Linux OS Service ‘named’

The named service executes the DNS (Dynamic Name Service) server daemon. It converts host names to IP addresses and vice versa. There are several different kinds of DNS servers, such as primary server, slave server and cached server etc. Its data is stored in the directory /var/named.

The Domain Name System (DNS) is the hierarchical, distributed database. It stores information for mapping Internet host names to IP addresses and vice versa, mail routing information, and other data used by Internet applications.

The data stored in the DNS is identified by domain names that are organized as a tree according to organizational or administrative boundaries. Each node of the tree, called a domain, is given a label. The domain name of the node is the concatenation of all the labels on the path from the node to the root node. This is represented in written form as a string of labels listed from right to left and separated by dots. A label need only be unique within its parent domain.

For administrative purposes, the name space is partitioned into areas called zones, each starting at a node and extending down to the leaf nodes or to nodes where other zones start. The data for each zone is stored in a name server, which answers queries about the zone using the DNS protocol

Clients look up information in the DNS by calling a resolver library, which sends queries to one or more name servers and interprets the responses. The BIND 9 software distribution contains both a name server and a resolver library. This service is not usually used on a server because most servers are not designated to be DNS servers. An organisation typically only implements a small number of DNS servers. For DNS client use, just configure /etc/resolve.conf – this daemon is not needed for DNS clients.

Service Control

This service is handled by init.d script /etc/init.d/named. Its usage is as follows:

# /sbin/service named
Usage: /etc/init.d/named {start|stop|status|restart|condrestart|reload|probe}

Start the service as follows:

# /sbin/service named start
Starting named:                                            [  OK  ]

Stop the service as follows:

# /sbin/service named stop
Stopping named:                                            [  OK  ]

Check if the serivce is started or stopped:

# /sbin/service named status

Restart the service like this:

# /sbin/service named restart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

If the service is started, then restart it; otherwise do nothing.

# /sbin/service named condrestart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

Reload the service:

# /sbin/service named reload
Reloading named:                                           [  OK  ]

Probe the service status using /usr/sbin/rndc command

# service named probe
start

Query runlevel information for the service:

# /sbin/chkconfig --list named
named           0:off   1:off   2:off   3:off   4:off   5:off   6:off

Configuration

The named service is complex to describe in detail here. /etc/named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi-colon. Clauses in the statements are also semi-colon terminated. Below is an example named.conf file.

# cat /etc/named.conf 
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
 listen-on port 53 { 127.0.0.1; };
 listen-on-v6 port 53 { ::1; };
 directory  "/var/named";
 dump-file  "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 allow-query     { localhost; };

 /* 
  - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
  - If you are building a RECURSIVE (caching) DNS server, you need to enable 
    recursion. 
  - If your recursive DNS server has a public IP address, you MUST enable access 
    control to limit queries to your legitimate users. Failing to do so will
    cause your server to become part of large scale DNS amplification 
    attacks. Implementing BCP38 within your network would greatly
    reduce such attack surface 
 */ recursion yes;

 dnssec-enable yes;
 dnssec-validation yes;

 /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key";

 managed-keys-directory "/var/named/dynamic";

 pid-file "/run/named/named.pid";
 session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
 type hint;
 file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

DNS configuration file /etc/named.conf explained

Next Read: vncserver fails with "Starting VNC server: no displays configured" »

mk Command Examples
mk is a task runner tool commonly used for controlling the compilation process of executables…
mixxx Command Examples
Mixxx is a free and open-source DJ software designed for DJs of all skill levels.…
mix Command Examples
Mix is a versatile build tool designed specifically for Elixir projects. It offers a wide…
mitmproxy Command Examples
mitmproxy is an interactive HTTP proxy tool that operates as a man-in-the-middle (MITM) between a…
mitmdump Command Examples
mitmdump is a command-line tool that is part of the mitmproxy suite, which is designed…