This is a step by step guide on how to configure BIND9 as a Primary Master Name Server.
A Primary Master Name Server reads data for a domain zone from a file located on it’s host and is authoritative for that zone. Every zone needs to have at least one DNS name server that is responsible for it. When any device on the Internet wants to know something about a zone, it consults one of its authoritative servers.
The steps will configure your name server as a Primary Master for engrdhee.com. Replace engrdhee.com with your own FQDN (Fully Qualified Domain Name).
Name Server Configuration
Step 1: Configure your Local Network.
Set up the name server’s IP configuration in /etc/network/interfaces.
Step 2: Edit host settings on the name server. Edit /etc/hosts.
[Internet address] [official hostname] [alias1] 127.0.0.1 ns1 localhost.localdomain localhost 192.168.1.4 ns1.engrdhee.com ns1
/etc/hosts file contains IP addresses associated on each host names. The file is accessed by commands that use the network in the absence of a name server.
Step 3: Create a zone file on /etc/bind directory.
sudo nano db.engrdhee.com ; BIND data file for local loopback interface $TTL 604800 @ IN SOA ns1.engrdhee.com. root.engrdhee.com. ( 4 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; NS ns1.engrdhee.com. router IN A 192.168.1.1 ns1 IN A 192.168.1.4 laptop A 192.168.1.2
A zone file is a text file containing a list of all the hosts in your domain, and their corresponding IP address.
DNS records are listed at the bottom of the zone. Here’s a list of DNS records and their meaning:
SOA – Start of Authority. The record that states that this server is authorative for the specified domain.
NS – Name server: Specifies the name server to use to look up a domain
MX – Mail Exchange: Specifies mail server(s) for the domain.
A – A Record: Used for linking a FQDN to an IP address
CNAME – Canoical name: Used to assign aliases to existing A records.
PTR – Used to reveres map IP addresses to a FQDN.
Step 4: Create a reverse zone file.
sudo nano rev.1.168.192.in-addr.arpa ; BIND reverse data file for local loopback interface $TTL 604800 @ IN SOA ns1.engrdhee.com. root.engrdhee.com. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; IN NS ns1.engrdhee.com 1 IN PTR router.engrdhee.com 2 IN PTR laptop.engrdhee.com
A Reverse zone allows DNS to conversion from an address to a name.
Increment the serial every time changes are made in the zone and reverse zone file.
Step 5: Edit /etc/bind/named.conf.local.
zone "engrdhee.com" { type master; file "/etc/bind/db.engrdhee.com"; }; zone "1.168.192.in-addr.arpa" { type master; file "/etc/bind/rev.1.168.192.in-addr.arpa"; };
The configuration will tell bind to use the files we created.
Step 6: Configure server firewall, if any.
Open port 53 to accept DNS requests. For ufw, use:
sudo ufw allow 53 sudo ufw allow bind9
sudo ufw app list will list available apps.
Step 7: Reload service.
sudo service bind9 reload
Client Configuration
Step 1: Configure each clients with their correct name server. Edit /etc/resolv.conf.
domain engrdhee.com search engrdhee.com nameserver 192.168.1.4 nameserver 192.168.1.1
Testing
tail -f /var/log/syslog
Output should be:
Sep 28 17:57:04 dhee-engr named[3047]: received control channel command 'reload' Sep 28 17:57:04 dhee-engr named[3047]: loading configuration from '/etc/bind/named.conf' Sep 28 17:57:04 dhee-engr named[3047]: reading built-in trusted keys from file '/etc/bind/bind.keys' Sep 28 17:57:04 dhee-engr named[3047]: using default UDP/IPv4 port range: [1024, 65535] Sep 28 17:57:04 dhee-engr named[3047]: using default UDP/IPv6 port range: [1024, 65535] Sep 28 17:57:04 dhee-engr named[3047]: reloading configuration succeeded
Use DNS utilities, daemons and other commands to test.
e.g.:
dig engdrhee.com nsllookup engrdhee.com route -n ping engrdhee.com named-checkzone engrdhee.com /etc/bind/db.engrdhee.com named-checkzone engrdhee.com /etc/bind/rev.1.168.192.in-addr.arpa dig rev.1.168.192.in-addr.arpa. AXFR