Step‑by‑Step Guide to Installing and Configuring a BIND DNS Server on Linux

What is DNS?

DNS (Domain Name System) is a client‑server service that translates human‑readable domain names into IP addresses and vice‑versa. It is a core Internet service and is also widely used in private networks.

Roles of DNS Servers

Forward lookup: resolve a host name to an IP address.

Reverse lookup: resolve an IP address to a host name.

Distributed Structure of DNS

The DNS hierarchy consists of root servers, top‑level domain (TLD) servers, authoritative servers, and caching resolvers. A diagram of the structure is shown below.

BIND Overview

BIND (Berkeley Internet Name Daemon) is the most common DNS server implementation. Key components include:

Executable: /usr/sbin/named Service script: /etc/init.d/named Default listening port: 53

Main configuration file: /etc/named.conf Zone data directory:

/var/named/chroot/var/named/

Analyzing named.conf

options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query { localhost; };
    recursion yes;
    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;
    bindkeys-file "/etc/named.iscdlv.key";
};

logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
};

zone "." IN {
    type hint;
    file "named.ca";
};

include "/etc/named.rfc1912.zones";

This block sets listening interfaces, enables recursion and DNSSEC, defines logging, configures the root hint zone, and includes additional zone definitions.

Included Zone Files

zone "localhost.localdomain" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};

zone "localhost" IN {
    type master;
    file "named.localhost";
    allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "named.loopback";
    allow-update { none; };
};

These zones provide local forward and reverse resolution.

Installing BIND

yum install bind

After installation, start and enable the service:

systemctl start named.service
systemctl enable named.service

Configuring the Main File

Edit /etc/named.conf to allow queries from any client and listen on IPv6:

listen-on-v6 port 53 { any; };
allow-query { any; };

Creating Forward and Reverse Zones

Add a forward zone for lzy.com:

zone "lzy.com." IN {
    type master;
    file "lzy.com.zone";
    allow-update { none; };
};

And a reverse zone for the network 192.168.134.0/24:

zone "134.168.192.in-addr.arpa" IN {
    type master;
    file "134.168.192.zone";
    allow-update { none; };
};

Copy the empty template and adjust permissions:

cp /var/named/named.empty /var/named/lzy.com.zone
cp /var/named/named.empty /var/named/134.168.192.zone
chown :named lzy.com.zone

Editing Zone Files

Example forward zone ( lzy.com.zone) content:

$TTL 3H
@ IN SOA lzy.com. root.lzy.com. (
    0 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
NS dns.lzy.com.
 dns A 192.168.134.139
 www A 192.168.134.139

Example reverse zone ( 134.168.192.zone) content (placeholder shown in original article).

Network Interface Configuration

Configure a static IP and DNS server on the host:

vim /etc/sysconfig/network-scripts/ifcfg-ens33

BOOTPROTO=static
IPADDR1=192.168.134.139
NETMASK=255.255.255.0
GATEWAY=192.168.134.2
DNS1=192.168.134.139

Testing the DNS Server

On a client machine, use nslookup to verify forward and reverse resolution:

nslookup www.lzy.com
nslookup 192.168.134.139

Run named-checkconf to validate the configuration files before starting the service.