How to Set Up Master‑Slave DNS with BIND on Linux: Step‑by‑Step Guide

Installation

Install the BIND package on both the master and slave machines:

# yum -y install bind*

Configuration File Overview

The main configuration file /etc/named.conf consists of three sections: options for global settings, logging for log configuration, and zone definitions.

options {
    listen-on port 53 { 10.0.0.62; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    allow-query { any; };
    recursion yes;      // enable for a recursive server
    dnssec-enable yes;
    dnssec-validation yes;
    bindkeys-file "/etc/named.root.key";
    managed-keys-directory "/var/named/dynamic";
    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
};

logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
};

zone "." IN {
    type hint;
    file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

Master Server Setup

Add forward and reverse zones for the domain test1.com:

zone "test1.com" IN {
    type master;
    file "test1.com.zone";   // zone file stored under /var/named
};

zone "0.0.10.in-addr.arpa" IN {
    type master;
    file "test1.com.local";  // reverse zone file
};

Create the forward zone file /var/named/test1.com.zone:

$TTL 1D
@ IN SOA @ rname.invalid. (
        0 ; serial
        1D ; refresh
        1H ; retry
        1W ; expire
        3H ) ; minimum
    NS @
    A 10.0.0.62
www IN A 10.0.0.62
ftp IN A 10.0.0.62
mail IN CNAME www

Create the reverse zone file /var/named/test1.com.local:

$TTL 1D
@ IN SOA test1.com. rname.invalid. (
        0 ; serial
        1D ; refresh
        1H ; retry
        1W ; expire
        3H ) ; minimum
    NS test1.com.
    A 10.0.0.62
10 IN PTR www.test1.com.
11 IN PTR ftp.test1.com.

Start the BIND service and verify with nslookup:

# systemctl start named
# nslookup www.test1.com
Server: 10.0.0.62
Address: 10.0.0.62#53
Name: www.test1.com
Address: 10.0.0.62

# nslookup ftp.test1.com
Server: 10.0.0.62
Address: 10.0.0.62#53
Name: ftp.test1.com
Address: 10.0.0.62

Slave Server Setup

On the slave machine, modify /etc/named.conf to point to the master’s IP (10.0.0.62) and keep the rest of the defaults:

options {
    listen-on port 53 { 10.0.0.63; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    allow-query { any; };
    // other options remain unchanged
};

Add slave zone definitions:

zone "test1.com" IN {
    type slave;
    masters { 10.0.0.62; };
    allow-notify { 10.0.0.62; };
    file "slaves/test1.com.zone";
};

zone "0.0.10.in-addr.arpa" IN {
    type slave;
    masters { 10.0.0.62; };
    allow-notify { 10.0.0.62; };
    file "slaves/test1.com.local";
};

Start the service on the slave:

# systemctl start named

The zone files are automatically transferred from the master; no manual creation is needed.

Client Verification

Configure client network settings to use both DNS servers (master 10.0.0.62 and slave 10.0.0.63) as primary and secondary resolvers, then restart the network.

# nslookup www.test1.com
Server: 10.0.0.62
Address: 10.0.0.62#53
Name: www.test1.com
Address: 10.0.0.62

# nslookup ftp.test1.com
Server: 10.0.0.62
Address: 10.0.0.62#53
Name: ftp.test1.com
Address: 10.0.0.62

Fail‑over Test

Stop the master DNS service:

# systemctl stop named   # on the master

Query from the client again; the slave (10.0.0.63) now resolves the names:

# nslookup www.test1.com
Server: 10.0.0.63
Address: 10.0.0.63#53
Name: www.test1.com
Address: 10.0.0.62

This demonstrates that the slave takes over when the master is unavailable, providing continuous DNS resolution.