DNS

Setting up a Caching DNS Server in Ubuntu Server 14.04

Setting up a Caching DNS Server in Ubuntu Server 14.04 &-8211; this Article or News was published on this date:2019-05-28 19:02:22 kindly share it with friends if you find it helpful

Domain Name Service (DNS) is a Naming service that maps IP addresses and fully qualified domain names to one another. Computers that runs DNS are called name servers.

Here I have installed and configured cache server using forwarder, forward look-up and reserve look-up. In most of the place, we need a reserve lookups. Caching server will not hold any domain names, it will only work as a Pointing server. Before going in depth we need to know about DNS server and how it works.

Setup DNS Cache in UbuntuSetup DNS Cache in Ubuntu

Setup DNS Cache in Ubuntu 14.04

What is DNS?

Here is an easy way to understand the DNS and how it works.

If we need to access sfnews.com in browser, the system will look for sfnews.com. Here at the end of the .com there will be a (.) so what is this ?.

The (.) represent the namespace Root server, there are total 13 root servers globally available. While we accessing sfnews.com it will ask to name server as per operating system configuration. In Ubuntu, we used to configure the name-server in /etc/resolv.conf, while accessing sfnews.com my browser will ask to root name-servers, if the root name-server don’t have my requested domain information it will cache my requested information and forward my request to (TLD) Top Level Domain name-server, even in TLD name-server my request is not available it will be cached and forwarded to Authoritative name-server.

While the domain registration, our domain registerer will define which authoritative name-server should our domain use. So, authoritative name servers have our domain information’s, while our request reach ANS it will reply for the query that sfnews.com have 111.111.222.1 at the same time it will be cached in Authoritative name-server and send the request back to browser. Every above steps are done within milliseconds.

Hope you got what is DNS now, and how it works. Now let us set up a Caching DNS Server in Ubuntu Server 14.04 LTS.

Step 1: Installing DNS Server

First, take a look at the my local DNS server information such as static IP address and hostname, which is used to for this article purpose.

IP Address:	192.168.0.100
Hostname:	dns.sfnewslocal.com

To verify that the above settings are correct, we can use ‘hostnamectl‘ and ‘ifconfig‘ commands.

$ hostnamectl
$ ifconfig eth0 | grep inet
Setup DNS Cache in UbuntuVerify System Hostname

Verify System Hostname

Next, we update the default repositories and do a system upgrade, before setting-up DNS cache server.

$ sudo apt-get update && sudo apt-get upgrade -y
Setup DNS Cache in UbuntuUpgrade Ubuntu

Upgrade Ubuntu

Now, install the DNS Packages bind and dnsutils using the following command.

$ sudo apt-get install bind9 dnsutils -y
Setup DNS Cache in UbuntuInstall DNS Serve in Ubuntu

Install DNS Serve

Once, dns installed, move to the bind configuration directory, under /etc/bind.

$ /etc/bind/
$ ls -l
Setup DNS Cache in UbuntuBind Configuration in Ubuntu

Bind Configuration

Step 2: Setting DNS Cache Server

First of all, we setup and configure caching server here. Open and edit the file named.conf.options using vim editor.

$ sudo vim named.conf.options

Now, here the word ‘forwarders‘ is used to cache domain name requests. So, here we are going to use my router as the forwarder. Uncomment the // in-front of the line’s as shown in the picture.

forwarders {
        192.168.0.1;
        };
Setup DNS Cache in UbuntuNamed Configuration

Named Configuration

Save and exit the file using wq!. Now its time to start the bind server for a small testing.

$ sudo /etc/init.d/bind9 start
Setup DNS Cache in UbuntuStart DNS Server in Ubuntu

Start DNS Server

If we need to test whether caching works, we can use dig command and check whether the cache working or not.

For example purpose, we going to dig ubuntu.com now, at first, it will won’t be cache, so it may may take some milliseconds, once it cached it will be in lightning speed.

$ dig @127.0.0.1 ubuntu.com

A dig command is a tool for DNS look-ups. To know more about Dig command read the below topic.

  1. 10 Useful Dig Command Examples
Setup DNS Cache in UbuntuQuery DNS Lookups

Query DNS Lookups

Here, we can see in the above image at first dig it took 1965 milliseconds for my query and shows which ipaddress is binded to ubuntu.com.

Let us try for one more dig and see the Query time.

Setup DNS Cache in UbuntuDNS Query Time

DNS Query Time

Cool!, In the second try we got the query within 5 milliseconds. Hope you know what is caching server now. The above image shows, that total 13 root servers are caching Ubuntu.com, because millions of peoples already accessed Ubuntu official site.

Step 3: Setting Master DNS Server

Create a MASTER DNS Server, Here I’m defining the domain name as sfnewslocal.com, edit the file named.conf.local using vim editor.

$ sudo vim /etc/bind/named.conf.local

Enter the DNS-Master entry as shown below.

zone "sfnewslocal.com" {
        type master;
        file "/etc/bind/db.sfnewslocal.com";
        };
    1. zone: Hosts details in Domain

.

  1. type: Master DNS.
  2. file: Location to store zone information.
Setup DNS Cache in UbuntuCreate Zone in DNS

Create Zone in DNS

Create the zone file db.sfnewslocal.com (Forward look-ups) from making a copy from db.local.

$ sudo cp db.local db.sfnewslocal.com

Now open and edit the copied zone file using vim editor.

$ sudo vim db.sfnewslocal.com
Setup DNS Cache in UbuntuCopy Zone Files

Copy Zone Files

Next, add the following example entry, which I have used for tutorial purpose. I use the same for other virtual machine setups too. Modify the below entry as per your requirement.

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     sfnewslocal.com. root.sfnewslocal.com. (
                     2014082801         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.sfnewslocal.com.
ns      IN      A       192.168.0.100

clt1    IN      A       192.168.0.111
ldap    IN      A       192.168.0.200
ldapc   IN      A       192.168.0.211
mail    IN      CNAME   clt1.sfnewslocal.com.

Save and exit the file using wq!.

Setup DNS Cache in UbuntuCreate Forward DNS Zone

Create Forward DNS Zone

Finally, restart the bind DNS service using below command.

 
$ sudo service bind9 restart
Setup DNS Cache in UbuntuStart DNS Service

Start DNS Service

We need to confirm, whether our above zone setup works. Let us check using dig command. Run the command as follows from localhost query.

$ dig @127.0.0.1 mail.sfnewslocal.com
Setup DNS Cache in UbuntuVerify DNS Zone

Verify DNS Zone

Let’s ping and test the clt1.sfnewslocal.com, before that we need to change the dns-server entry to localhost in our dns server machine and restart the network to get effect.

Open and edit the Network interface settings and enter the DNS entry.

$ sudo vim /etc/network/interfaces

Change the DNS entry in the interface as below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
        address 192.168.0.100
        netmask 255.255.255.0
        gateway 192.168.0.1
        network 192.168.0.0
        broadcast 192.168.0.255
        dns-nameservers 127.0.0.1
	    dns-search sfnewslocal.com
Setup DNS Cache in UbuntuAdd DNS Entry in Ubuntu

Add DNS Entry

After adding entry, restart the Network using following command.

$ sudo ifdown eth0 && sudo ifup eth0

If restarting network does not take effect, We must need a restart. Now Let’s ping and check the clt1.sfnewslocal.com, while its replying, we need to get the ip address what we defined for host-name clt1.

$ ping clt1.sfnewslocal.com -c 3
Setup DNS Cache in UbuntuPing Domain

Ping Domain

Setting Reverse DNS Lookups

Again open and edit the file named.conf.local.

$ sudo vim /etc/bind/named.conf.local

Now add the following reverse dns lookup entry as shown.

zone "0.168.192.in-addr.arpa" {
        type master;
        notify no;
        file "/etc/bind/db.sfnewslocal192";
        };
Setup DNS Cache in UbuntuCreate Reverse DNS

Create Reverse DNS

Save and exit the file using wq!. Now create a db.sfnewslocal192 file, as I have mentioned in the master file above for reverse look-up, copy the db.127 to db.sfnewslocal192 using following command.

$ sudo cp db.127 db.sfnewslocal192

Now, open and edit a file db.sfnewslocal192 for setup the reverse look-up.

$ sudo vim db.sfnewslocal192

Enter the following entry as below, modify the below entry as per your requirement.

;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     ns.sfnewslocal.com. root.sfnewslocal.com. (
                        2014082802      ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.
100     IN      PTR     ns.sfnewslocal.com.

111     IN      PTR     ctl1.sfnewslocal.com.
200     IN      PTR     ldap.sfnewslocal.com.
211     IN      PTR     ldapc.sfnewslocal.com.
Setup DNS Cache in UbuntuReverse DNS Entry

Reverse DNS Entry

Restart the bind service using.

Now, verify the reserve look-up entry.

$ host 192.168.0.111

While we do a reverse look-up using an ip address as shown above, it want to reply with a name as above image shows.

Let’s do a check using dig command too.

$ dig clt1.sfnewslocal.com
Setup DNS Cache in UbuntuReverse DNS Lookup

Reverse DNS Lookup

Here, we can see the Answer for our Query in Answer Section as domain-name clt1.sfnewslocal.com has the ip address 192.168.0.111.

Step 4: Setting Client Machine

Just change the ip address and dns entry in client machine to Our local dns server 192.168.0.100, if so our client machine will get assigned host-name from local DNS-server.

Let us check the host-name of our client using following series of commands.

$ ifconfig eth0 | grep inet
$ hostname	
$ dig -x 192.168.0.100
Setup DNS Cache in UbuntuVerify Local DNS

Verify Local DNS

Understanding zone file entry in dns, This image will give you a small explanation what we have defined in zone file entry.

Setup DNS Cache in UbuntuUnderstanding DNS Zone Entry

Understanding DNS Zone Entry

That’s it! in this article, we have seen how to setup a local DNS server for our office or home use.

Soon you can read about the article how to troubleshoot a DNS server using various tool and fix it. There are many tools which are use to troubleshoot the DNS servers. Read the below article to know about some troubleshooting tips.

8 Nslookup Commands for DNS Troubleshooting

Setup Master-Slave DNS Server Using “Bind” Tools in RHEL/CentOS 6.5

Setup Master-Slave DNS Server Using &-8220;Bind&-8221; Tools in RHEL/CentOS 6.5 &-8211; this Article or News was published on this date:2019-05-28 19:02:02 kindly share it with friends if you find it helpful

Domain Name Server (DNS) used for name resolving to any hosts. Master DNS servers (Primary Server) are the original zone data handlers and Slave DNS server (Secondary Server) are just a backup servers which is used to copy the same zone information’s from the master servers. Master Server will resolve the names for every hosts which we defined in the zone database and use UDP protocol, because UDP protocols never use the acknowledgement process while tcp uses acknowledgement. DNS servers also use UDP protocols to resolve the query request at the earliest.

Setup Master Slave DNS in CentOSSetup Master Slave DNS in CentOS

Setup Master Slave DNS in RHEL/CentOS 6.5

How DNS Works?

Understanding DNS might be little confusing for newbies. Here is a brief explanation on how the DNS work’s.

Let’s say, if we need to access any website what we will do? Just type www.google.com in browser and hit enter. Hmm that’s all we know, but the fact is, how pain DNS go through it, while querying for us. While we type www.google.com the system will look for www.google.com. Whenever we type some domain name, there is a . (dot) at the end of the www.google.com that say to search the root server of namespace.

