Loading...

VONDS ©

Lab 75: DNS - Download, Install, and Configure

Lab Index

Install and stand up a minimal BIND name server, then publish a simple forward zone for example.com with internal A records. Validate local resolution using dig to confirm the daemon is answering queries and your zone data loads correctly.

dns network services core

Scenario

You are tasked with deploying a basic internal DNS service so machines can resolve hostnames without relying on external resolvers. You will install BIND, create a minimal configuration, publish a forward zone for example.com, start the service, and verify resolution locally.

Operator context

DNS failures look like “everything is down.” The first win is proving the daemon is answering queries, then proving your zone loads, then proving clients can reach it. This lab focuses on the server-side baseline.

Objective

  • Install BIND on the system using the appropriate package manager.
  • Create a minimal named.conf with safe baseline options.
  • Publish a forward zone for example.com with A records for ns1 and www.
  • Start the DNS service and validate local queries with dig.

What You’ll Practice

  • Installing server packages across distro families (RHEL/Debian/Arch).
  • Editing the primary BIND configuration location for your platform.
  • Building a basic forward zone file: SOA, NS, and A records.
  • Validating DNS responses directly against localhost using dig.

Walkthrough

Step 1 : Install BIND (DNS server).
Command 
# RHEL-family
sudo yum install bind

# Debian/Ubuntu
sudo apt install bind9

# Arch
sudo pacman -S bind

Install the DNS server package for your distro family. In the lab script, any one of the supported commands satisfies the install step. 

Installing BIND...
Success! DNS server installed.
Step 2 : Create a minimal named.conf.
Command 
# RHEL/Arch common path
sudo vim /etc/named.conf

# Debian common path
sudo vim /etc/bind/named.conf

Open the appropriate config file for your platform. The lab uses a minimal options block to establish a basic working server layout. 

options {
    directory "/var/named";
    listen-on port 53 { any; };
    allow-query { any; };
};

File edited successfully.
Step 3 : Create a forward zone for example.com.
Command 
# RHEL-style zone location
sudo vim /var/named/example.com.zone

# Debian-style zone location
sudo vim /etc/bind/db.example.com

Publish a simple zone containing SOA and NS records plus A records for internal targets. This is the minimum you need to prove your server can answer for a domain you control. 

$TTL 86400
@   IN  SOA ns1.example.com. admin.example.com. (
            2025072901 ; Serial
            3600       ; Refresh
            1800       ; Retry
            604800     ; Expire
            86400 )    ; Minimum TTL
    IN  NS  ns1.example.com.
ns1 IN  A   192.168.1.10
www IN  A   192.168.1.20

Zone file created successfully.
Step 4 : Start and enable the DNS service.
Command 
# RHEL/Arch (named)
sudo systemctl start named

# Debian (bind9)
sudo systemctl start bind9

Start the daemon so it can load configuration and zones. In production you would also enable the service and validate logs, but this lab focuses on bring-up plus query checks. 

DNS service started successfully.
Step 5 : Verify local resolution with dig.
Command 
dig @localhost www.example.com

Query the local server directly to avoid client resolver variables. A correct answer section confirms the server is responding and your zone data is available. 

;; QUESTION SECTION:
;www.example.com.        IN      A
;; ANSWER SECTION:
www.example.com.  86400  IN      A   192.168.1.20

Reference

  • bind/bind9 : BIND DNS server packages (name varies by distro family).
  • /etc/named.conf / /etc/bind/named.conf : Primary daemon configuration location (platform-dependent).
  • SOA, NS, A records : Core building blocks for a forward DNS zone.
  • systemctl start named / systemctl start bind9 : Starts the DNS service for your platform.
  • dig @localhost <name> : Queries the local DNS daemon directly to validate authoritative answers.