Heres some tips and trix for setting up an named server on CentOS 7.

Disable IPv6

IPv6 is enabled by default in bind9. Bind9 will try to resolve som AAAA records at startup giving you error messages like below in /var/log/messages

Jan 22 22:20:07 ns2 named[16442]: error (network unreachable) resolving '': 2001:500:49::1#53

You can disable ipv6 by editing /etc/sysconfig/named

# Disable ipv6 as ipv6 connection is missing

Test Zone transfer

Zone transfers should be turned off according to nixCraft. To test using dig, run the command below.

dig axfr

If zone transfer is turned you should get the response below.

; <<>> DiG 9.8.3-P1-RedHat-9.8.3-2.P1.fc15 <<>> axfr
 ;; global options: +cmd
 ; Transfer failed.

If zone transfer is enabled you get a result that looks something like below.

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> axfr
;; global options: +cmd 3600 IN SOA 1516655448 21600 3600 1209600 3600 86400 IN NS 86400 IN NS 86400 IN NS 3600 IN A


serial number is only used between Master and Slave servers. a slave only updates if the serial number is higher than before. you can solve this by forcing a transfer on the slave with this command.

rndc retransfer

DNS Tools

    4. Cache Check OpenDNS
    5. Google DNS