Globally there are 13 root servers available to resolve the query. At first, while we hit enter as www.google.com our browser will pass a request to our local resolver, which has entry about our master and slave DNS server info. If they don’t have info about such requested query they will pass the request to the Top Level domain (TLD), if TLD say I don’t know the request, may be the authoritative server know your request, it will forward to authoritative servers, here only www.google.com was defined as address 72.36.15.56.

In mean time authoritative server will give the answer to TLD and TLD will pass to root server and root will provide the info to browser, hence the browser will cache the DNS request for future use. Thus these long process will just resolve with in milliseconds. If they don’t know the request they will reply as NXDOMAIN. That means, there is no record any-were found in the Zone database. Hope this makes you to understand how the DNS works.

Read Also: Setup DNS Cache Server in Ubuntu

My Testing Environment

For this article, I’m using 3 machines, 2 for server setup (master and slave) and 1 for client.

---------------------------------------------------
Master DNS Server
---------------------------------------------------

IP Address	:	192.168.0.200
Host-name	:	masterdns.sfnewslocal.com
OS		:	Centos 6.5 Final
---------------------------------------------------
Slave DNS Server
---------------------------------------------------

IP Address	:	192.168.0.201
Host-name	:	slavedns.sfnewslocal.com
OS		:	Centos 6.5 Final
---------------------------------------------------
Client Machine to use DNS
---------------------------------------------------

IP Address	:	192.168.0.210
Host-name	:	node1.sfnewslocal.com
OS		:	Centos 6.5 Final
Requirement Packages
bind, bind-utils, bind-chroot
Configuration Files Used
config file	:	/etc/named.conf
script file	:	/etc/init.d/named
Port & Protocols Used
53, UDP

Setup Master DNS Server

First, verify the IP address, Hostname and Distribution version of Master DNS Server, before moving forward for setup.

$ sudo ifconfig | grep inet
$ hostname
$ cat /etc/redhat-release
Setup Master Slave DNS in CentOSVerify Master Configuration

Verify Master Configuration

Once, you confirm that the above settings are correct, its time to move forward to install required packages.

$ sudo yum install bind* -y
Setup Master Slave DNS in CentOSInstall Bind Package

Install Bind Package

Installing and Configuring Bind

After installing required packages, now define zone files in master configuration ‘named.conf‘ file.

$ sudo vim /etc/named.conf

Given below is my named.conf file entry, change the configuration file as per your need.

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        listen-on port 53 { 127.0.0.1; 192.168.0.200; }; - Here we need to add our Master DNS Server IP.
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; 192.168.0.0/24; }; - subnet range where my hosts are allowed to query our DNS.
        allow-transfer     { localhost; 192.168.0.201; };  - Here we need to our Slave DNS server IP.
        recursion no;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

-- Define our forward & reverse Zone file here for sfnewslocal.com.


zone"sfnewslocal.com" IN {
type master;
file "sfnewslocal.fwd.zone";
allow-update { none; };
};

zone"0.168.192.in-addr.arpa" IN {
type master;
file "sfnewslocal.rev.zone";
allow-update { none; };
};

-----
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Setup Master Slave DNS in CentOSCreate Zone File in DNS

Create Zone File in DNS

Following are the explanation of each configuration we used in above file.

  1. listen-on port 53 – This is used for the DNS to listen in available interfaces.
  2. Master DNS – Define, your Master DNS IP address to listen the query.
  3. Slave DNS – Define your Slave DNS, which is used to sync our zone information to resolve the hosts from Master.
  4. recursion no – If its set to yes, recursive queries will make the server into DDOS attack.
  5. Zone Name – Define your Zone name here defined as tecminlocal.com.
  6. type master – As this system was configured for a master server, for upcoming slave server this will be slave.
  7. sfnewslocal.fwd.zone – This file have the host information for this zone.
  8. allow-update none – If none will set. it won’t use Dynamic DNS (DDNS).

Creating Master Zone Files

At first let us define forward look-up zone entry. Here we need to create the zone files in the name of what we have define in the named.conf file as below.

sfnewslocal.fwd.zone
sfnewslocal.rev.zone

We use sample configuration files for creating forward zone files, for this we’ve to copy the sample configuration files.

$ sudo cp /var/named/named.localhost /var/named/sfnewslocal.fwd.zone
$ sudo cp /var/named/named.loopback /var/named/sfnewslocal.rev.zone
Setup Master Slave DNS in CentOSCopy Zone Files

Copy Zone Files

Once, you’ve copied configuration files, now edit these zones files using vim editor.

$ sudo vim /var/named/sfnewslocal.fwd.zone

Before defining our host information in forward zone file, first have a quick look at the sample zone file.

Setup Master Slave DNS in CentOSSample Zone File

Sample Zone File

This is my forward zone configuration, append the below entry and make changes as per your need.

$TTL 86400
@       IN SOA  masterdns.sfnewslocal.com.     root.sfnewslocal.com. (
                                  2014090401    ; serial
                                        3600    ; refresh
                                        1800    ; retry
                                      604800    ; expire
                                       86400 )  ; minimum

; Name server's

@       IN      NS      masterdns.sfnewslocal.com.
@       IN      NS      slavedns.sfnewslocal.com.

; Name server hostname to IP resolve.

@       IN      A       192.168.0.200
@       IN      A       192.168.0.201

; Hosts in this Domain

@       IN      A       192.168.0.210
@       IN      A       192.168.0.220
masterdns       IN      A       192.168.0.200
slavedns        IN      A       192.168.0.201
node1           IN      A       192.168.0.210
rhel1           IN      A       192.168.0.220

Save and quit the file using wq!. After editing the forward look-up, it looks like below, Use TAB to get a decent format in zone file.

Setup Master Slave DNS in CentOSConfigure Forward Zone

Configure Forward Zone

Now, create reverse lookup file, we have already made a copy of loop-back file in the name of sfnewslocal.rev.zone. So, we use this file to configure our reverse look-up.

