• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

DNS configuration file /etc/named.conf explained

By admin

The default configuration of the /etc/named.conf file provides a caching-only nameserver. The file has four main sections described as follows.

1. options
– Defines global server configuration options
2. logging
– Enables logging
– /var/named/data/named.run
3. zone
– Specifies authoritative servers for the root domain
– /var/named/named.ca
4. include
– Specifies files to include
– /etc/named.rfc1912.zones

1. Options

The options statement defines global server configuration options and sets defaults for other statements. The following options are defined in the default /etc/named.conf file:
listen-on: Instructs named to listen on port 53 on the local system for both IPv4 and IPv6 queries
directory: Specifies the default working directory for the named service
dump-file: Specifies the location where BIND dumps the database (cache) in the event of a crash
statistics-file: Specifies the location to which data is written when the command rndc stats is issued
memstatistics-file: Specifies the location to which BIND memory usage statistics are written
allow-query: Specifies which IP addresses (localhost by default) are allowed to query the server
recursion: Instructs the nameserver to perform recursive queries. Recursive queries cause a nameserver to query another nameserver if necessary to respond with an answer.
dnssec-enable: Specifies that a secure DNS service is being used
dnssec-validation: Instructs the nameserver to validate replies from DNSSEC- enabled (signed) zones
dnssec-lookaside: Enables DNSSEC Lookaside Validation (DLV) by using /etc/named.iscdlv.key

2. logging

The logging statement turns on logging and causes messages to be written to the data/named.run file. The severity parameter controls the logging level. A severity value of dynamic means assume the global level defined by either the command-line parameter -d or by running the rndc trace command. The default logging statement follows:

logging {
    channel default_debug {
        file “data/named.run”;
        severity dynamic;
};

3. zone

The default zone section specifies the initial set of root servers by using a hint zone, whose name is a period (.). This zone specifies that the nameserver must look in /var/named/named.ca for IP addresses of authoritative servers for the root domain when the nameserver starts or does not know which nameserver to query. The default zone section follows:

zone “.” IN {
    type hint;
    file “named.ca”;
};

Zone options include the following:
1. type: Specifies the zone type, such as master, delegation-only, forward, hint, or slave. Type master designates the nameserver as authoritative for this zone. A zone is set as master if the zone file resides on this system.
2. file: Specifies the name of the zone file, which is stored in the working directory defined by the directory option
3. allow-update: Specifies which hosts are allowed to dynamically update information in their zone

4. include

The include statement allows files to be included. This can be done for readability, ease of maintenance, or so that potentially sensitive data can be placed in a separate file with restricted permissions. This include statement includes the /etc/named.rfc1912.zones file as though it were present in this file.

Filed Under: CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. CentOS / RedHat : Beginners guide to log file administration
  2. Extend the Size of /boot Partition on XFS Filesystem (CentOS/RHEL 7)
  3. How to Reset Root Password in CentOS/RHEL 8
  4. CentOS / RHEL : How to configure vsftpd to use ports other than the default ports 20 and 21
  5. Extend the size of /boot partition on virtualized environment (CentOS/RHEL 6)
  6. How to Create and Query a BTRFS File System
  7. watch command examples to run a command repeatedly or monitor dynamically changeable files (like /proc/*)
  8. When to use rescan-scsi-bus.sh -i (LIP flag) in CentOS/RHEL
  9. How To Open A Port In CentOS / RHEL 7
  10. How to Setup a sudo Switch to Another User That Has no Password or ssh Key Set in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • How to Disable IPv6 on Ubuntu 18.04 Bionic Beaver Linux
  • How to Capture More Logs in /var/log/dmesg for CentOS/RHEL
  • Unable to Start RDMA Services on CentOS/RHEL 7
  • How to rename a KVM VM with virsh
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary