##############################################
### Configuration of DNS on Ubuntu 12.04 LTS
##############################################

### Bind 9 is installed by defult in the base system.

root@instructor01:/# dpkg --list | grep bind
ii  bind9                                1:9.8.1.dfsg.P1-4ubuntu0.7   Internet Domain Name Server
ii  bind9-host                           1:9.8.1.dfsg.P1-4ubuntu0.7   Version of 'host' bundled with BIND 9.X
ii  bind9utils                           1:9.8.1.dfsg.P1-4ubuntu0.7   Utilities for BIND
ii  libbind9-80                          1:9.8.1.dfsg.P1-4ubuntu0.7   BIND9 Shared Library used by BIND
ii  libwbclient0                         2:3.6.3-2ubuntu2.6           Samba winbind client library
ii  rpcbind                              0.2.0-7ubuntu1.2             converts RPC program numbers into universal addresses

### Bind 9 is enabled on runlevels 2,3,4 and 5 by default meaning that it's already running.

root@instructor01:/# chkconfig --list | grep bind
bind9                     0:off  1:off  2:on   3:on   4:on   5:on   6:off
rpcbind-boot              0:off  1:off  2:off  3:off  4:off  5:off  6:off
root@instructor01:/# ps aux | grep bind
bind       534  0.0  2.4 167748 13076 ?        Ssl  08:31   0:00 /usr/sbin/named -u bind
root     15682  0.0  0.1   6460   760 pts/1    S+   14:26   0:00 grep --color=auto bind

### Important Files and Directories.

root@instructor01:/# vi /etc/resolv.conf 
root@instructor01:/# ls -lh /etc/bind/
total 52K
-rw-r--r-- 1 root root 2.4K Mar 28 23:26 bind.keys
-rw-r--r-- 1 root root  237 Mar 28 23:26 db.0
-rw-r--r-- 1 root root  271 Mar 28 23:26 db.127
-rw-r--r-- 1 root root  237 Mar 28 23:26 db.255
-rw-r--r-- 1 root root  353 Mar 28 23:26 db.empty
-rw-r--r-- 1 root root  270 Mar 28 23:26 db.local
-rw-r--r-- 1 root root 3.0K Mar 28 23:26 db.root
-rw-r--r-- 1 root bind  463 Mar 28 23:26 named.conf
-rw-r--r-- 1 root bind  490 Mar 28 23:26 named.conf.default-zones
-rw-r--r-- 1 root bind  165 Mar 28 23:26 named.conf.local
-rw-r--r-- 1 root bind  890 Jul 24 22:32 named.conf.options
-rw-r----- 1 bind bind   77 Jul 24 22:32 rndc.key
-rw-r--r-- 1 root root 1.3K Mar 28 23:26 zones.rfc1918
root@instructor01:/# vi /etc/bind/named.conf.options 
options {
	directory "/var/cache/bind";

	// If there is a firewall between you and nameservers you want
	// to talk to, you may need to fix the firewall to allow multiple
	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

	// If your ISP provided one or more IP addresses for stable 
	// nameservers, you probably want to use them as forwarders.  
	// Uncomment the following block, and insert the addresses replacing 
	// the all-0's placeholder.

	 // forwarders {
	 //	41.204.164.3;
	 //	41.89.1.4;
	 //};

	listen-on {
		192.168.0.10;
	};

	// acl kenet_training {
    	//	192.168.0.0/24;
	// };

	recursion yes;          # uncomment this if you want your a caching DNS Server. It is the default.
	// recursion no;	# uncomment this if you want your an authoritative DNS Server.
				# note: use 'allow-recursion' instead if your
				# nameserver is both caching and authoritative.
	allow-query {
		127.0.0.1;
		192.168.0.0/24;
	};

	//========================================================================
	// If BIND logs error messages about the root key being expired,
	// you will need to update your keys.  See https://www.isc.org/bind-keys
	//========================================================================
	dnssec-validation auto;

	auth-nxdomain no;    # conform to RFC1035
	listen-on-v6 { any; };
};

### Test the dns server for the localhost domain.

root@instructor01:/# dig localhost

; <<>> DiG 9.8.1-P1 <<>> localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37203
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;localhost.			IN	A

;; ANSWER SECTION:
localhost.		604800	IN	A	127.0.0.1

;; AUTHORITY SECTION:
localhost.		604800	IN	NS	localhost.

;; ADDITIONAL SECTION:
localhost.		604800	IN	AAAA	::1

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 14:52:52 2013
;; MSG SIZE  rcvd: 85

root@instructor01:/# clear

root@instructor01:/# dig -x 127.0.0.1

; <<>> DiG 9.8.1-P1 <<>> -x 127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59667
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa.		IN	PTR

;; ANSWER SECTION:
1.0.0.127.in-addr.arpa.	604800	IN	PTR	localhost.

