Skip to main content

Update the system and configure firewall

Update all system packages and configure the firewall to allow DNS traffic on port 53:
1
Update system packages:
Bash
dnf update -y
2
Configure firewall rules to permit DNS traffic:
Bash
sudo firewall-cmd --permanent --add-service=dns
sudo firewall-cmd --reload
Result: The system is updated and configured to accept incoming DNS queries.

Install build tools and development libraries

BIND 9 and pkcs11-provider require compilation from source. Install the necessary compilers, build tools, and development libraries:
1
Install the EPEL repository and enable the CRB (CodeReady Builder) repository for additional development packages:
Bash
dnf install -y dnf-plugins-core 
dnf config-manager --set-enabled crb 
dnf install -y epel-release 
dnf makecache
2
Install OpenSC for PKCS#11 utilities:
Bash
dnf install -y opensc
3
Install core build tools and libraries required for BIND compilation:
Bash
dnf install -y \ 
git gcc gcc-c++ make autoconf automake libtool \ 
openssl-devel libxml2-devel json-c-devel libuv-devel \
libnghttp2-devel pkgconf-pkg-config meson ninja-build
Result: The system has all tools necessary to compile BIND 9 with PKCS#11 support.