How to Configure Slave DNS Server With Bind ( Secondary Dns Server ) In Linux

Today in this article we are going to discuss How to Configure Slave Dns Server With Bind ( Secondary Dns Server ) In Linux. Slave DNS Server is also referred as Secondary DNS Server. Slave/Secondary DNS Server is a server which is like a Load balancer or Backup server of Master/Primary DNS Server, Its takes all DNS query Records/Zones from Master Server. As Slave/Secondary DNS Server is a exact copy of the master DNS server, In case the Master/Primary Server becomes unavailable or server got down due to some reason, till the server gets up the Secondary DNS Server will accept the query without effecting the end user work.

How to Configure Slave Dns Server With Bind ( Secondary Dns Server ) In Linux

How to Configure Slave Dns Server With Bind ( Secondary Dns Server ) In Linux

Follow the Below Steps to Configure Slave Dns Server With Bind ( Secondary Dns Server ) In Linux:

Step: 1 Configure from Master Server End

Before configure the Slave/Secondary DNS Server we need to do some changes in our all Master/Primary DNS Server configuration files i.e. named.conf ( Main Configuration File ), itsmarttricks.com.for ( Forward Zone ), itsmarttricks.com.rev ( Reverse Zone ) to allow the Query and Zone record transfer to Slave Server.

First configure the /etc/named.conf

Let’s go ahead and configure the /etc/named.conf in Master Server. All changes are highlighted in Blue Color.

   //
   // named.conf
   //
   // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
   // server as a caching only nameserver (as a localhost DNS resolver only).
   //
   // See /usr/share/doc/bind*/sample/ for example named configuration files.
   //

   options {
    listen-on port 53 { 127.0.0.1; 192.168.1.100; };
           listen-on-v6 port 53 { ::1; };
           directory "/var/named";
           dump-file "/var/named/data/cache_dump.db";
           statistics-file "/var/named/data/named_stats.txt";
           memstatistics-file "/var/named/data/named_mem_stats.txt";
           allow-query     { localhost; 192.168.1.0/24; };
           allow-transfer { 192.168.1.101; };
           recursion yes;

           dnssec-enable yes;
           dnssec-validation yes;

           /* Path to ISC DLV key */
           bindkeys-file "/etc/named.iscdlv.key";

           managed-keys-directory "/var/named/dynamic";
   };

   logging {
    channel default_debug {
                   file "data/named.run";
                   severity dynamic;
           };
   };
   zone "." IN {
    type hint;
           file "named.ca";
   };

   include "/etc/named.rfc1912.zones";
   include "/etc/named.root.key";


   ### itsmarttricks Internal Zones ###

      ### Forward Zone ###

      zone "itsmarttricks.com" IN {           # Domain Name
              type master;
              file "itsmarttricks.com.for";   # Name of the Forward Zone File
              allow-update { none; };
              allow-transfer { 192.168.1.101; };
      };

      ### Reverse Zone ###

      zone "1.168.192.in-addr.arpa" IN {   # IP Address
              type master;
              file "itsmarttricks.com.rev";   # Name of the Reverse Zone File
              allow-update { none; };
              allow-transfer { 192.168.1.101; };
      };

We have done all required changes, now run the below command to check if all syntax are correctly written or not.

   
[root@ns1 ~]# named-checkconf /etc/named.conf

Configure the Forward Zone

Now configure the Forward Zone in Master Server in my case it’s itsmarttricks.com.for, All changes are Highlighted in blue Color.

   
   $TTL    86400
   @ IN SOA     ns1.itsmarttricks.com. root@ns1.itsmarttricks.com. (
                           2010031403  ; serial
                           3600        ; refresh
                           1800        ; retry
                           604800      ; expire
                           86400 )     ; minimum


   ; name servers

   @                       IN NS   ns1.itsmarttricks.com.
   @                       IN NS   ns2.itsmarttricks.com.

   ; name server A records

   ns1                     IN  A   192.168.1.100
   ns2                     IN  A   192.168.1.101
   itsmarttricks.com.         IN  A   192.168.1.100

   ; mail exchanger record (MX record)

                           IN MX 5 ns1.itsmarttricks.com.

   ; host and canonical name records

   mail                    IN CNAME ns1.itsmarttricks.com.
   www                     IN A     192.168.1.100
   ftp                     IN A     192.168.1.100

Configure the Reverse Zone

Now configure the Reverse Zone in Master Server in my case it’s itsmarttricks.com.rev, All changes are Highlighted in blue Color.

   
   TTL    86400
   @ IN SOA   ns1.itsmarttricks.com. root@ns1.itsmarttricks.com (
                           2010031402 ; serial
                           28800 ; refresh
                           14400 ; retry
                           3600000 ; expire
                           86400 ) ; minimum

   ; name servers

            IN  NS  ns1.itsmarttricks.com.
            IN  NS  ns2.itsmarttricks.com.

   ; name server A records

   ns1  IN  A 192.168.1.100
   ns2  IN  A 192.168.1.101

   ; PTR records

   100  IN     PTR  ns1.itsmarttricks.com.
   101  IN     PTR  ns2.itsmarttricks.com.

After all required changes in Forward and Reverse in Master/primary DNS Server just run the below command to check if all syntax are properly written or not.

   
   [root@ns1 ~]# named-checkzone itsmarttricks.com /var/named/itsmarttricks.com.for 
   zone itsmarttricks.com/IN: loaded serial 2010031403
   OK
   [root@ns1 ~]# named-checkzone itsmarttricks.com /var/named/itsmarttricks.com.rev 
   zone itsmarttricks.com/IN: loaded serial 2010031402
   OK

Then restart the named service by the below command to take effect.

   
   [root@ns1 ~]# /etc/init.d/named restart
   Stopping named: .                                          [  OK  ]
   Starting named:                                            [  OK  ]

Step: 2 Configure from Slave Server End

My Scenario :

  • IP Address: 192.168.1.101
  • Domain Name: itsmarttricks.com
  • Hostname: ns2
  • FQDN ( Fully Qualified Domain Name ): ns2.itsmarttricks.com

Before we start the configuration we need to prepare our system and do some configuration, So follow the below steps :

Configure the Network Card

First, we need to configure the network card and assign IP Address, Subnet Mask to our System.

So edit the Network card ( In my case it’s eth1 ) , using nano editor as shown below.

   
   [root@localhost ~]# nano /etc/sysconfig/network-scripts/ifcfg-eth1 
   
DEVICE=eth1
BOOTPROTO=none
IPADDR=192.168.1.101
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DOMAIN=itsmarttricks.com
DNS1=192.168.1.100
HWADDR=00:0c:29:90:78:32
IPV6INIT=yes
NM_CONTROLLED=yes
ONBOOT=yes
TYPE=Ethernet
UUID="5d8d8030-3bf2-4487-8a98-400dc314480f"
USERCTL=no
PEERDNS=yes 

Change the Computer Name

Follow the below step to Change the Computer Name. ( Make Changes as shown below Highlighted in Blue Color).

   
[root@localhost ~]# nano /etc/sysconfig/network 
   
   NETWORKING=yes
   HOSTNAME=ns2.itsmarttricks.com

Configure the /etc/resolv.conf

After update the /etc/sysconfig/network-scripts/ifcfg-eth1 file the /etc/resolv.conf file would look like this as shown below.

   
   [root@localhost ~]# nano /etc/resolv.conf 
    
   Generated by NetworkManager
   search itsmarttricks.com
   nameserver 192.168.1.100 

Configure the hosts File ( /etc/hosts )

Update the host file as shown below (Highlighted in Blue Color).

    
   [root@ns2 ~]# nano /etc/hosts
   
   127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
   ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

   192.168.1.101   ns2     ns2.itsmarttricks.com

Install Required Packages

Let’s go ahead and install the required packages of a bind, We need to install the below packages to configure Slave/Secondary DNS Server.

  • bind
  • bind-utils
  • bind-libs

Follow the below command to install the same.

   
   [root@localhost ~]# yum -y install bind
   Loaded plugins: fastestmirror, refresh-packagekit, security
   Setting up Install Process
   Loading mirror speeds from cached hostfile
    * base: centos.excellmedia.net
    * extras: centos.excellmedia.net
    * updates: centos.excellmedia.net
   Resolving Dependencies
   --> Running transaction check
   ---> Package bind.x86_64 32:9.8.2-0.47.rc1.el6_8.3 will be installed
   --> Processing Dependency: bind-libs = 32:9.8.2-0.47.rc1.el6_8.3 for package: 32:bind-9.8.2-0.47.rc1.el6_8.3.x86_64
   --> Running transaction check
   ---> Package bind-libs.x86_64 32:9.8.2-0.47.rc1.el6 will be updated
   --> Processing Dependency: bind-libs = 32:9.8.2-0.47.rc1.el6 for package: 32:bind-utils-9.8.2-0.47.rc1.el6.x86_64
   ---> Package bind-libs.x86_64 32:9.8.2-0.47.rc1.el6_8.3 will be an update
   --> Running transaction check
   ---> Package bind-utils.x86_64 32:9.8.2-0.47.rc1.el6 will be updated
   ---> Package bind-utils.x86_64 32:9.8.2-0.47.rc1.el6_8.3 will be an update
   --> Finished Dependency Resolution

