Linux DNS and DHCP services

What is DNS?

DNS or Domain Name System is a distributed database system that translates website (Domain) names into IP addresses. When a user enters a website name into their web browser, the browser sends a DNS query to a DNS server. The DNS server then looks up the IP address associated with the domain name and returns it to the browser, allowing the browser to connect to the desired website or service.

DNS uses a hierarchical naming system, with each domain name consisting of one or more labels separated by dots. The highest level of the DNS hierarchy is the root domain, followed by top-level domains such as .com, .org, and .net, for example google.com or facebook.com.

What is DHCP?

DHCP stands for Dynamic Host Configuration Protocol. It is a network protocol used to automatically assign IP addresses and other network configuration parameters, such as subnet mask, default gateway, and DNS server information, to devices on a network.

When a device joins a network that uses DHCP, it sends a broadcast message requesting network configuration information. A DHCP server on the network responds to the request by offering an IP address and other configuration parameters to the device. If the device accepts the offer, it will be assigned an IP address and can then communicate with other devices on the network.

DHCP makes it easier to manage and configure a large network with many devices, as it eliminates the need to manually configure IP addresses on each device. It also allows for more efficient use of IP addresses, as devices can be assigned temporary addresses from a pool of available addresses, rather than permanently reserving a specific address for each device.

DNS Server Configuration (BIND DNS) in Linux

The Berkeley Internet Name Domain (BIND) is the most commonly used DNS server software on Linux systems. Here's how to configure a DNS server using BIND:

Step 1 : First of all we need to install BIND. To install BIND on a Linux system, run the following command.

Step 2 : Then we need to configure BIND. The BIND configuration file is located at /etc/bind/named.conf. This file contains the configuration directives for the DNS server.

Let's check an example of a configuration file:

Now, Let's understand the configuration file line by line and the specification of the options used in the above shown file.

The options section specifies global configuration options for the BIND server.

directory "/var/named : Specifies the directory where the BIND server will look for its zone files.

listen-on port 53 { any; } : Specifies that the BIND server should listen on port 53 for incoming DNS queries from any IP address.

allow-query { any; } : Specifies that the BIND server should allow DNS queries from any IP address.

recursion yes : Specifies that the BIND server should perform recursive DNS lookups on behalf of clients.

The zone sections define the DNS zones that the BIND server is authoritative for:

zone "example.com" IN { : Defines the zone for the domain example.com.

type master : Specifies that this BIND server is the authoritative master server for the example.com zone.

file "example.com.zone" : Specifies the location of the zone file for the example.com domain.

zone "1.168.192.in-addr.arpa" IN { : Defines the reverse DNS zone for the IP address range 192.168.1.0/24.

type master : Specifies that this BIND server is the authoritative master server for the 192.168.1.0/24 reverse DNS zone.

file "192.168.1.zone" : Specifies the location of the zone file for the 192.168.1.0/24 reverse DNS zone.

Step 3: Next step is to create a Zone File. A zone file is a text file that is used to define the DNS (Domain Name System) records for a particular domain name. The following is an example of a zone file for the domain name example.com:

Let's checkout an example of a Zone File:

Now, we will understand each line and its specification of the above shown Zone File:

$TTL 3600 sets the default TTL (Time to Live) value for the records in the file to 3600 seconds (1 hour).

@ IN SOA ns1.example.com. admin.example.com. ( defines the Start of Authority (SOA) record for the domain. It specifies the primary name server for the domain (ns1.example.com) and the email address of the person responsible for managing the domain (admin.example.com).

The parentheses indicate that the following lines are part of the same record.

The serial number (2023041301) should be incremented every time the zone file is changed.

3600 specifies the amount of time in seconds that other DNS servers should wait before checking for updates to the zone file (the "refresh" time).

1800 specifies the amount of time in seconds that other DNS servers should wait before retrying if they can't contact the primary name server (the "retry" time).

604800 specifies the amount of time in seconds that other DNS servers should wait before considering the zone file to be expired and no longer authoritative (the "expire" time).

86400 specifies the minimum amount of time in seconds that DNS clients should cache the results of a DNS lookup (the "minimum TTL").

IN NS ns1.example.com. and IN NS ns2.example.com. specify the name servers for the domain.

IN A 192.0.2.1 defines the IP address for the domain itself.

www IN A 192.0.2.2 defines the IP address for the subdomain "www".

mail IN A 192.0.2.3 defines the IP address for the subdomain "mail".

This zone file tells other DNS servers that ns1.example.com and ns2.example.com are authoritative for the example.com domain and provides the IP addresses for the domain and its subdomain

Step 4: Next is to test DNS Configuration. To test the DNS configuration, run the following command:

This command checks the BIND configuration file for errors. Now, if there are no errors found after executing the above-mentioned command, then start the BIND service using the following command:

DHCP Server Configuration in Linux

The Internet Systems Consortium (ISC) has developed a DHCP server which is the most commonly used DHCP server software on Linux systems.

Let's check the Installation procedure of ISC DHCP on a Linux system.

Step 1: Run the below-mentioned command to install DHCP:

Step 2: Now, Let's check what the configuration file looks like.

The ISC DHCP configuration file is located at /etc/dhcp/dhcpd.conf. Let's check a configuration file of a DHCP server using ISC DHCP ('dhcp.conf').

Now, Let's understand the configuration file.

The option statements define global DHCP options for clients that request them.

option domain-name "example.com" : sets the default DNS domain name to example.com.

option domain-name-servers ns1.example.com, ns2.example.com : sets the DNS server IP addresses to ns1.example.com and ns2.example.com.

The default-lease-time and max-lease-time statements specify the default and maximum lease times for DHCP clients, in seconds.

The subnet section defines a subnet for which this DHCP server is responsible. In this example, the subnet is 192.168.1.0/24.

Range 192.168.1.50 - 192.168.1.100 : specifies the range of IP addresses that can be assigned to DHCP clients.

option routers 192.168.1.1 : sets the default gateway IP address for DHCP clients to 192.168.1.1.

option broadcast-address 192.168.1.255 : sets the broadcast IP address for DHCP clients to 192.168.1.255.

option subnet-mask 255.255.255.0 : sets the subnet mask for DHCP clients to 255.255.255.0.

The host section defines a fixed IP address assignment for a specific client. In this example, the client is a web server with a MAC address of 00:11:22:33:44:55 and an IP address of 192.168.1.10.

The group section groups together related hosts and options. In this example, the group is called office.example.com and includes two laptops with fixed IP addresses and a separate subnet 192.168.2.0/24.

option domain-name "office.example.com" : sets the DNS domain name for this group to office.example.com.

Step 3: Next step is to test the DHCP configuration, to do so run the following command:

This command checks the ISC DHCP configuration file for errors. If there are no errors, start the ISC DHCP service using the following command: