01-09-2021

DNS

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

888-236-2620	ZM PROTech
IP address	Hostname [Server Name]

DNS Primary Server Setup

Primary DNS Server

Hostname: dnsprimary.zmpt.com

IP: 192.168.56.112

dnsprimary.zmpt.com

dnssecondary.zmpt.com

Setup Hostname

[root@localhost ~]# vi /etc/hostname

dnsprimary.zmpt.com

[root@localhost ~]# init 6

[root@dnsprimary ~]# hostname

dnsprimary.zmpt.com

dnsprimary.zmpt.com 192.168.56.112

[root@dnsprimary network-scripts]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

[root@dnsprimary network-scripts]# vi ifcfg-enp0s3

TYPE=Ethernet

BOOTPROTO=static

NAME=enp0s3

UUID=b0b60c28-849b-4dde-b3a1-8fa1dbd1cedc

DEVICE=enp0s3

ONBOOT=yes

IPADDR=192.168.56.112

NETMASK=255.255.255.0

[root@dnsprimary ~]# init 6

Package needed by DNS

Bind

Bind-utils

Bind-chroot

Berkley Internet Name Domain – USC Berkeley, CA

[root@dnsprimary ~]# yum install bind bind-utils bind-chroot -y

[root@dnsprimary ~]# vi /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=dnsprimary.zmpt.com

[root@dnsprimary ~]# vi /etc/hosts

192.168.56.112 dnsprimary.zmpt.com

[root@dnsprimary ~]# vi /etc/named.conf

options {

listen-on port 53 { 127.0.0.1; 192.168.56.112;};

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

recursing-file "/var/named/data/named.recursing";

secroots-file "/var/named/data/named.secroots";

allow-query { localhost; 192.168.56.0/24;};

Create forward lookup

[root@dnsprimary ~]# cd /var/named/

[root@dnsprimary named]# ls

chroot dynamic named.empty named.loopback

data named.ca named.localhost slaves

[root@dnsprimary named]# cp named.localhost forward.zmpt

[root@dnsprimary named]# vi forward.zmpt

$TTL 1D

@ IN SOA dnsprimary.zmpt.com. root.zmpt.com. (

1 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ; minimum

)

@ IN NS dnsprimary.zmpt.com.

dnsprimary IN A 192.168.56.112

Create Reverse lookup

[root@dnsprimary named]# cp forward.zmpt reverse.zmpt

[root@dnsprimary named]# vi reverse.zmpt

$TTL 1D

@ IN SOA dnsprimary.zmpt.com. root.zmpt.com. (

1 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ; minimum

)

@ IN NS dnsprimary.zmpt.com.

dnsprimary IN A 192.168.56.112

112 IN PTR dnsprimary.zmpt.com.

Edit named.conf file again

[root@dnsprimary ~]# vi /etc/named.conf

Copy these lines and paste at the end of file

zone "." IN {

type hint;

file "named.ca";

};

#######################

zone "zmpt.com" IN {

type master;

file "forward.zmpt";

};

zone "56.168.192.in-addr.arpa" IN {

type master;

file "reverse.zmpt";

};

#######################

Disable firewall

[root@dnsprimary ~]# systemctl stop firewalld

[root@dnsprimary ~]# systemctl disable firewalld

Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

[root@dnsprimary ~]# systemctl status firewalld

Enable named

[root@dnsprimary ~]# systemctl start named

[root@dnsprimary ~]# systemctl enable named.service

Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

[root@dnsprimary named]# ps -ef|grep named < ---to confirm named service is running

