This tutorial assumes that the master server has an IP of 100.100.100.100, the slave has an IP of 123.123.123.123 and your domain is named domain.tld. This tutorial was written with a RHEL/CentOS/Fedora system in mind. The intent of this document is to explain how to install and configure a master and slave DNS server. It will require two separate servers, preferably in different geographic locations to add redundancy.
Install BIND
yum -y install bind
Configure /etc/named.conf
acl "slave_servers" {
123.123.123.123; };
acl "trusted" {
127.0.0.0/8;
::1/128;
123.123.123.123; };
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
listen-on { any; };
allow-query { any; };
allow-query-cache { any; };
allow-transfer { 123.123.123.123; };
also-notify { 123.123.123.123; };
allow-recursion { trusted; };
zone-statistics yes;
statistics-file "/var/cache/bind/named.stats";
auth-nxdomain no; # conform to RFC1035
};
};
Setup logging in /etc/named.conf
logging {
channel default_log {
file "/var/log/named/named.log" versions 5 size 50M;
print-time yes;
print-severity yes;
print-category yes;
};
category default { default_log; };
category general { default_log; };
channel b_query {
file "/var/log/named/query.log" versions 2 size 1m;
print-time yes;
severity info;
};
category queries { b_query; };
};
```conf
Configure the rndc.key in /etc/bind.conf
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; };
};
Add a zone file to /etc/named.conf
```conf
zone domain.tld {
type master;
file "domain.tld.db";
};
Create a zone file called /var/named/domain.tld
$TTL 300
domain.tld. 300 IN SOA ns1.domain.tld. dns.domain.tld. (
____________________________________2015113000______;_serial_number
____________________________________300_____;_refresh
____________________________________7200____;_retry
____________________________________3600000_;_expire
____________________________________300_____;_minimum_TTL
____________________________________)
;
; Zone NS Records
;
domain.tld. NS ns1.domain.tld.
domain.tld. NS ns2.domain.tld.
;
; Zone MX Records
;
domain.tld. MX 0 domain.tld.
;
; Zone Records
;
domain.tld. A IPADDR
localhost A 127.0.0.1
ftp CNAME domain.tld.
mail CNAME domain.tld.
www CNAME domain.tld.
domain.tld. TXT "v=spf1 a mx ~all"
Restart and enable BIND
systemctl restart bind
systemctl enable bind
Install BIND
yum -y install bind
````
Configure /etc/named.conf
```conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };
recursion no;
dnssec-enable yes;
dnssec-validation yes;
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
include "/etc/crypto-policies/back-ends/bind.config";
};
Setup logging in /etc/named.conf
```conf
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
Add a zone file to /etc/named.conf
zone "domain.tld" {
type slave;
file "domain.tld.db";
masters { 100.100.100.100; };
};
Restart and enable BIND
systemctl restart named
systemctl enable named