Installing Bind9 on Ubuntu
#apt-get install bind9 dnsutils bind9-docBasic Bind Configuration
Let's edit /etc/bind/named.conf.options#vim /etc/bind/named.conf.options
Delete the // in front of:
// forwarders {
// 0.0.0.0;
// };
Since we are using Google's Public DNS servers, we will want to replace
0.0.0.0 with Google's DNS server IPs 8.8.8.8 and 8.8.4.4 . Your config
file should look similar as below:
look carefully on all text color because we have some command for add or block
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
//add google dns forwarders
forwarders {
8.8.8.8;
forwarders {
8.8.8.8;
8.8.4.4;
}; //========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys //========================================================================
//enable dns security
}; //========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys //========================================================================
//enable dns security
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
dnssec-lookaside auto;
allow-query { any; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
listen-on-v6 { any; };
};
//add log file when client query to other url
logging {
channel b_query {
file "/var/log/bind9/query.log" versions 2 size 1m;
print-time yes;
severity info;
};
category queries { b_query; };
};
save and exite.
*********************************************************************************
-Create the log directory for Bind9.
#mkdir /var/log/bind9
#chown bind:bind /var/log/bind9
after finish setup dns we can check dns query by
logging {
channel b_query {
file "/var/log/bind9/query.log" versions 2 size 1m;
print-time yes;
severity info;
};
category queries { b_query; };
};
save and exite.
*********************************************************************************
-Create the log directory for Bind9.
#mkdir /var/log/bind9
#chown bind:bind /var/log/bind9
after finish setup dns we can check dns query by
#tailf /var/log/bind9/query.log
#vim /etc/bind/named.conf.local
normally we add forward and reverse zone.
//forward zone
zone "xm.shv" {
-Now Let's open up /etc/bind/named.conf.local#vim /etc/bind/named.conf.local
normally we add forward and reverse zone.
//forward zone
zone "xm.shv" {
type master;
file "/etc/bind/zones/xm.shv.db";
};
//reverse zone with range ip 10.105.9 if we have other range ip address we will add more reverse
zone "9.105.10.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.9.105.10.in-addr.arpa";
};
//for more range ip address of reverse zone
zone "10.105.10.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.10.105.10.in-addr.arpa";
};
Canonical Name (CNAME): Defines that the domain name is an alias of another name. It basically allows you to point a domain name to another.
Add name server, domain, and search option to your resolve.conf file.
domain: This will be the domain we just created.
search: This will be the domain we just created
Save and Exit.Building Your DNS Forward Zone
-Create directory zones for store zone and forward file#mkdir /etc/bind/zones#vim /etc/bind/zones/xm.shv.db add follow: $TTL 38400
@ IN SOA ns1.xm.shv. admin.xm.shv. (
2015071001 ; serial, todays date + todays serial #
28800 ; refresh, seconds
3600 ; retry, seconds
604800 ; expire, seconds
38400 ; Negative Cache TTL minimum, seconds
)
;Name server
@ IN NS ns1.xm.shv.
;A records for name servers
ns1 IN A 10.105.9.88
mail IN A 10.105.9.85;deferent range ip address dhcp IN A 10.105.10.131
;setup alias name www to mail.xm.shv =>we can access by url: mail.xm.shv or www.xm.shv
www IN CNAME mail.xm.shv. save and exit;Canonical Name (CNAME): Defines that the domain name is an alias of another name. It basically allows you to point a domain name to another.
Building Your Reverse Lookup
#vim /etc/bind/zones/rev.9.105.10.in-addr.arpa TTL 86400
@ IN SOA ns1.xm.shv. admin.xm.shv. (
2015071001
28800
604800
604800
86400
)
@ IN NS ns1.xm.shv.
88 IN PTR ns1.xm.shv.
85 IN PTR mail.xm.shv.
Save and exit;
#vim /etc/bind/zones/rev.10.105.10.in-addr.arpa$TTL 86400
@ IN SOA ns1.xm.shv. admin.xm.shv. (
2015071001
28800
604800
604800
86400
)
@ IN NS ns1.xm.shv.
;this ip 131 is in range 10.131131 IN PTR dhcp.xm.shv. save and exit; Let's configure the server to use the Bind9 service that is running locally as its own DNS server. Add name server, domain, and search option to your resolve.conf file.
#vim /etc/resolv.conf domain: This will be the domain we just created.
search: This will be the domain we just created
add follow: domain xm.shv
search xm.shv
nameserver 10.105.9.88
starting dns server
#/etc/init.d/bind9 start Testing Your DNS Server
#dig xm.shv output result:; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> xm.shv
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11861
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;xm.shv. IN A
;; AUTHORITY SECTION:
xm.shv. 38400 IN SOA ns1.xm.shv. admin.xm.shv. 2015071001 28800 3600 604800 38400
;; Query time: 0 msec
;; SERVER: 10.105.9.88#53(10.105.9.88)
;; WHEN: Mon Aug 31 16:52:07 2015
;; MSG SIZE rcvd: 70
Note: we just check on status is show NOERROR mean that ok. =========================================now setup dns for client on ubuntu
we just edit file resolv.conf
#vim /etc/resolve.conf
search xm.shv
nameserver 10.105.9.88 #ip dns server
save and exit
==============================================================================Reference: