############################################## ### Configuration of DNS on Ubuntu 14.04 LTS ############################################## ###UPDATE THE REPOSITORIES root@dns-resolver:/# apt-get update root@dns-resolver:/# apt-cache search bind9 bindgraph - DNS statistics RRDtool frontend for BIND9 gadmin-bind - GTK+ configuration tool for bind9 gadmin-bind-dbg - GTK+ configuration tool for bind9 (debug) gforge-dns-bind9 - collaborative development tool - DNS management (using Bind9) libbind4 - DNS resolver and message parsing library libbind4-dev - DNS resolver and message parsing static library and headers libconfig-auto-perl - Magical config file parser libnss-lwres - NSS module for using bind9's lwres as a naming service bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND libbind9-60 - BIND9 Shared Library used by BIND collectd-core - statistics collection and monitoring daemon (core system) unbound-host - reimplementation of the 'host' command #####INSTALL BIND9 root@dns-resolver:/# apt-get install bind9 Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: bind9-host bind9utils dnsutils libbind9-60 libdns64 libisc60 libisccc60 libisccfg60 liblwres60 Suggested packages: bind9-doc resolvconf rblcheck The following NEW packages will be installed: bind9 bind9utils The following packages will be upgraded: bind9-host dnsutils libbind9-60 libdns64 libisc60 libisccc60 libisccfg60 liblwres60 8 upgraded, 2 newly installed, 0 to remove and 100 not upgraded. Need to get 1,736kB of archives. After this operation, 1,393kB of additional disk space will be used. Do you want to continue [Y/n]? y ###THE BIND SERVICE STARTS BY DEFAULT AFTER INSTALLATION root@dns-resolver:/# ps aux | grep bind bind 1641 0.0 2.6 120004 13536 ? Ssl 06:43 0:00 /usr/sbin/named -u bind root 1675 0.0 0.1 7624 904 pts/1 S+ 07:05 0:00 grep --color=auto bind ### Bind 9 is enabled on runlevels 2,3,4 and 5 by default meaning that it's already running. root@dns-resolver:/# chkconfig --list | grep bind bind9 0:off 1:off 2:on 3:on 4:on 5:on 6:off ### Important Files and Directories. root@dns-resolver:/# vi /etc/resolv.conf root@dns-resolver:/# ls -lh /etc/bind/ total 52K -rw-r--r-- 1 root root 601 2014-12-09 15:37 bind.keys -rw-r--r-- 1 root root 237 2014-12-09 15:37 db.0 -rw-r--r-- 1 root root 271 2014-12-09 15:37 db.127 -rw-r--r-- 1 root root 237 2014-12-09 15:37 db.255 -rw-r--r-- 1 root root 353 2014-12-09 15:37 db.empty -rw-r--r-- 1 root root 270 2014-12-09 15:37 db.local -rw-r--r-- 1 root root 2.9K 2014-12-09 15:37 db.root -rw-r--r-- 1 root bind 463 2014-12-09 15:37 named.conf -rw-r--r-- 1 root bind 490 2014-12-09 15:37 named.conf.default-zones -rw-r--r-- 1 root bind 165 2014-12-09 15:37 named.conf.local -rw-r--r-- 1 root bind 572 2014-12-09 15:37 named.conf.options -rw-r----- 1 bind bind 77 2015-07-26 06:43 rndc.key -rw-r--r-- 1 root root 1.3K 2014-12-09 15:37 zones.rfc1918 root@dns-resolver:/# vi /etc/bind/named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 41.204.164.3; 41.89.1.4; }; listen-on { 10.10.0.x; }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; ### Test the dns server for the localhost domain. root@dns-resolver:/# dig localhost ; <<>> DiG 9.7.0-P1 <<>> localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14339 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;localhost. IN A ;; ANSWER SECTION: localhost. 10800 IN A 127.0.0.1 ;; AUTHORITY SECTION: localhost. 10800 IN NS localhost. ;; ADDITIONAL SECTION: localhost. 10800 IN AAAA ::1 ;; Query time: 1 msec ;; SERVER: 41.89.1.4#53(41.89.1.4) ;; WHEN: Sun Jul 26 07:17:08 2015 ;; MSG SIZE rcvd: 85 ################## ### Create a zone ################## root@dns-resolver:/# vi/etc/bind/named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "training" { type master; file "/etc/bind/training.local"; }; ### Create the zone file and add the resource records of your choice. root@dns-resolver:/# vi /etc/bind/training.local $TTL 604800 @ IN SOA training. martin.training. ( 2013082000 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS training. @ IN A 192.168.0.10 @ IN MX 10 mail @ IN MX 20 barua www IN A 192.168.0.50 mail IN A 192.168.0.20 barua IN A 192.168.0.21 ftp IN A 192.168.0.25 root@dns-resolver:/# /etc/init.d/bind9 restart * Stopping domain name service... bind9 [ OK ] * Starting domain name service... bind9 [ OK ] root@dns-resolver:/# ### Run configuration and zone checks. root@dns-resolver:/# named-checkconf /etc/bind/named.conf.options root@dns-resolver:/# named-checkconf /etc/bind/named.conf.local root@dns-resolver:/# named-checkzone training /etc/bind/training.local zone training/IN: loaded serial 2013082000 OK root@dns-resolver:/# dig @localhost mail.training ; <<>> DiG 9.7.0-P1 <<>> @localhost mail.training ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33232 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;mail.training. IN A ;; ANSWER SECTION: mail.training. 604800 IN A 192.168.0.20 ;; AUTHORITY SECTION: training. 604800 IN NS training. ;; ADDITIONAL SECTION: training. 604800 IN A 192.168.0.10 ;; Query time: 0 msec ;; SERVER: ::1#53(::1) ;; WHEN: Sun Jul 26 07:42:45 2015 ;; MSG SIZE rcvd: 77 root@dns-resolver:/# dig @localhost ftp.training ; <<>> DiG 9.7.0-P1 <<>> @localhost ftp.training ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46799 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;ftp.training. IN A ;; ANSWER SECTION: ftp.training. 604800 IN A 192.168.0.25 ;; AUTHORITY SECTION: training. 604800 IN NS training. ;; ADDITIONAL SECTION: training. 604800 IN A 192.168.0.10 ;; Query time: 0 msec ;; SERVER: ::1#53(::1) ;; WHEN: Sun Jul 26 07:43:12 2015 ;; MSG SIZE rcvd: 76 root@dns-resolver:/# dig @localhost barua.training ; <<>> DiG 9.7.0-P1 <<>> @localhost barua.training ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20932 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;barua.training. IN A ;; ANSWER SECTION: barua.training. 604800 IN A 192.168.0.21 ;; AUTHORITY SECTION: training. 604800 IN NS training. ;; ADDITIONAL SECTION: training. 604800 IN A 192.168.0.10 ;; Query time: 0 msec ;; SERVER: ::1#53(::1) ;; WHEN: Sun Jul 26 07:43:58 2015 ;; MSG SIZE rcvd: 78 root@dns-resolver:/# #####DONE!!!!!!!