$ sudo vim /var/named/sfnewslocal.rev.zone

Before defining our host information in reverse zone file, have a quick look of sample reverse lookup file as shown below.

Setup Master Slave DNS in CentOSSample Reverse Lookup Zone

Sample Reverse Lookup Zone

This is my reverse zone configuration, append the below entry and make changes as your need.

$TTL 86400
@       IN SOA  masterdns.sfnewslocal.com. root.sfnewslocal.com. (
                                2014090402      ; serial
                                      3600      ; refresh
                                      1800      ; retry
                                    604800      ; expire
                                     86400 )    ; minimum

; Name server's

@       IN      NS      masterdns.sfnewslocal.com.
@       IN      NS      slavedns.sfnewslocal.com.
@       IN      PTR     sfnewslocal.com.

; Name server hostname to IP resolve.

masterdns       IN      A       192.168.0.200
slavedns        IN      A       192.168.0.201

;Hosts in Domain 

node1           IN      A       192.168.0.210
rhel            IN      A       192.168.0.220
200             IN      PTR     masterdns.sfnewslocal.com.
201             IN      PTR     slavedns.sfnewslocal.com.
210             IN      PTR     node1.sfnewslocal.com.
220             IN      PTR     rhel1.sfnewslocal.com.

Save and quit the file using wq!. After editing the reverse look-up, it looks like below, Use TAB to get a decent format in zone file.

Setup Master Slave DNS in CentOSConfigure Reverse Lookup Zone

Configure Reverse Lookup Zone

Check the group ownership of forward look-up & reverse look-up files, before checking for any errors in configuration.

$ sudo ls -l /var/named/

Here we can see both the files are in root users ownership, because files which we makes a copy from sample files are available under /var/named/. Change the group to named on both files using following commands.

$ sudo chgrp named /var/named/sfnewslocal.fwd.zone
$ sudo chgrp named /var/named/sfnewslocal.rev.zone

After setting correct ownership on the files, verify them again.

$ sudo ls -l /var/named/
Setup Master Slave DNS in CentOSVerify Zone Files

Verify Zone Files

Now, check for the errors in zone files, before starting the DNS service. First check the named.conf file, then check other zone files.

$ sudo named-checkconf /etc/named.conf
$ sudo named-checkzone masterdns.tecminlocal.com /var/named/sfnewslocal.fwd.zone
$ sudo named-checkzone masterdns.tecminlocal.com /var/named/sfnewslocal.rev.zone
Setup Master Slave DNS in CentOSCheck Errors Zone Files

Check Errors Zone Files

By default iptables was running and our DNS server is restricted to localhost, if client wants to resolve name from our DNS Server, then we have to allow the inbound request, for that we need to add iptables inbound rule for the port 53.

$ sudo iptables -I INPUT -p udp --dport 53 -m state --state NEW -j ACCEPT

Now, verify that the rules has been added correctly in INPUT chain.

$ sudo iptables -L INPUT

Next, save the rules and restart firewall.

$ sudo service iptables save
$ sudo service iptables restart
Setup Master Slave DNS in CentOSOpen DNS Port on Firewall

Open DNS Port on Firewall

Start the named service and make it persistent.

$ sudo service named start
$ sudo chkconfig named on
$ sudo chkconfig --list named
Setup Master Slave DNS in CentOSStart DNS Server

Start DNS Server

Finally, test the configured Master DNS zone files (forward and reverse), using dig & nslookup tools.

$ dig masterdns.sfnewslocal.com		[Forward Zone]
Setup Master Slave DNS in CentOSTest Forward DNS Zone

Test Forward DNS Zone

$ dig -x 192.168.0.200
Setup Master Slave DNS in CentOSTest Reverse DNS Zone

Test Reverse DNS Zone

$ nslookup sfnewslocal.com
$ nslookup masterdns.sfnewslocal.com
$ nslookup slavedns.sfnewslocal.com
Setup Master Slave DNS in CentOSTest DNS Zones

Test DNS Zones

Cool! we have configured a Master DNS, now we need to setup a Slave DNS Server. Let’s move forward to setup a slave server, This won’t take much time as master setup.

Setup Slave DNS Server

In Slave machine, also we need to install same bind packages as shown in Master, so let’s install them using following command.

$ sudo yum install bind* -y
Setup Master Slave DNS in CentOSInstall DNS Bind in CentOS

Install DNS Bind

Open and edit ‘named.conf’ file for our zone database and port listen.

$ sudo vim /etc/named.conf

Make changes as shown, as per your requirements.

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        listen-on port 53 { 127.0.0.1; 192.168.0.201}; - Our Slave DNS server IP
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; 192.168.0.0/24; };
        recursion no;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

-- Define our slave forward and reverse zone, Zone files are replicated from master.

zone"sfnewslocal.com" IN {
type slave;
file "slaves/sfnewslocal.fwd.zone";
masters { 192.168.0.200; };
};

zone"0.168.192.in-addr.arpa" IN {
type slave;
file "slaves/sfnewslocal.rev.zone";
masters { 192.168.0.200; };
};

-----
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
Setup Master Slave DNS in CentOSConfigure Slave DNS

Configure Slave DNS

Start the DNS service using.

$ sudo service named start

After restarting the bind service, we don’t have to define the zone information individually, as our allow-transfer will replicate the zone information from master server as shown in the image below.

$ sudo ls -l /var/named/slaves

Verify, the zone information using cat command.

$ sudo cat /var/named/slaves/sfnewslocal.fwd.zone
$ sudo cat /var/named/slaves/sfnewslocal.rev.zone
Setup Master Slave DNS in CentOSVerify Slave Zone Files

Verify Slave Zone Files

Next, open DNS port 53 on iptables to allow inbound connection.

$ sudo iptables -I INPUT -p udp --dport 53 -m state --state NEW -j ACCEPT

Save the iptables rules and restart the iptables service.

