Master DNS: From Basics to Hands‑On BIND Setup and Master‑Slave Configuration

1. DNS Introduction

1.1 What is a domain name?

A domain name is a human‑readable identifier composed of labels separated by dots that uniquely identifies a computer or a group of computers on the Internet.

1.2 What is DNS?

The Domain Name System (DNS) is an Internet service that translates domain names to IP addresses, allowing users to access websites using memorable names instead of numeric addresses. DNS servers perform this translation.

Forward lookup: domain → IP address
Reverse lookup: IP address → domain

1.3 Domain name composition and classification

Typical format: www.baidu.com
Full format: www.baidu.com.

. Root domain (can be omitted)

com Top‑level domain, managed by ICANN

Second‑level domain (registered by individuals or organizations)

Third‑level domain (subdomain, e.g., www)

Host name (e.g., s1 in s1.www.baidu.com)

Extension: com.cn belongs to the "second‑level" domain under the cn TLD.

2. Domain Name Resolution Process

When a client queries www.kernel.org, the following steps occur:

1. Check local hosts file.
2. Check local DNS cache.
3. Forward request to configured DNS server.
4. If the name can be resolved locally, return the result.
5. The local DNS server checks its cache.
6. Query the 13 root servers for the .org zone.
7. Query an .org server for the kernel.org zone.
8. Query a kernel.org server for the final A record and return it to the client.

3. DNS Software Information

Software name: bind

Service name: named

Ports:

UDP 53 – domain name queries TCP 53 – zone transfers (master‑slave synchronization)

Configuration files:

Main configuration: /etc/named.conf (server parameters)

options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    # Set the network interface to listen on (any or specific IP)
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    recursing-file "/var/named/data/named.recursing";
    secroots-file "/var/named/data/named.secroots";
    allow-query { any; };
}

Zone configuration: /etc/named.rfc1912.zones (forward and reverse zone definitions)

zone "localhost.localdomain" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
    type master;
    file "named.loopback";
    allow-update { none; };
};

Data files are stored under /var/named/ and contain host‑IP mappings and zone information.

$TTL 1D
@   IN SOA @ rname.invalid. (
        0 ; serial
        1D ; refresh
        1H ; retry
        1W ; expire
        3H ) ; minimum
    NS @
    A 127.0.0.1 ; IPv4 address
    AAAA ::1 ; IPv6 address

DNS Record Types

A

Address record for IPv4

CNAME

Alias to another domain name

TXT

Arbitrary text (often used for SPF)

NS

Nameserver record for delegating subdomains

AAAA

Address record for IPv6

MX

Mail exchange record for email routing

4. DNS Experiment Setup

4.1 DNS Service Installation

Disable firewalls and SELinux on both server and client.

1. Install software

yum install bind -y

2. Configure main file (/etc/named.conf)

options {
    listen-on port 53 { any; };
    listen-on-v6 port 53 { any; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    recursing-file "/var/named/data/named.recursing";
    secroots-file "/var/named/data/named.secroots";
    allow-query { any; };
}

3. Configure zone file (/etc/named.rfc1912.zones)

zone "ajaj.com" IN {
    type master;
    file "ajaj.localhost";
    allow-update { none; };
};
zone "100.168.192.in-addr.arpa" IN {
    type master;
    file "ajaj.loopback";
    allow-update { none; };
};

4. Create data files

Copy template files and edit them.

cp -a named.localhost ajaj.localhost
cp -a named.loopback ajaj.loopback

Forward zone (ajaj.localhost):

$TTL 1D
@   IN SOA ajaj.com. rname.invalid. (
        0 ; serial
        1D ; refresh
        1H ; retry
        1W ; expire
        3H ) ; minimum
    NS dns.ajaj.com.
 dns A 192.168.100.20
 www A 192.168.100.21

Reverse zone (ajaj.loopback):

$TTL 1D
@   IN SOA ajaj.com. rname.invalid. (
        0 ; serial
        1D ; refresh
        1H ; retry
        1W ; expire
        3H ) ; minimum
    NS dns.ajaj.com.
20  PTR dns.ajaj.com.
21  PTR www.ajaj.com.

5. Start the named service

systemctl restart named

6. Client testing

Add the DNS server address to the client’s network configuration and run nslookup.

# nslookup www.ajaj.com
Server:         192.168.100.20#53
Address:        192.168.100.20#53
Name:   www.ajaj.com
Address: 192.168.100.21

4.2 DNS Master‑Slave Configuration

Goal: Reduce load on the primary server.

Master server steps

Install bind.

Modify /etc/named.conf (as shown above).

Set allow-update to include the slave’s IP.

Configure zone files for master.

Start the named service.

Slave server steps

Install bind.

Modify /etc/named.conf (same options).

Configure zones as slaves:

zone "ajaj.com" IN {
    type slave;
    masters { 192.168.100.20; };
    file "slaves/ajaj.localhost";
};
zone "100.168.192.in-addr.arpa" IN {
    type slave;
    masters { 192.168.100.20; };
    file "slaves/ajaj.loopback";
};

Start the named service.

Test with nslookup pointing to the slave.

4.3 DNS Caching Server (dnsmasq)

Goal: Accelerate resolution and improve efficiency.

Installation and configuration

/etc/dnsmasq.conf
# Domain to resolve
domain=example.com
# Upstream DNS server
server=192.168.100.20
# Cache size
cache-size=15000

Restart service

systemctl restart dnsmasq

Test

Configure the client to use the dnsmasq server’s IP and run nslookup to verify cached responses.