BIND uses a shared secret key authentication method to grant privileges to hosts. It is important to know how to generate this key for administration purposes. In this hands-on lab, we will learn to configure the RNDC key and configuration file, and link it to the `named` service. To accomplish this, we will install the BIND package and recreate the RNDC key and configuration. We will then copy the new configuration to the `named.conf` file. To complete this lab, you will have to show that a new configuration has been created and that DNS queries are being cached on `localhost`.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Log in to the lab server with the `cloud_user` and issue `sudo -i` to gain root access.
$ ssh cloud_user@**.**.**.** . (your lab server IP) Password:$ sudo -i [sudo] password for cloud_user: # # id uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023- Install the `bind` and `bind-utils` packages. Start and enable the `named` service.
- Install
bindandbind-utils:# yum install -y bind bind-utils - Start and enable the
namedservice:# systemctl start named # systemctl enable named
- Install
- Recreate the RNDC key and configuration file.
Remove the
rndc.keyfile.# rm /etc/rndc.keyStop the
namedservice.# systemctl stop namedGenerate an rndc key and configuration file.
# rndc-confgen -r /dev/urandom > /etc/rndc.conf
- Link the RNDC configuration to the `named` configuration.
Open the
/etc/rndc.conffile withvim:# vim /etc/rndc.confCopy the section "Copy to the named.conf file"
Open the
/etc/named.conffile for editing withvim.# vim /etc/named.confPaste the copied section into
/etc/named.confjust before theincludestatements and delete the # signs at the beginning of the lines.
- Start the `named` service.
# systemctl start named- Test the configuration to ensure records are being cached on the localhost.
# nslookup www.google.com 127.0.0.1
