The DNS it stands for Domain Name Server (DNS) is used to translate/resolve hostnames into IP addresses, and the IP address into Hostnames. DNS zones are used to translate IP addresses into hostnames. It is also used to deliver additional types of information to DNS clients. An increasing number of services depend on DNS, which is why configuring DNS is an important task for Linux administrators and its palys most important role in oracle RAC cluster with help of SCAN service .
BIND is most widely used DNS (Domain Name Server) software. Its name originates as an acronym of Berkeley Internet Name Domain. BIND is also called by it service name i.e. named (or Name Daemon). BIND latest version 9 is available now and distributed under Mozilla Public License (MPL). BIND is developed and maintained by Internet Systems Consortium (ISC).
Almost every Internet connection starts with a DNS lookup. Hostname to IP resolution is necessary before sending an email or browsing a website and BIND is the preferred DNS server for Unix/Linux operating systems.
Record types in DNS
A : Record: The Address record holds The IP Address of the hostname.It resolves IP into Hostname.
PTR Record : The Pointer Record resolves hostname into IP
CNAME : cname allows multiple names for each TCP/IP Address
MX RECORD : it stands for mail exchange record, It’s responsible for Mail Hostnames.
HINFO : this record holds Hosts TCP/IP Address
NS RECORD : The Name Server record simply specifies the other name servers for the domain.
SOA RECORD : It stands Start of authority. This record identifies the zone and some parameters like the source host, serial number, refresh time, retry time, A expire time. Time To Live (TTL)
Resource Record Types and it’s used.
A (IPv4 address) : Maps a hostname to an IPv4 address
AAAA (IPv6 address) : Maps a hostname to an IPv6 address.
CNAME (canonical name) : An alias for one name to another name that should have an A or AAAA record.
NS (name server) : Maps a domain name to a DNS name server that is authoritative for the DNS zone.
PTR (pointer) : Maps an IP address (v4 or v6) to a hostname.
MX (mail exchange) : Indicates which MTA mail servers are used within a DNS domain.
SOA (start of authority : Contains generic information about how a DNS zone works. It contains information about who is responsible for the administration of the domain.
TXT (text) : Maps a name to human readable text. This type of resource record is for instance used by protocols like Send Policy Framework, which in email is used to verify the name of the domain an email message was received from.
SRV (service) : Indicates which host to contact for specific services such as LDAP and Kerberos.
DNS have two Zone files:
Zones contain all domain information. Basically, the zone refers to the branch of the DNS tree for which a specific name server is responsible.
1.forward lookup Zone– it contain IP address to hostname information
2.Reverse lookup Zone: it contains hostname to IP address information.
1. Static IP address :
This is must and recommended to have a static IP configured on the DNS NIC.
2. /etc/hosts
To set hostname resolution, DNS is typically used. Configuring DNS not only for hostname resolution it will help us control to communicate with DNS Clients. Apart from DNS, you can configure host name resolution in the /etc/hosts file. Setting up an /etc/hosts file is easy; just make sure that it contains at least two columns. The first column has the IP address of the specific host, and the second column specifies the hostname Ex: localhost.localdoamin localhost.
Example :
[root@dns78 ~]# ifconfig
ens161: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.45.2 netmask 255.255.255.0 broadcast 192.168.46.255
[root@dns78 network-scripts]# hostnamectl
Static hostname: dns78.oravr.in
Icon name: computer-vm
Chassis: vm
Machine ID: 84e2a73b3d60416a87a548ee73dfb7f3
Boot ID: 41192f4980424572a965d536725aec3f
Virtualization: vmware
Operating System: Oracle Linux Server 7.8
CPE OS Name: cpe:/o:oracle:linux:7:8:server
Kernel: Linux 4.14.35-1902.304.6.3.el7uek.x86_64
Architecture: x86-64
[root@dns78 network-scripts]# hostname -i
192.168.45.2
[root@dns78 network-scripts]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
192.168.45.2 dns78.oravr.in dns78
3. To install DNS packages : we will use the yum command, as yum takes care to install the dependency packages by itself if any. If you want to Configure Local Yum Repository on RHEL
#yum install -y bind*
4. Enabling DNS IP to accept the DNS requests
A. Named.conf
Once the DNS bind packages are installed, next step is to enable the DNS configuration to enable named service to accept the request on DNS Server IP. In our lab setup, it is 192.168.45.2 To perform these changes manually edit the /etc/named.conf file.