;; AUTHORITY SECTION:
127.in-addr.arpa.	604800	IN	NS	localhost.

;; ADDITIONAL SECTION:
localhost.		604800	IN	A	127.0.0.1
localhost.		604800	IN	AAAA	::1

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 14:53:22 2013
;; MSG SIZE  rcvd: 121

##################
### Create a zone
##################

root@instructor01:/# cat /etc/bind/named.conf.local  
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "instructor" {
        type master;
        file "/etc/bind/instructor.local";
};

### Create the zone file and add the resource records of your choice.

root@instructor01:/# cat /etc/bind/instructor.local 
;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     instructor. hezron.instructor. (
                     2013082000         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      instructor.
@       IN      A       192.168.0.10
@	IN	MX	10 mail
@	IN	MX	20 barua
www	IN	A	192.168.0.50
mail	IN	A	192.168.0.20
barua	IN	A	192.168.0.21
ftp	IN	A	192.168.0.25
root@instructor01:/#

###Restart Bind

root@instructor01:/# /etc/init.d/bind9 restart
 * Stopping domain name service... bind9                              [ OK ] 
 * Starting domain name service... bind9                              [ OK ] 
root@instructor01:/#
root@instructor01:/# dig localhost      

; <<>> DiG 9.8.1-P1 <<>> localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19633
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;localhost.			IN	A

;; ANSWER SECTION:
localhost.		604800	IN	A	127.0.0.1

;; AUTHORITY SECTION:
localhost.		604800	IN	NS	localhost.

;; ADDITIONAL SECTION:
localhost.		604800	IN	AAAA	::1

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 16:28:00 2013
;; MSG SIZE  rcvd: 85

### Run configuration and zone checks.

root@instructor01:/# named-checkconf 
root@instructor01:/# named-checkzone instructor /etc/bind/instructor.local 
zone instructor/IN: loaded serial 2013082000
OK

### Test using the dig command.

root@instructor01:/# dig mail.instructor

; <<>> DiG 9.8.1-P1 <<>> mail.instructor
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12592
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;mail.instructor.		IN	A

;; ANSWER SECTION:
mail.instructor.	604800	IN	A	192.168.0.20

;; AUTHORITY SECTION:
instructor.		604800	IN	NS	instructor.

;; ADDITIONAL SECTION:
instructor.		604800	IN	A	192.168.0.10

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 19:27:33 2013
;; MSG SIZE  rcvd: 79

root@instructor01:/# dig barua.instructor

; <<>> DiG 9.8.1-P1 <<>> barua.instructor
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60514
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;barua.instructor.		IN	A

;; ANSWER SECTION:
barua.instructor.	604800	IN	A	192.168.0.21

;; AUTHORITY SECTION:
instructor.		604800	IN	NS	instructor.

;; ADDITIONAL SECTION:
instructor.		604800	IN	A	192.168.0.10

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 19:27:38 2013
;; MSG SIZE  rcvd: 80

root@instructor01:/# dig www.instructor

; <<>> DiG 9.8.1-P1 <<>> www.instructor
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35922
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.instructor.			IN	A

;; ANSWER SECTION:
www.instructor.		604800	IN	A	192.168.0.50

;; AUTHORITY SECTION:
instructor.		604800	IN	NS	instructor.

;; ADDITIONAL SECTION:
instructor.		604800	IN	A	192.168.0.10

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 19:27:43 2013
;; MSG SIZE  rcvd: 78

root@instructor01:/# dig ftp.instructor

; <<>> DiG 9.8.1-P1 <<>> ftp.instructor
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64974
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ftp.instructor.			IN	A

;; ANSWER SECTION:
ftp.instructor.		604800	IN	A	192.168.0.25

;; AUTHORITY SECTION:
instructor.		604800	IN	NS	instructor.

;; ADDITIONAL SECTION:
instructor.		604800	IN	A	192.168.0.10

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 19:27:48 2013
;; MSG SIZE  rcvd: 78

root@instructor01:/# dig instructor mx

; <<>> DiG 9.8.1-P1 <<>> instructor mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7948
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 3

;; QUESTION SECTION:
;instructor.			IN	MX

;; ANSWER SECTION:
instructor.		604800	IN	MX	20 barua.instructor.
instructor.		604800	IN	MX	10 mail.instructor.

;; AUTHORITY SECTION:
instructor.		604800	IN	NS	instructor.

;; ADDITIONAL SECTION:
mail.instructor.	604800	IN	A	192.168.0.20
barua.instructor.	604800	IN	A	192.168.0.21
instructor.		604800	IN	A	192.168.0.10

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Tue Aug 20 19:27:53 2013
;; MSG SIZE  rcvd: 133

root@instructor01:/#

### IS FINISHED!!!