[root@dlp ~]# dnf -y install bind bind-utils
Edit the named.conf file:
[root@dlp ~]# vi /etc/named.conf
Add the following configuration:
options {
# change ( listen all )
listen-on port 53 { any; };
# change if need ( if not listen IPv6, set [none] )
listen-on-v6 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
# change: receive queries from all hosts
allow-query { any; };
# network range you allow to transfer zone files to clients
# add secondary DNS servers if they exist
allow-transfer { localhost; };
# ... Other options ...
# change: not allow recursive queries
# answer to zones only this server has their entries
recursion no;
dnssec-enable yes;
dnssec-validation yes;
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
include "/etc/crypto-policies/back-ends/bind.config";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
# add zones for your network and domain name
zone "emc.world" IN {
type master;
file "emc.world.wan";
allow-update { none; };
};
zone "80.0.16.172.in-addr.arpa" IN {
type master;
file "80.0.16.172.db";
allow-update { none; };
};
# if you don't use IPv6 and also suppress logs for IPv6 related, possible to change
# set BIND to use only IPv4
Create the forward zone file for your domain "emc.world":
[root@dlp ~]# vi /var/named/emc.world.wan
Add the following content to the file:
$TTL 86400
@ IN SOA ns1.emc.world. admin.emc.world. (
2022011101 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL
; Define the name servers and the mail server
@ IN NS ns1.emc.world.
@ IN MX 10 mail.emc.world.
; Define the A records (IPv4 addresses) for your hosts
ns1 IN A 172.16.0.80
mail IN A 172.16.0.81
Create the reverse zone file for your network "172.16.0.80/29":
[root@dlp ~]# vi /var/named/80.0.16.172.db
Add the following content to the file:
$TTL 86400
@ IN SOA ns1.emc.world. admin.emc.world. (
2022011101 ; Serial
3600 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL
; Define the name servers
@ IN NS ns1.emc.world.
; Define the PTR records for your hosts (reverse lookup)
80 IN PTR ns1.emc.world.
81 IN PTR mail.emc.world.
Set the correct permissions on the zone files:
[root@dlp ~]# chown named:named /var/named/emc.world.wan
[root@dlp ~]# chown named:named /var/named/80.0.16.172.db
Now, your BIND DNS server is configured for the external network "172.16.0.80/29" and the domain "emc.world" with the appropriate zone files. Make sure to update your DNS settings with your domain registrar and configure your external network to use this DNS server for name resolution.