How to Configure Bind Chroot DNS Server on CentOS 6.2

In this post, i will show you on how to configure Bind Chroot DNS Server on CentOS 6.2. Assumed that you have installed Bind Chroot DNS.

1. Install Bind Chroot DNS Server

    [root@centos62 ~]# yum install bind-chroot -y

2. Create a file /var/named/chroot/var/named/ehowstuff.local with the following configuration:

    [root@centos62 ~]# vi /var/named/chroot/var/named/ehowstuff.local

    ;
;       Addresses and other host information.
;
@       IN      SOA     ehowstuff.local. hostmaster.ehowstuff.local. (
                               2011030801      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum
 
;       Define the nameservers and the mail servers
 
               IN      NS      ns.ehowstuff.local.
               IN      A       192.168.1.44
               IN      MX      10 mail.ehowstuff.local.
 
mail            IN      A       192.168.1.42
ns              IN      A       192.168.1.44

3. Generate an RNDC key :
The rndc tool is used to managed the named daemon. We need to generate a keyfile called /etc/rndc.key which is referenced both by /etc/rndc.conf and /etc/named.conf To do this we use the following command; 

    [root@centos62 ~]# rndc-confgen -a -c /etc/rndc.key
wrote key file "/etc/rndc.key"

View the content of the RNDC key :

    [root@centos62 ~]# cat /etc/rndc.key
key "rndc-key" {
        algorithm hmac-md5;
        secret "T6tduqyMQ/YbIDXOmE0Fzg==";
};

4. Edit the /var/named/chroot/etc/named.conf file for ehowstuff.local

    [root@centos62 ~]# vi /var/named/chroot/etc/named.conf

    options {
       directory "/var/named";
       dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
forwarders { 8.8.8.8; };
};
include "/etc/rndc.key";
// We are the master server for ehowstuff.local

zone "ehowstuff.local" {
    type master;
    file "ehowstuff.local";
};

5. Start the DNS service using the following command :

    [root@centos62 ~]# /etc/init.d/named start
Starting named:                                            [  OK  ]

6. Make named daemon auto start during boot :

    [root@centos62 ~]# chkconfig named on

7. Before testing, make sure your pc or server using the Bind Chroot DNS Server that has been set up :

    [root@centos62 ~]# cat /etc/resolv.conf
nameserver 192.168.1.44

8. Test your DNS service :

    [root@centos62 ~]# host -t mx ehowstuff.local
ehowstuff.local mail is handled by 10 mail.ehowstuff.local.

[root@centos62 ~]# host -t ns ehowstuff.local
ehowstuff.local name server ns.ehowstuff.local.

Most Popular Web Hosting in 2021

based on 20k+ verified customer reviews

Bluehost


Easy Start

from $2.95/month

One of the largest US-based web hosting providers powering millions of websites worldwide.

  • Shared, VPS, Dedicated
  • Unlimited Bandwidth
  • 30-Day Money-Back
SEE REVIEWS

Inmotion Hosting


Awesome Support

from $2.49/month

Premium hardware, 24/7 technical support, 99.99% uptime and a risk-free money-back guarantee.

  • Shared, VPS, Dedicated
  • Unlimited Bandwidth
  • 90-Day Money-Back
SEE REVIEWS

HostGator


Unlimited Hosting

from $2.75/month

One of the oldest web hosts in the United States with great scalability options.

  • Shared, VPS, Dedicated
  • Unlimited Bandwidth
  • 45-Day Money-Back
SEE REVIEWS
25k+ WEB HOSTS

How to Reset the Directory Manager Password on RHEL 7 / CentOS 7
How to Reset the Directory Manager Password on RHEL 7 / CentOS 7

It is best practice to remember passwords, but because too many passwords, sometimes we forget. We are not encouraged to write the password on any paper or share the password...

How to Find Big Files Size on Linux RHEL/CentOS
How to Find Big Files Size on Linux RHEL/CentOS

As the linux administrator, sometimes we have to identify which files are most take much space in the linux server resulting in low free space. Low disk space can also...

Why Linux users should worry about malware and what they can do about it
Why Linux users should worry about malware and what they can do about it

Don’t drop your guard just because you’re running Linux. Preventing the spread of malware and/or dealing with the consequences of infection are a fact of life when using computers. If...

How to Reset Forgotten Root Password on Linux RHEL 7 / CentOS 7
How to Reset Forgotten Root Password on Linux RHEL 7 / CentOS 7

This short howto will explain the steps to reset a lost root password or to reset a forgotten root password on Linux RHEL 7 or CentOS 7. Basically, we will...

How to Update CentOS or Upgrade CentOS to the Latest Version
How to Update CentOS or Upgrade CentOS to the Latest Version

Recently, the latest version of CentOS 7.3 was released. All users of CentOS 7.0, 7.1 and 7.2 can upgrade their system to the most recent. This quick guide will explain...

How to Change your WordPress Username, Nickname and Display Name in MySQL
How to Change your WordPress Username, Nickname and Display Name in MySQL

After you create an account log in WordPress, you may want to change your WordPress username, as appropriate or due to security reason. However, you can not do this from...

How to Enable SSH Root Login on Ubuntu 16.04
How to Enable SSH Root Login on Ubuntu 16.04

As what we wrote in the previous article on how to allow SSH root on Ubuntu 14.04, after installing a fresh new copy of Ubuntu 16.04 LTS, we find that...

How to Change UUID of Linux Partition on CentOS 7
How to Change UUID of Linux Partition on CentOS 7

UUID (Universally Unique IDentifier) should be unique and it is used to identify storage devices on a linux system. If you cloned a virtual machine from vCenter, the metadata containing...

1 Comment

  • Avatar for wminside wminside says:
    March 31, 2012 at 4:02 pm

    I keep on getting “query (cache) denied” on my logs whenever I try to use my Cento0S DNS server as my primary DNS in Windows.

    Reply

3 Trackbacks and Pingbacks

Leave a Reply

Your email address will not be published. Required fields are marked *