Scribd
Upload
13 views6 pages

Install and Configure Bind On Ubuntu18.04

This document provides a step-by-step guide for installing and configuring BIND9 on Ubuntu 18.04 LTS. It includes instructions for setting up the hostname, updating configuration files, creating zone files, and testing the DNS server. Additionally, it covers firewall configuration and troubleshooting commands to ensure proper functionality of the DNS setup.

Uploaded by

Badi Ul Zaman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views6 pages

Install and Configure Bind On Ubuntu18.04

This document provides a step-by-step guide for installing and configuring BIND9 on Ubuntu 18.04 LTS. It includes instructions for setting up the hostname, updating configuration files, creating zone files, and testing the DNS server. Additionally, it covers firewall configuration and troubleshooting commands to ensure proper functionality of the DNS setup.

Uploaded by

Badi Ul Zaman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Install and configure bind9 on ubuntu 18.0.

4 LTS
Gain Supper User Access

sudo -i

Setup hostname and update /etc/hosts

hostnamectl set-hostname ns01.example.com

echo 192.168.10.230 ns01.example.com ns01 >> /etc/hosts

Update package list

apt update

Disable and Remove dnsmasq

systemctl disable --now dnsmasq

apt remove dnsmasq dnsmasq-base dnsmasq-utils

Install required software

apt install bind9 bind9utils bind9-doc -y

Check software version

named -v

Update named.conf.options by blocking zone transfers and hide


version
vim /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the block, and insert the addresses replacing accordingly
// forwarders {
// 0.0.0.0;
// };
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
// hide version number from clients for security reasons.
version "We are sorry version information is not currently available";
// disable recursion on authoritative DNS server.
recursion no;
// enable the query log
querylog yes;
// disable zone transfers
allow-transfer { none; };
};

Add zone information to named.conf.local

vim /etc/bind/named.conf.local
zone "example.com" {
type master;
file "/etc/bind/example.com.zone";
};
zone "10.168.192.in-addr.arpa" {
type master;
file "/etc/bind/192.168.10.zone";
};

Create and update master zone file

vim /etc/bind/example.com.zone
$TTL 604800
$ORIGIN example.com.
@ IN SOA ns01.example.com. root.example.com. (
2020111100 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS ns01.example.com.
@ IN MX 10 ns01.example.com.
ns01 IN A 192.168.10.230
cka-master IN A 192.168.10.200
cka-node1 IN A 192.168.10.201
cka-node2 IN A 192.168.10.202
www IN CNAME ns01.example.com.
mail IN CNAME ns01.example.com.
ftp IN CNAME ns01.example.com.

Create and configure reverse lookup zone file

vim /etc/bind/192.168.10.zone
$TTL 604800
$ORIGIN 10.168.192.IN-ADDR.ARPA.
@ IN SOA ns01.example.com. root.example.com. (
2020111100 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS ns01.example.com.
230 IN PTR ns01.example.com.
200 IN PTR cka-master.example.com.
201 IN PTR cka-node1.example.com.
202 IN PTR cka-node2.example.com.
Check named.conf.local for configuration errors
named-checkconf

Check example.com zone file for configuration errors


named-checkzone example.com /etc/bind/example.com.zone

Check 192.168.10.zone zone file for configuration errors


named-checkzone 10.168.192.in-addr.arpa /etc/bind/192.168.10.zone

Update resolv conf

vim /etc/resolv.conf
search example.com
nameserver 127.0.0.1
nameserver 8.8.8.8

Enable and restart bind9 service

systemctl enable --now bind9


systemctl restart bind9

ss -tln

Configure firewall for bind


ufw status
ufw enable
ufw app list
ufw allow 53/tcp
ufw allow 53/udp
ufw app list

Testing bind9
Check bind9 logs
journalctl -f -u bind9

Check bind9 version


bind -V

Test Zone Transfer


dig axfr example.com @127.0.0.1

Test Host Records


dig A ns01.example.com @127.0.0.1
dig A cka-master.example.com @127.0.0.1
dig A cka-node1.example.com @127.0.0.1
dig A cka-node2.example.com @127.0.0.1

Test NS Records
dig NS example.com @127.0.0.1

Test StartOfAuthority Records


dig SOA example.com @127.0.0.1

Test CNAME Records


dig CNAME www.example.com @127.0.0.1
dig CNAME mail.example.com @127.0.0.1
dig CNAME ftp.example.com @127.0.0.1

You might also like