title

How to configure your own DNS server with bind9 on Ubuntu 10.04

Posted in "News"Ubuntu DNS bind

image 1

This article describes how to setup your own DNS server with bind 9 on Ubuntu 10.04. Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified domain names (FQDN) to one another. In this way, DNS alleviates the need to remember IP addresses. Computers that run DNS are called name servers. 

 

For various reasons It could be interesting to setup your own DNS server at home. For instance if you want to have your own local domain name or simply to speed up your network performance... Normally your router handles this automatically, but having your own nameserver ables you to setup and map your own hosts the way you want it. 

 

How to start? First of all you obviously need a fully working Ubuntu Server and you need a bit of knowledge about how your network is built up (I assume you did it yourself), you also need to know what types of hosts you have (linux, win, mac, ...) and especially you need to have a good knowledge on how to use the terminal commands in Ubuntu. Last but not least, choose a domain name (for example home.local) or use one you have registered. In this article I have used an example domain, geoffke.be. It's not the real configuration obviously, It's for illustrative purposes only! 

 

1. Installing bind9:

Issue the following to install Bind9 and dnsutils. 

sudo apt-get update && sudo apt-get install bind9 dnsutils

 

2. Configure your local network:

Next you need to configure your network to always use your local bind. Now this depends on if you are using static IP's or DHCP. For static IP's simply replace the dns server addresses with that of your Ubuntu DNS server, either 127.0.0.1 (on the server itself) or it's own IP address on your network (on your hosts). DHCP is not recommended when using a DNS server but in case you want to use it, you need to configure your router's DHCP settings in the way that it will assign the ip address of your Ubuntu DNS server as it's first DNS ip address. Or you can setup your hosts to ignore the DNS settings assigned by your router and replace them with the IP address of your Ubuntu server. 

 

Also don't forget to edit your hosts settings on your server to make your server able to accepts DNS requests. This can be done in /etc/hosts: 

sudo nano /etc/hosts

edit the file to look like this: 

127.0.0.1       [yourhostname]   localhost.localdomain   localhost
192.168.1.x     [yourhostname].[yourdomain]              [yourhostname]
  1. replace [yourhostname] with the hostname of your server (without the brackets)
  2. replace the ip address 192.168.1.x with the lan ip address of your server
  3. replace [yourdomain] with your domain name, example geoffke.be (without the brackets)


Here's an example: 

127.0.0.1       ns1 localhost.localdomain   localhost
192.168.1.2     ns1.geoffke.be              ns1

 

3. Configure your server firewall: 

Open port 53 to accepts DNS requests. If you use uncompilcated firewall (UFW), you should use the following command: sudo ufw allow <port>/<optional: protocol>

example:

sudo ufw allow 53

or add the port by the given application name: 

sudo ufw allow bind9

This command is only possible with the latest versions of UFW, for an available list of apps to allow or deny, try this command: 

sudo ufw app list

 

4. Create the zone file:

cd /etc/bind
sudo nano db.geoffke.be

Replace geoffke.be with your domain name to become your zone file name. Here's an example: 

;
; BIND zone definition file for geoffke.be
;
geoffke.be.      IN      SOA      ns1.geoffke.be. admin.geoffke.be. (
                       2011072601; Serial
                       28800
                       3600
                       604800
                       38400
)

; Nameserver and mailserver (replace with your own hostnames):
geoffke.be.        IN     NS           ns1.geoffke.be.
geoffke.be         IN     MX     10    mail.geoffke.be

; IP addresses of local hosts (replace the lines with your own hosts):
router          IN  A  192.168.1.1
ns1             IN  A  192.168.1.2
www             IN  A  192.168.1.3
mediacenter     IN  A  192.168.1.4
laptop1         IN  A  192.168.1.5
workstation1    IN  A  192.168.1.6

Every time you make changes to your zone file and you reload bind, you need to change the serial. As you can see I have used the date and a number for the version of that day. 

 

5. Create the reverse zone file:

Next you need to create a reverse zone file that can take an IP address and convert it back to a hostname. Although not strictly necessary it is useful for some protocols like ssh which do this sort of lookup. 

sudo nano rev.1.168.192.in-addr.arpa

Use the following example file and replace the hosts and domain name with your own, matching the ones in the zone file above: 

;
; BIND reverse zone file for geoffke.be
;
@ IN SOA ns1.geoffke.be. admin.geoffke.be. (
                       2011072601; Serial
                       28800;
                       604800;
                       604800;
                       86400
)

; IP addresses of local hosts (replace the lines with your own hosts):
       IN      NS      ns1.geoffke.be.
1       IN      PTR     router.geoffke.be
2       IN      PTR     geoffke.be
3       IN      PTR     www.geoffke.be
4       IN      PTR     mediacenter.geoffke.be
5       IN      PTR     laptop1.geoffke.be
6       IN      PTR     workstation1.geoffke.be

As you can see, the reverse zone file serial works like the one in the first zone file. Every time you make changes to your zone file and you reload bind, you need to change the serial. Again I have used the date and a number for the version of that day. 

 

6. Edit the named.conf.local file:

The last thing we need to do is tell bind to use the zone files we have created. We do this by editing the the named.conf.local file 

sudo nano named.conf.local

and add the following: 

zone geoffke.be {
       type master;
       file "/etc/bind/db.geoffke.be";
};

zone 1.168.192.in-addr.arpa {
       type master;
       file "/etc/bind/rev.1.168.192.in-addr.arpa";
}; 

Change the domain name with the one you have chosen. 

 

7. Configure your clients: 

Now edit the resolv.conf on all your clients in your network so they point to the dns server. 

sudo nano /etc/resolv.conf

Add following parameters and delete any old ones!: 

domain <yourdomain.ext>
search <yourdomain.ext>
nameserver <ip_of_dns_server_1>
nameserver <ip_of_dns_server_2>
nameserver <ip_of_dns_server_3>

If you have only one DNS server, you could use the following example: 

domain geoffke.be
search geoffke.be
nameserver 192.168.1.2
nameserver 192.168.1.1

Where 192.168.1.2 is your dns server and 192.168.1.1 is your router that will be used when your dns server is down. 

 

8. Test your DNS server:

Be sure that all of your hosts DNS settings on your clients point to your new DNS server before testing! Reload bind to accept the changes: 

sudo service bind9 reload

Test your server with: 

dig example.com

If your server doesn't respond correctly, you can check the logs to see what is causing the problem. 

sudo tail -f /var/log/syslog

If your bind has reloaded correctly you should see the following items in your log file: 

Aug  7 22:11:42 ns1 named[1345]: received control channel command 'reload'
Aug  7 22:11:42 ns1 named[1345]: loading configuration from '/etc/bind/named.conf'
Aug  7 22:11:42 ns1 named[1345]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Aug  7 22:11:42 ns1 named[1345]: using default UDP/IPv4 port range: [1024, 65535]
Aug  7 22:11:42 ns1 named[1345]: using default UDP/IPv6 port range: [1024, 65535]
Aug  7 22:11:42 ns1 named[1345]: reloading configuration succeeded
Aug  7 22:11:42 ns1 named[1345]: reloading zones succeeded

If you experience trouble you should find the cause in the syslog file as stated above and you can also find a great deal of information in the ubuntu forums.

Article was posted on Saturday 3rd of September 2011 @ 17:18 PM CEST   comment(s)

 TVheadend Forum Migration Notice

XML error: Invalid document end at line 37