This file we define directory (where zonefiles are located ) and zone name
[root@dns78 ~]# cat /etc/named.conf
options
{
directory "/var/named";
listen-on port 53 { any; };
};
zone "oravr.in"
{
type master;
file "oravr.in.fwd.zone";
};
zone "localhost"
{
type master;
file "localhost.fwd.zone";
};
zone "45.168.192.in-addr.arpa"
{
type master;
file "192.168.45.rev.zone";
};
zone "0.0.127.in-addr.arpa"
{
type master;
file "localhost.rev.zone";
};
[root@dns78 ~]#
B. Defines Zones
check the named.conf ..
Directory : /var/named
Port : 53
Allow : Any
Type Zone Files
Forword oravr.in oravr.in.fwd.zone
Forword localhost localhost.fwd.zone
Reverse 45.168.192.in-addr.arpa 192.168.45.rev.zone
Reverse 0.0.127.in-addr.arpa localhost.rev.zone
Lets create the files :
Domain Forword lookup zone (www dont miss )
[root@dns78 named]# cat oravr.in.fwd.zone
$TTL 1D
@ IN SOA dns78.oravr.in. root.localhost (
20200808 ; serial
8H ; refresh
4H ; retry
1W ; expiry
1D) ; minimum
@ IN NS dns78.oravr.in.
localhost IN A 127.0.0.1
dns78 IN A 192.168.45.2
rac-gns IN A 192.168.45.9
www IN A 192.168.45.2
west01 IN A 192.168.45.101
west02 IN A 192.168.45.102
west03 IN A 192.168.45.103
west01-vip IN A 192.168.45.104
west02-vip IN A 192.168.45.105
west03-vip IN A 192.168.45.106
westscan IN A 192.168.45.107
IN A 192.168.45.108
IN A 192.168.45.109
westgg-vip IN A 192.168.45.110
westoem IN A 192.168.45.90
$ORIGIN pune.oravr.in
@ IN NS rac-gns.oravr.in.
IN NS dns78.oravr.in.
rac-gns IN A 192.168.45.9; glue record
Domain reverse lookup zone (www dont miss )
[root@dns78 named]# cat 192.168.45.rev.zone
$TTL 1D
@ IN SOA dns78.oravr.in. root.localhost (
20200808 ; serial
8H ; refresh
4H ; retry
1W ; expiry
1D) ; minimum
@ IN NS dns78.oravr.in.
@ IN PTR oravr.in.
2 IN PTR dns78.oravr.in.
9 IN PTR rac-gns.oravr.in.
101 IN PTR west01.oravr.in.
102 IN PTR west02.oravr.in.
103 IN PTR west03.oravr.in.
104 IN PTR west01-vip.oravr.in.
105 IN PTR west02-vip.oravr.in.
106 IN PTR west03-vip.oravr.in.
107 IN PTR westscan.oravr.in.
108 IN PTR westscan.oravr.in.
109 IN PTR westscan.oravr.in.
110 IN PTR westgg-vip.oravr.in.
90 IN PTR westoem.oravr.in.
www IN PTR 192.168.45.2
localhost Foreword lookup zone
[root@dns78 named]# cat localhost.fwd.zone
$TTL 1D
@ IN SOA dns78.oravr.in. root.localhost (
20200808 ; serial
8H ; refresh
4H ; retry
1W ; expiry
1D) ; minimum
IN NS @
IN A 127.0.0.1
Localhost reverse lookup zone
[root@dns78 named]# cat localhost.rev.zone
$TTL 1D
@ IN SOA dns78.oravr.in. root.localhost (
20200808 ; serial
8H ; refresh
4H ; retry
1W ; expiry
1D) ; minimum
IN NS localhost.
1 IN PTR localhost.
C. Check zone files :
[root@dns78 named]# ls -alrts *.zone
4 -rw-r--r--. 1 named root 514 Aug 8 19:12 localhost.fwd.zone
4 -rw-r--r--. 1 named root 531 Aug 8 19:12 localhost.rev.zone
4 -rw-r--r--. 1 named root 1653 Aug 9 15:38 oravr.in.fwd.zone
4 -rw-r--r--. 1 named root 1528 Aug 9 15:38 192.168.45.rev.zone
D. Permission
[root@dns78 named]# chgrp named -R /var/named
[root@dns78 named]# chown -v root:named /etc/named.conf
[root@dns78 named]# named-checkzone localhost localhost.fwd.zone
zone localhost/IN: loaded serial 20200808
OK
[root@dns78 named]# named-checkzone oravr.in oravr.in.fwd.zone
zone oravr.in/IN: loaded serial 20200808
OK
[root@dns78 named]# named-checkzone localhost localhost.fwd.zone
zone localhost/IN: loaded serial 20200808
OK
[root@dns78 named]# named-checkzone 45.168.192.in-addr.arpa 192.168.45.rev.zone
zone 45.168.192.in-addr.arpa/IN: loaded serial 20200808
OK
[root@dns78 named]# named-checkzone 0.0.127.in-addr.arpa localhost.rev.zone
zone 0.0.127.in-addr.arpa/IN: loaded serial 20200808
OK
[root@dns78 named]#
5. Firewall
[root@dns78 named]# firewall-cmd --permanent --add-port=53/udp
[root@dns78 named]# firewall-cmd --permanent --add-service=dns
success
[root@dns78 named]# firewall-cmd --reload
success
6. Resolve.conf
( Use below file to client servers )
[root@dns78 named]# cat /etc/resolv.conf
# Generated by NetworkManager
search oravr.in
nameserver 192.168.45.2
7 . Enable and restart named services :
[root@dns78 named]#systemctl enable --now named.service
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
Restart the named service and validate the loaded zones
[root@dns78 named]# service named restart
Redirecting to /bin/systemctl restart named.service
[root@dns78 named]# service named status
Redirecting to /bin/systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-08-17 18:23:50 IST; 2s ago
Process: 28877 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 4887 ExecReload=/bin/sh -c /usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS)
Process: 28894 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 28891 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 28897 (named)
Tasks: 4
CGroup: /system.slice/named.service
└─28897 /usr/sbin/named -u named -c /etc/named.conf
Aug 17 18:23:50 dns78.oravr.in named[28897]: command channel listening on ::1#953
Aug 17 18:23:50 dns78.oravr.in named[28897]: managed-keys-zone: loaded serial 0
Aug 17 18:23:50 dns78.oravr.in named[28897]: zone 0.0.127.in-addr.arpa/IN: loaded serial 20200808
Aug 17 18:23:50 dns78.oravr.in named[28897]: zone localhost/IN: loaded serial 20200808
Aug 17 18:23:50 dns78.oravr.in named[28897]: zone 45.168.192.in-addr.arpa/IN: loaded serial 20200808
Aug 17 18:23:50 dns78.oravr.in named[28897]: zone oravr.in/IN: loaded serial 20200808
Aug 17 18:23:50 dns78.oravr.in named[28897]: all zones loaded
Aug 17 18:23:50 dns78.oravr.in named[28897]: running
Aug 17 18:23:50 dns78.oravr.in named[28897]: zone localhost/IN: sending notifies (serial 20200808)
Aug 17 18:23:50 dns78.oravr.in named[28897]: zone 0.0.127.in-addr.arpa/IN: sending notifies (serial 20200808)
[root@dns78 named]#
8. check the Resolution of host and ip address
NS Lookup :
[root@dns78 named]# nslookup westscan
Server: 192.168.45.2
Address: 192.168.45.2#53
Name: westscan.oravr.in
Address: 192.168.45.109
Name: westscan.oravr.in
Address: 192.168.45.108
Name: westscan.oravr.in
Address: 192.168.45.107
[root@dns78 named]# nslookup 192.168.45.109
109.45.168.192.in-addr.arpa name = westscan.oravr.in.