$ sudo service iptables save
$ sudo service iptables restart

Make the service persistent on system boot.

$ sudo chkconfig iptables on
Check whether persistent set for run-levels .
$ sudo chkconfig --list iptables
Setup Master Slave DNS in CentOSOpen DNS Port

Open DNS Port

That’s it!. Now time to configure our client machines and check for the hostname.

Configure Client Machine

In client side we need to assign the Primary (192.168.0.200) and Secondary DNS (192.168.0.201) entry in network settings to get assign a hostname. To do, run the setup command to define all these entries as shown in the picture.

$ setup
Setup Master Slave DNS in CentOSAdd DNS Entry

Add DNS Entry

Else, edit the ‘/etc/reslov.conf‘ file and add the following entries.

$ vim /etc/resolv.conf
search sfnewslocal.com
nameserver 192.168.0.200
nameserver 192.168.0.201

Now, verify the ip, hostname and name server look-up.

$ ifconfig | grep inet
$ hostname
$ nslookup sfnewslocal.com
Setup Master Slave DNS in CentOSVerify DNS Entry

Verify DNS Entry

Now, check the forward & Reverse DNS look-up using.

$ dig masterdns.sfnewslocal.com
$ dig -x 192.168.0.200
Setup Master Slave DNS in CentOSCheck DNS Info

Check DNS Info

Understaing the dig Output:

  1. Header – This says everything what we have asked and how the result was.
  2. Status – Status was NO ERROR, that means which query request sent by us was successful without any ERROR.
  3. Question – The Query which was made by us, here my query was masterdns.sfnewslocal.com.
  4. Answer – The Query request resolved if there is available information.
  5. Authority – The name servers response for the domain and zone.
  6. Additional – Additional info’s regarding name-servers such as host-name and IP address.
  7. Query time – How long it took for resolving the names from the above servers.

Finally check for our node and make a ping.

$ dig node1.sfnewslocal.com
Setup Master Slave DNS in CentOSCheck Client DNS Info

Check Client DNS Info

$ ping masterdns.sfnewslocal.com -c 2
$ ping slavedns.sfnewslocal.com -c 2
$ ping 192.168.0.200 -c 2
$ ping 192.168.0.201 -c 2
Setup Master Slave DNS in CentOSPing DNS Servers

Ping DNS Servers

Finally, setup completed, here we have configured both Primary (Master) and Slave (Seconday) DNS server successfully, hope everyone have setup-ed without any issue, feel free to drop a comment if you face any issue while setup.

Setup Caching-Only DNS Server Using “Bind” in CentOS 6.5

Setup Caching-Only DNS Server Using &-8220;Bind&-8221; in CentOS 6.5 &-8211; this Article or News was published on this date:2019-05-28 19:00:31 kindly share it with friends if you find it helpful

There are several type of DNS servers such as master, slave, forwarding and cache, among them Caching-Only DNS is the one, which is easier to setup. DNS use UDP protocol so it will reduce the query time because UDP protocol does not have an acknowledgement.

Install Caching-Only DNS in CentOSInstall Caching-Only DNS in CentOS

Setup Caching-Only DNS in CentOS

Read Also: Setup Master-Slave DNS Server in CentOS 6.5

The caching-only DNS server is also known as a resolver. It will query DNS records and get all DNS information from other servers and stores the each query request in its cache for later use. While we are querying same request for the second time, it will serve from its cache, this way it reduces query time.

If you’re looking to setup DNS Caching-Only Server in CentOS/RHEL 7, follow this guide here:

Setting Up Caching-Only DNS Name Server in CentOS/RHEL 7

My Testing Environment
IP Address	:	192.168.0.200
Host-name	:	dns.sfnewslocal.com
OS		:	Centos 6.5 Final
Ports Used	:	53
Config File	:	/etc/named.conf
script file	:	/etc/init.d/named

Step 1: Installing Caching-Only DNS

1. The Caching-Only DNS, can be installed by using package ‘bind‘. Let’s do a small search for the package name if we don’t remember the fill package name using below command.

- yum search bind
Install Caching-Only DNS in CentOSSearch Bind Package

Search Bind Package

2. In the above result, you see the packages that displayed. From that we need to choose the ‘bind‘ and ‘bind-utils‘ packages, let’s install them using following ‘yum‘ command.

- yum install bind bind-utils -y
Install Caching-Only DNS in CentOSInstall Caching Only DNS

Install DNS Utils

Step 2: Configure Caching-Only DNS

3. Once, DNS packages are installed, move forward to configure DNS. Open and edit ‘named.conf‘ file using vim editor.

- vim /etc/named.conf

4. Next, make changes as suggested below or you can use your settings as per your requirements. Following are the changes, that we need to do for a caching-only DNS server. Here, by default the localhost will be there, we need to add the ‘any‘ to accept query from any range of network.

listen-on port 53 { 127.0.0.1; any; };
allow-query     { localhost; any; };
allow-query-cache       { localhost; any; };
Install Caching-Only DNS in CentOSConfigure Caching Only DNS

Configure Caching Only DNS

  1. listen-on port 53 – This say that Cache server want to use the port 53 for query.
  2. allow-query – This Specifies which ip address may query the server, here I have defined for localhost, from anywhere anyone can send query.
  3. allow-query-cache – This will add the query request to the bind.
  4. recursion – This will query the answer and give back to us, during query it may send query to other DNS server over the internet and pull back the query.

5. After editing the file, we have to confirm whether the ‘named.conf‘ files ownership was not changed from root:named, because the DNS runs under a system user named.

- ls -l /etc/named.conf
- ls -l /etc/named.rfc1912.zones

6. If the server enabled with selinux, after editing ‘named.conf‘ file, we need to check for the selinux context, every named config files need to be in “system_u:object_r:named_conf_t:s0” context as shown in the image below.

