How to Configure Bind Chroot DNS Server on CentOS 6.2

In this post, i will show you on how to configure Bind Chroot DNS Server on CentOS 6.2. Assumed that you have installed Bind Chroot DNS.

1. Install Bind Chroot DNS Server

    [root@centos62 ~]# yum install bind-chroot -y

2. Create a file /var/named/chroot/var/named/ehowstuff.local with the following configuration:

    [root@centos62 ~]# vi /var/named/chroot/var/named/ehowstuff.local
    ;       Addresses and other host information.
    @       IN      SOA     ehowstuff.local. hostmaster.ehowstuff.local. (
                                   2011030801      ; Serial
                                   43200      ; Refresh
                                   3600       ; Retry
                                   3600000    ; Expire
                                   2592000 )  ; Minimum
    ;       Define the nameservers and the mail servers
                   IN      NS      ns.ehowstuff.local.
                   IN      A
                   IN      MX      10 mail.ehowstuff.local.
    mail            IN      A
    ns              IN      A

3. Generate an RNDC key :
The rndc tool is used to managed the named daemon. We need to generate a keyfile called /etc/rndc.key which is referenced both by /etc/rndc.conf and /etc/named.conf To do this we use the following command;

    [root@centos62 ~]# rndc-confgen -a -c /etc/rndc.key
    wrote key file "/etc/rndc.key"

View the content of the RNDC key :

    [root@centos62 ~]# cat /etc/rndc.key
    key "rndc-key" {
            algorithm hmac-md5;
            secret "T6tduqyMQ/YbIDXOmE0Fzg==";

4. Edit the /var/named/chroot/etc/named.conf file for ehowstuff.local

    [root@centos62 ~]# vi /var/named/chroot/etc/named.conf
    options {
           directory "/var/named";
           dump-file "/var/named/data/cache_dump.db";
           statistics-file "/var/named/data/named_stats.txt";
    forwarders {; };
    include "/etc/rndc.key";
    // We are the master server for ehowstuff.local
    zone "ehowstuff.local" {
        type master;
        file "ehowstuff.local";

5. Start the DNS service using the following command :

    [root@centos62 ~]# /etc/init.d/named start
    Starting named:                                            [  OK  ]

6. Make named daemon auto start during boot :

    [root@centos62 ~]# chkconfig named on

7. Before testing, make sure your pc or server using the Bind Chroot DNS Server that has been set up :

    [root@centos62 ~]# cat /etc/resolv.conf

8. Test your DNS service :

    [root@centos62 ~]# host -t mx ehowstuff.local
    ehowstuff.local mail is handled by 10 mail.ehowstuff.local.
    [root@centos62 ~]# host -t ns ehowstuff.local
    ehowstuff.local name server ns.ehowstuff.local.
  1. wminside
    March 31, 2012 at 4:02 pm

    I keep on getting “query (cache) denied” on my logs whenever I try to use my Cento0S DNS server as my primary DNS in Windows.

  2. does not answer queries over tcp and udp in name sever(centos) • Post Author •
    April 4, 2012 at 5:37 pm

    […] in google search provide these: – DNS server install/configure BIND – BIND server config CentOS 6 – how-to configure chroot BIND CentOS 6 then you will need to set firewall to allow port 53 UDP to let it through. good […]

Leave a Reply

Your email address will not be published. Required fields are marked *

A world leading hosting company that provides fully-managed innovative and secure solutions, suitable for hosting small to medium-sized websites

Built on the best available technologies combined with Google Cloud for strong redundancy and application availability. Backed by skilled experts to address web security threats, a devops team to create advanced custom security solutions, and 24/7 sysadmins to watch over the platform. This powerful, hands-on approach makes your sites faster, safer, and easier to manage. Starting from only $3.95/mo.


* up to 30 days money back guarantee