named 2067 1 0 Aug22 ? 00:00:00 /usr/sbin/named -u named -c /etc/named.conf

root 14757 1514 0 08:20 pts/0 00:00:00 grep --color=auto named

Change the group and ownership

[root@dnsprimary ~]# cat /etc/passwd

[root@dnsprimary ~]# cat /etc/group

[root@dnsprimary ~]# chgrp named -R /var/named

[root@dnsprimary ~]# chown -Rv root:named /etc/named.conf

-R – recursively, meaning previously created files or folder

-v – Verbose, meaning display as the change is being made

SELinux

[root@dnsprimary named]# restorecon -rv /var/named

[root@dnsprimary named]# restorecon /etc/named.conf

Check forward and reverse lookup zones

[root@dnsprimary named]# named-checkzone zmpt.com /var/named/forward.zmpt

zone zmpt.com/IN: loaded serial 0

[root@dnsprimary named]# named-checkzone zmpt.com /var/named/reverse.zmpt

zone zmpt.com/IN: loaded serial 0

Make entry into Ethernet file

[root@dnsprimary network-scripts]# vi ifcfg-enp0s3

TYPE=Ethernet

BOOTPROTO=static

NAME=enp0s3

UUID=7af95a73-a7bf-4925-8e44-1c4e2219d314

DEVICE=enp0s3

ONBOOT=yes

IPADDR=192.168.56.112

NETMASK=255.255.255.0

DNS="192.168.56.112" #< ---NEW ENTRY

Edit resolve.conf file < ---what is DNS resolution file?

[root@dnsprimary ~]# vi /etc/resolv.conf

search mshome.net zmpt.com

nameserver 192.168.137.1 192.168.56.112

Test the DNS Primary

Dig stands for (Domain Information Groper) is a network administration command-line tool for querying Domain Name System (DNS) name servers.

[root@dnsprimary ~]# hostname

dnsprimary.zmpt.com

[root@dnsprimary ~]# dig dnsprimary.zmpt.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> dnsprimary.zmpt.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56635

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;dnsprimary.zmpt.com. IN A

;; Query time: 0 msec

;; SERVER: 192.168.56.112#53(192.168.56.112)

;; WHEN: Sat Jan 09 15:32:33 EST 2021

;; MSG SIZE rcvd: 48

Configure DNS Secondary

Primary DNS Server

Hostname: dnsprimary.zmpt.com

IP: 192.168.56.114

Install the required DNS package

[root@localhost ~]# yum install bind bind-utils -y

Disable the NAT after installation

Setup Hostname

[root@localhost ~]# vi /etc/hostname

dnssecondary.zmpt.com

Set the static IP

[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE=Ethernet

BOOTPROTO=static

NAME=enp0s3

DEVICE=enp0s3

ONBOOT=yes

IPADDR=192.168.56.114

NETMASK=255.255.255.0

Edit Network file

[root@dnssecondary ~]# vi /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=dnssecondary.zmpt.com

Edit hosts file

[root@dnssecondary ~]# vi /etc/hosts

192.168.56.114 dnssecondary.zmpt.com #< --TAB between ip and hostname

Reboot

192.168.56.200 dnssecondary.zmpt.com

[root@localhost ~]# init 6

Add information to named.conf

[root@localhost ~]# vi /etc/named.conf

options {

listen-on port 53 { 127.0.0.1; 192.168.56.114;};

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

recursing-file "/var/named/data/named.recursing";

secroots-file "/var/named/data/named.secroots";

allow-query { localhost; 192.168.56.0/24;};

#######################

zone "zmpt.com" IN {

type slave;

file "slaves/forward.zmpt";

masters{192.168.56.112;};

};

zone "56.168.192.in-addr.arpa" IN {

type slave;

file "slaves/reverse.zmpt";

masters{192.168.56.112;};

};

#######################

Start and enable named service

[root@dnssecondary ~]# systemctl start named

[root@dnssecondary ~]# systemctl enable named

Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

configure the ethernet file again

TYPE=Ethernet

BOOTPROTO=static

NAME=enp0s3

DEVICE=enp0s3

ONBOOT=yes

IPADDR=192.168.56.200

NETMASK=255.255.255.0

DNS1="192.168.56.112"

DNS2="192.168.56.114"

Up the DNS resolution file

[root@dnssecondary ~]# vi /etc/resolv.conf

search zmpt.com

nameserver 192.168.56.112

nameserver 192.168.56.114

Disable firewall

[root@dnssecondary ~]# systemctl stop firewalld

[root@dnssecondary ~]# systemctl disable firewalld

Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Configure the permissions and ownership

[root@dnsprimary ~]# cat /etc/passwd

[root@dnsprimary ~]# cat /etc/group

[root@dnsprimary ~]# chgrp named -R /var/named

[root@dnsprimary ~]# chown -Rv root:named /etc/named.conf

-R – recursively, meaning previously created files or folder

-v – Verbose, meaning display as the change is being made

SELinux

[root@dnssecondary ~]# restorecon -rv /var/named/

[root@dnssecondary ~]# restorecon /etc/named.conf

ON DNS Primary

Edit forward lookup zone

- [root@dnsprimary ~]# vi /var/named/forward.zmpt

$TTL 1D

@ IN SOA dnsprimary.zmpt.com. root.zmpt.com. (

1 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ; minimum

)

