This is a step by step tutorial on how to install and configure DNS server for your LAN using bind9. The DNS server will provide caching and name resolution as well as reverse name resolution for your local network. In this tutorial, we will use the domain "debian.lan" and this will be the domain of your local network. The domain "debian.lan" is not accessible from the internet; its private ip address is "192.168.4.1".
1. Installing bind9 and dns utilities
Firstly, we need to confirm whether bind9 and dnsutils are installed on our system. Let’s install the bind9 package and dns utilities from Debian repository.
|
$ apt-get install bind9 dnsutils |
2. Configure your Linux system
Add nameserve to /etc/resolve.conf.
Edit your /etc/resolvconf/resolve.conf.d/base (red part is added)
|
192.168.4.1 202.103.24.68 8.8.8.8 |
This is where Linux looks to find out how it should perform DNS lookups.
3. Lets create a zone
The zone files (or database files) are the heart of your BIND system. This is where all the information is stored on what hostname goes with what ip address.
Before we create a zone file, let’s edit first the
local configuration file/etc/bind/named.conf.local.
|
// // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "debian.lan" { type master; file "db.debian.lan"; }; zone "4.168.192.in-addr.arpa" { type master; file "db.192.168.4"; }; |
Let’s start creating a zone file in /var/cache/bind/ directory. Create a file called db.debian.lan
|
$ vi /var/cache/bind/db.debian.lan |
And add the following entry
|
$TTL 604800 @ IN SOA main.debian.lan. admin.debian.lan. ( 2008080101 ;serial 04800 ;refresh 86400 ;retry 2419200 ;expire 604800 ;negative cache TTL ) @ IN NS main.debian.lan. @ IN A 192.168.4.1 @ IN MX 10 main.debian.lan. main IN A 192.168.4.1 www IN CNAME main ubuntu IN A 192.168.4.2 |
Let’s create the reverse DNS zone file called db.192.168.100
|
$ vi /var/cache/bind/db.192.168.4 |
And the following entry.
|
$TTL 604800 @ IN SOA main.debian.lan. admin.debian.lan. ( 2008080101 ;serial 604800 ;refresh 86400 ;retry 2419200 ;expire 604800 ;negative cache TTL ) @ IN NS main.debian.lan. @ IN A 192.168.4.1 1 IN PTR main.debian.lan. 2 IN PTR ubuntu.debian.lan. |
The zone files are created, you can check your zone file configurations using these utilities:
|
$ named-checkzone main.debian.lan /var/cache/bind/db.debian.lan |
Let’s edit the file /etc/bind/named.conf.options
|
$ vi /etc/bind/named.conf.options |
Uncomment the line forwarders and add your ISP's DNS server. (We have no ISP, so ignore)
|
forwarders { 202.78.97.41; 202.78.97.3; }; |
Let’s restart our DNS server, and test using the tool dig.
|
$ /etc/init.d/bind9 restart |
You should see the following message
|
; <<>> DiG 9.3.4 <<>> debian.lan ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54950 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;debian.lan. IN A ;; ANSWER SECTION: debian.lan. 64800 IN A 192.168.4.1 ;; AUTHORITY SECTION: debian.lan. 64800 IN NS main.debian.lan. ;; ADDITIONAL SECTION: main.debian.lan. 64800 IN A 192.168.4.1 ;; Query time: 1 msec ;; SERVER: 192.168.4.1#53(192.168.4.1) ;; WHEN: Tue Aug 5 09:33:40 2008 ;; MSG SIZE rcvd: 79 |
Test your reverse DNS
|
$ dig -x debian.lan |
If you see this message, you have successfully installed the DNS server.
|
; <<>> DiG 9.3.4 <<>> -x debian.lan ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42510 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;lan.debian.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: in-addr.arpa. 10800 IN SOA A.ROOT-SERVERS.NET. dns-ops.ARIN.NET. 2008080416 1800 900 691200 10800 ;; Query time: 952 msec ;; SERVER: 192.168.4.1#53(192.168.4.1) ;; WHEN: Tue Aug 5 09:34:25 2008 ;; MSG SIZE rcvd: 108 |
You can also check your DNS nslookup and host command.
|
nslookup debian.lan |
4. Update bind9.service and bind9-resolvconf.service
To boots up local DNS automatically at startup, we need below steps.
Before, bind9.service is dependent on network.target, and bind9-resolvconf.service is dependent on bind9.service. However, if Wifi-ublox is not ready, bind9 service finished, then bind9 will not work. So we need to set bind9.service be dependent on the service which boots up Wifi-ublox as below.
After /etc/init.d/bind9 restart is executed, /etc/systemd/system/multi-user.target/bind9.service will generate a soft link to /lib/systemd/system/bind9.service. bind9-resolvconf.service is under /lib/systemd/system/.
At last, we need to enable bind9 service at startup.
|
$ systemctl enable bind9 |
Bind9.service
|
[Unit] Description=BIND Domain Name Server Documentation=man:named(8) After=nio-autoexecB1.service [Service] ExecStart=/usr/sbin/named -f -u bind ExecReload=/usr/sbin/rndc reload ExecStop=/usr/sbin/rndc stop [Install] WantedBy=multi-user.target |
bind9-resolvconf.service
|
[Unit] Description=local BIND via resolvconf Documentation=man:named(8) man:resolvconf(8) Requires=bind9.service After=bind9.service ConditionFileIsExecutable=/sbin/resolvconf [Service] ExecStart=/bin/sh -c 'echo nameserver 127.0.0.1 | /sbin/resolvconf -a lo.named' ExecStop=/sbin/resolvconf -d lo.named [Install] WantedBy=bind9.service |
5. Configure Client Device in Lan Network
All computers in the LAN are going to use 192.168.4.1 as a nameserver, this can be set manually by setting statically:
|
$ vi /etc/resolvconf/resolv.conf.d/base |
Then put this information, add this at the top of file.
|
192.168.4.1 |
Source Reference: http://www.cahilig.net/2008/07/05/how-setup-lan-dns-server-using-bind9-under-debian-etch-and-ubuntu-804