How to Configure Bind Chroot DNS Server on CentOS 6.2

In this guide, we will walk you through the process of configuring a Bind Chroot DNS Server on CentOS 6.2. This tutorial assumes that you have already installed Bind Chroot DNS.

If you’re looking for the best web servers, you can find a detailed comparison on our best web servers page.

Step 1: Installing Bind Chroot DNS Server

To begin, you need to install the Bind Chroot DNS Server. You can do this by running the following command:

<root@centos62 ~># yum install bind-chroot -y

Step 2: Creating a Configuration File

Next, create a file at /var/named/chroot/var/named/webhostinggeeks.local with the following configuration:

<root@centos62 ~># vi /var/named/chroot/var/named/webhostinggeeks.local

The configuration should include addresses and other host information, as well as the nameservers and mail servers.

;
;       Addresses and other host information.
;
@       IN      SOA     webhostinggeeks.local. hostmaster.webhostinggeeks.local. (
                               2011030801      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum
 
;       Define the nameservers and the mail servers
 
               IN      NS      ns.webhostinggeeks.local.
               IN      A       192.168.1.44
               IN      MX      10 mail.webhostinggeeks.local.
 
mail            IN      A       192.168.1.42
ns              IN      A       192.168.1.44

Step 3: Generating an RNDC Key

The rndc tool is used to manage the named daemon. You need to generate a keyfile called /etc/rndc.key, which is referenced by both /etc/rndc.conf and /etc/named.conf. To do this, use the following command:

<root@centos62 ~># rndc-confgen -a -c /etc/rndc.key
[root@centos62 ~]# rndc-confgen -a -c /etc/rndc.key
wrote key file "/etc/rndc.key"

You can view the content of the RNDC key with the following command:

<root@centos62 ~># cat /etc/rndc.key
[root@centos62 ~]# cat /etc/rndc.key
key "rndc-key" {
        algorithm hmac-md5;
        secret "T6tduqyMQ/YbIDXOmE0Fzg==";
};

Step 4: Editing the named.conf File

Next, edit the /var/named/chroot/etc/named.conf file for webhostinggeeks.local:

<root@centos62 ~># vi /var/named/chroot/etc/named.conf

The options should include the directory, dump-file, statistics-file, and forwarders. Also, include the /etc/rndc.key file.

options {
       directory "/var/named";
       dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
forwarders { 8.8.8.8; };
};
include "/etc/rndc.key";
// We are the master server for webhostinggeeks.local

zone "webhostinggeeks.local" {
    type master;
    file "webhostinggeeks.local";
};

Step 5: Starting the DNS Service

Start the DNS service using the following command:

<root@centos62 ~># /etc/init.d/named start
[root@centos62 ~]# /etc/init.d/named start
Starting named:                                            [  OK  ]

You should see a message indicating that the named service has started successfully.

See also  How to Uninstall nslookup on Ubuntu

Step 6: Enabling the named Daemon to Auto-start During Boot

To ensure that the named daemon starts automatically during boot, use the following command:

<root@centos62 ~># chkconfig named on

Step 7: Setting Up Your PC or Server to Use the Bind Chroot DNS Server

Before testing, make sure your PC or server is using the Bind Chroot DNS Server that has been set up:

<root@centos62 ~># cat /etc/resolv.conf

The nameserver should be set to the IP address of your Bind Chroot DNS Server.

[root@centos62 ~]# cat /etc/resolv.conf
nameserver 192.168.1.44

Step 8: Testing Your DNS Service

Finally, test your DNS service with the following commands:

<root@centos62 ~># host -t mx webhostinggeeks.local
<root@centos62 ~># host -t ns webhostinggeeks.local

The output should confirm that your DNS service is correctly handling mail and name server requests for your domain.

[root@centos62 ~]# host -t mx webhostinggeeks.local
webhostinggeeks.local mail is handled by 10 mail.webhostinggeeks.local.

[root@centos62 ~]# host -t ns webhostinggeeks.local
webhostinggeeks.local name server ns.webhostinggeeks.local.

Commands Mentioned
  • yum install bind-chroot -y – Installs the Bind Chroot DNS Server
  • vi /var/named/chroot/var/named/webhostinggeeks.local – Opens the configuration file for editing
  • rndc-confgen -a -c /etc/rndc.key – Generates an RNDC key
  • cat /etc/rndc.key – Displays the content of the RNDC key
  • vi /var/named/chroot/etc/named.conf – Opens the named.conf file for editing
  • /etc/init.d/named start – Starts the DNS service
  • chkconfig named on – Enables the named daemon to auto-start during boot
  • cat /etc/resolv.conf – Displays the nameserver configuration
  • host -t mx webhostinggeeks.local – Tests the mail server configuration of your DNS service
  • host -t ns webhostinggeeks.local – Tests the name server configuration of your DNS service

Conclusion

Configuring a Bind Chroot DNS Server on CentOS 6.2 can seem like a daunting task, but with this step-by-step guide, you should be able to get your server up and running. Remember, each step is crucial for the proper functioning of your DNS server.

If you're interested in learning more about different server types, check out our articles on Apache, Nginx, and LiteSpeed. For more information on different hosting options, you can visit our pages on dedicated server, VPS server, cloud hosting, and shared hosting.

FAQ

  1. What is Bind Chroot DNS Server?

    Bind Chroot DNS Server is a version of the Bind DNS server that operates in a chroot environment for added security. This means it runs in a restricted part of the filesystem, limiting potential damage in the event of a security breach.

  2. What is an RNDC key and why is it needed?

    RNDC (Remote Name Daemon Control) key is used for controlling a DNS server. It's needed for secure communication between the rndc utility and the named daemon, ensuring that only authorized users can control the DNS server.

  3. What is the purpose of the /etc/resolv.conf file?

    The /etc/resolv.conf file is used to configure DNS clients. It specifies the IP addresses of DNS servers and the search domain.

  4. What does the 'host -t mx' command do?

    The 'host -t mx' command is used to query the DNS server for Mail Exchange (MX) records associated with a domain. It's a way to test if your DNS server is correctly configured to handle mail for your domain.

  5. What does the 'chkconfig named on' command do?

    The 'chkconfig named on' command is used to make the named daemon (the DNS server) start automatically when the system boots. This ensures that the DNS service is always available when the system is running.

Comments

1 Comment

  • Avatar wminside says:

    I keep on getting “query (cache) denied” on my logs whenever I try to use my Cento0S DNS server as my primary DNS in Windows.

Leave a Reply

Your email address will not be published. Required fields are marked *