Administering DNS from the Command Line — My Linux Journey (Part 2)

Mihir SavlaMihir Savla
4 min read

After completing the DNS module in my journey toward mastering Linux system administration, especially in WHM/cPanel environments, I’ve gathered hands-on knowledge of how domain resolution works at a deeper level—both from a configuration and troubleshooting standpoint

Here’s everything I learned in this leg of my training:


🔧 DNS Server Types in cPanel

cPanel/WHM supports multiple DNS servers. Here’s what I explored:

🔹 BIND/named

  • Most widely used, supports all record types, highly configurable.

  • Memory-intensive and slower with large zone counts due to full reloads on every change.

  • Default DNS server in most cPanel systems.

🔹 MyDNS (Deprecated since v106)

  • Uses MySQL backend. Faster zone changes as it loads zones live.

  • Limited support for advanced record types like DNSSEC.

  • No longer available in new versions unless previously installed.

🔹 NSD (Deprecated since v106)

  • Lightweight and fast, great for minimal setups.

  • Lacks recursion support and flexibility.

  • Deprecated and removed from modern versions.

🔹 PowerDNS

  • Fast and memory-efficient.

  • Only cPanel-supported server with DNSSEC support.

  • Uses BIND-style zone files and a SQLite backend for DNSSEC.

  • Compatible with DNS clustering.


📂 Key DNS File Locations

📁 /etc Directory

System-wide DNS configuration files:

  • /etc/hosts: Local domain-to-IP resolution.

  • /etc/resolv.conf: DNS forwarder config (used when local server isn’t authoritative).

  • /etc/nsswitch.conf: Determines order of name resolution (e.g., hosts: files dns).

📁 /var Directory (BIND-specific)

  • /var/named: Where DNS zone files reside.

  • /var/run/named: Holds BIND’s PID and session keys.

  • /var/log/messages: Kernel and default BIND logs.

  • /var/log/named/named.log: Additional logs, if configured.


🧾 BIND Log Severity Levels

Understanding BIND's logging levels helps pinpoint issues effectively. Here’s a snapshot:

LevelMeaning
🔴 CriticalFailure in the primary BIND process
🟠 ErrorGeneral DNS operation failure
🟡 WarningCould cause errors if not addressed
🔵 NoticeNon-critical, unusual behavior
🟡 InfoNormal operation details
🟢 DebugVerbose logs for in-depth analysis
🔵 DynamicMatches debug level from config

(Image Reference: Your uploaded chart was used to describe severity levels.)


📌 DNS Record Types Covered

  • A / AAAA Records – Point domains to IPv4 or IPv6 addresses

  • CNAME – Alias of another domain

  • MX – Mail servers

  • NS – Nameservers

  • SOA (Start of Authority) – Contains admin info, serial, etc.

  • TXT – Often used for SPF, DKIM, DMARC

  • PTR – Reverse DNS


🛠️ Troubleshooting DNS from CLI

Tools used during this module:

  • ping – Check host reachability

  • dig – Powerful DNS lookup tool

  • host – Quick DNS query tool

  • nslookup – Interactive DNS testing

  • cat, less, grep – Inspect logs (/var/log/messages, /var/log/named/named.log)


📚 DNS Terms to Know (From Flashcards)

Understanding core DNS terms helped me navigate through the more technical parts of this module without getting overwhelmed. Here are some key definitions I learned and reviewed:

TermDefinition
SubnetA block of IP addresses allocated for use by your network provider or ISP.
Subnet MaskA number that matches an IP address pattern to define the size of a subnet.
RecursionThe process of passing a DNS query to another nameserver when the current one doesn’t have the answer.
Access Control List (ACL)A list of allowed or denied IP addresses that can query the DNS server.
TransferTo copy zone data between servers (e.g., from master to slave).

Here’s one of the terms I found especially important:

🔒 ACL (Access Control List) — A list of IPs allowed or denied from querying the DNS server, based on specific security rules. It plays a vital role in securing your DNS infrastructure.


🎯 Final Thoughts

The DNS module wasn’t just theory—it brought me closer to real-world sysadmin duties like:

  • Identifying misconfigured records

  • Navigating config files with confidence

  • Understanding DNSSEC and clustering

  • Reading logs efficiently for issue tracing

Next, I’ll be diving deeper into mail flow, security, and DNS-based authentication (SPF, DKIM, DMARC). This journey has already begun to transform how I understand servers—not just as a user but as a backend administrator.
In meanwhile you can follow me on LinkedIn to be a part of my journey in learning Linux


✅ Stay Tuned: Linux Admin Journey — Part 3 Coming Soon...

1
Subscribe to my newsletter

Read articles from Mihir Savla directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Mihir Savla
Mihir Savla