Wednesday, 15 April 2015

Caching-Only DNS Server in RHEL7/CentOS7


Recursive caching servers answer local users' queries about sites on the Internet.

A Caching-only DNS server will query other DNS servers and cache the response. Next time when the same query is given, it will provide the response from the cache. This will reduce the number of external queries and improve response time for users.

A Caching-only name server loads the addresses of the servers for the root domain from a startup file and accumulates the rest of its data by caching answers to the queries it resolves.

It is not advisable to configure 'bind' to work as your authoritative server for your own zones and as a caching server for your users. The function of serving your authoritative data to the world should be separated from serving the world's data to your users. 


DNS Server IP Address: 192.168.122.1


1) Install DNS Server
[root@meru ~]# sudo yum -y install bind bind-utils

2) Edit the configuration file '/etc/named.conf' and make the following changes.

//The network interface on which to listen for queries
           listen-on port 53 { 127.0.0.1; 192.168.122.1; };  

//Clients allowed to query the DNS Server
           allow-query     { localhost; 192.168.122.0/24; }; 

 //All queries are forwarded to this server. The use of a forwarder circumvents the normal DNS procedure of starting at a root server and following a chain of referrals.
         forwarders { 8.8.8.8; 8.8.4.4; }; 
 
//Optional. A forward only server caches values and queries forwarders, but it never queries anyone else. If the forwarders do not respond, queries will fail.
           forward only;    


4) Check the config files for errors.
[root@meru ~]# named-checkconf


5) Open Firewall Port
[root@meru ~]# firewall-cmd --zone=public --add-service=dns --permanent
[root@meru ~]# firewall-cmd --reload


6) Start the DNS Server
[root@meru ~]# systemctl start named

7) Enable on boot
[root@meru ~]# systemctl enable named

8) Check status
[root@meru ~]# rndc status
        CPUs found: 4
        worker threads: 4
        UDP listeners per interface: 4
        number of zones: 104
        recursive clients: 0/0/1000
        tcp clients: 0/100
        server is up and running



Client Configuration

1) Install package
[root@server2 ~]# yum -y install bind-utils

2) Edit the file '/etc/resolv/conf'. Add the following line
          nameserver 192.168.122.1

3) Query the DNS Server
[root@server2 ~]# dig @192.168.122.1 www.google.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51202
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 13, ADDITIONAL: 16

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com.            IN    A

;; ANSWER SECTION:
www.google.com.        206    IN    A    173.194.36.51
www.google.com.        206    IN    A    173.194.36.49
www.google.com.        206    IN    A    173.194.36.50
www.google.com.        206    IN    A    173.194.36.48
www.google.com.        206    IN    A    173.194.36.52

;; AUTHORITY SECTION:
com.            111341    IN    NS    m.gtld-servers.net.

No comments:

Post a Comment