   Dependencies Resolved

   ================================================================================
    Package         Arch        Version                         Repository    Size
   ================================================================================
   Installing:
    bind            x86_64      32:9.8.2-0.47.rc1.el6_8.3       updates      4.0 M
   Updating for dependencies:
    bind-libs       x86_64      32:9.8.2-0.47.rc1.el6_8.3       updates      890 k
    bind-utils      x86_64      32:9.8.2-0.47.rc1.el6_8.3       updates      187 k

   Transaction Summary
   ================================================================================
   Install       1 Package(s)
   Upgrade       2 Package(s)

   Total download size: 5.0 M
   Downloading Packages:
   (1/3): bind-9.8.2-0.47.rc1.el6_8.3.x86_64.rpm                                                                                                    | 4.0 MB     00:29     
   (2/3): bind-libs-9.8.2-0.47.rc1.el6_8.3.x86_64.rpm                                                                                               | 890 kB     00:07     
   (3/3): bind-utils-9.8.2-0.47.rc1.el6_8.3.x86_64.rpm                                                                                              | 187 kB     00:02     
   ------------------------------------------------------------------------------------------------------------------------------------------------------------------------
   Total                                                                                                                                   130 kB/s | 5.0 MB     00:39     
   Running rpm_check_debug
   Running Transaction Test
   Transaction Test Succeeded
   Running Transaction
     Updating   : 32:bind-libs-9.8.2-0.47.rc1.el6_8.3.x86_64                                                                                                           1/5 
     Updating   : 32:bind-utils-9.8.2-0.47.rc1.el6_8.3.x86_64                                                                                                          2/5 
     Installing : 32:bind-9.8.2-0.47.rc1.el6_8.3.x86_64                                                                                                                3/5 
     Cleanup    : 32:bind-utils-9.8.2-0.47.rc1.el6.x86_64                                                                                                              4/5 
     Cleanup    : 32:bind-libs-9.8.2-0.47.rc1.el6.x86_64                                                                                                               5/5 
     Verifying  : 32:bind-utils-9.8.2-0.47.rc1.el6_8.3.x86_64                                                                                                          1/5 
     Verifying  : 32:bind-libs-9.8.2-0.47.rc1.el6_8.3.x86_64                                                                                                           2/5 
     Verifying  : 32:bind-9.8.2-0.47.rc1.el6_8.3.x86_64                                                                                                                3/5 
     Verifying  : 32:bind-libs-9.8.2-0.47.rc1.el6.x86_64                                                                                                               4/5 
     Verifying  : 32:bind-utils-9.8.2-0.47.rc1.el6.x86_64                                                                                                              5/5 

   Installed:
     bind.x86_64 32:9.8.2-0.47.rc1.el6_8.3                                                                                                                                 

   Dependency Updated:
     bind-libs.x86_64 32:9.8.2-0.47.rc1.el6_8.3                                         bind-utils.x86_64 32:9.8.2-0.47.rc1.el6_8.3                                        

   Complete!

Configure the Main Configuration File (/etc/named.conf)

we have installed all required Packages, Now we need to configure the main configuration file of Slave/Secondary DNS Server i.e. named.conf to create Forward and Reverse Zones from the Slave server end to replicate with Master Server, So follow the below steps to do the same.

Here below I have mentioned my named.conf file and Highlighted all required changes I did in Blue Color.

