DNS Records explanation & DNS server configuration

DNS :

  • AnA (Address) record is a “host record” and it is the most common type. It is simply a static mapping of a hostname to an IP address. A common hostname for a Web server is ‘www’ so the A record for this server gives the IP address for this server in the domain.
  • AnMX (Mail eXchanger) record is specifically for mail servers. It’s a special type of service-specifier record. It identifies a mail server for the domain. That’s why you don’t have to enter a hostname like ‘www’ in an e-mail address. If you’re running Sendmail (mail server) and Apache (Web server) on the same system (i.e. the same system is acting as both your Web server and e-mail server), both the A record for the system and the MX record would refer to the same server.
  • To offer some fail-over protection for e-mail, MX records also have a Priority field (numeric). You can enter two or three MX records each pointing to a different mail server, but the server specified in the record with the highest priority (lowest number) will be chosen first. A mail server with a priority of 10 in the MX record will receive e-mail before a server with a priority of 20 in its MX record. Note that we are only talking about receiving mail from other Internet mail servers here. When a mail server is sending mail, it acts like a desktop PC when it comes to DNS. The mail server looks at the domain name in the recipient’s e-mail address and the mail server then contacts its local DNS server (specified in the resolv.conf file) to get the IP address for the mail server in the recipient’s domain. When an authoritative DNS server for the recipient’s domain receives the query from the sender’s DNS server it sends back the IP addresses from the MX records it has in that domain’s zone file.
  • CNAME (Canonical Name) record is an alias record. It’s a way to have the same physical server respond to two different hostnames. Let’s say you’re not only running Sendmail and Apache on your server, but you’re also running WU-FTPD so it also acts as an FTP server. You could create a CNAME record with the alias name ‘ftp’ so people would use ftp.your-domain.com and www.your-domain.com to access different services on the same server.Another use for a CNAME record was illustrated in the example of the page. Suppose you name your Web server ‘cent’ instead of ‘www’. You could simply create a CNAME record with the alias name ‘www’ but with the hostname ‘cent’ and cent’s IP address.
  • NS (Name Server) records specify the authoritative DNS servers for a domain.
  • There can multiples of all of the above record types. There is one special record type of which there is only one record in the zone file. That’s the SOA (Start Of Authority) record and it’s the first record in the zone file. An SOA record is only present in a zone file located on authoritative DNS servers (non-authoritative DNS servers can cache zone records). It specifies such things as:

 

  1.    The primary authoritative DNS server for the zone (domain).
  2.    The e-mail address of the zone’s (domain’s) administrator. In zone files, the ‘@’ has a specific meaning (see below) so the e-mail address is written as me.my-domain.com.
  3.    Timing information as to when secondary DNS servers should refresh or expire a zone file and a serial number to indicate the version of the zone file for the sake of comparison.

 

The SOA record is the one that takes up several lines.

Several important points to note about the records in a zone file:

  • Records can specify servers in other domains. This is most commonly used with MX and NS records when backup servers are located in a different domain but receive mail or resolve queries for your domain.
  • There must be an A record for systems specified in all MX, NS, and CNAME records.
  • A and CNAME records can specify workstations as well as servers (which you’ll see when we set up a LAN DNS server).

Now let’s look at a typical zone file. The ‘;’ is the comment character. The ‘IN’ indicates an INternet-class record.

dns1

  • The$TTL 3600 line at the very top of the file specifies the Time to Live value for the record (used by secondary DNS servers).
  • The first two records in the group of four use A records to specify the servers, and then the second two records are types which specify what those servers are used for. Optionally, you could list all A records together, all NS records together, all CNAME records together, etc.
  • The first record in the subgroup of two is a shorthand way of entering the information (without the FQDN). The second record is the longhand way. The ‘@‘ is a shorthand way of specifying “this zone” (domain).
  • Also notice the priority numbers before the hostnames in the MX records.