@ IN NS dnsprimary.zmpt.com.

dnsprimary IN A 192.168.56.112

dnssecondary IN A 192.168.56.114

Edit reverse lookup zone

$TTL 1D

@ IN SOA dnsprimary.zmpt.com. root.zmpt.com. (

1 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ; minimum

)

@ IN NS dnsprimary.zmpt.com.

dnsprimary IN A 192.168.56.112

dnssecondary IN A 192.168.56.114

100 IN PTR dnsprimary.zmpt.com.

200 IN PTR dnssecondary.zmpt.com.

Perform Dig and nslookup on both servers

[root@dnsprimary ~]# dig dnsprimary.zmpt.com

[root@dnsprimary ~]# dig dnssecondary.zmpt.com

[root@dnsprimary ~]# nslookup dnsprimary.zmpt.com

[root@dnsprimary ~]# nslookup dnssecondary.zmpt.com

[root@dnsprimary ~]# systemctl restart named

[root@dnssecondary ~]# dig dnsprimary.zmpt.com

[root@dnssecondary ~]# dig dnssecondary.zmpt.com

[root@dnssecondary ~]# nslookup dnssecondary.zmpt.com

[root@dnssecondary ~]# nslookup dnsprimary.zmpt.com

01-10-2021

On any other server

Edit the following files

[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

[root@localhost ~]# vi /etc/hostname

[root@localhost ~]# vi /etc/networks

[root@localhost ~]# vi /etc/hosts

[root@localhost ~]# vi /etc/resolv.conf

Set static IP DNS info

[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE=Ethernet

BOOTPROTO=static

NAME=enp0s3

#UUID=b0b60c28-849b-4dde-b3a1-8fa1dbd1cedc

DEVICE=enp0s3

ONBOOT=yes

IPADDR=192.168.56.150

NETMASK=255.255.255.0

DNS1="192.168.56.100" #< ---Primary DNS

DNS2="192.168.56.200" #< ---Secondary DNS

Set the Hostname

[root@localhost ~]# vi /etc/hostname

ansiblemaster.zmpt.com

Edit Network file

[root@localhost ~]# vi /etc/networks

NETWORKING=yes

HOSTNAME=ansiblemaster.zmpt.com

Edit hosts file

[root@localhost ~]# vi /etc/hosts

192.168.56.150 ansiblemaster.zmpt.com

Edit DNS resolution file

[root@localhost ~]# vi /etc/resolv.conf

#DNS servers info

nameserver 192.168.56.100

nameserver 192.168.56.200

On DNS Master

Edit forward and Reverse lookup zone

Forward lookup zone

[root@dnsprimary ~]# vi /var/named/forward.zmpt

$TTL 60

@ IN SOA dnsprimary.zmpt.com. root.zmpt.com. (

7 ; serial

60 ; refresh

60 ; retry

604800 ; expire

60 ; minimum

)

@ IN NS dnsprimary.zmpt.com.

dnsprimary IN A 192.168.56.100

dnssecondary IN A 192.168.56.200

ansiblemaster IN A 192.168.56.150

oracle IN A 192.168.56.151

database IN A 192.168.56.152

production IN A 192.168.56.153

Reverse lookup zone

[root@dnsprimary ~]# vi /var/named/reverse.zmpt

$TTL 60

@ IN SOA dnsprimary.zmpt.com. root.zmpt.com. (

7 ; serial

60 ; refresh

60 ; retry

604800 ; expire

60 ; minimum

)

@ IN NS dnsprimary.zmpt.com.

dnsprimary IN A 192.168.56.100

dnssecondary IN A 192.168.56.200

ansiblemaster IN A 192.168.56.150

oracle IN A 192.168.56.151

database IN A 192.168.56.152

production IN A 192.168.56.153

100 IN PTR dnsprimary.zmpt.com.

200 IN PTR dnssecondary.zmpt.com.

150 IN PTR ansiblemaster.zmpt.com.

151 IN PTR oracle.zmpt.com.

152 IN PTR database.zmpt.com.

153 IN PTR production.zmpt.com.

Successfully demonstrated DNS setup and Ansible commands using the Hostname