A Domain Name System (DNS) server maps human-readable domain names to machine-readable IP addresses. On Linux, you can set up your own DNS service using BIND (Berkeley Internet Name Domain).
1. Install BIND #
sudo yum install bind bind-utils
2. Configure the Primary DNS Server #
Edit /etc/named.conf to define the server behavior and zones. Example:
options {
listen-on port 53 { any; };
allow-query { any; };
recursion yes;
};
zone "example.com" IN {
type master;
file "/var/named/example.com.zone";
allow-update { none; };
};
3. Create a Forward Zone File #
Inside /var/named/, create example.com.zone:
$TTL 86400
@ IN SOA ns1.example.com. root.example.com. (
2018010101 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ; Minimum TTL
)
@ IN NS ns1.example.com.
@ IN A 192.168.1.10
www IN A 192.168.1.20
4. Configure Reverse Lookup #
Update /etc/named.conf to include reverse DNS:
zone "1.168.192.in-addr.arpa" IN {
type master;
file "/var/named/1.168.192.zone";
allow-update { none; };
};
5. Create a Reverse Zone File #
In /var/named/1.168.192.zone:
$TTL 86400
@ IN SOA ns1.example.com. root.example.com. (
2018010101 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ; Minimum TTL
)
@ IN NS ns1.example.com.
10 IN PTR example.com.
20 IN PTR www.example.com.
6. Adjust Firewall Rules #
Ensure DNS traffic (port 53) is allowed:
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --reload
7. Start and Enable the DNS Service #
sudo systemctl start named
sudo systemctl enable named
Your DNS server should now be running. Other devices can point to this server’s IP address to resolve domain names.
How DNS Resolution Works #
DNS operates as a distributed hierarchical system. The resolution process typically follows these steps:
- A user enters
www.example.comin the browser. - The OS checks the local DNS cache. If found, it returns immediately.
- If not cached, the query is sent to the configured local DNS server (often ISP-provided).
- The local DNS server checks its own cache. If unavailable, it queries higher-level servers.
- The query first goes to a Root DNS server, which points to the relevant TLD (Top-Level Domain) server.
- The TLD server returns the address of the Authoritative DNS server for
example.com. - The authoritative server responds with the actual IP address.
- The local DNS server caches the result and returns it to the OS.
- The OS gives the IP to the browser, which then connects to the server.
Caching and TTL (Time to Live) values ensure that repeated queries are faster and reduce DNS server load.
Final Notes #
- Use shallow configurations for testing.
- For production, consider adding secondary servers, forwarders, or split DNS.
- Always monitor logs (
/var/log/messagesorjournalctl -xe) for troubleshooting.
✅ With these steps, you now have a working DNS server on Linux.