Master Linux DNS with BIND: Step‑by‑Step Installation, Configuration, and Testing
This guide walks you through installing BIND on Linux, explains DNS fundamentals, shows how to configure forward and reverse zones, and provides commands to verify syntax and test name resolution, enabling you to set up a fully functional DNS server.
DNS Service (Linux)
DNS Introduction
DNS (Domain Name System) translates domain names to IP addresses and vice versa, operating on TCP or UDP port 53. Queries first use UDP; if a response is not received, TCP is used.
Bind Software
Installation
[root@localhost ~]# dnf install bind -y
Updating Subscription Management repositories.
BaseOS 2.7 MB/s | 2.7 kB 00:00
AppStream 2.9 MB/s | 3.2 kB 00:00
Dependencies resolved.
Installing:
bind.x86_64 32:9.16.23-24.el9_5 509 k
bind-dnssec-doc.noarch 32:9.16.23-24.el9_5 49 k
bind-libs.x86_64 32:9.16.23-24.el9_5 1.2 M
bind-license.noarch 32:9.16.23-24.el9_5 14 k
fstrm.x86_64 0.6.1-3.el9 30 k
libmaxminddb.x86_64 1.5.2-4.el9 35 k
libuv.x86_64 1:1.42.0-2.el9_4 151 k
protobuf-c.x86_64 1.3.3-13.el9 37 k
python3-bind.noarch 32:9.16.23-24.el9_5 72 k
python3-ply.noarch 3.11-14.el9 111 k
Installing weak dependencies:
bind-dnssec-utils.x86_64 32:9.16.23-24.el9_5 122 k
bind-utils.x86_64 32:9.16.23-24.el9_5 213 k
Transaction Summary
Install 12 Packages
Total size: 2.6 M
Installed size: 7.2 M
Complete!View Installed Files
[root@localhost ~]# rpm -ql bind
/etc/named.conf # main configuration file
/etc/named.rfc1912.zones # zone data files
/var/named # directory for zone files
/var/named/named.empty # forward‑lookup template
/var/named/named.localhost
/var/named/named.loopback # reverse‑lookup template
/usr/lib/systemd/system/named.service # service unit fileForward Zone Configuration
Example named.conf.options:
options {
directory "/var/named";
forwarders { 8.8.8.8; 8.8.4.4; };
dnssec-validation auto;
auth-nxdomain no;
listen-on-v6 { any; };
};Example named.conf.local:
zone "example.com" {
type master;
file "/etc/bind/db.example.com";
};Sample zone file db.example.com:
$TTL 604800
@ IN SOA ns1.example.com. admin.example.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS ns1.example.com.
@ IN A 192.168.1.100
ns1 IN A 192.168.1.100
www IN A 192.168.1.100Reverse Zone Configuration
Define a reverse zone in named.conf:
zone "72.168.192.in-addr.arpa" IN {
type master;
file "fanxiang.zone";
};Sample reverse zone file fanxiang.zone:
$TTL 1D
@ IN SOA ns.example.com. amdin.example.com. (
7 ; Serial
1D ; Refresh
1W ; Retry
2M ; Expire
1D ) ; Minimum
IN NS ns
ns IN A 192.168.72.135
135 IN PTR www.example.com.Syntax Checking and Service Management
Check the main configuration: [root@localhost ~]# named-checkconf Check a zone file:
[root@localhost ~]# named-checkzone example.com /var/named/example.zone
zone example.com/IN: loaded serial 0
OKStart or restart the BIND service:
# systemctl start named
# systemctl restart namedTesting the DNS Server
Query NS records:
# dig -t NS example.com @192.168.72.135
;; ANSWER SECTION:
example.com. 86400 IN NS ns.example.com.
ns.example.com. 86400 IN A 192.168.72.135Query A records:
# dig -t A www.example.com @192.168.72.135
;; ANSWER SECTION:
www.example.com. 86400 IN A 10.10.10.11Reverse lookup:
# dig -x 192.168.72.135 @192.168.72.135
;; ANSWER SECTION:
135.72.168.192.in-addr.arpa. 86400 IN PTR www.example.com.Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Raymond Ops
Linux ops automation, cloud-native, Kubernetes, SRE, DevOps, Python, Golang and related tech discussions.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.