This is part 3 of a 3 part series. You should also read
Part 1 : Getting started
Part 2 : Basic configuration
The place for bind9 configuration files can differ a little between Linux distributions. On Ubuntu servers they are located in /etc/bind with the zonefiles placed under /etc/bind/zones .
The standard install of bind9 on Ubuntu server is to act as a caching DNS. But for this to work, you need to tell it where to look for an adress that it can not resolve locally. So you need to edit a file called named.conf.options .
sudo nano /etc/bind/named.conf.optionsHere you have to add at least two DNS’es. I added the two from OpenDNS first, and then the two from my ISP just to be sure:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
208.67.222.222;
208.67.220.220;
200.251.161.2;
200.251.161.7;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};The zone files
Before we can start editing the zonefiles, we need to let bind9 know where they are. This is as easy as editing a file called named.conf.local .
sudo nano /etc/bind/named.conf.localHere you need to add the names for the zone definitions of your forward and reverse DNS lookups. The first one will be the name of your domain plus .db . The other will be rev. plus the IP address of your server in reverse minus the last number plus .in-addr.arpa . It is not as difficult as it sounds, but maybe easier to show you how mine looks:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
# This is the zone definition. replace example.com with your domain name
zone "lan1.domainname.com" {
type master;
file "/etc/bind/zones/lan1.domainname.com.db";
};
# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in $
zone "12.11.10.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.12.11.10.in-addr.arpa";
};As the domain I wanted to use for my network is lan1.domainname.com, the zonefile will be called lan1.domainname.com.db .
And as my IP address for the server is 10.11.12.100, the reverse zone name will be rev.12.11.10.in-addr.arpa .
Creating these two files are as easy as editing them the usual ways:
sudo nano /etc/bind/zones/lan1.domainname.com.dbMine looks like this – I’ll do the explanation later:
$TTL 1h
lan1.domainname.com. IN SOA argoz.lan1.domainname.com. post.otherdomain.net. (
2009072804
28800
3600
604800
38400
)
lan1.domainname.com. IN NS argoz.lan1.domainname.com.
www IN CNAME argoz.lan1.domainname.com.
localhost IN A 10.11.12.100
argoz IN A 10.11.12.100
aslan IN A 10.11.12.30
phoenix IN A 10.11.12.40
alambil IN A 10.11.12.50As I am not an expert in DNS, I will stick to explaining the things you need to change to make it work. The rest, you can copy as it is here.
lan1.domainname.com. is the domain. Take extra care not to forget the last period!
argoz.lan1.domainname.com. is the full name of the server.
post.otherdomain.net. is the mail address to the administrator with a period instead of the @ sign on a different server.
2009072804 is a serial number that should change every time you change this zonefile. A very common way to do this number is to use the date in reverse order and a two digit number at the end. In most cases, you will not need more than 99 changes during a 24 hour period.
I added a few special names to the list and I also added some of the other PC’s in the house just to be able to address them by name, not only by IP. Also note – I do not have an in-house mail server (yet) so there is no MX record.
The last thing you need to do is to set up the reverse zone file:
sudo nano /etc/bind/zones/rev.12.11.10.in-addr.arpaAgain, here is what this looks like on my server:
$TTL 1h
@ IN SOA argoz.lan1.domainname.com. post.otherdomain.net. (
2009072803;
28800;
604800;
604800;
86400
)
IN NS argoz.lan1.domainname.com.
100 IN PTR argoz.lan1.domainname.com.
30 IN PTR aslan.lan1.domainname.com.
40 IN PTR phoenix.lan1.domainname.com.
50 IN PTR alambil.lan1.wdomainname.com.After setting up the previous file, this one becomes a bit more clear. As with the other file, remember the trailing periods. And also remember to change the serial number if you open and change this file again later.
The last thing you need to do is to restart bind9 to get the whole thing to work:
sudo /etc/init.d/bind9 restartAnd then you can test your DNS with this command (substitute the domainname with your own):
dig lan1.domainname.comI am sure there are still errors in this setup, but it is working for me. I can do a dig and get a respons that seems to be ok. Was this helpful? Any tips on how to improve things?
A big thank you to the following websites and people for help and knowledge:
Ubuntu forum - Howto: Setup a DNS server with bind
Ubuntu DNS Server Guide – BIND Caching Name Server Setup
The admins at Domenetorget.no for excellent support!
The photograph of the rack and network cables is by Cloned Milkmen and has a Creative Commons license.
