The configuration of a DNS server in Linux Centos 7 is very simple. First of all, we will have to install the bind product, with the following command:
yum -y install bind bind-utils
Next, in the file /etc/named.conf, we define the service area of what we want to solve. In this case, I want to resolve the service namemain.webserver.local:
zone “webserver.local” IN {type master;file “forward.webserverlocal.db“;allow-update { none; };};zone “2.0.0.10.in-addr.arpa” IN {type master;file “reverse.webserverlocal.db“;allow-update { none; };};
In the file forward.webserverloca.db we define the IPs and the names of the service. That is, a service can point to several servers as can happen with google.com:
C:\Users\MyPC>nslookup www.google.comServer: resolver.hp.netAddress: 16.110.135.51Non-authoritative answer:Name: www.google.comAddresses: 2607:f8b0:4000:815::200474.125.195.10574.125.195.14774.125.195.9974.125.195.10474.125.195.10674.125.195.103
let´s take a look to our file “forward”:
[root@Centos7 ~]# cat
/var/named/forward.webserverlocal.db$TTL 86400@ IN SOA maindns.webserver.local.
root.webserver.local. (2011071001 ;Serial3600 ;Refresh1800 ;Retry604800 ;Expire86400 ;Minimum TTL)@ IN NS maindns.webserver.local.@ IN NS secondarydns.webserever.local.@ IN A 10.0.0.2@ IN A 10.0.0.3maindns IN A 10.0.0.2secondarydns IN A 10.0.0.3
In the “reverse” file we define the response path:
[root@Centos7 ~]# cat
/var/named/reverse.webserverlocal.db$TTL 86400@ IN SOA main.webserver.local. root.webserver.local. (2011071001 ;Serial3600 ;Refresh1800 ;Retry604800 ;Expire86400 ;Minimum TTL)@ IN NS masterdns.webserver.local.maindns IN A 10.0.0.2secondarydns IN A 10.0.0.3101 IN PTR maindns.webeserver.local.102 IN PTR secondarydns.unixmen.local.
Once all the parameters have been defined, we restart the named service with the systemctl restart named command.
In our file /etc/resolv.conf, we have to point to the IP where the DNS service runs. In the case for this example, I have located everything on the same server:
[root@Centos7 ~]# cat /etc/resolv.confnameserver 10.0.0.2
Finally, we test the name resolution via DNS:
[root@Centos7 ~]# dig maindns.webserver.local; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> maindns.webserver.local;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33754;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1;; OPT PSEUDOSECTION:; EDNS: version: 0, flags:; udp: 4096;; QUESTION SECTION:;maindns.webserver.local. IN A;; ANSWER SECTION:maindns.webserver.local. 86400 IN A 10.0.0.2;; AUTHORITY SECTION:webserver.local. 86400 IN NS secondarydns.webserever.local.webserver.local. 86400 IN NS maindns.webserver.local.;; Query time: 0 msec;; SERVER: 10.0.0.2#53(10.0.0.2);; WHEN: Mon Nov 12 13:27:25 CET 2018;; MSG SIZE rcvd: 120
Or like me, you are more used to the old nslookup:
[root@Centos7 ~]# nslookup maindns.webserver.localServer: 10.0.0.2Address: 10.0.0.2#53Name: maindns.webserver.localAddress: 10.0.0.2
I will also check the test WEB server that I have started on both servers:
[root@Centos7 ~]# curl -s http://maindns.webserver.local<html><body>Hola desde el Webserver 1</body></html>[root@Centos7 ~]# curl -s http://secondarydns.webserver.local<html><body>Hola desde el Webserver 2</body></html>
DNS configuration by round robin
Now we want that if the application of one server falls, the service continues to be given by the other WEB server. This configuration is called "high availability" by round robin of DNS.What I am going to do is configure the DNS so that the same name points to several different IPs. Each IP is raised on a different server (operating system), so if the "Webserver 1" drops, the service will continue to be given by the "Webserver 2".The name of the service I'm going to point to is called webservertest and I have a WEB server started on the server with IP 10.0.0.2 and the other Webserver on server 10.0.0.3.The result is as follows:
[root@Centos7 named]# curl
-s http://webservertest<html><body>Hola desde el Webserver 1</body></html>[root@Centos7 named]# systemctl stop httpd[root@Centos7 named]# curl
-s http://webservertest<html><body>Hola desde el Webserver 2</body></html>
As we can see, although for the Apache server with IP 10.0.0.2, the URL continues to service through Apache with IP 10.0.0.3.
To achieve this, I have configured new entries in the DNS. Let's see them:
- File /etc/named.conf:
# webservertestzone “webservertest” IN {type master;file “forward.webservertest.db”;allow-update { none; };};zone “reverse.webservertest” IN {type master;file “reverse.webservertest.db”;allow-update { none; };};
- File/var/named/forward.webservertest.db:
$TTL 86400@ IN SOA webservertest. root.webserver.local. (2011071001 ;Serial3600 ;Refresh1800 ;Retry604800 ;Expire86400 ;Minimum TTL)@ IN NS webservertest.@ IN NS webserevertest.@ IN A 10.0.0.2@ IN A 10.0.0.3webservertest IN A 10.0.0.2webservertest IN A 10.0.0.3
As we can see the same name services points to two diferrent IP´s.
- File /var/named/reverse.webservertest.db:
$TTL 86400@ IN SOA webservertest. root.webservertest. (2011071001 ;Serial3600 ;Refresh1800 ;Retry604800 ;Expire86400 ;Minimum TTL)@ IN NS webservertest.webservertest IN A 10.0.0.2webservertest IN A 10.0.0.3101 IN PTR webservertest.102 IN PTR webservertest.
