November 8, 2016

DNS with BIND - Linux Ubuntu 14.04

DNS with BIND - Linux Ubuntu 14.04

This is a simple DNS and Bind Configuration for ubuntu 14.04
Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified domain names (FQDN) to one another. In this way, DNS alleviates the need to remember IP addresses. Computers that run DNS are called name servers. Ubuntu ships with BIND (Berkley Internet Naming Daemon), the most common program used for maintaining a name server on Linux. 

There are many ways to configure BIND9. Some of the most common configurations are a caching nameserver, primary master, and as a secondary master. When configured as a caching nameserver BIND9 will find the answer to name queries and remember the answer when the domain is queried again. As a primary master server BIND9 reads the data for a zone from a file on it's host and is authoritative for that zone. In a secondary master configuration BIND9 gets the zone data from another nameserver authoritative for the zone.

The DNS configuration files are stored in the /etc/bind directory. The primary configuration file is /etc/bind/named.conf.

DNS with BIND - Linux Ubuntu 14.04

The include line specifies the filename which contains the DNS options. The directory line in the /etc/bind/named.conf.options file tells DNS where to look for files. All files BIND uses will be relative to this directory.

The file named /etc/bind/db.root describes the root nameservers in the world. The servers change over time, so the /etc/bind/db.root file must be maintained now and then. This is usually done as updates to the bind9 package. The zone section defines a master server, and it is stored in a file mentioned in the file option.

It is possible to configure the same server to be a caching name server, primary master, and secondary master. A server can be the Start of Authority (SOA) for one zone, while providing secondary service for another zone. All the while providing caching services for hosts on the local LAN.

1. Install BIND
# apt-get install bind9 bind9utils bind9-doc
2. Edit /etc/default/bind9
# run resolvconf?

# startup options for the server
OPTIONS="-4 -u bind"
 3. Edit /etc/default/bind9 
Edit nano /etc/bind/named.conf.options

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

         forwarders {

        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };

4. Edit nano /etc/bind/db.casper.local
; BIND data file for local loopback interface
$TTL    604800
@       IN      SOA     ns.casper.local. root.ns.casper.local. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
@       IN      NS      ns.casper.local.
@       IN      A
@       IN      AAAA    ::1
ns      IN      A
www     IN      A

5.       Edit /etc/bind/db.172
; BIND reverse data file for local loopback interface
$TTL    604800
@       IN      SOA     ns.casper.local. root.ns.casper.local. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
@       IN      NS      ns.
5       IN      PTR     ns.casper.local.
@       IN      PTR     www.
121     IN      PTR     www.casper.local.


Previous Post

post written by: