Deploy simple private DNS for office network

Install CentOS-7 minimal version.
```
     CPU: 2
     RAM: 4
     HDD: 20G
```

Set static IP vi /etc/sysconfig/network-scripts/ifcfg-eth0

     TYPE=Ethernet
     PROXY_METHOD=none
     BROWSER_ONLY=no
     BOOTPROTO=static
     DEFROUTE=yes
     IPV4_FAILURE_FATAL=no
     IPV6INIT=yes
     IPV6_AUTOCONF=yes
     IPV6_DEFROUTE=yes
     IPV6_FAILURE_FATAL=no
     IPV6_ADDR_GEN_MODE=stable-privacy
     NAME=eth0
     UUID=91b90bfb-09b6-4dc4-a3c8-0ffde252796e
     DEVICE=eth0
     ONBOOT=yes
     IPADDR=172.16.7.63
     NETMASK=255.255.252.0
     GATEWAY=172.16.4.1
     DNS1=172.16.7.63
     DNS2=8.8.8.8

Set hostname

     hostnamectl set-hostname ns1.cellosope.com

update and upgrade packages
```
     yum -y update && yum -y upgrade
```

Restart the network service.

     systemctl enable network && systemctl restart network

Disable the SELinux for unwanted file security and permission

vim /etc/selinux/config
```
     SELINUX=disabled
     SELINUXTYPE=targeted
```
Reboot the VM
```
     reboot
```

Packages install and onboard services

     yum install vim bind bind-utils -y
     systemctl enable named && systemctl restart named

Firewall configuration

     systemctl enable firewalld && systemctl restart firewalld && systemctl status firewalld
     firewall-cmd --list-all
     firewall-cmd --zone=public --add-service=dns --per
     firewall-cmd --per --add-port=53/tcp
     firewall-cmd --per --add-port=53/udp
     firewall-cmd --reload

DNS listen IP and forward, reverse path’s file location

cp /etc/named.conf /etc/named.conf.bk
vim /etc/named.conf
    options {
    listen-on port 53 { 127.0.0.1;172.16.7.63; };
    allow-query     { localhost;any; };

    # A entry for “uradhura.com” domain #
    zone "uradhura.com" IN {
    type master;
    file "fwd.zone";
    allow-update { none; };
    };

    # A entry for “example.com” domain #
    zone "example.com" IN {
    type master;
    file "fwd.zone";
    allow-update { none; };
    };

    # A entry for “celloscope.com” domain #
    zone "celloscope.com" IN {
    type master;
    file "fwd.zone";
    allow-update { none; };
    };

    # PTR entry for ALL domain #
    zone "7.16.172.in-addr.arpa" IN {
    type master;
    file "rev.zone";
    allow-update { none; };
    };

Forward zone’s entry:

vim /var/named/fwd.zone

    $TTL 1D
    @       IN SOA  ns1.cellosope.com.    root.cellosope.com. (
    0       ; serial
    1D      ; refresh
    1H      ; retry
    1W      ; expire
    3H )    ; minimum
    @       IN      NS      ns1.cellosope.com.
    @       IN      A       172.16.7.63
    ns1  IN      A       172.16.7.63
    maly    IN      A       172.16.5.96
    test    IN      A       172.16.7.68
    minion  IN      A       172.16.5.7
    replication-server2     IN      A       172.16.6.63

Ownership change on “A” and “PTR” entry file

    chown root:named fwd.zone
    chown root:named rev.zone

Check syntax error for configuration files

    named-checkconf -z /etc/named.conf
    named-checkzone forward /var/named/fwd.zone
    named-checkzone reverse /var/named/rev.zone

If all files okay then restart the DNS service
```
    systemctl restart named
```
For clear PC cache,
```
    “resolvectl flush-caches”
```