How to compile latest version of bind in Centos 7

We want to add latest version of bind in Centos 7.

First Step.  Install builds require the GeoIP, python-argparse and python-ply packages, available from the epel repositories.

# yum install openssl-devel libcap-devel libidn-devel krb5-devel  krb5-devel docbook-style-xsl GeoIP-devel python-ply perl-Net-DNS-Nameserver fstrm-devel

Now we have to download source rpm of new bind.

# wget

This version contains two patches for Python 2.4 compatibility required to run on Centos 5. It can be built via:

rpmbuild --rebuild --define 'dist .el5' \

rpmbuild --rebuild --define 'dist .el6' \

rpmbuild --rebuild --define 'dist .el7' \

And now you have to wait few hours to compile new rpm.


How to setup bind9 on Debian 8

This tutorial explains how to setup a DNS server using Bind9 on Debian 8.

# apt update && apt-get install bind9 bind9utils resolvconf
# apt install dnsutils

Start BIND on boot:

# systemctl enable bind9

Backup current Bind9 settings and edit file.

# cp /etc/bind/named.conf.options /etc/bind/named.conf.options.orig
# vim /etc/bind/named.conf.options

And add:

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        // };

        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { none; };
        statistics-file "/var/cache/bind/named.stats";
        rrset-order {order cyclic;};
        allow-transfer { your-nameserver-sec; };

        # Disable built-in server information zones.
        version none;
        hostname none;
        server-id none;

        # Maximum number of simultaneous client TCP connections to accept.
        tcp-clients 50;

        # Attempt to do all the work required to answer the query.
        recursion yes;
        recursive-clients 500;
        allow-recursion { your-network-client; };
        allow-query { any; };

logging {
        channel b_query {
                file "/var/log/bind9/query.log" versions 2 size 1m;
                print-time yes;
                severity info;
        category queries { b_query; };

Create the log directory for Bind9.

# mkdir /var/log/bind9
# chown bind. /var/log/bind9

Edit vim /etc/bind/named.conf to add your domain zone file location.

 zone "your-domain.tld" {
        type master;
        file "/etc/bind/zones/db.your-domain.tld";

And now restart your nameserver:

# systemctl restart bind9
# systemctl status bind9


Configure BIND as a Catching-only DNS Server on Debian Wheezy