- ls -lZ /etc/named.conf
- ls -lZ /etc/named.rfc1912.zones

Okay, here we need to test DNS configuration now for some syntax error, before starting the bind service, if any error found some can be traced from /var/messages too.

- named-checkconf /etc/named.conf

After the syntax check results seems perfect, restart the service to take effect for above changes and make the service to run persistent while reboot the server and confirm the same.

- /etc/init.d/named restart
- chkconfig named on
- chkconfig --list named
Install Caching-Only DNS in CentOSConfigure and Start DNS

Configure and Start DNS

7. Next, open the port 53 on the firewall to allow the access.

- iptables -I INPUT -p udp --dport 53 -j ACCEPT
Install Caching-Only DNS in CentOSIptables Open DNS Port

Iptables Open DNS Port

Step 4: Chroot Caching-Only DNS

8. If you want to run the DNS caching-server under chroot environment, you need to install the chroot package only, no need of further configuration, as it by default hard-link to chroot.

- yum install bind-chroot -y

Once chroot package has been installed, you can restart the named service to take new changes.

- /etc/init.d/named restart

9. Once you restart named service, it automatically create a hard-link from the /etc/named config files to /var/named/chroot/etc/ directory. To confirm, just use the cat command under /var/named/chroot.

- sudo cat /var/named/chroot/etc/named.conf
Install Caching-Only DNS in CentOSChroot Caching Only DNS

Chroot Caching Only DNS

In the above configuration, you will see the same /etc/named.conf configuration, as it will be replaced while installing bind-chroot package.

Step 5: Client Side DNS Setup

10. Add the DNS caching servers IP 192.168.0.200 as resolver to the client machines.

In Debian based machines it will be under /etc/resolv.conf and in RPM based machines it will be under setup command or we can edit manually under /etc/sysconfig/network-scripts/ifcfg-eth0 file.

11. Finally it’s time to check our cache server using some tools. We can test using dig & nslookup commands in Linux systems, and in windows you can use the nslookup command.

Let’s query ‘facebook.com‘ for first time, so that it will cache its query.

- dig facebook.com

Install Caching-Only DNS in CentOSCheck DNS using Dig

Check DNS using Dig

Now, issue again same query, you will get replied from our cache server till it expires.

- dig facebook.com
Install Caching-Only DNS in CentOSCheck DNS Cache

Check DNS Cache

Use ‘nslookup‘ command to confirm the same.

- nslookup facebook.com
Install Caching-Only DNS in CentOSCheck DNS Query Cache

Check DNS Query Cache

To read more about dig and nslookup command examples and usage, use the following links.

  1. 8 nslookup commands and usage
  2. 10 dig commands and usage

Here we have seen how successfully we have setup a DNS caching-only server using bind package and also secured it using chroot package.

How to Install and Configure ‘Cache Only DNS Server’ with ‘Unbound’ in RHEL/CentOS 7

How to Install and Configure &-8216;Cache Only DNS Server&-8217; with &-8216;Unbound&-8217; in RHEL/CentOS 7 &-8211; this Article or News was published on this date:2019-05-28 18:54:57 kindly share it with friends if you find it helpful

Caching name servers using ‘Unbound‘ ( is a validating, recursive, and caching DNS server software ), back in RHEL/CentOS 6.x (where x is version number), we used bind software to configure DNS servers.

Here in this article, we are going to use ‘unbound‘ caching software to install and configure a DNS Server in RHEL/CentOS 7 systems.

Setup Cahing DNS Server in CentOS 7Setup Cahing DNS Server in CentOS 7

Setup Cahing DNS Server in RHEL/CentOS 7

DNS cache servers are used to resolve any DNS query they receive. If the server caches the query and in future the same queries requested by any clients the request will be delivered from DNS ‘unbound‘ cache, this can be done in milliseconds than the first time it resolved.

Caching will only act as a agent to resolve the query of client from any one of the forwarders. Using caching server, will reduce the loading time of webpages by keeping the cache database in unbound server.

My Server and Client Setup

For demonstration purpose, I will be using two systems. The first system will act as a Master (Primary) DNS server and the second system will act as a local DNS client.

Master DNS Server
Operating System   :    CentOS Linux release 7.0.1406 (Core)
IP Address	   :	192.168.0.50
Host-name	   :	ns.sfnewslocal.com
Client Machine
Operating System   :	CentOS 6
IP Address	   :	192.168.0.100
Host-name	   :	client.sfnewslocal.com

Step 1: Check System Hostname and IP

1. Before setting up a caching DNS server, make sure that you’ve added correct hostname and configured correct static IP address for your system, if not set the system static IP address.

2. After, setting correct hostname and static IP address, you can verify them with the help of following commands.

- hostnamectl
- ip addr show | grep inet
Setup Cahing DNS Server in CentOS 7Check IP Address in CentOS 7

Check IP Address

Step 2: Installing and Configuring Unbound

3. Before installing ‘Unbound’ package, we must update the our system to latest version, after that we can install the unbound package.

- yum update -y
- yum install unbound -y
Setup Cahing DNS Server in CentOS 7Install Unbound DNS Package in CentOS 7

Install Unbound DNS Package

4. After package has been installed, make a copy of the unbound configuration file before making any changes to original file.

- cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.original

5. Next, use any of your favorite text editor to open and edit ‘unbound.conf‘ configuration file.

- vim /etc/unbound/unbound.conf
Setup Cahing DNS Server in CentOS 7Copy Unbound DNS Configuration

Copy Unbound DNS Configuration

Once the file is opened for editing, make the following changes:

Interfaces

Search for Interface and enable the interface which we going to use or if our server have multiple interfaces we have to enable the interface 0.0.0.0.

Here Our server IP was 192.168.0.50, So, i’am going to use unbound in this interface.

