Learn how to setup caching only DNS server on CentOS 7 to improve DNS resolution speed and reduce network traffic. This step-by-step guide covers installation, configuration, and best practices. #centlinux #linux #dns
Table of Contents
What is DNS?
DNS stands for Domain Name System. It is a crucial component of the internet’s infrastructure that translates human-friendly domain names into IP addresses, which computers use to identify and communicate with each other over the internet. DNS acts like a phonebook for the internet, allowing users to access websites using easy-to-remember domain names instead of numeric IP addresses.
Here’s a detailed breakdown of what DNS is, how it works, and why it’s important.
Key Functions of DNS
- Domain Name Resolution:
- Function: Converts domain names (like
www.example.com) into IP addresses (like192.0.2.1). - Benefit: Allows users to access websites and services using easy-to-remember names instead of numeric IP addresses.
- Function: Converts domain names (like
- Mapping Services:
- Function: Maps domain names to various types of IP addresses and services, including websites, email servers, and more.
- Benefit: Supports multiple services under a single domain name.
- Load Balancing:
- Function: Distributes incoming traffic across multiple servers.
- Benefit: Enhances performance and reliability of websites and services.
- Email Routing:
- Function: Directs email to the correct mail servers using MX (Mail Exchange) records.
- Benefit: Ensures that emails are delivered to the appropriate recipients.
- Name Management:
- Function: Manages the registration, organization, and administration of domain names.
- Benefit: Provides a structured system for creating and maintaining domain names.
How DNS Works
The DNS process involves several key components and steps to resolve a domain name into an IP address:
- DNS Query Initiation:
- A user enters a domain name into their web browser or application.
- The client (web browser or app) generates a DNS query to resolve the domain name.
- Local DNS Resolver:
- The query is sent to a local DNS resolver, often provided by the user’s ISP (Internet Service Provider).
- The resolver checks its cache for the IP address associated with the domain name.
- DNS Recursive Resolution:
- If the address is not cached, the resolver performs a recursive query to find the IP address.
- The resolver asks a series of DNS servers starting from the root DNS servers to the authoritative DNS servers for the domain.
- Root DNS Servers:
- The root servers provide the address of the top-level domain (TLD) servers (e.g.,
.com,.org).
- The root servers provide the address of the top-level domain (TLD) servers (e.g.,
- TLD DNS Servers:
- The TLD servers direct the query to the authoritative DNS servers for the specific domain (e.g.,
example.com).
- The TLD servers direct the query to the authoritative DNS servers for the specific domain (e.g.,
- Authoritative DNS Servers:
- The authoritative servers provide the IP address associated with the domain name.
- The resolver caches this information for future requests and returns the IP address to the client.
- Client Receives the IP Address:
- The client uses the IP address to connect to the desired web server or service.
DNS Components
- Domain Names:
- Structure: Domain names are hierarchical and consist of several levels separated by dots.
- Example: In
www.example.com,comis the top-level domain,exampleis the second-level domain, andwwwis a subdomain.
- DNS Records:
- Types of Records:
- A Record: Maps a domain name to an IPv4 address.
- AAAA Record: Maps a domain name to an IPv6 address.
- MX Record: Specifies the mail servers for a domain.
- CNAME Record: Aliases one domain name to another.
- NS Record: Specifies the authoritative DNS servers for a domain.
- TXT Record: Provides text information for various purposes (e.g., SPF records for email authentication).
- Types of Records:
- DNS Zones:
- Function: A DNS zone is a segment of the DNS namespace managed by a specific organization or administrator.
- Types:
- Primary Zone: Read and write access to DNS records.
- Secondary Zone: Read-only copy of DNS records from a primary zone.
- Reverse Lookup Zone: Maps IP addresses to domain names.
- DNS Servers:
- Types:
- DNS Resolver: Retrieves DNS records from other DNS servers and caches them.
- Authoritative DNS Server: Provides the definitive DNS records for a domain.
- Root DNS Server: Directs queries to TLD servers.
- TLD Server: Directs queries to authoritative servers for specific domains.
- Types:
DNS Hierarchy
Here’s a simplified view of the DNS hierarchy:
plaintextCopy code+------------------+
| Root Level |
| (.) |
+------------------+
|
v
+------------------+
| TLD Level |
| (.com, .org, etc.) |
+------------------+
|
v
+------------------+
| Second-Level |
| Domain Level |
| (example.com) |
+------------------+
|
v
+------------------+
| Subdomain Level |
| (www.example.com) |
+------------------+Read Also: How to setup DNS Authoritative Server in CentOS 7
What is a Caching Only DNS Server?
A Caching Only DNS Server is a specialized type of DNS server that performs domain name resolution by querying other DNS servers and storing (caching) the results for future use. Unlike authoritative DNS servers, which provide DNS records for a specific domain, caching-only DNS servers are primarily focused on resolving domain names by leveraging cached data to improve efficiency and reduce network traffic.
Here’s a detailed breakdown of what a caching-only DNS server is, how it works, and its benefits.
Key Functions of a Caching Only DNS Server
- Domain Name Resolution:
- Function: Queries external DNS servers to resolve domain names into IP addresses.
- Benefit: Provides the IP addresses for domain names requested by clients.
- Caching of DNS Records:
- Function: Stores DNS query results temporarily for a specified duration.
- Benefit: Reduces the need to query external servers repeatedly, improving efficiency and response times.
- Forwarding DNS Queries:
- Function: Forwards DNS queries to upstream DNS servers.
- Benefit: Handles requests from clients by relying on external DNS servers for actual resolution.
