How To Setup DNS Server Using Bind9 On Ubuntu 16.04
How To Setup DNS Server Using Bind9 On Ubuntu 16.04
2-apt¬get update
Hardwere mac
Join us at the Alibaba Cloud ACtivate Online Conference on March 5-6 to challenge assumptions,
exchange ideas, and explore what is possible through digital transformation.
By Hitesh Jethva, Alibaba Cloud Tech Share Author. Tech Share is Alibaba Cloud's incentive program to
encourage the sharing of technical knowledge and best practices within the cloud community.
DNS (Domain Name System) is an internet service that can be used to translate the user-friendly
domain into computer-friendly IP addresses. You can also perform reverse translation i.e. from IP
addresses to domain name translations using DNS. BIND also known as a Berkeley Internet Name
Domain is an open source implementation of DNS. BIND allows you to publish DNS information on
the internet and resolve DNS queries for the users. BIND is one of the most widely used DNS software
around the world. Putting a DNS server on a network is a great way to improve the management of
your servers and desktop systems. You can configure different views in a single BIND server. This
allows you to give internal and external users different views of your DNS data, keeping some DNS
information private. BIND comes with wide range of features including, TSIG, nsupdate, IPv6, rndc,
views, multiprocessor support, Response Rate Limiting (RRL), DNSSEC, Split DNS, DNSSEC Validation
and much more.
In this tutorial, we will go through how to set up a Domain Name System (DNS) server using BIND9 on
an Alibaba Cloud Elastic Compute Service (ECS) Ubuntu 16.04 server.
Prerequisites
First, log in to your Alibaba Cloud ECS Console. Create a new ECS instance, choosing Ubuntu 16.04 as
the operating system with at least 2GB RAM. Connect to your ECS instance and log in as the root user.
Once you are logged into your Ubuntu 16.04 instance, run the following command to update your
base system with the latest available packages.
apt-get update -y
Install BIND 9
By default, BIND 9 is available in the Ubuntu 16.04 default repository. You can easily install it by just
running the following command:
apt-get install bind9 bind9utils bind9-doc dnsutils -y
After installing BIND 9, you will need to set BIND to IPv4 mode. You can do this by editing
/etc/systemd/system/bind9.service file:
nano /etc/systemd/system/bind9.service
[Service]
ExecStart=/usr/sbin/named -f -u bind -4
Save and close the file. Then, reload the systemd daemon to read the new configuration into the
running system:
systemctl daemon-reload
Configure BIND 9
All the configuration files for BIND 9 are located inside /etc/bind directory. First, you will need to
edit /etc/bind/named.conf.options file and add forwarders. Forwarders. DNS query will be forwarded
to the forwarders when your local DNS server is unable to resolve the query.
nano /etc/bind/named.conf.options
forwarders {
8.8.8.8;
};
Save and close the file. Then, you will need to configure /etc/bind/named.conf.local file. This file will be
used to define the zone for your domain.
nano /etc/bind/named.conf.local
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "example.com" {
type master;
file "/etc/bind/forward.example.com";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/reverse.example.com";
};
Next, you will need to configure forward and reverse lookup zone for your domain. A forward lookup
zone is a DNS zone in which hostname to IP address relations is stored. When a computer asks the IP
address of a specific hostname, the forward lookup zone is checked and the desired result is returned.
A reverse lookup zone is the opposite of a forward lookup zone. It returns the fully qualified domain
name of a host based on its IP address.
First, change the directory to the /etc/bind with the following command:
cd /etc/bind/
Next, copy the sample forward and reverse lookup zone file with the following command:
cp db.127 reverse.example.com
cp db.local forward.example.com
nano /etc/bind/forward.example.com
$TTL 604800
@ IN SOA test.example.com. root.test.example.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS test.example.com.
test IN A 192.168.0.102
www IN A 192.168.0.102
@ IN AAAA ::1
Save and close the file. Then, open reverse lookup zone file:
nano /etc/bind/reverse.example.com
nano /etc/resolv.conf
search example.com
nameserver 192.168.0.102
Save and close the file. Then, restart BIND 9 service to apply the changes:
Next, check the forward and reverse lookup zone file for any syntax error with the following command:
Here, we will use the dig command line tool to check DNS & its related information with the following
command:
dig test.example.com
You should see the following output:
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.example.com. IN A
;; ANSWER SECTION:
test.example.com. 604800 IN A 192.168.0.102
;; AUTHORITY SECTION:
example.com. 604800 IN NS test.example.com.
dig -x 192.168.0.102
Output:
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.0.168.192.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
0.168.192.in-addr.arpa. 604800 IN SOA test.example.com. root.test.example.com. 1
604800 86400 2419200 604800
You can also use nslookup command against your DNS server to confirm the output of dig command:
nslookup test.example.com
Server: 192.168.0.102
Address: 192.168.0.102#53
Name: test.example.com
Address: 192.168.0.102
Next, use nslookup command against your DNS server IP address:
nslookup 192.168.0.102
Server: 192.168.0.102
Address: 192.168.0.102#53
102.0.168.192.in-addr.arpa name = example.com.
That's it! You have successfully installed and configured BIND 9 on Alibaba Cloud Elastic Compute
Service (ECS) Ubuntu 16.04 server.