How to configure BIND-9.8 DNS server in Red Hat Linux 6

Make sure you have all the required packages

# rpm -q bind
package bind is not installed
# rpm -q bind-chroot
package bind-chroot is not installed
Install the required package using yum
# yum -y install bind bind-chroot
By default all the bind files would not be copied inside chroot so we will have to manually do that

Next copy the required files inside chroot directory.
NOTE: Use -p argument along with cp command to preserve the permission and ownership of all the files and directories
# cp -rvpf /etc/named.* /var/named/chroot/etc/
`/etc/named.conf' -> `/var/named/chroot/etc/named.conf'
`/etc/named.iscdlv.key' -> `/var/named/chroot/etc/named.iscdlv.key'
`/etc/named.rfc1912.zones' -> `/var/named/chroot/etc/named.rfc1912.zones'
`/etc/named.root.key' -> `/var/named/chroot/etc/named.root.key'

# cp -rvpf named.* chroot/var/named/
`named.ca' -> `chroot/var/named/named.ca'
`named.empty' -> `chroot/var/named/named.empty'
`named.localhost' -> `chroot/var/named/named.localhost'
`named.loopback' -> `chroot/var/named/named.loopback'

# cp -prvf data/ chroot/var/named/
`data/' -> `chroot/var/named/data'

# cp -prvf dynamic/ chroot/var/named/
`dynamic/' -> `chroot/var/named/dynamic'

# cp -prvf slaves/ chroot/var/named/
`slaves/' -> `chroot/var/named/slaves'
Now lets start editing our main configuration file
# cd /var/named/chroot/etc/

# vi named.conf
options {
        listen-on port 53 { 127.0.0.1; 192.168.1.11; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; 192.168.1.0/24; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Chane the IP Address of your local machine in the resolv.conf file and ifcfg-eth file
# vi /etc/resolv.conf
search example
nameserver 192.168.1.11
NOTE:DNS entry has to made in ifcfg-eth file only for Red Hat Linux 6 and above. For Red Hat Linux 5 DNS entry is made only in resolv.conf file
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DNS1=192.168.1.11
Verify your hostname
# vi /ets/sysconfig/network
HOSTNAME=test2.example.com
Run this command on the terminal
# hostnametest2.example.com
If you use the below command on the terminal your hostname should reflect as STD out
# hostname
test2.example.com
Restart your network services
# service network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:  Determining if ip address 192.168.1.11 is already in use for device eth0...
                                                           [  OK  ]
# service named restart
Stopping named:                                            [  OK  ]
Generating /etc/rndc.key:                                 [  OK  ]
Starting named:                                            [  OK  ]
NOTE:In case your system stucks at
Generating /etc/rndc.key:
Try this command
# rndc-confgen -a -r /dev/urandom
wrote key file "/etc/rndc.key"
and again retry to restart your named services

References
Generating rndc key

Verify your Internet Connection

# ping google.com
PING google.com (74.125.236.71) 56(84) bytes of data.
64 bytes from maa03s05-in-f7.1e100.net (74.125.236.71): icmp_seq=1 ttl=56 time=223 ms
64 bytes from maa03s05-in-f7.1e100.net (74.125.236.71): icmp_seq=2 ttl=56 time=319 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1349ms
rtt min/avg/max/mdev = 223.861/271.853/319.846/47.995 ms
So our DNS server is working fine now let us configure forward and reverse zone
# vi /var/named/chroot/etc/named.rfc1912.zones
(Make new entry as shown below)

# Forward Zone Entry #
zone "example.com" IN {
        type master;
        file "example.com.zone";
        allow-update { none; };
};

# Reverse Zone Entry #
zone "1.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.1.zone";
        allow-update { none; };
};
Create the zone files as mentioned in named.rfc1912.zones file above
# pwd
/var/named/chroot/var/named

# cp -p named.loopback 192.168.1.zone

# cp -p named.localhost example.com.zone

Forward Zone file

# vi example.com.zone
$TTL 1D
@       IN SOA  example.com. hostmaster.example.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                IN NS           example.com.
                IN A            192.168.1.11
test2           IN CNAME        example.com.
www             IN CNAME        example.com.

Reverse Zone file

# vi 192.168.1.zone
$TTL 1D
@       IN SOA  example.com.  hostmaster.example.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN NS   example.com.
11      IN PTR  example.com.

Verify the permissions

IMPORTANT NOTE:

The permission on all the bind related files should be 640 and for all directories it should be 770 with root as user owner and named as group owner

# ll
total 36
-rw-r-----. 1 root  named  207 Mar 14 18:36 192.168.1.zone
drwxrwx---. 2 named named 4096 Jan 20 23:10 data
drwxrwx---. 2 named named 4096 Jan 20 23:10 dynamic
-rw-r-----. 1 root  named  242 Mar 14 18:32 example.com.zone
-rw-r-----. 1 root  named 1892 Feb 18  2008 named.ca
-rw-r-----. 1 root  named  152 Dec 15  2009 named.empty
-rw-r-----. 1 root  named  152 Jun 21  2007 named.localhost
-rw-r-----. 1 root  named  168 Dec 15  2009 named.loopback
drwxrwx---. 2 named named 4096 Jan 20 23:10 slaves
Verify both the zones
# nslookup example.com
Server:         192.168.1.11
Address:        192.168.1.11#53

Name:   example.com
Address: 192.168.1.11

So we are getting outputs for forward and reverse lookup entries. Everything is working as expected.

Let me know your success and failures

Related Articles
How to configure a caching only bind DNS server in Red Hat Linux
What is the difference between DNS A record and CNAME record?
How does a DNS query works when you type a URL on your browser?
DNS server related errors
Configure your BIND DNS server on different port no.
How to configure BIND-9.2 DNS server in Red Hat Linux

Follow the below links for more tutorials

Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
How to configure Samba 4 Secondary Domain Controller
How to secure Apache web server in Linux using password (.htaccess)
How to register Red Hat Linux with RHN (Red Hat Network )
Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
15 tips to enhance security of your Linux machine
Why is Linux more secure than windows and any other OS
What is the difference between "su" and "su -" in Linux?
What is kernel-PAE in Linux?
What is swappiness and how do we change its value?
How to log iptables messages in different log file
What are the s and k scripts in the etc rcx.d directories
What is virtual memory, paging and swap space?