Need up to 30 seconds to load.
hello everybody so today i have a video
for configuring bind dns on a red hat 7
server
currently using version 7.6 but this
should also work for the previous
uh seven builds and this should also
work for centos
7 as well so i actually already have
bind configured and working on this
server i'm redoing this video because i
received some complaints about the font
size
and the uh terminal coloring despite the
fact that i had a full
how-to uh file in the description of
this video
uh the same file will be in the
description of this video as well
so you can either just download that and
go over it at your own time or follow
along with this
so hopefully this helps i'll go over
each step
in the file so before we configure
dns or go over the dns configuration
you'll want to make sure you have a
static ip
so the first thing you'll want to do is
get the network adapter name
that you are going to be modifying the
ip address for so you can do if
config dash a
and this is the adapter that i will be
modifying
so once you have the name and its
current ip address
you can modify the system file for that
adapter so to do that you can
use vi and we will be going to etc
sysconfig network
scripts and then ifcfg
and then you'll take the adapter name
and just paste it there or type it out
if you can't paste
and then open it open that file and you
should have something like this
so this adapter got set up when i
installed red hat
so a lot of these settings are here by
default i believe
boot protocol might say dhcp if it does
change it to none or static make sure on
boot is set to yes and then for the ip
address
this is what you're going to actually be
changing to set your static ip
so as you can see i'm going to be using
192.168.0.101 make sure you use
something
that is resolvable or reachable on your
network
and the prefix is the subnet mask so
it's for me two five five two five five
two five five zero
i think you can put instead of prefix
subnet equals
and then the full value or you can do
like i've done here and use the
prefix the gateway is the gateway for
the network
obviously you'll need to change that so
it's the gateway of your network
and then for dns one i've actually used
the static ip address that we're setting
on the server because it's going to be
our dns server
the other two here are just public dns
servers
for when i reach out to the internet so
once you've done making those changes
you can hit escape
colon wq exclamation mark and that's how
you can save
and close the file so
once that's done uh you can check to see
if your firewall is running by running
service
firewall d status
so you could see mine is running if
yours is not running
you can enable it if you want or just
skip this step basically what i'm going
to be doing is showing you how you can
set a firewall rule on the public zone
for dns
queries so to do that you can run
firewall
cmd dash dash permanent
dash dash zone equals public
dash dash add service
equals dns
and already have it so it's going to
complain you can see it's
already enabled otherwise it'll just say
success and then if you want
now you can reload the firewall as well
with the following command
so once that's done you'll want to
install bind and bind
utils and you can do that by running yum
space dash
y install
bind star and that will install both i
already have them installed so it's
going to say
no action or nothing to do but otherwise
it should go through and
install both packages for you
so now that bind is installed we'll have
a named.conf file under the
etc directory so we're going to open
that with vi as well
and the first two changes will be to
comment out these two lines
they will not be commented out by
default and um
that basically just allows it so
uh it enables bind to listen to you all
on all ip addresses and the next thing
we'll change
is down here where it says allow query
after the semicolon
add the network address for your network
followed by
forward slash and then the subnet prefix
and then another semicolon
it's very important when you're
modifying the files for dns
that you have all of your
semicolons and brackets closed correctly
otherwise the service will not start it
will generally tell you why the service
didn't start but just to
rule out any difficulties make sure that
you have your semicolons and brackets
there so uh the next thing will be at
the
end of the file i've added
these two entries here they are not
there by default
and what these are they're entries for
the forward and reverse lookup zones
so as you can see my domain is going to
be called kjl.local
and it's pointing to
the file that we'll be creating for the
forward lookup zone
which is under the var slash named
directory
again you can basically copy and paste
these entries into yours just make sure
that you change
the domain values here for your domain
and then for this one the reverse lookup
zone is basically
it's the first three octets
of your network address so for me that's
192.168.0
you flip them in reverse and then you
have dash
in addr.arpa
um and then the same thing here for the
reverse
file it's the first three octets of your
network address
in reverse again make sure uh
you have all of your semicolons in the
correct spots
and that you've closed any curly bracket
opening curly bracket
so once you have something like this but
for your domain and your network you can
hit escape wq exclamation mark
and the next thing you'll be doing is
configuring
the
zone files so as i said they're under
var named
as you could see they're not here by
default you actually have to make them
so
i have already made my forward and
reverse lookup files
so i'll open the forward lookup file
first
and again since you're making the file
it's completely empty you can copy
this right here and paste it directly
into your file the
only thing you'll need to change is
obviously change this with the
fully qualified domain name of your dns
server that you're making
and then also put
root dot and then your domain and then
make sure when you're ending like these
host names and this line here
uh always put a period at the end
and uh that's pretty much it so again
you can copy this exactly just make sure
to change these two
entries here to reflect your environment
and then down here you can do
at tab i n tab ns
and then the fully qualified domain name
of your dns server
again ending it with a period on the
next
few lines are the actual
entries for your dns or your domain so
as you can see i have a few hosts here
um again periods on the end
i n a make sure to use tabs and then the
ip address
for each host so you should have
something like this
for the ip addresses for the host names
in your environment
and then once you've got that you can do
the escape colon
wq exclamation mark and then
the same thing you'll need to create
a file for your reverse lookup zone
so again var named and then the file
that we
specified in the name.conf and
like the forward lookup zone you can
copy this exactly
just making sure to make changes here
for your domain and the
root.e to your domain down here you'll
want to do
at tab in tab ns and then
the fully qualified domain name of your
dns server
and then if you remember the file is the
first three octets
of your network address but in reverse
the entries are the specific
values tied to each host so which would
be the fourth octet
they should be unique to each host there
shouldn't be any duplicates
as you can see i have the rest of those
hosts here
you'll want to do the same thing again
make sure that you have your periods on
the end
once you've done doing that you can do
colon
or escape colon wq exclamation mark
and then provided everything was done
correctly you should be able to restart
named dot service
so if it does report an error you can do
system ctl status
named dot service and
generally it'll have like a few lines
down here that could say
like the unexpected end of line
uh missing semicolon on this line so
just go back into the files and
correct any mistakes that have been made
and then
you can attempt to restart the service
again uh
once the service comes up when it starts
as you can see
the last time i ran it reported nothing
it just came up
successfully so once it does that you
can enable the service
which should cause it to come up
automatically if you reboot this host
or your host uh generally what you'll
see is uh like
it's it'll create a link um
so that it comes up during the boot and
um
once you've done all that you should be
able to run queries against the domain
server
so i'm going to use dig
and just specify the server itself
and you should get a response that
basically shows
both the forward
and
i guess it doesn't show the reverse but
it does show
that it it's pulling the correct fully
qualified domain name the domain itself
the ip address associated with it
um then what i would recommend doing
would be
use nslookup so
i'm actually going to pick a different
host other than the dns server
so as you can see this pulled up the
vcenter
entry
and you should also be able to do
short names all right
so there you go uh you can as you can
see dns is fully working
i was able to query forward or at least
get a response from dig
and then do reverse and short name
lookups
i hope this video was helpful for you if
you have any questions leave them in the
comments down below and as always thanks
for watching
