How to Setup DNS Server on Rocky Linux 8
Introduction
In this blog, we will learn how to set up a DNS (Domain Name System) server on Rocky Linux 8. DNS is one of the most essential components of networking that translates domain names like bitscentric.local into IP addresses, enabling systems to communicate with each other seamlessly. As a Linux Server Administrator, having a DNS server configured in your environment is crucial for managing internal and external domains efficiently.
What is DNS?
DNS (Domain Name System) is a hierarchical naming system that maps human-friendly domain names to machine-friendly IP addresses. Without DNS, we would need to remember complex IP addresses instead of simple names like bitscentric.local.
Prerequisites
- Rocky Linux 8 system with root or sudo privileges
- Basic knowledge of Linux commands
- Firewall and SELinux configuration knowledge
- Domain name to configure (here we will use bitscentric.local)
Step 1: Install BIND (DNS Server)
sudo dnf install bind bind-utils -yThe bind package provides the DNS server, while bind-utils gives us useful tools like dig and nslookup for troubleshooting.
Step 2: Configure BIND
Edit the main configuration file /etc/named.conf:
sudo nano /etc/named.confUpdate the options section to allow queries from your network:
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
};
Step 3: Configure Forward and Reverse Zones
Create zone entries for bitscentric.local.
zone "bitscentric.local" IN {
type master;
file "bitscentric.local.db";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "bitscentric.local.rev";
allow-update { none; };
};
Step 4: Create Zone Files
Create the forward zone file:
sudo nano /var/named/bitscentric.local.dbAdd the following content:
$TTL 86400
@ IN SOA ns1.bitscentric.local. root.bitscentric.local. (
2024090201 ; Serial
3600 ; Refresh
1800 ; Retry
1209600 ; Expire
86400 ) ; Minimum TTL
; Name Servers
@ IN NS ns1.bitscentric.local.
; A Records
ns1 IN A 192.168.1.10
www IN A 192.168.1.20
Create the reverse zone file:
sudo nano /var/named/bitscentric.local.rev$TTL 86400
@ IN SOA ns1.bitscentric.local. root.bitscentric.local. (
2024090201
3600
1800
1209600
86400 )
@ IN NS ns1.bitscentric.local.
10 IN PTR ns1.bitscentric.local.
20 IN PTR www.bitscentric.local.
Step 5: Set Correct Permissions
sudo chown root:named /var/named/bitscentric.local.db
sudo chown root:named /var/named/bitscentric.local.rev
sudo chmod 640 /var/named/bitscentric.local.*
Step 6: Start and Enable the DNS Service
sudo systemctl enable named
sudo systemctl start named
sudo systemctl status named
Step 7: Configure Firewall
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --reload
Step 8: Test DNS Server
Use dig or nslookup to verify:
dig @192.168.1.10 ns1.bitscentric.local
dig @192.168.1.10 www.bitscentric.local
nslookup www.bitscentric.local 192.168.1.10
Additional Tips for Linux Administrators
- Always keep the serial number in the zone file updated when making changes.
- For security, restrict zone transfers using
allow-transfer. - Monitor DNS logs at
/var/named/data/named.runor/var/log/messages. - Use
rndctool to manage and reload DNS without restarting the service. - For large environments, configure secondary (slave) DNS servers.
Conclusion
We have successfully set up a DNS server on Rocky Linux 8 with the domain bitscentric.local. DNS is critical for name resolution in any Linux environment, and mastering its setup ensures smooth communication between systems. With proper configuration, logging, and security, your DNS server will be reliable and efficient.