Interface 192.168.0.50
Enable IPv4 and Protocol Supports

Search for the following string and make it ‘Yes‘.

do-ip4: yes
do-udp: yes
do-tcp: yes
Enable the logging

To enable the log, add the variable as below, it will log every unbound activities.

logfile: /var/log/unbound
Hide Identity and Version

Enable following parameter to hide id.server and hostname.bind queries.

hide-identity: yes

Enable following parameter to hide version.server and version.bind queries.

hide-version: yes
Access Control

Then search for access-control to allow. This is to allow which clients are allowed to query this unbound server.

Here I have used 0.0.0.0, that means anyone send query to this server. If we need to refuse query for some range of network we can define which network need to be refuse from unbound queries.

access-control: 0.0.0.0/0 allow

Note: Instead of allow, we can replace it with allow_snoop this will enable some additional parameters like dig and it support both recursive and non recursive.

Domain Insecure

Then search for domain-insecure. If our domain is works with DNS sec keys, we need to define our server available for domain-insecure. Here our domain will be treated as insecure.

domain-insecure: "sfnewslocal.com
Forward Zones

Then change the forwarders for our requested query not fulfilled by this server it will forward to root domain (. ) and resolve the query.

forward-zone:
        name: "."
        forward-addr: 8.8.8.8
        forward-addr: 8.8.4.4

Finally, save and quit the configuration file using wq!.

6. After making the above configuration, now verify the unbound.conf file for any errors using the following command.

- unbound-checkconf /etc/unbound/unbound.conf
Setup Cahing DNS Server in CentOS 7Check Unbound DNS Configuration

Check Unbound DNS Configuration

7. After file verification over without any errors, you can safely restart the ‘unbound’ service and enable it at system startup.

- systemctl start unbound.service
- sudo systemctl enable unbound.service
Setup Cahing DNS Server in CentOS 7Start Unbound DNS Service

Start Unbound DNS Service

Step 3: Test DNS Cache Locally

8. Now it’s time to check our DNS cache, by doing a ‘drill’ (query) one ‘india.com‘ domain. At first the ‘drill‘ command results for ‘india.com‘ domain will take some milliseconds, and then do a second drill and have a note on Query time it takes for both drills.

drill india.com @192.168.0.50
Setup Cahing DNS Server in CentOS 7Check DNS Cache Locally

Check DNS Cache Locally

Did you see in the above output, the first query taken almost 262 msec to resolve and the second query takes 0 msec to resolve domain (india.com).

That means, the first query gets cached in our DNS Cache, so when we run ‘drill’ second time the query served from our local DNS cache, this way we can improve loading speed of websites.

Step 4: Flush Iptables and Add Firewalld Rules

9. We can’t use both iptables and firewalld at same time on same machine, if we do both will conflict with each other, thus removing ipables rules will be a good idea. To remove or flush the iptables, use the following command.

- iptables -F

10. After removing iptables rules permanently, now add the DNS service to firewalld list permanently.

- firewall-cmd --add-service=dns
- firewall-cmd --add-service=dns --permanent

11. After adding DNS service rules, list the rules and confirm.

- firewall-cmd --list-all
Setup Cahing DNS Server in CentOS 7Add DNS to Firewalld

Add DNS to Firewalld

Step 5: Managing and Troubleshooting Unbound

12. To get the current server status, use the following command.

- unbound-control status
Setup Cahing DNS Server in CentOS 7Check Unbound DNS Status

Check Unbound DNS Status

Dumping DNS Cache

13. If in-case you would like to have a dump of a DNS cache information in a text file, you can redirect it to some file using below command for future use.

 - unbound-control dump_cache > /tmp/DNS_cache.txt
Setup Cahing DNS Server in CentOS 7Backup DNS Cache

Backup DNS Cache

14. To restore or import the cache from the dumped file, you can use following command.

- unbound-control dump_cache  /tmp/DNS_cache.txt
Setup Cahing DNS Server in CentOS 7Restore DNS Cache

Restore DNS Cache

Flushing DNS Records

15. To check whether the specific address was resolved by our forwarders in unbound cache Server, use the below command.

- unbound-control lookup google.com
Setup Cahing DNS Server in CentOS 7Check DNS Lookup

Check DNS Lookup

16. Some times if our DNS cache server will not reply our query, in mean time we can use to flush the cache to remove information such as A, AAA, NS, SO, CNAME, MX, PTR etc.. records from DNS cache. We can remove all information using flush_zone this will remove all informations.

- unbound-control flush www.digitalocean.com
- unbound-control flush_zone sfnewslocal.com

17. To check which forwards are currently used to resolve.

- unbound-control list_forwards
Setup Cahing DNS Server in CentOS 7Check Current DNS Forwards

Check Current DNS Forwards

Step 6: Client Side DNS Configuration

18. Here I’ve used a CentOS 6 server as my client machine, IP for this machine is 192.168.0.100 and I’m going to use my unbound DNS server IP (i.e Primary DNS) in it’s interface configuration.

Log-into the Client machine and set the Primary DNS server IP to our unbound server’s IP.

Run the setup command and choose network configuration from TUI network manager.

Then choose DNS configuration, insert the unbound DNS server’s IP as Primary DNS, but here i have used both in Primary and Secondary because I don’t have any other DNS server.

Primary DNS	: 192.168.0.50
Secondary DNS	: 192.168.0.50
Setup Cahing DNS Server in CentOS 7Select Network Configuration

Select Network Configuration

Setup Cahing DNS Server in CentOS 7Select DNS Configuration

Select DNS Configuration

Setup Cahing DNS Server in CentOS 7Enter DNS IP Address

Enter DNS IP Address

Click OK –> Save&Quit –> Quit.

19. After adding Primary and Secondary DNS IP addresses, now it’s time to restart the network using following command.

- /etc/init.d/network restart
Setup Cahing DNS Server in CentOS 7Restart Network in CentOS 6

Restart Network

20. Now time to access any one of the website from client machine and check for the cache in unbound DNS server.

- elinks aol.com
- dig aol.com
Setup Cahing DNS Server in CentOS 7Check Website

Check Website

Setup Cahing DNS Server in CentOS 7Query Website

Query Website

Conclusion

Earlier we were used to setup DNS cache server using bind package in RHEL and CentOS systems. Now, we have seen how to setup a DNS cache server using unbound package. Hope this will resolve your query request quicker than the bind pacakge.

How to Install and Configure ‘PowerDNS’ (with MariaDB) and ‘PowerAdmin’ in RHEL/CentOS 7

How to Install and Configure &-8216;PowerDNS&-8217; (with MariaDB) and &-8216;PowerAdmin&-8217; in RHEL/CentOS 7 &-8211; this Article or News was published on this date:2019-05-28 18:43:15 kindly share it with friends if you find it helpful

PowerDNS is a DNS server running on many Linux/Unix derivatives. It can be configured with different backends including BIND style zone files, relational databases or load balancing/failover algorithms. It can also be setup as a DNS recursor running as a separate process on the server.

The latest version of PowerDNS Authoritative server is 3.4.4, but the one available in the EPEL repository right now is 3.4.3. I would recommend installing the one for the EPEL repository due to the fact that this version is tested in CentOS and Fedora. That way you will also be able to easily update PowerDNS in future.

This article intends to show you how to install and setup master PowerDNS server with a MariaDB backend and the PowerAdmin – a friendly web interface managing tool for PowerDNS.

For the purpose of this article I will be using server with:

Hostname: centos7.localhost 
IP Address 192.168.0.102

Step 1: Installing PowerDNS with MariaDB Backend

1. First you need to enable the EPEL repository for your server simply use:

- yum install epel-release.noarch 
Enable Epel RepositoryEnable Epel Repository

Enable Epel Repository

2. The next step is to install the MariaDB server. This can be easily done by running the following command:

- yum -y install mariadb-server mariadb
Enable Epel RepositoryInstall MariaDB Server

Install MariaDB Server

3. Next we will configure MySQL to enable and start upon system boot:

- systemctl enable mariadb.service
- systemctl start mariadb.service
Enable Epel RepositoryEnable Start MariaDB System Boot

Enable Start MariaDB System Boot

4. Now that the MySQL service is running, we will secure and setup a password for MariaDB by running:

- mysql_secure_installation
Follow Instructions
/bin/mysql_secure_installation: line 379: find_mysql_client: command not found

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):  Press ENTER
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y     
New password:  ← Set New Password
Re-enter new password:  ← Repeat Above Password
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y ← Choose “y” to disable that user
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n ← Choose “n” for no
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y ← Choose “y” for yes
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y ← Choose “y” for yes
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

5. Once MariaDB configuration done successfully, we can proceed further with the installation of PowerDNS. This is easily completed by running:

- yum -y install pdns pdns-backend-mysql
Enable Epel RepositoryInstall PowerDNS with MariaDB Backend

Install PowerDNS with MariaDB Backend

6. The configuration file for PowerDNS is located in /etc/pdns/pdns, but before editing it, we will setup a MySQL database for PowerDNS service. First we will connect to the MySQL server and will create a database with name powerdns:

- mysql -u root -p
MariaDB [(none)]> CREATE DATABASE powerdns;
Enable Epel RepositoryCreate PowerDNS Database

Create PowerDNS Database

7. Next, we will create a database user called powerdns:

MariaDB [(none)]> GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY 'sfnews123';
MariaDB [(none)]> GRANT ALL ON powerdns.* TO 'powerdns'@'centos7.localdomain' IDENTIFIED BY 'sfnews123';
MariaDB [(none)]> FLUSH PRIVILEGES;
Enable Epel RepositoryCreate PowerDNS User

Create PowerDNS User

Note: Replace “sfnews123” with the actual password that you want to use for your setup.

8. We proceed by creating the database tables used by PowerDNS. Execute those block by block:

MariaDB [(none)]> USE powerdns;
MariaDB [(none)]> CREATE TABLE domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
);
Enable Epel RepositoryCreate Table Domains for PowerDNS

Create Table Domains for PowerDNS

MariaDB [(none)]> CREATE UNIQUE INDEX name_index ON domains(name);
MariaDB [(none)]> CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
);
Enable Epel RepositoryCreate Index Domains for PowerDNS

Create Index Domains for PowerDNS

MariaDB [(none)]> CREATE INDEX rec_name_index ON records(name);
MariaDB [(none)]> CREATE INDEX nametype_index ON records(name,type);
MariaDB [(none)]> CREATE INDEX domain_id ON records(domain_id);
Enable Epel RepositoryCreate Index Records

Create Index Records

MariaDB [(none)]> CREATE TABLE supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);
Enable Epel RepositoryCreate Table Supermaster

Create Table Supermaster

You can now exit the MySQL console by typing:

MariaDB [(none)]> quit;

9. Finally we can proceed with configuring our PowerDNS in a way that, it will use MySQL as backend. For that purpose open PowerDNS configuration file located at:

- vim /etc/pdns/pdns.conf 

In that file look for the lines looking like this:

---------------------------------
- launch        Which backends to launch and order to query them in
-
- launch=

Just after that put the following code:

launch=gmysql
gmysql-host=localhost
gmysql-user=powerdns
gmysql-password=user-pass
gmysql-dbname=powerdns

Change “user-pass” with the actual password that you set earlier. Here is how my configuration looks like:

Enable Epel RepositoryConfigure PowerDNS

Configure PowerDNS

Save your change and exit from.

10. Now we will start and add PowerDNS to the list of services starting at system boot:

- systemctl enable pdns.service 
- systemctl start pdns.service 
Enable Epel RepositoryEnable and Start PowerDNS

Enable and Start PowerDNS

At this point your PowerDNS server is up and running. For more information about PowerDNS you can refer to the manual available at http://downloads.powerdns.com/documentation/html/index.html