How a Caching Only DNS Server Works
Here’s a step-by-step explanation of how a caching-only DNS server processes DNS queries:
- Client Request:
- A client (e.g., a web browser) requests the IP address for a domain name (e.g.,
www.example.com).
- A client (e.g., a web browser) requests the IP address for a domain name (e.g.,
- Check Cache:
- The caching-only DNS server checks its local cache to see if it has a recent record for the requested domain.
- Cache Miss:
- If the record is not in the cache, the server queries external DNS servers (recursive resolution) to resolve the domain name.
- Retrieve Record:
- The server queries a root DNS server, TLD server, and authoritative DNS server to find the IP address.
- Store Record:
- The DNS record is stored in the cache for future use, adhering to the TTL (Time-To-Live) value specified in the record.
- Return IP Address:
- The server returns the IP address to the client.
- Subsequent Requests:
- For subsequent requests for the same domain, the server returns the cached record until the TTL expires.
Key Components of a Caching Only DNS Server
| Component | Description |
|---|---|
| DNS Cache | Stores DNS query results to speed up future requests. |
| Forwarding | Forwards DNS queries to upstream DNS servers if the cache does not contain the required record. |
| TTL (Time-To-Live) | Specifies how long a DNS record is stored in the cache. |
| DNS Resolver | The component that resolves domain names to IP addresses. |
Benefits of a Caching Only DNS Server
| Benefit | Description |
|---|---|
| Improved Performance | Reduces latency and speeds up domain resolution by using cached records. |
| Reduced Network Traffic | Lowers the number of queries sent to external DNS servers, saving bandwidth. |
| Decreased DNS Resolution Times | Faster response times for repeated DNS queries due to cached data. |
| Enhanced Reliability | Provides a fallback for DNS queries if upstream DNS servers are unavailable. |
| Cost Efficiency | Reduces reliance on external DNS services, potentially lowering costs. |
Common Use Cases for a Caching Only DNS Server
| Use Case | Description |
|---|---|
| Internal DNS Resolver | Used in organizations to handle DNS requests for internal networks. |
| Home Network DNS Server | Provides DNS resolution for home networks, improving speed and reliability. |
| ISP DNS Server | ISPs use caching-only servers to manage DNS requests for multiple customers. |
| DNS Query Testing | For testing DNS configurations and analyzing DNS performance. |
Recommended Online Training: Learn Bash Shell in Linux for Beginners
BIND vs Unbound?
BIND (Berkeley Internet Name Domain) is a famous DNS server in RHEL 7 and previous releases. BIND was used to configure Authoritative DNS servers as well caching-only DNS servers. However, In RHEL 7 we also have unbound to easily configure a Caching-only DNS Server. We recommend the use of unbound DNS Server, because it is simple and convenient.
Install Unbound on CentOS 7
Connect to the dns-01.example.com with ssh and check current DNS Settings of the Server.
# cat /etc/resolv.conf # Generated by NetworkManager domain localdomain search localdomain example.com nameserver 192.168.116.2
Above command shows us the DNS server in use. Install unbound to configure a Caching-only DNS server.
# yum install -y unbound
Configure Unbound as Caching only DNS Server
Configure unbound DNS server settings.
# vi /etc/unbound/unbound.conf
Find and adjust following settings in the above file.
interface: 0.0.0.0
access-control: 0.0.0.0/0 allow
domain-insecure: "example.com"
forward-zone:
name: "."
forward-addr: 192.168.116.2
Check unbound Configurations for possible syntax errors.
# unbound-checkconf unbound-checkconf: no errors in /etc/unbound/unbound.conf
Start and enable unbound service.
# systemctl start unbound ; systemctl enable unbound
Configure Linux Firewall
Allow DNS service in Linux firewall.
# firewall-cmd --permanent --add-service=dns ; firewall-cmd --reload success success
Configure Linux Networking of Clients
Set newly configured DNS Server as the primary DNS server for the machine.
# nmcli connection modify eno16777728 ipv4.dns 192.168.116.11 # nmcli connection down eno16777728 ; nmcli connection up eno16777728 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) # cat /etc/resolv.conf # Generated by NetworkManager domain localdomain search localdomain example.com nameserver 192.168.116.11
Check DNS Server by pinging an Internet Server by hostname.
# ping www.yahoo.com PING atsv2-fp.wg1.b.yahoo.com (98.137.246.8) 56(84) bytes of data. 64 bytes from media-router-fp2.prod1.media.vip.gq1.yahoo.com (98.137.246.8): icmp_seq=2 ttl=128 time=275 ms 64 bytes from media-router-fp2.prod1.media.vip.gq1.yahoo.com (98.137.246.8): icmp_seq=3 ttl=128 time=271 ms
Our Caching only DNS Server in RHEL 7 has been configured successfully.
If you are new to Linux and facing difficulty in working at Linux Bash prompt. We recommend that, you should read The Linux Command Line, 2nd Edition: A Complete Introduction by William Shotts.
Final Thoughts
Setting up a caching-only DNS server on CentOS 7 is a powerful way to enhance your network’s efficiency and performance. By configuring a caching-only DNS server, you can significantly reduce DNS resolution times, decrease the load on upstream DNS servers, and improve the overall reliability of your DNS queries. Whether you are looking to optimize your home network, manage internal DNS requests for a business, or implement a solution for a service provider, this setup offers a robust and scalable solution for DNS resolution challenges.
Ready to improve your DNS infrastructure? If you need professional assistance with setting up or configuring a caching-only DNS server on CentOS 7, I’m here to help! Check out my Fiverr profile for expert services tailored to your DNS needs.
It's awesome work.