How to Install and Configure a Linux DNS Server with BIND

/etc/hosts file

When no DNS server is available, each system can keep a local copy of host‑name to IP mappings in /etc/hosts. Even with a DNS server, the hosts file is consulted first, allowing local overrides such as mapping 127.0.0.1 google.com to test name resolution.

Domain name basics

A Fully Qualified Domain Name (FQDN) like www.google.com consists of top‑level, second‑level and third‑level components separated by dots. The trailing dot represents the root zone, which is served by 13 root name servers worldwide.

Top‑level domains (TLDs)

TLDs are classified by purpose (generic, country‑code, brand, infrastructure) and there are over 800 of them.

Subdomains

Subdomains such as mail.google.com are managed by the parent domain’s name servers.

DNS server types

Primary (master) DNS server

Holds authoritative zone files and answers queries for its zones.

Secondary (slave) DNS server

Acts as a backup, receiving zone transfers from the master.

Cache DNS server

Does not store zone files; it caches responses from other servers to speed up lookups.

Setting up a Linux DNS server (BIND)

Install BIND:

dnf -y install bind

apt-get install bind9

Start and enable the service:

systemctl start named

systemctl enable named

Configuring BIND

The main configuration file is /etc/named.conf. Common statements include:

options : global settings

logging : log configuration

zone : defines a DNS zone

include : includes additional files

Example master zone definition:

zone "likegeeks.com" { type master; file "likegeeks.com.db"; };

Example slave zone definition:

zone "likegeeks.com" { type slave; masters { IP_ADDRESS; }; file "likegeeks.com.db"; };

Example cache zone (root hint):

zone "." IN { type hint; file "root.hint"; };

Define a reverse lookup zone for 127.0.0.1:

zone "0.0.127.in-addr.arpa" IN { type master; file "127.0.0.rev"; };

DNS record types

Common records include SOA, NS, A, AAAA, PTR, MX, CNAME, TXT. Each has a specific syntax inside zone files.

SOA (Start of Authority)

Defines the primary name server, contact email (with a dot instead of @), serial number, refresh, retry, expire and minimum TTL values.

NS (Name Server)

Specifies which name servers are authoritative for the zone.

A / AAAA (Address)

Maps a host name to an IPv4 or IPv6 address.

PTR (Pointer)

Provides reverse lookup from IP address to host name.

MX (Mail Exchange)

Indicates mail server(s) for a domain with priority values.

CNAME (Canonical Name)

Creates an alias for a host name.

TXT (Text)

Stores arbitrary text, often used for SPF, DKIM, etc.

TTL (Time To Live)

The $TTL directive in /etc/named.conf sets the default TTL for records, e.g., 14400 seconds (4 hours).

Diagnosing configuration errors

Check BIND logs in /var/log/messages using tail -f /var/log/messages. Errors such as missing periods or spaces will appear there.

Useful commands

After modifying zones, use: host example.com – forward lookup host 192.168.1.5 – reverse lookup whois example.com – domain ownership info rndc status – BIND status rndc reload example.com – reload a zone rndc reconfig – reload configuration

Configuring the resolver

Clients use /etc/resolv.conf (or /etc/resolvconf/resolv.conf.d/ on Debian) to specify the default search domain and nameserver IP addresses.

With BIND running, you can point your resolver to your own DNS server.