If you had a simpler setup with only one server with the hostname ‘debian’ that operated as a Web, e-mail, and FTP server and you had your DNS records hosted by someone like Vrkdns, your zone file would look a lot simpler:

dns2

Naturally, the 192.168.1.21 private address in this example would have to be an ISP-assigned public address for an Internet-accessible server. We just used a private address as an example.

Simple steps to Install & Configure DNS Server in CentOS

Note: -DNS server runs on port no : 53.

Step 1: Take a cent OS VM

Operating System     : CentOS 6.5 server
Hostname             : ns1.sysadminslab.com
IP Address           : 192.168.1.111/24
[root@ns1 ~]# yum install bind* -y

Step 2: configure named.conf

listen-on port 53 { 127.0.0.1; 192.168.1.111; }; ### DNS1 IP ###
allow-query     { localhost; 192.168.1.0/24; }; ### IP Range ###
allow-transfer{ localhost; 192.168.1.112; };   ### Slave DNS IP ###
zone"sysadminslab.com" IN {
type master;
file "fw.sysadmin";
allow-update { none; };
};
zone"1.168.192.in-addr.arpa" IN {
type master;
file "rv.sysadmin";
allow-update { none; };
};

Step 3: Create Zone files

Create Forward Zone

[root@ns1 ~]# vi /var/named/fw.sysadmin

$TTL 86400
@   IN  SOA     ns1.sysadminslab.com. root.sysadminslab.com. (
        2014071201  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          ns1.sysadminslab.com.
@       IN  NS          ns2.sysadminslab.com.
@       IN  A           192.168.1.111
@       IN  A           192.168.1.112
@       IN  A           192.168.1.102
ns1     IN  A           192.168.1.111
ns2     IN  A           192.168.1.112
host0   IN  A           192.168.1.102

Create Reverse Zone

[root@ns1 ~]# vi /var/named/rv.sysadmin

$TTL 86400
@   IN  SOA     ns1.sysadminslab.com. root.sysadminslab.com. (
        2014071201  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          ns1.sysadminslab.com.
@       IN  NS          ns2.sysadminslab.com.
@       IN  PTR         sysadminslab.com.
ns1     IN  A           192.168.1.111
ns2     IN  A           192.168.1.112
host0   IN  A           192.168.1.102
111     IN  PTR         ns1.sysadminslab.com.
112     IN  PTR         ns2.sysadminslab.com.
102     IN  PTR         host0.sysadminslab.com.

Step 4:  start dns service

[root@ns1 ~]# service named start

Starting named:                                            [  OK  ]

[root@ns1 ~]# chkconfig named on

Step 5: test configuration

[root@ns1 ~]# named-checkconf /etc/named.conf 

[root@ns1 ~]# named-checkzone sysadminslab.com /var/named/fw.sysadmin 

zone sysadminslab.com/IN: loaded serial 2014071201

OK

[root@masterdns ~]# named-checkzone sysadminslab.com /var/named/rv.sysadmin 

zone sysadminslab.com/IN: loaded serial 2014071201

OK

Setup Slave DNS server

[root@ns2 ~]# yum install bind* -y

Configure named.conf

[root@ns2 ~]# vi /etc/named.conf 

listen-on port 53 { 127.0.0.1; 192.168.1.111; };
allow-query     { localhost; 192.168.1.0/24; };
zone"sysadminslab.com" IN {
type slave;
file "slaves/sysadmin.fw";
masters { 192.168.1.111; };
};
zone"1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/sysadmin.rv";
masters { 192.168.1.111; };
};

Forward and reverse zones are automatically replicated from Master DNS server to Secondary DNS server in ‘/var/named/slaves/’.

 

Add nameserver entries in resolve.conf

 

[root@host0 ~]# vi /etc/resolv.conf

# Generated by NetworkManager
search sysadminslab.com
nameserver 192.168.1.111
nameserver 192.168.1.112
nameserver 8.8.8.8

Test dns entries by using “dig” command and with “nslookup” command.