Learn BIND (Berkeley Internet Name Domain)

BIND is the standard DNS engine and widely used DNS software on the internet. I am not going to talk about complicated internet DNS stuff, it would be just a basic DNS introduction so you guys have basic knowledge about DNS before you are going to work in the network and then we will look some of the basic configurations of BIND.

`

So what is DNS?

DNS is Standard Naming System manager and it provides Name to IP resolution and vice versa. As we humans can remember the Names easily as compared to IP Address.

Examples:

1-When browsing a website http://broexperts.com computers don’t understand the web address and they don’t communicate on the names it’s because they understand machine language.
So here comes the DNS in action and resolve the human-readable names into IP address.

2-Same DNS action occurs when we try to connect another computer on our local network using their hostname instead of IP address.

Configure Caching-only DNS Server (Default Settings)

Caching-only DNS server is not an authoritative DNS server the function of this type of DNS server is just to store resolved queries for a specific period of time called TTL ( Time to Live ) in order to get fast name resolution.

Example:

A client requests for www.youtube.com first time the request will served by ISP name-server and then local caching-only DNS server will cache this request for a specific period of time so the next time if another client from the network ask for the same www.youtube.com this time local caching server will respond and ultimately this will reduce the traffic and speed up the process.

Installation of Caching-only BIND Server.

Lab Setup:

Operating System: CentOS 6.4
Hostname: ns1.broexperts.com, 192.168.0.112 (Caching-only DNS)

Packages Required

bind (contains DNS server, named service)

bind-libs (libraries of bind server and utils package)

bind-utils (utilities for querying DNS servers for checking host information)

 

Step-1 Install BIND using YUM

yum install bind bind-libs bind-utils

 

Step-2 Configure main file ‘/etc/named.conf’

vi /etc/named.conf

Two Changes are required for this lab

1-Adding server ip (192.168.0.112) so the network users can query on this server from the network.

2- Allowing who can query by adding network id (192.168.0.0/24).

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
listen-on port 53 { 127.0.0.1; 192.168.0.112; };
listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
allow-query { localhost; 192.168.0.0/24; };
recursion yes;

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file “/etc/named.iscdlv.key”;

managed-keys-directory “/var/named/dynamic”;
};

logging {
channel default_debug {
file “data/named.run”; };

};

Step-3 Start service and make it available on startup.

service named start

Start service on boot.

chkconfig named on

Step-4 Firewall rules for permitting DNS traffic.

iptables -I INPUT -s 192.168.0.0/24 -p tcp –dport 53 -j ACCEPT
iptables -I INPUT -s 192.168.0.0/24 -p udp –dport 53 -j ACCEPT

Step-5 Testing DNS Server

[root@ns1 /]# dig @192.168.0.112 www.google.com

Result:

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.0.112 www.google.com

;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Note: First time Query time is “ Query time: 2204 msec” second time it is just “7 msec” see the below image.

dig @192.168.0.112 www.google.com

 

 

 

 

 

 

 

 

 

Watch Video :

Similar Posts