##############################################
### Configuration of DNS on Ubuntu 14.04 LTS
##############################################
###UPDATE THE REPOSITORIES
root@dns-resolver:/# apt-get update
root@dns-resolver:/# apt-cache search bind9
bindgraph - DNS statistics RRDtool frontend for BIND9
gadmin-bind - GTK+ configuration tool for bind9
gadmin-bind-dbg - GTK+ configuration tool for bind9 (debug)
gforge-dns-bind9 - collaborative development tool - DNS management (using Bind9)
libbind4 - DNS resolver and message parsing library
libbind4-dev - DNS resolver and message parsing static library and headers
libconfig-auto-perl - Magical config file parser
libnss-lwres - NSS module for using bind9's lwres as a naming service
bind9 - Internet Domain Name Server
bind9-doc - Documentation for BIND
bind9-host - Version of 'host' bundled with BIND 9.X
bind9utils - Utilities for BIND
libbind9-60 - BIND9 Shared Library used by BIND
collectd-core - statistics collection and monitoring daemon (core system)
unbound-host - reimplementation of the 'host' command
#####INSTALL BIND9
root@dns-resolver:/# apt-get install bind9
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
bind9-host bind9utils dnsutils libbind9-60 libdns64 libisc60 libisccc60 libisccfg60 liblwres60
Suggested packages:
bind9-doc resolvconf rblcheck
The following NEW packages will be installed:
bind9 bind9utils
The following packages will be upgraded:
bind9-host dnsutils libbind9-60 libdns64 libisc60 libisccc60 libisccfg60 liblwres60
8 upgraded, 2 newly installed, 0 to remove and 100 not upgraded.
Need to get 1,736kB of archives.
After this operation, 1,393kB of additional disk space will be used.
Do you want to continue [Y/n]? y
###THE BIND SERVICE STARTS BY DEFAULT AFTER INSTALLATION
root@dns-resolver:/# ps aux | grep bind
bind 1641 0.0 2.6 120004 13536 ? Ssl 06:43 0:00 /usr/sbin/named -u bind
root 1675 0.0 0.1 7624 904 pts/1 S+ 07:05 0:00 grep --color=auto bind
### Bind 9 is enabled on runlevels 2,3,4 and 5 by default meaning that it's already running.
root@dns-resolver:/# chkconfig --list | grep bind
bind9 0:off 1:off 2:on 3:on 4:on 5:on 6:off
### Important Files and Directories.
root@dns-resolver:/# vi /etc/resolv.conf
root@dns-resolver:/# ls -lh /etc/bind/
total 52K
-rw-r--r-- 1 root root 601 2014-12-09 15:37 bind.keys
-rw-r--r-- 1 root root 237 2014-12-09 15:37 db.0
-rw-r--r-- 1 root root 271 2014-12-09 15:37 db.127
-rw-r--r-- 1 root root 237 2014-12-09 15:37 db.255
-rw-r--r-- 1 root root 353 2014-12-09 15:37 db.empty
-rw-r--r-- 1 root root 270 2014-12-09 15:37 db.local
-rw-r--r-- 1 root root 2.9K 2014-12-09 15:37 db.root
-rw-r--r-- 1 root bind 463 2014-12-09 15:37 named.conf
-rw-r--r-- 1 root bind 490 2014-12-09 15:37 named.conf.default-zones
-rw-r--r-- 1 root bind 165 2014-12-09 15:37 named.conf.local
-rw-r--r-- 1 root bind 572 2014-12-09 15:37 named.conf.options
-rw-r----- 1 bind bind 77 2015-07-26 06:43 rndc.key
-rw-r--r-- 1 root root 1.3K 2014-12-09 15:37 zones.rfc1918
root@dns-resolver:/# vi /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
41.204.164.3;
41.89.1.4;
};
listen-on {
10.10.0.x;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
### Test the dns server for the localhost domain.
root@dns-resolver:/# dig localhost
; <<>> DiG 9.7.0-P1 <<>> localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14339
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;localhost. IN A
;; ANSWER SECTION:
localhost. 10800 IN A 127.0.0.1
;; AUTHORITY SECTION:
localhost. 10800 IN NS localhost.
;; ADDITIONAL SECTION:
localhost. 10800 IN AAAA ::1
;; Query time: 1 msec
;; SERVER: 41.89.1.4#53(41.89.1.4)
;; WHEN: Sun Jul 26 07:17:08 2015
;; MSG SIZE rcvd: 85
##################
### Create a zone
##################
root@dns-resolver:/# vi/etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "training" {
type master;
file "/etc/bind/training.local";
};
### Create the zone file and add the resource records of your choice.
root@dns-resolver:/# vi /etc/bind/training.local
$TTL 604800
@ IN SOA training. martin.training. (
2013082000 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS training.
@ IN A 192.168.0.10
@ IN MX 10 mail
@ IN MX 20 barua
www IN A 192.168.0.50
mail IN A 192.168.0.20
barua IN A 192.168.0.21
ftp IN A 192.168.0.25
root@dns-resolver:/# /etc/init.d/bind9 restart
* Stopping domain name service... bind9 [ OK ]
* Starting domain name service... bind9 [ OK ]
root@dns-resolver:/#
### Run configuration and zone checks.
root@dns-resolver:/# named-checkconf /etc/bind/named.conf.options
root@dns-resolver:/# named-checkconf /etc/bind/named.conf.local
root@dns-resolver:/# named-checkzone training /etc/bind/training.local
zone training/IN: loaded serial 2013082000
OK
root@dns-resolver:/# dig @localhost mail.training
; <<>> DiG 9.7.0-P1 <<>> @localhost mail.training
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33232
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;mail.training. IN A
;; ANSWER SECTION:
mail.training. 604800 IN A 192.168.0.20
;; AUTHORITY SECTION:
training. 604800 IN NS training.
;; ADDITIONAL SECTION:
training. 604800 IN A 192.168.0.10
;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Sun Jul 26 07:42:45 2015
;; MSG SIZE rcvd: 77
root@dns-resolver:/# dig @localhost ftp.training
; <<>> DiG 9.7.0-P1 <<>> @localhost ftp.training
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46799
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;ftp.training. IN A
;; ANSWER SECTION:
ftp.training. 604800 IN A 192.168.0.25
;; AUTHORITY SECTION:
training. 604800 IN NS training.
;; ADDITIONAL SECTION:
training. 604800 IN A 192.168.0.10
;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Sun Jul 26 07:43:12 2015
;; MSG SIZE rcvd: 76
root@dns-resolver:/# dig @localhost barua.training
; <<>> DiG 9.7.0-P1 <<>> @localhost barua.training
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20932
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;barua.training. IN A
;; ANSWER SECTION:
barua.training. 604800 IN A 192.168.0.21
;; AUTHORITY SECTION:
training. 604800 IN NS training.
;; ADDITIONAL SECTION:
training. 604800 IN A 192.168.0.10
;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Sun Jul 26 07:43:58 2015
;; MSG SIZE rcvd: 78
root@dns-resolver:/#
#####DONE!!!!!!!