| Creating Non Authoritative DNS Server is very simple task. Below are the steps to create the server. | |
| 1. | First check activity on Port No. 53. DNS Server uses Port No. 53 |
| # lsof -i :53 | |
| 2. | If nothing is acting on Port 53, then there are no DNS element active on the server. Now you need to install DNS Server. |
| # yum install bind bind-chroot bind-utils -y | |
| Package bind is DNS Server. bind-chroot is required for security of DNS Server and bind-utils contains some tools required by DNS Server. | |
| # systemctl enable named.service | |
| # systemctl start named.service | |
| # lsof -i :53 | |
| COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME named 543 named 20u IPv4 174093 0t0 TCP localhost:domain (LISTEN) named 543 named 21u IPv6 174095 0t0 TCP localhost6:domain (LISTEN) named 543 named 512u IPv4 174092 0t0 UDP localhost:domain named 543 named 513u IPv4 174092 0t0 UDP localhost:domain named 543 named 514u IPv6 174094 0t0 UDP localhost6:domain named 543 named 515u IPv6 174094 0t0 UDP localhost6:domain |
|
| It shows that only localhost is listening Port 53 and not your lan interface. By default, the DNS Server listens Port 53 for 127.0.0.1 | |
| We have to activate Port for our lan interface 10.0.0.5. We have to edit the configuration file. | |
| DNS Server has two main configuration files. | |
| 1. /etc/named.conf : Main file containing basic configuration | |
| 2. /etc/named.rfc1912.zones : This file contains domain names for which the present DNS Server is acting as Authoritative DNS Server. | |
| 3. | We have to edit first file /etc/named.conf . Make following changes in the file. |
| Place comment mark on following three lines. | |
| // listen-on port 53 { 127.0.0.1; }; | |
| // listen-on-v6 port 53 { ::1; }; | |
| // allow-query { localhost; }; | |
| Save the file and restart the DNS Server. | |
| 4. | # systemctl restart named.service |
| 5. | Check activity on Port No. 53 using lsof command. |
| [root@station5 ~]# lsof -i :53 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME named 660 named 20u IPv4 174928 0t0 TCP localhost:domain (LISTEN) named 660 named 21u IPv4 174930 0t0 TCP station5.example.com:domain (LISTEN) named 660 named 512u IPv4 174927 0t0 UDP localhost:domain named 660 named 513u IPv4 174927 0t0 UDP localhost:domain named 660 named 514u IPv4 174929 0t0 UDP station5.example.com:domain named 660 named 515u IPv4 174929 0t0 UDP station5.example.com:domain [root@station5 ~]# |
|
| 6. | You can also check with telnet command as below. |
| [root@station5 ~]# telnet 127.0.0.1 53 Trying 127.0.0.1… Connected to 127.0.0.1. Escape character is ‘^]’. ^] telnet> quit Connection closed. [root@station5 ~]# telnet 10.0.0.5 53 Trying 10.0.0.5… Connected to 10.0.0.5. Escape character is ‘^]’. ^] telnet> quit Connection closed. [root@station5 ~]# |
|
| It is working now. So it is time to test the DNS Server as below using nslookup command. | |
| [root@station5 ~]# nslookup magnumnet.in 10.0.0.5 Server: 10.0.0.5 Address: 10.0.0.5#53 Non-authoritative answer: |
|
| Alternatively you can check the DNS Server, using host command as below. | |
| # host -t SOA yahoo.com | |
| # host -t NS yahoo.com | |
| # host -t A yahoo.com | |
| # host -t MX yahoo.com | |
| # host -t CNAME www.yahoo.com | |
| # host -t TXT yahoo.com | |
| # host -t SRV yahoo.com | |
| Good ! You have successfully created Non Authoritative DNS Server !! |