I previously covered how to install CentOS 7 Linux and NTPD on BananaPi here:
https://blog.scottnolan.org/2016/03/16/bananapi-server-running-centos-7-linux/
This post is how to install BIND name server for caching DNS on BananaPi.
Install and enable the BIND software:
yum -y install bind bind-chroot
systemctl enable named.service
Go get a root hints file:
yum -y install wget
wget --user=ftp --password=ftp ftp://ftp.rs.internic.net/domain/db.cache -O /var/named/named.root
cp /usr/share/doc/bind-*/sample/etc/named.rfc1912.zones /var/named/chroot/etc
Update your named.conf file:
vi /etc/named.conf
Change the string listen-on port 53 { 127.0.0.1; };
to listen-on port 53 { 127.0.0.1; IP_OF_BANANAPI; };
Change allow-query { localhost; };
to allow-query { localhost; 192.168.1.0/24; }; (only use whatever subnet you have)
Add to options block:
forward first;
forwarders {
71.252.0.12;
4.2.2.2;
208.67.222.222;
8.8.8.8;
};
Use IPs for the public caches that are fastest from your location; I use NameBench on my Mac to determine the fastest local servers.
That creates a caching name server; you can also (optionally) add local zones too if you like.
Configure firewall to allow DNS:
yum -y install system-config-firewall-tui
firewall-cmd --permanent --add-port=53/tcp
firewall-cmd --permanent --add-port=53/udp
firewall-cmd --permanent --add-service=dns
firewall-cmd --reload
chgrp named -R /var/named
chown -v root:named /etc/named.conf
restorecon -rv /var/named
restorecon /etc/named.conf
named-checkconf /etc/named.conf
cd ; systemctl start named
cd ; systemctl restart named
Install dig/nslookup tools and verify your BIND/DNS server:
yum -y install bind-utils
nslookup www.cnn.com 127.0.0.1
nslookup google.com 127.0.0.1
Test from another computer:
nslookup google.com IP_OF_BANANAPI
Congratulations – you have a caching DNS server.
Post a Comment