Step by step instructions
1: Make sure that the latest version of bind9 is installed (that’s the dns-server software):
sudo apt-get install bind9
2.1: Configure the DNS to cache requests and forward unknown requests to other DNS servers:
sudo nano /etc/bind/named.conf.options
2.2: Uncomment or add the forwarders section and replace the x:es with the ip-address to the primary and secondary dns of your isp:
forwarders {
208.67.222.222;
208.67.220.220;
};
3.0: Make the server use its own DNS for look-ups:
How to specify which DNS server to use depends on if you are using a dynamic or static ip address:
3.DYNAMIC.1: Edit dhclient.conf:
sudo nano /etc/dhcp/dhclient.conf
3.DYNAMIC.2: Uncomment or add the following line:
prepend domain-name-servers 127.0.0.1;
Note: 127.0.0.1 points to the local machine, making the DNS requests go through our DNS server that we are setting up.
[OPTIONAL]
You might want to also add a search directive to eliminate the need of typing the FQDN when looking up local records. But you should only do this if you cannot control this information in the DHCP server. If you setup the DHCP server as well, then you should make sure that the DHCP server provides the search directive. It would then be automatically used by the DHCP client.
supersede domain-name "home.lan";
3.STATIC.1: Edit /etc/network/interfaces:
sudo nano /etc/network/interfaces
3.STATIC.2: Change or add the dns-nameserver, dns-search and dns-domain directives:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.2
netmask 255.255.255.0
gateway 192.168.0.1
network 192.168.0.0
broadcast 192.168.0.255
dns-nameservers 127.0.0.1
dns-search home.lan
dns-domain home.lan
Note 1: home.lan is the domain name of our local network in this guide. A DNS search directive is used to eliminate the need of typing the FQDN when looking up local records.
Note 2: This setup must also be done for other Ubuntu clients that use a static IP. But then it should point to the IP of our DNS server. If you have a DHCP server you should specify your DNS IP in its settings, as well as the search domain.
4.1: Define the zones for the local domain:
sudo nano /etc/bind/named.conf.local
4.2: Add a zone for the local domain:
zone "home.lan" IN {
type master;
file "/etc/bind/zones/home.lan.db";
};
4.3: Also add a zone for reverse dns lookups for the local network:
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};
Note: Make sure that it’s literal quotes that are used, so that they aren’t converted if you copy and past them to the terminal.
5: Create the zones directory:
sudo mkdir /etc/bind/zones
6.1: Configure the local domain:
sudo nano /etc/bind/zones/home.lan.db
6.2: Example settings, change to match your host names and ip-addresses:
; Use semicolons to add comments.
; Host-to-IP Address DNS Pointers for home.lan
; Note: The extra “.” at the end of the domain names are important.
; The following parameters set when DNS records will expire, etc.
; Importantly, the serial number must always be iterated upward to prevent
; undesirable consequences. A good format to use is YYYYMMDDII where
; the II index is in case you make more that one change in the same day.
$ORIGIN .
$TTL 86400 ; 1 day
home.lan. IN SOA ubuntu.home.lan. hostmaster.home.lan. (
2008080901 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; NS indicates that ubuntu is the name server on home.lan
; MX indicates that ubuntu is (also) the mail server on home.lan
home.lan. IN NS ubuntu.home.lan.
home.lan. IN MX 10 ubuntu.home.lan.
$ORIGIN home.lan.
; Set the address for localhost.home.lan
localhost IN A 127.0.0.1
; Set the hostnames in alphabetical order
print-srv IN A 192.168.0.9
router IN A 192.168.0.1
server IN A 192.168.0.5
ubuntu IN A 192.168.0.2
xbox IN A 192.168.0.3
7.1: Create and edit the reverse lookup configuration file:
sudo nano /etc/bind/zones/rev.0.168.192.in-addr.arpa
7.2: Example settings, reversed of the above:
; IP Address-to-Host DNS Pointers for the 192.168.0 subnet
@ IN SOA ubuntu.home.lan. hostmaster.home.lan. (
2008080901 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; define the authoritative name server
IN NS ubuntu.home.lan.