   
   //
   // named.conf
   //
   // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
   // server as a caching only nameserver (as a localhost DNS resolver only).
   //
   // See /usr/share/doc/bind*/sample/ for example named configuration files.
   //

   options {
    listen-on port 53 { any; };
           listen-on-v6 port 53 { ::1; };
           directory "/var/named";
           dump-file "/var/named/data/cache_dump.db";
           statistics-file "/var/named/data/named_stats.txt";
           memstatistics-file "/var/named/data/named_mem_stats.txt";
           allow-query     { any; };
           recursion yes;

           dnssec-enable yes;
           dnssec-validation yes;

           /* Path to ISC DLV key */
           bindkeys-file "/etc/named.iscdlv.key";

           managed-keys-directory "/var/named/dynamic";
   };

   logging {
    channel default_debug {
                   file "data/named.run";
                   severity dynamic;
           };
   };

   zone "." IN {
    type hint;
           file "named.ca";
   };

   include "/etc/named.rfc1912.zones";
   include "/etc/named.root.key";


   ### Internal DNS Slave Zones ###

   zone "itsmarttricks.com" IN {
           type slave;
           masters { 192.168.1.100; };
           file "slaves/itsmarttricks.com.for";
   };

   zone "1.168.192.in-addr.arpa" IN {     
           type slave;
           masters { 192.168.1.100; };
           file "slaves/itsmarttricks.com.rev";
      };

We have done all required changes, now run the below command to check if all syntax are correctly written or not.

   
   [root@ns2 ~]# named-checkconf /etc/named.conf 

Now start the DNS Server by the below command.

   
   [root@ns2 ~]# /etc/init.d/named start
   Starting named:                                            [  OK  ] 

After start the DNS service the zone files will automatically create in /var/named/slaves.

   
   [root@ns2 ~]# cd /var/named/slaves/
   [root@ns2 slaves]# ls -l
   total 8
   -rw-r--r--. 1 named named 494 Jan  8 09:30 itsmarttricks.com.for
   -rw-r--r--. 1 named named 499 Jan  8 09:30 itsmarttricks.com.rev

Snapshots are shown below :

1. Forward Lookup Zone

How to Configure Slave Dns Server With Bind ( Secondary Dns Server ) In Linux

How to Configure Slave DNS Server With Bind ( Secondary Dns Server ) In Linux

2. Reverse Lookup Zone

How to Configure Slave Dns Server With Bind ( Secondary Dns Server ) In Linux

Reverse Zone of Secondary DNS Server

Now start the DNS service on startup using the below command.

   
   [root@ns2 ~]# chkconfig --level 35 named on
   [root@ns2 ~]# chkconfig --list named
   named           0:off 1:off 2:off 3:on 4:off 5:on 6:off

So we have successfully configured the BIND DNS Service, Now it’s time for testing., We have tools like dig, nslookup to check the DNS service working status. So the Command would look like as mentioned below.

dig <FQDN ( Fully Qualified Domain Name/IP Address )> i.e. dig ns1.itsmarttricks.com

We can check by using nslookup command as shown below.

   
   [root@ns1 ~]# nslookup itsmarttricks.com
   Server:  127.0.0.1
   Address: 127.0.0.1#53

   Name: itsmarttricks.com
   Address: 192.168.1.100

   [root@ns1 ~]# nslookup ns1.itsmarttricks.com
   Server:  127.0.0.1
   Address: 127.0.0.1#53

   Name: ns1.itsmarttricks.com
   Address: 192.168.1.100

   [root@ns1 ~]# nslookup ns2.itsmarttricks.com
   Server:  127.0.0.1
   Address: 127.0.0.1#53

   Name: ns2.itsmarttricks.com
   Address: 192.168.1.101

   [root@ns1 ~]# nslookup 192.168.1.100
   Server:  127.0.0.1
   Address: 127.0.0.1#53

   100.1.168.192.in-addr.arpa name = ns1.itsmarttricks.com.

   [root@ns1 ~]# nslookup 192.168.1.101
   Server:  127.0.0.1
   Address: 127.0.0.1#53

   101.1.168.192.in-addr.arpa name = ns2.itsmarttricks.com.

So everything looks good and the Slave/Secondary DNS Server is working fine as shown on the testing output’s above.

Also Read –How to Configure SSL Certificate in Apache Web Server

That’s all, In this article, we have explained How to Configure Slave DNS Server With Bind ( Secondary Dns Server ) In Linux. I hope you enjoy this article. If you like this article, then just share it. If you have any questions about this article, please comment.

Share this:

Mangesh Dhulap

This is Mangesh Dhulap the Founder and Editor of IT SMART TRICKS have 6+ years of Industrial Experience. We expect from our visitors to like, share, and comment on our posts.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.