[root@dns78 named]# nslookup 192.168.45.108
108.45.168.192.in-addr.arpa name = westscan.oravr.in.
[root@dns78 named]# nslookup 192.168.45.107
107.45.168.192.in-addr.arpa name = westscan.oravr.in
[root@dns78 named]#
DIG:
[root@dns78 named]# dig westscan.oravr.in
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> westscan.oravr.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39242
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westscan.oravr.in. IN A
;; ANSWER SECTION:
westscan.oravr.in. 86400 IN A 192.168.45.108
westscan.oravr.in. 86400 IN A 192.168.45.109
westscan.oravr.in. 86400 IN A 192.168.45.107
;; AUTHORITY SECTION:
oravr.in. 86400 IN NS dns78.oravr.in.
;; ADDITIONAL SECTION:
dns78.oravr.in. 86400 IN A 192.168.45.2
;; Query time: 0 msec
;; SERVER: 192.168.45.2#53(192.168.45.2)
;; WHEN: Mon Aug 17 18:55:08 IST 2020
;; MSG SIZE rcvd: 134
[root@dns78 named]# dig oravr.in
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> oravr.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17812
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;oravr.in. IN A
;; AUTHORITY SECTION:
oravr.in. 86400 IN SOA dns78.oravr.in. root.localhost.oravr.in. 20200808 28800 14400 604800 86400
;; Query time: 2 msec
;; SERVER: 192.168.45.2#53(192.168.45.2)
;; WHEN: Mon Aug 17 18:55:17 IST 2020
;; MSG SIZE rcvd: 98
[root@dns78 named]#
9. once ip resolve lets validate the dns ip swap behavior in round robin method
Example : westscan.oravr.in can swap the ips in RR method more details as below
Every times its resolve and assign new ip address
[root@dns78 named]# ping westscan.oravr.in.
PING westscan.oravr.in (192.168.45.107) 56(84) bytes of data.
64 bytes from westscan.oravr.in(192.168.45.107): icmp_seq=1 ttl=64 time=0.619 ms
^C
--- westscan.oravr.in ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.619/0.619/0.619/0.000 ms
[root@dns78 named]# ping westscan.oravr.in.
PING westscan.oravr.in (192.168.45.108) 56(84) bytes of data.
64 bytes from westscan.oravr.in (192.168.45.108): icmp_seq=1 ttl=64 time=0.741 ms
^C
--- westscan.oravr.in ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.741/0.741/0.741/0.000 ms
[root@dns78 named]# ping westscan.oravr.in.
PING westscan.oravr.in (192.168.45.108) 56(84) bytes of data.
64 bytes from westscan.oravr.in (192.168.45.108): icmp_seq=1 ttl=64 time=0.200 ms
^C
--- westscan.oravr.in ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.200/0.200/0.200/0.000 ms
[root@dns78 named]# ping westscan.oravr.in.
PING westscan.oravr.in (192.168.45.108) 56(84) bytes of data.
64 bytes from westscan.oravr.in(192.168.45.108): icmp_seq=1 ttl=64 time=0.499 ms
^V64 bytes from westscan.oravr.in (192.168.45.108): icmp_seq=3 ttl=64 time=0.331 ms
64 bytes from westscan.oravr.in(192.168.45.108): icmp_seq=4 ttl=64 time=0.205 ms
^C
--- westscan.oravr.in ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3062ms
rtt min/avg/max/mdev = 0.205/0.342/0.499/0.106 ms
[root@dns78 named]# ping westscan.oravr.in.
PING westscan.oravr.in (192.168.45.109) 56(84) bytes of data.
64 bytes from westscan.oravr.in (192.168.45.109): icmp_seq=1 ttl=64 time=0.639 ms
^C
--- westscan.oravr.in ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.639/0.639/0.639/0.000 ms
[root@dns78 named]#
<iframe allowfullscreen="" frameborder="0" height="270" src="https://www.youtube.com/embed/6PT0fA0JHvY" width="480"></iframe>
