BIND Example for a Local Network with CentOS 7

Steps to setup a DNS server with BIND on CentOS 7. These steps assume you already have a CentOS 7 server up-and-running. Other notes about this example:

• Targetting for a 192.168.1.0/24 network.
• DNS server is 192.168.1.3.
• IPv4 example only.

Feel free to adjust as desired.

---

Install required modules:

sudo yum install bind bind-utils

Prepare directory to store your DNS zone information:

sudo chmod 755 /etc/named
sudo mkdir /etc/named/zones

Edit BIND's root configuration:

sudo vi /etc/named.conf

 With the following adjustments:

...
options {
        listen-on port 53 { 127.0.0.1; 192.168.1.3; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; 192.168.1.0/24; } 
...
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/named/named.conf.inside";

Create your new custom named configuration file:

sudo vi /etc/named/named.conf.inside

 Set the following contents:

zone "dns" {
    type master;
    file "/etc/named/zones/db.inside";
};
zone "1.168.192.in-addr.arpa" IN {
    type master;
    file "/etc/named/zones/db.1.168.192";
};

Create your inside zone file:

sudo vi /etc/named/zones/db.inside

Set the following contents and add your custom domains:

$TTL  864000
@   N  SOA  dns.inside. root.inside (
        3       ; Serial
        864000  ; Refresh
        86400   ; Retry
        2592000 ; Expire
        864000  ; Negative Cache TTL
)
; Name servers (NS).
@             IN  NS dns.inside.

; Local servers.
dns.inside.   IN  A  192.168.1.3
test1.inside. IN  A  192.168.1.10
test2.inside. IN  A  192.168.1.11

Create your inside reverse zone file:

sudo vi /etc/named/zones/db.1.168.192

Set the following contents (adjust accordingly based on settings set in your db.inside file):

$TTL  864000
@   N  SOA  dns.inside. root.inside (
        3       ; Serial
        864000  ; Refresh
        86400   ; Retry
        2592000 ; Expire
        864000  ; Negative Cache TTL
)

; Name servers (NS).
@          NS dns.inside.

; Local servers.
3    IN  PTR  dns.inside.
10   IN  PTR  test1.inside.
11   IN  PTR  test2.inside.

 Configure BIND for IPv4 only by opening the following file:

sudo vi /etc/sysconfig/named

And adding the following line at the bottom:

OPTIONS="-4"

Allow DNS through your local firewall:

sudo firewall-cmd --zone=public --add-service=dns --permanent
sudo firewall-cmd --reload

 Restart BIND:

sudo systemctl restart named

(optional) Troubleshoot by invoking the following:

sudo tail -f /var/log/messages

Test by invoking the any of the following commands:

dig dns.inside @192.168.1.3 
nslookup dns.inside 192.168.1.3