Configure BIND Server

BIND is fully open source DNS software originally developed at the University of California at Berkeley in the 1980’s and is widely used on a variety of Unix based operating systems. Its primary function is to facilitate the domain name to IP address conversion, which makes a domain name resolvable. Previously we have discussed how to install BIND on both CentOS 6 and  CentOS 7. If you need assistance installing BIND in either OS, you can consult their corresponding articles:

Installing Bind on CentOS 6

Installing Bind on CentOS 7

 

How to configure BIND

To configure BIND you’ll need to login to your server via SSH. If you’re not certain how to access your server via SSH, please review our guide which covers connecting to your server via SSH: Connecting to Your Server via SSH. By default BIND is setup to only listen locally, however we can change this behavior using the BIND configuration file /etc/named.conf. Using your favorite text editor, comment out the following lines to enable BIND to listen across all IP’s on the server.

 

 

Change to:

 

 

You should also add your own network to the allow-query field. In the example below we will add 192.168.32.0/24, which will allow anyone utilizing that range to query the DNS associated with this server:

 

 

Alternatively you can allow anyone to query by making the following change:

 

 

If you’ll be using a slave server and would like to transfer all zones to the slave server you can add the following line, however if you’ll not be using a slave server you do not need to do this. Please ensure that you replace the text SLAVE_SERVER_IP_HERE with the IP address of the slave server.

 

 

You should also turn off recursion to ensure that your server cannot be used to perform a reflection DDoS attack.

 

 


Share:

Leave a Reply