RHEL6 Caching Name Server

The package caching-nameserver is integrated in the bind package!

So these two packages have to be installed:

# yum install bind bind-chroot

Than set named_write_master_zones 1

# setsebool -P named_write_master_zones 1

Allow queries on port 53 for DNS requests

# iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 53 -j ACCEPT
# iptables -A INPUT -m state –state NEW -m udp -p udp –dport 53 -j ACCEPT

open /etc/named.conf and add

options {
#listen-on port 53 {; any; }; (can be commented if there is no firewall between me and the DNS Server im  talking to)
#listen-on-v6 port 53 { ::1; }; (can be commented if there is no firewall between me and the DNS Server im  talking to)
directory       “/var/named”;
dump-file       “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
query-source    port 53;
query-source-v6 port 53;

allow-query     { localhost; any; };
recursion yes;
forwarders      {; };
forward only;

dnssec-enable no; (Disable DNSSEC)
dnssec-validation no; (Disable DNSSEC)

dnssec-lookaside auto;

Open /etc/resolve.conf

change your nameserver to

Restart named

#service named restart

2 thoughts on “RHEL6 Caching Name Server”

  1. Hi, thanks for the post! Trying to set up a caching-nameserver on RHEL 6 and was wondering where the package from RHEL 5 went, now I know…

    One question, don’t you want to leave the “listen-on” directives uncommented so that the server is listening on the standard port 53, and comment out the “query-source” directives in the absence of a firewall? In other words, a client (“query-source”) can connect from any port but the server will be listening on 53.

    1. Yes, in absence of a firewall I would leave the listen-on directives uncommented and would comment out the query-source. In this example bind is behind a firewall. So to make sure that bind is only listening to port 53 ipv4 you need the query-source directive.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.