servers @ IN NS dns-01 ;Other Servers dns-01 IN A 192.168.116.4 ;PTR Records 4 IN PTR dns-01 6 IN PTR mail-01 3 IN PTR web-01

    Check reverse zone file for any possible errors.

    [root@dns-01 ~]# named-checkzone example.com /var/named/116.168.192.in-addr.arpa zone example.com/IN: loaded serial 2019080901 OK

    Adjust file ownership of zone files.

    [root@dns-01 ~]# chgrp named /var/named/example.com [root@dns-01 ~]# chgrp named /var/named/116.168.192.in-addr.arpa

    Enable and start named.service.

    [root@dns-01 ~]# systemctl enable --now named.service Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

    Allow DNS service in Linux firewall.

    [root@dns-01 ~]# firewall-cmd --permanent --add-service=dns success [root@dns-01 ~]# firewall-cmd --reload success

    Add our Primary (Master) DNS Server to client's resolve.conf.

    [root@dns-01 ~]# nmcli c m ens33 ipv4.dns-search example.com ipv4.dns 192.168.116.4

    Restart interface to apply changes.

    [root@dns-01 ~]# nmcli c down ens33 ; nmcli c up ens33 Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1) Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

    Verify DNS Server settings.

    [root@dns-01 ~]# cat /etc/resolv.conf # Generated by NetworkManager search example.com nameserver 192.168.116.4

    Query our Primary (Master) DNS server using dig command.

    [root@dns-01 ~]# dig www.example.com ; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.2 <<>> www.example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2020 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 3600 IN CNAME web-01.example.com. web-01.example.com. 3600 IN A 192.168.116.3 ;; AUTHORITY SECTION: example.com. 3600 IN NS dns-01.example.com. ;; ADDITIONAL SECTION: dns-01.example.com. 3600 IN A 192.168.116.4 ;; Query time: 1 msec ;; SERVER: 192.168.116.4#53(192.168.116.4) ;; WHEN: Fri Aug 09 23:15:51 PKT 2019 ;; MSG SIZE rcvd: 118

    Our Primary (Master) DNS Server has been configured on CentOS 7.

     

    Configure Secondary (Slave) DNS Server on CentOS 7:

    We have a working Primary (Master) DNS Server. We are now going to add a Secondary (Slave) DNS Server.

    Connect with dns-02.example.com using ssh as root user.

    Follow the above section "Install BIND 9 DNS Server on CentOS 7" to install BIND 9 packages on our Secondary (Slave) DNS Server.

    Configure named.service settings of our Secondary (Slave) DNS Server.

    [root@dns-02 ~]# vi /etc/named.conf

    Under option directives set following parameters.

    listen-on port 53 { 127.0.0.1; 192.168.116.5; }; allow-query { localhost;192.168.116.0/24; };

    Just like we did with our Primary (Master) DNS Server, we are defining our zones in a separate configuration file.

    [root@dns-02 ~]# vi /etc/named.conf.local

    and define following zones therein.

    zone "example.com" { type slave; masters { 192.168.116.4; }; file "/var/named/example.com"; }; zone "116.168.192.in-addr.arpa" { type slave; masters { 192.168.116.4; }; file "/var/named/116.168.192.in-addr.arpa"; };

    Include our named.conf.local file in the default named.conf file, so it will call our settings on service startup.

    [root@dns-02 ~]# echo 'include "/etc/named.conf.local";' >> /etc/named.conf

    Start and enabled named.service.

    [root@dns-02 ~]# systemctl enable --now named.service Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

    Allow DNS service in Linux firewall.

    [root@dns-02 ~]# firewall-cmd --permanent --add-service=dns success [root@dns-02 ~]# firewall-cmd --reload success

    Set SELinux boolean, so our Secondary (Slave) DNS server can accept zone transfers and update local zone files.

    [root@dns-02 ~]# setsebool -P named_write_master_zones on

    Now, connect to dns-01.example.com and add settings for our Secondary (Slave) DNS server.

    Configure zone transfers by editing named.conf.local file as follows.

    [root@dns-01 ~]# vi /etc/named.conf.local

    Add following directives under both zones.

    allow-transfer {192.168.116.5; }; also-notify {192.168.116.5; };

    Add our Secondary (Slave) DNS server record in our forward and reverse zones.

    [root@dns-01 ~]# vi /var/named/example.com

    and add Secondary (Slave) DNS server NS and A records as follows:

    $TTL 1h @ IN SOA example.com. root.example.com. ( 2019080901 ; Serial YYYYMMDDnn 24h ; Refresh 2h ; Retry 28d ; Expire 2d ) ; Minimum TTL ;Name Servers @ IN NS dns-01 @ IN NS dns-02 ;Mail Servers @ IN MX 0 mail-01 ;Other Servers dns-01 IN A 192.168.116.4 dns-02 IN A 192.168.116.5 mail-01 IN A 192.168.116.6 web-01 IN A 192.168.116.3 ;Canonical Names www IN CNAME web-01 mail IN CNAME mail-01

    Add Secondary (Slave) DNS server records in Reverse Zone.

    [root@dns-01 ~]# vi /var/named/116.168.192.in-addr.arpa

    and add our Secondary (Slave) DNS server NS, A and PTR records as follows.

    $TTL 1h @ IN SOA 116.168.192.in-addr.arpa root.example.com. ( 2019080901 ; Serial YYYYMMDDnn 24h ; Refresh 2h ; Retry 28d ; Expire 2d ) ; Minimum TTL ;Name Servers @ IN NS dns-01 @ IN NS dns-02 ;Other Servers dns-01 IN A 192.168.116.4 dns-02 IN A 192.168.116.5 ;PTR Records 4 IN PTR dns-01 5 IN PTR dns-02 6 IN PTR mail-01 3 IN PTR web-01

    Restart named.service to apply changes.

    [root@dns-01 ~]# systemctl restart named.service

    Check /etc/named directory at dns-02.example.com.

    [root@dns-02 ~]# ls /var/named 116.168.192.in-addr.arpa dynamic named.ca named.localhost slaves data example.com named.empty named.loopback

    The zone files are automatically replicating to Secondary (Slave) DNS server.

    Now add this Secondary DNS server to client's resolve.conf file.

    [root@dns-01 ~]# nmcli c m ens33 +ipv4.dns 192.168.116.5 [root@dns-01 ~]# nmcli c down ens33 ; nmcli c up ens33 Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1) Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

    Check resolv.conf contents.

    [root@dns-01 ~]# cat /etc/resolv.conf # Generated by NetworkManager search example.com nameserver 192.168.116.4 nameserver 192.168.116.5

    Check Secondary (Slave) DNS server by query a hostname.

    [root@dns-01 ~]# dig @192.168.116.5 mail.example.com ; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.2 <<>> @192.168.116.5 mail.example.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21668 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.example.com. IN A ;; ANSWER SECTION: mail.example.com. 3600 IN CNAME mail-01.example.com. mail-01.example.com. 3600 IN A 192.168.116.6 ;; AUTHORITY SECTION: example.com. 3600 IN NS dns-02.example.com. example.com. 3600 IN NS dns-01.example.com. ;; ADDITIONAL SECTION: dns-01.example.com. 3600 IN A 192.168.116.4 dns-02.example.com. 3600 IN A 192.168.116.5 ;; Query time: 2 msec ;; SERVER: 192.168.116.5#53(192.168.116.5) ;; WHEN: Sat Aug 10 13:09:59 PKT 2019 ;; MSG SIZE rcvd: 157

    Our Secondary (Slave) DNS Server has been configured and working fine.

    We have successfully configured authoritative DNS server using BIND 9 on CentOS 7.

    6 comments:

    1. Hi Thanks for this nice tutorial. Would you please create a tutorial about Dual Stack (IPv6 & IPv4) DNS Server as well with DNSSec.

      //BR
      WAHID

      ReplyDelete
      Replies
      1. Hi,
        You request has been noted and will work on it a.s.a.p.

        Delete
    2. Hello Mansoor,
      Thanks for the good recipes. However it would be great if you add comments to configuration files(meaning of the parameters,values,etc)
      Thanks in Advance

      ReplyDelete
      Replies
      1. Thanks for the advice. I really appreciate it and I will follow it on my future articles.

        Delete
    3. Hi Ahmer Mansoor,

      Great documents for new guys, can we install caching DNS also in this?, if yes please advice

      ReplyDelete
      Replies
      1. Thanks for your feedback. I will consider your advice.

        For now, you can try the Unbound Caching Only DNS Server in CentOS 7.

        Delete