BestHub
Sign in
Fundamentals 9 min read

Master DNS Basics and BIND Server Setup on Linux: A Step-by-Step Guide

Learn the fundamentals of the Domain Name System, explore DNS server roles, query methods, and the distributed data structure, then follow detailed instructions to install, configure, and test a BIND DNS server on Linux, including zone files, forward and reverse lookup setups.

MaGe Linux Operations
MaGe Linux Operations
MaGe Linux Operations
Master DNS Basics and BIND Server Setup on Linux: A Step-by-Step Guide

DNS Overview

DNS (Domain Name System) is a client/server mechanism that translates computer names to IP addresses, serving as a fundamental Internet service and widely used in enterprise networks.

Functions of DNS Servers

Forward resolution: find IP address from host name. Reverse resolution: find host name from IP address.

Distributed Data Structure of DNS

DNS Query Types

Recursive query: most clients use this method to resolve domain names via a DNS server.
Iterative query: most DNS servers use this method to resolve domain names via other DNS servers.

Types of DNS Servers

Cache DNS Server

Cache DNS server (also called caching server) obtains domain‑>IP records from other DNS servers and caches the results locally to speed up repeated queries.

Primary DNS Server

Primary DNS server: the authoritative server for a DNS zone, uniquely responsible for maintaining all domain‑>IP mappings in that zone.

Secondary DNS Server

Secondary DNS server (also called slave): its domain‑>IP records are sourced from the primary server.

BIND DNS Service Basics

BIND (Berkeley Internet Name Daemon) is the standard DNS server.
Official site: https://www.isc.org/
Server program: /usr/sbin/named
Service script: /etc/init.d/named
Default listening port: 53
Main configuration file: /etc/named.conf
Data files stored in: /var/named/chroot/var/named/

Configuration File Overview

/etc/named.conf

options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query { localhost; };
    recursion yes;
    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;
    bindkeys-file "/etc/named.iscdlv.key";
};
logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
};
zone "." IN {
    type hint;
    file "named.ca";
};
include "/etc/named.rfc1912.zones";

/etc/named.rfc1912.zones

zone "localhost.localdomain" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};
zone "localhost" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};
zone ".0.ip4.arpa" IN {
    type master;
    file "named.loopback";
    allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
    type master;
    file "named.loopback";
    allow-update { none; };
};
zone "0.in-addr.arpa" IN {
    type master;
    file "named.empty";
    allow-update { none; };
};

/var/named/named.localhost

$TTL 1D
@ IN SOA lzy.com. root.invalid. (
    0 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
    NS dns.lzy.com.
    A 127.0.0.1
    AAAA ::1

Setting Up a DNS Server

Install BIND

yum install bind

Start and Enable Service

systemctl start named.service
systemctl enable named.service

Configure Main File

vim /etc/named.conf
# change to
listen-on-v6 port 53 { any; };
allow-query { any; };

Configure Zones

Forward zone example:

zone "lzy.com." IN {
    type master;
    file "lzy.com.zone";
    allow-update { none; };
};

Reverse zone example:

zone "134.168.192.in-addr.arpa" IN {
    type master;
    file "134.168.192.zone";
    allow-update { none; };
};

Create Zone Files

cp /var/named/named.empty /var/named/lzy.com.zone
cp /var/named/named.empty /var/named/134.192.168.zone
chown :named lzy.com.zone

Forward Zone Content Example

$TTL 3H
@ IN SOA lzy.com. root.lzy.com. (
    0 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
    NS dns.lzy.com.
    dns A 192.168.134.139
    www A 192.168.134.139

Reverse Zone Content

# similar steps for reverse zone file

Network Interface Configuration

vim /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO=static
IPADDR1=192.168.134.139
NETMASK=255.255.255.0
GATEWAY=192.168.134.2
DNS1=192.168.134.139

Start DNS Service and Verify

systemctl start named.service
named-checkconf
nslookup example.com

Client Configuration

vim /etc/resolv.conf
nameserver 192.168.137.22
NetworkLinuxDNSserver configurationBINDDomain Name SystemZone Files
MaGe Linux Operations
Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment