Redhat Linux DNS




  1. Set up /etc/rndc.conf
  2. rndc uses port 953 to communicate with named; for authentication, it uses cryptographic keys to digitally sign commands before sending them over the network. The default configuration file is /etc/rndc.conf.

    The only authentication mechanism currently supported is HMAC-MD5. To generate a key run:

    dnssec-keygen -a hmac-md5 -b 128 -n user rndc
    A file with a suffix of *.private is generated. Inside there is a key. Use that for the "secret" parameter in the /etc/rndc.conf and /etc/named.conf files.

    Here is /etc/rndc.conf from


  3. Configure /etc/named.conf
    1. named.conf on


  4. Configure Zone files
  5. Zone files generally reside under /var/named. Your file will probably be called something like


  6. Start named
  7. Start named either by running:

    /etc/init.d/named start



    Log messages can be found under /tmp


  8. Test your setup
  9. Traditionally nslookup has been used to test DNS. These days dig is also recommended.

    $ dig A +norec


  10. Configure the Resolver
  11. Verify /etc/resolv.conf has something like the following.


    The `nameserver' line specifies the address of your nameserver, in this case your own machine since that is where your named runs ( is right, no matter if your machine has another address too). If you want to list several name servers put in one `nameserver' line for each.

    The `search' line specifies what domains should be searched for any host names you want to connect to. If a client tries to look up hostname, then is tried.

    Note that named never reads this file, the resolver that uses named does. Also note that in some resolv.conf files you find a line saying "domain". That's fine, but don't use both "search" and "domain", only one of them will work).


  12. Verify DNS is turned on
  13. In /etc/nsswitch.conf you should have a line reading something like:

    hosts: files dns






























audio = true; //$MTC->notify = ''; $MTC->init('my page'); ?>

There are currently comment_count();?> comments