Software development
Artificial Intelligence
Cloud
View all courses
Learn
Connect
Blog
Resource hub
Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Cloud
Google Cloud Platform icon
Labs

Creating Name Servers

In this learning activity, you are tasked with setting up two DNS hosts, a master and a slave, as well as configuring a client. ***NOTE:*** This is not a secure implementation and should not be implemented in a production environment. The lab now uses ens5 instead of eth0.

Get started Contact sales
Google Cloud Platform icon
Lab platform
Lab Info
Level
Advanced
Last updated
Nov 02, 2025
Duration
2h 0m

Contact sales

By clicking submit, you agree to our Privacy Policy and Terms of Use.
Table of Contents

  1. Challenge

    Install BIND on the Primary DNS Host

    You will need to install BIND prior to configuring it:

    # yum install bind bind-utils

    You should then enable the service, but not start it until configuration is complete:

    # systemctl enable named

  2. Challenge

    Configure BIND on the Primary DNS Host

    You will need to edit the primary configuration file: /etc/named.conf

    You can find sample configurations under: /usr/share/doc/bind-$VERSION

    Add the local IP to the listen-on line:

    listen-on port 53 { 127.0.0.1; 10.0.1.10;};

    Limit queries to localhost and Secondary DNS host, and permit transfers to the Secondary DNS host:

    allow-query     { localhost; 10.0.1.11; };
allow-transfer  { localhost; 10.0.1.11; };

    Disable recursion:

    recursion no;

    Add forward and reverse zones above the includes at the bottom:

    zone "example.com" IN {
type master;
file "forward.example.com";
allow-update { none; };
};
zone "1.0.10.in-addr.arpa" IN {
type master;
file "reverse.example.com";
allow-update { none; };
};

  3. Challenge

    Create Zone Files on the Primary DNS Host

    Sample config files may be found in /usr/share/doc/bind-$VERSION

    The files should be located in /var/named/ and must match the files referenced in /etc/named.conf: forward.example.com, and reverse.example.com.

    Use the following if you don't want to construct the files from scratch:

    forward.example.com:

    $TTL 86400
@   IN  SOA     ns1.example.com. server1.example.com. (
        2018091201  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@           IN  NS  ns1.example.com.
@           IN  NS  ns2.example.com.
server1     IN  A   10.0.1.10
ns1         IN  A   10.0.1.10
server2     IN  A   10.0.1.11
ns2         IN  A   10.0.1.11
client1     IN  A   10.0.1.12

    reverse.example.com:

    $TTL 86400
@   IN  SOA     ns1.example.com. server1.example.com. (
        2018091201  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@           IN  NS  ns1.example.com.
@           IN  NS  ns2.example.com.
server1     IN  A   10.0.1.10
ns1         IN  A   10.0.1.10
server2     IN  A   10.0.1.11
ns2         IN  A   10.0.1.11
client1     IN  A   10.0.1.12
10          IN PTR server1.example.com.
10          IN PTR ns1.example.com.
11          IN PTR server2.example.com.
11          IN PTR ns2.example.com.
12          IN PTR client1.example.com.

  4. Challenge

    Verify the Configuration of the Primary DNS Host (10.0.1.10)

    You should verify the syntax of the files prior to starting the service:

    # named-checkconf /etc/named.conf

    # named-checkzone example.com /var/named/FORWARD ZONE FILE

    # named-checkzone example.com /var/named/REVERSE ZONE FILE

  5. Challenge

    Start BIND on the Primary Host

    # systemctl start named

    Be sure to watch for any errors. You can look in /var/log/messages for more details. If your configuration is sane, BIND should be running, and can be verified with:

    # dig @localhost server1.example.com

    Modify the firewall to the Secondary DNS Host:

    # firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="10.0.1.11" destination address=10.0.1.10 port port=53 protocol=tcp accept'

    # firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="10.0.1.11" destination address=10.0.1.10 port port=53 protocol=udp accept'

    # firewall-cmd --reload

  6. Challenge

    Configure the Secondary Host

    On Server2, install BIND and enable it:

    # yum install bind bind-utils

    # systemctl enable named

    Edit /etc/named.conf like on Server1:

    Add the local IP to the listen-on line:

    listen-on port 53 { 127.0.0.1; 10.0.1.11;};

    Limit queries to the local subnet:

    allow-query     { localhost; 10.0.1.0/24; };

    Disable recursion:

    recursion no;

    Add forward and reverse (slave) zones above the includes at the bottom:

    zone "example.com" IN {
type slave;
file "/slaves/example.com.fwd";
masters { 10.0.1.10; };
};
zone "1.0.10.in-addr.arpa" IN {
type slave;
file "/slaves/example.com.rev";
masters { 10.0.1.10; };
};

  7. Challenge

    Start BIND on the Secondary Host

    Verify the configuration:

    # named-checkconf /etc/named.conf

    And start BIND:

    # systemctl start named

    Be sure to watch for any errors. You can look in /var/log/messages for more details. If your configuration is sane, BIND should be running and can be verified with:

    # dig @localhost server1.example.com

    Enable DNS traffic through the firewall

    # firewall-cmd --permanent --add-service=dns && firewall-cmd --reload

  8. Challenge

    Configure the Client to Use the Secondary DNS Host (10.0.1.11) for DNS

    Install NetworkManager and start the service:

    # yum install NetworkManager

    # systemctl enable NetworkManager && systemctl start NetworkManager

    Configure the interface to be static, then assign the secondary host IP as the DNS, and the DNS search to be example.com:

    # nmcli con mod System\ ens5 ipv4.method manual ipv4.addresses 10.0.1.12/24 ipv4.gateway 10.0.1.1 ipv4.dns 10.0.1.11 ipv4.dns-search example.com

    Remove the ec2.internal search domain from /etc/resolv.conf:

    # sed -i '/ec2.internal/d' /etc/resolv.conf

    Restart networking to pickup the configuration change:

    # systemctl restart network

    Verify that it works with dig:

    # dig server1.example.com

About the author
Pluralsight Skills - Labs - Pluralsight
Pluralsight Skills

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight

View individual plans View team plans