; our hosts, in numeric order
1 IN PTR router.home.lan.
2 IN PTR ubuntu.home.lan.
3 IN PTR xbox.home.lan.
5 IN PTR server.home.lan.
9 IN PTR print-srv.home.lan.
8.0: Restart services to use the new settings:
8.1: Restart bind:
sudo service bind9 restart
8.2: Restart the network interface that you changed in step 3:
sudo nohup sh -c "ifdown eth0 && ifup eth0"
Note that networking restart has been deprecated, see this post for more information.
9.0 Test that everything works as expected.
9.1: Test that the dns look-ups works with the local server:
host ping.sunet.se
The response should be:
ping.sunet.se has address 192.36.125.18
ping.sunet.se has IPv6 address 2001:6b0:7::18
9.2: Test that all of your computers are listed with the following command:
host -l home.lan
The output should list all of your entered hosts:
home.lan name server ubuntu.home.lan.
localhost.home.lan has address 127.0.0.1
print-srv.home.lan has address 192.168.0.9
router.home.lan has address 192.168.0.1
server.home.lan has address 192.168.0.5
ubuntu.home.lan has address 192.168.0.2
xbox.home.lan has address 192.168.0.3
9.3: Test that the reverse lookup works:
host 192.168.0.1
Response:
1.0.168.192.in-addr.arpa domain name pointer ubuntu.home.lan.
Final words
• You should have a firewall between this server and the internet and make sure that the dns port (53) is not forwarded to your Ubuntu server.
Otherwise your dns server will be open for anyone in the world to use. With this setup it is only intended to be used within your local network.
• Do not forget to update the serial every time you make any changes to a zone file.
Network Bind Commands
arp -a
host -l home.lan
named -v --> versie dns
sudo apt-get --only-upgrade install bind9
named-checkzone home.lan /etc/bind/zones/home.lan.db
named-checkzone home.lan /etc/bind/zones/rev.0.168.192.in-addr.arpa
Clean DNS
sudo apt-get install nscd
sudo /etc/init.d/nscd restart
sudo /etc/init.d/dns-clean start
DNS Suffix
Ubuntu 12.04
•Create a file named /etc/resolvconf/resolv.conf.d/tail
•Add the line search mydomain.tld to that file
•Run sudo resolvconf -u
Example file /bind/zones/home.lan.db
; The following parameters set when DNS records will expire, etc.
; Importantly, the serial number must always be iterated upward to prevent
; undesirable consequences. A good format to use is YYYYMMDDII where
; the II index is in case you make more that one change in the same day.
$ORIGIN .
$TTL 86400 ; 1 day
home.lan. IN SOA dns.home.lan. hostmaster.home.lan. (
2008080901 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; NS indicates that ubuntu is the name server on home.lan
; MX indicates that ubuntu is (also) the mail server on home.lan
home.lan. IN NS dns.home.lan.
;home.lan. IN MX 10 ubuntu.home.lan.
$ORIGIN home.lan.
; Set the address for localhost.home.lan
localhost IN A 127.0.0.1
; Set the hostnames in alphabetical order
dns IN A 192.168.0.222
mail IN A 192.168.0.221
media IN A 192.168.0.223
vmware IN A 192.168.0.210
win7-pc1 IN A 192.168.0.211
win7-pc2 IN A 192.168.0.212
wingym IN A 192.168.0.220
Example file /bind/zones/rev.0.168.192.in-addr.arpa
; IP Address-to-Host DNS Pointers for the 192.168.0 subnet
@ IN SOA dns.home.lan. localhost.home.lan. (
2008080901 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; define the authoritative name server
IN NS dns.home.lan.
; our hosts, in numeric order
210 IN PTR vmware.home.lan.
211 IN PTR win7-pc1.home.lan.
212 IN PTR win7-pc2.home.lan.
220 IN PTR wingym.home.lan.
221 IN PTR mail.home.lan.
222 IN PTR dns.home.lan.
223 IN PTR media.home.lan.
/etc/hosts
127.0.0.1 localhost dns.home.lan
192.168.0.222 dns dns.home.lan hostmaster.home.lan
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
No Comments