DNS (BIND) Server on CentOS 7

Installing DNS on CentOS7 Vagrant for sending and receiving e-mails on Zimbra

Photo by Riaan Myburgh on Unsplash

We can follow steps described here : https://www.itzgeek.com/how-tos/linux/centos-how-tos/configure-dns-bind-server-on-centos-7-rhel-7.html

“IP” and “hostname” is entered in Vagrantfile. What we do different here from the link above is we will be installing DNS on the same server where our Zimbra installation exists (you can see my previous story on how to install Zimbra on Vagrant CentOS7) so we will be using the same IP and hostname values.

In your Vagrantfile, add:

config.vm.network “private_network”, ip: “192.168.10.34”
config.vm.network “forwarded_port”, guest: 7306, host: 7306
config.vm.hostname = “zimbra.nils.local”

In your VM, install:

sudo yum -y install bind bind-utils
sudo yum install nano

Open file “named.conf”:

sudo nano /etc/named.conf

The first two lines should be commented in the “named.conf” file and you should insert “listen-on port” and “allow-query” definitions as new lines:

options {
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
listen-on port 53 { 127.0.0.1; 192.168.10.34; };
directory   "/var/named";
dump-file   "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file  "/var/named/data/named.recursing";
secroots-file   "/var/named/data/named.secroots";
allow-query     { localhost; 192.168.10.0/24; };

Add “Forward Zone” and “Reverse Zone” values to existing “.” Zone definition.

zone "." IN {
type hint;
file "named.ca";
};
zone "nils.local" IN {
type master;
file "/var/named/zimbra.nils.local.db";
allow-update { none; };
allow-query { any; };
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "/var/named/192.168.10.34.db";
allow-update { none; };
allow-query { any; };
};

Create Zone files:

sudo nano /var/named/zimbra.nils.local.db

Enter these in your zone file created above:

@   IN  SOA     ns1.nils.local. root.nils.local. (
1001    ;Serial
3H  ;Refresh
15M     ;Retry
1W  ;Expire
1D  ;Minimum TTL
)
;Name Server Information
@      IN  NS      ns1.nils.local.
;IP address of Name Server
ns1 IN  A   192.168.10.34
;Mail exchanger
nils.local. IN  MX 10   zimbra.nils.local.
;A - Record HostName To IP Address
www     IN  A       192.168.10.34
zimbra    IN  A       192.168.10.34
;CNAME record
ftp     IN CNAME        www.nils.local.

Create the second one:

sudo nano /var/named/192.168.10.34.db

Enter these in your zone file created above:

@   IN  SOA     ns1.nils.local. root.nils.local. (
1001    ;Serial
3H  ;Refresh
15M     ;Retry
1W  ;Expire
1D  ;Minimum TTL
)
;Name Server Information
@ IN  NS      ns1.nils.local.
;Reverse lookup for Name Server
34        IN  PTR     ns1.nils.local.
;PTR Record IP address to HostName
100  IN  PTR     www.nils.local.
150  IN  PTR     zimbra.nils.local.

Run these commands:

sudo systemctl restart named
sudo systemctl enable named

You do not need to run the firewall commands described in the link provided at the start of this story because we had disabled firewall during our Zimbra installation (please see my previous story about installation of Zimbra).

Edit “resolv.conf” file. Existing “nameserver” line is commented out and a new definition is added under it. This has to be done manually whenever you perform a vagrant restart or a network change:

sudo nano /etc/resolv.conf

These is the final version of the file after edit:

# Generated by NetworkManager
search nils.local
#nameserver 10.0.2.3
nameserver 192.168.10.34

As a final step, add “DNS1” definition to “ifcfg-eth0” file:

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

Its content should be like below:

DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
PERSISTENT_DHCLIENT="yes"
DNS1=192.168.10.34

Restart your network manager:

sudo systemctl restart NetworkManager

We can do our checks:

dig -t A zimbra.nils.local

Output should be like:

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> -t A zimbra.nils.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19352
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zimbra.nils.local.     IN  A
;; ANSWER SECTION:
zimbra.nils.local.  86400   IN  A   192.168.10.34
;; AUTHORITY SECTION:
nils.local.     86400   IN  NS  ns1.nils.local.
;; ADDITIONAL SECTION:
ns1.nils.local.     86400   IN  A   192.168.10.34
;; Query time: 0 msec
;; SERVER: 192.168.10.34#53(192.168.10.34)
;; WHEN: Tue Nov 03 07:13:14 UTC 2020
;; MSG SIZE  rcvd: 96

Do the following check:

dig -x 192.168.10.100

Output should look like this:

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> -x 192.168.10.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52264
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;100.10.168.192.in-addr.arpa.   IN  PTR
;; ANSWER SECTION:
100.10.168.192.in-addr.arpa. 86400 IN   PTR www.nils.local.
;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 86400  IN  NS  ns1.nils.local.
;; ADDITIONAL SECTION:
ns1.nils.local.     86400   IN  A   192.168.10.34
;; Query time: 0 msec
;; SERVER: 192.168.10.34#53(192.168.10.34)
;; WHEN: Tue Nov 03 07:14:17 UTC 2020
;; MSG SIZE  rcvd: 118

Happy Coding!