BestHub
Sign in
Fundamentals 9 min read

Mastering DNS with BIND: Step‑by‑Step Server Setup and Configuration

This guide explains the fundamentals of the Domain Name System, describes DNS server roles and query types, and provides detailed, Linux‑based BIND installation and configuration steps—including zone files, network settings, service management, and testing procedures.

Liangxu Linux
Liangxu Linux
Liangxu Linux
Mastering DNS with BIND: Step‑by‑Step Server Setup and Configuration

What Is DNS?

DNS (Domain Name System) is a client‑server mechanism that translates human‑readable host names into IP addresses. It is a core Internet service and is widely used in enterprise networks.

Roles of DNS Servers

Forward lookup : Resolve a domain name to its IP address.

Reverse lookup : Resolve an IP address to its domain name.

Distributed Data Structure

DNS uses a hierarchical, distributed database. (Diagram omitted for brevity.)

Query Methods

递归查询:大多数客户机向DNS服务器解析域名的方式
迭代查询:大多数DNS服务器向其他DNS服务器解析域名的方式

Types of DNS Servers

Cache server : Caches query results to speed up repeated lookups.

Primary (master) server : Authoritative for a zone, holds the definitive records.

Secondary (slave) server : Retrieves zone data from the primary server.

BIND Overview

BIND (Berkeley Internet Name Daemon) is a widely used DNS server implementation.

BIND official site: https://www.isc.org/
Main daemon: /usr/sbin/named
Service script: /etc/init.d/named
Listening port: 53
Main config file: /etc/named.conf
Zone data directory: /var/named/chroot/var/named/

Key Configuration Files

/etc/named.conf

options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query { localhost; };
    recursion yes;
    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;
    bindkeys-file "/etc/named.iscdlv.key";
};
logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
};
zone "." IN {
    type hint;
    file "named.ca";
};
include "/etc/named.rfc1912.zones";

/etc/named.rfc1912.zones

zone "localhost.localdomain" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};
zone "localhost" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};
zone ".0.ip4.arpa" IN {
    type master;
    file "named.loopback";
    allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
    type master;
    file "named.loopback";
    allow-update { none; };
};
zone "0.in-addr.arpa" IN {
    type master;
    file "named.empty";
    allow-update { none; };
};

/var/named/named.localhost

$TTL 1D
@ IN SOA @ rname.invalid. (
    0 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
    NS @
    A 127.0.0.1
    AAAA ::1

Installing and Starting BIND on Linux

yum install bind
systemctl start named.service
systemctl enable named.service

Configuring the Main File

vim /etc/named.conf
# Change or add:
listen-on-v6 port 53 { any; };
allow-query { any; };

Creating Zone Files

Forward zone for example.com

zone "example.com." IN {
    type master;
    file "example.com.zone";
    allow-update { none; };
};

Reverse zone for 192.168.134.0/24

zone "134.168.192.in-addr.arpa" IN {
    type master;
    file "134.168.192.zone";
    allow-update { none; };
};

Preparing Zone Files

cp /var/named/named.empty /var/named/example.com.zone
cp /var/named/named.empty /var/named/134.168.192.zone
chown :named example.com.zone

Sample Forward Zone (example.com)

$TTL 3H
@ IN SOA example.com. root.example.com. (
    0 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
    NS dns.example.com.
    A 192.168.134.139
    www A 192.168.134.139

Sample Reverse Zone (134.168.192.in-addr.arpa)

$TTL 3H
@ IN SOA example.com. root.example.com. (
    0 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
    NS dns.example.com.
    139 PTR example.com.

Network Interface Configuration

vim /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO=static
IPADDR1=192.168.134.139
NETMASK=255.255.255.0
GATEWAY=192.168.134.2
DNS1=192.168.134.139

Starting and Verifying the DNS Service

systemctl start named.service
named-checkconf

Client Configuration

vim /etc/resolv.conf
nameserver 192.168.134.139

Testing the DNS Server

On a client machine, use nslookup or dig to query the configured domains and verify forward and reverse resolution.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

networkLinuxDNSServer ConfigurationBINDDomain Name System
Liangxu Linux
Written by

Liangxu Linux

Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment