Master DNS Basics and Hands‑On BIND Configuration on CentOS
This guide explains DNS fundamentals, resolution and query types, zone and resource record structures, master‑slave architecture, and provides step‑by‑step instructions for installing, configuring, and testing BIND on CentOS systems.
DNS Overview
DNS (Domain Name System) is a distributed database that maps domain names to IP addresses, replacing the hosts file with a hierarchical, inverted‑tree structure. The top level consists of 13 root servers managed by ICANN, followed by top‑level domain (TLD) servers, second‑level domains, and so on.
Resolution Types
Forward resolution converts FQDN to IP; reverse resolution converts IP to FQDN. Wildcard resolution can direct misspelled names to a specific address. Example:
$GENERATE 1-254 HOST$ A 1.2.3.$Query Types
Recursive query: the client sends a single request and the DNS server resolves the entire chain. Iterative query: DNS servers refer the client to the next server in the hierarchy.
Zones and Resource Records
A zone is a portion of the DNS database; each zone contains resource records (RR) such as A, AAAA, PTR, SOA, NS, CNAME, MX. SOA (Start of Authority) is the first record in a zone and defines the zone’s authority.
Master‑Slave DNS
DNS operates on port 53 (UDP for queries, TCP for zone transfers). A primary (master) server holds the authoritative data; secondary (slave) servers obtain copies via push or pull mechanisms.
Setting Up BIND on CentOS
Install BIND: yum -y install bind. Disable the firewall: iptables -F and chkconfig iptables off (or disable firewalld on CentOS 7). Start the named service: service named start (or systemctl enable named and systemctl start named).
Configuration Files
/etc/named.conf– main configuration file. /etc/named.rfc1912.zones – zone definitions. /var/named/ – directory for zone files.
Example zone definition for liansir99.com in /etc/named.rfc1912.zones:
zone "liansir99.com" IN {
type master;
file "liansir99.com.zone";
};Corresponding zone file liansir99.com.zone:
$TTL 86400
@ IN SOA ns1.liansir99.com. admin.liansir99.com. (
2016100401 ; serial
1H ; refresh
5M ; retry
7D ; expire
1D ) ; minimum
@ NS ns1.liansir99.com.
@ MX 10 mail.liansir99.com.
ns1 A 10.1.1.1
slave A 10.1.1.4
www A 10.1.1.2
www A 10.1.1.3
mail A 10.1.1.5
ftp A 10.1.1.4
web CNAME ftpSet proper ownership and permissions, then restart BIND:
chown named.named liansir99.com.zone
chmod 640 liansir99.com.zone
service named restartValidate the configuration with named-checkconf and named-checkzone. Test using dig queries and verify that port 53 is reachable (UDP by default). The following images illustrate command output and configuration screenshots.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.