Scribd
Upload
86 views6 pages

DNS Server Installation

The document discusses setting up a DNS server using BIND on a server. It describes installing BIND, configuring it to cache requests and forward unresolved queries to public DNS servers. Zone files are created for the local domain and reverse lookups. The DNS server is tested by resolving external and internal hostnames.

Uploaded by

Jodie Rey Fernandez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
86 views6 pages

DNS Server Installation

The document discusses setting up a DNS server using BIND on a server. It describes installing BIND, configuring it to cache requests and forward unresolved queries to public DNS servers. Zone files are created for the local domain and reverse lookups. The DNS server is tested by resolving external and internal hostnames.

Uploaded by

Jodie Rey Fernandez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

The software we are going to use for the DNS server is ISC BIND (version 9), we can

install this simply from the terminal of your server like so:-
apt-get install bind9
Now that BIND is installed we are going to edit /etc/bind/named.conf options and
configure BIND to cache requests and forward unresolved queries.
nano /etc/bind/named.conf.options
Ensure that the file is updated (remove the comments from the forwarders section and
add your external DNS servers), in the below example Im using Googles public DNS
servers (8.8.8.8 and 8.8.4.4):
forwarders {
8.8.8.8;
8.8.4.4;
};
On your server (I assume you have configured a static IP address)
edit/etc/network/interfaces and well add these three settings:-
dns-nameservers 127.0.0.1
dns-search home.local
dns-domain home.local
This will ensure that your server now queries itself first before checking the external
DNS servers (8.8.8.8 and 8.8.4.4) and by using dns-search and dns-domain options
this means that instead of typing say server1.home.local in a browser or when
using ping etc you can actually just type server1 and this will resolve automatically
also!
Now we for the changes to take effect we need to restart the network interface, so to do
this run the following command:-
nohup sh -c "ifdown eth0 && ifup eth0"
So now the next thing that we need to do is to create the actual zone file for our local
domain (of which in this example is home.local), well do so like so:-
nano /etc/bind/named.conf.local
Add a zone for our local domain like so:-
zone "home.local" IN {
type master;
file "/etc/bind/zones/home.local.db";
};
and so we can also do reverse lookups too, well also add a reverse lookup zone too:-
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
}
Now we create the actual the zone database file for our home.local local domain, well
do this like so:-
mkdir /etc/bind/zones
nano /etc/bind/zones/home.local.db
Now add the following content into the file (obviously replace the hostnames/IP address
with your own personal setup etc.):-
; Use semicolons to add comments.
; Host-to-IP Address DNS Pointers for home.local
; Note: The extra "." at the end of the domain names are important.
; The following parameters set when DNS records will expire, etc.
; Importantly, the serial number must always be iterated upward to prevent
; undesirable consequences. A good format to use is YYYYMMDDII where
; the II index is in case you make more that one change in the same day.
$ORIGIN .
$TTL 86400 ; 1 day
home.local. IN SOA server1.home.local. hostmaster.home.local. (
2013091901 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)

; NS indicates that 'server1' is a/the nameserver on home.local
; MX indicates that 'mail-server' is the mail server on home.local
home.local. IN NS server1.home.local.
home.local. IN MX 10 mail-server.home.local.

$ORIGIN home.local.

; Set the address for localhost.home.local
localhost IN A 127.0.0.1

; Set the hostnames in alphabetical order
print-srv IN A 192.168.0.9
router IN A 192.168.0.1
server2 IN A 192.168.0.5
server1 IN A 192.168.0.2
xbox IN A 192.168.0.3
mail-server IN A 192.168.0.11
Great, now save the file and we will now create the reverse DNS zone file (IP-Host
name resolution), so now well create a new file like so:-
nano /etc/bind/zones/rev.0.168.192.in-addr.arpa
and now add the following content, again, replace IP addresses and host names with
your own!
; IP Address-to-Host DNS Pointers for the 192.168.0 subnet
@ IN SOA server1.home.local. hostmaster.home.local. (
2013091901 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; define the authoritative name server
IN NS server1.home.local.
; our hosts, in numeric order
1 IN PTR router.home.local.
2 IN PTR server1.home.local.
3 IN PTR xbox.home.local.
5 IN PTR server2.home.local.
9 IN PTR print-srv.home.local.
11 IN PTR mail-server.home.local.
Fantastic! were nearly there, now we simply need to restart the BIND daemon for the
changes to take effect, we do this like so:
service bind9 restart
Great, our server should now be able to resolve both external (forwarded DNS) queries
and our new local DNS records, so lets do some testing:-
host ping.sunet.se
The response received should look as follows:-
ping.sunet.se has address 192.36.125.18
ping.sunet.se has IPv6 address 2001:6b0:7::18
Thats great, now lets do a reverse lookup on all our internal machines like so:-
host -l home.local
You should now see a full list of the hosts (A records) that we had previously set-
up and so one final test lets test out a reverse lookup, lets execute:-
host 192.168.0.1
The response should have been:
1.0.168.192.in-addr.arpa domain name pointer server1.home.local.
Super stuff!! Thats it, there you have your own internal DNS server which supports
query caching and forward lookups enjoy!
A few things to be aware of/concious about:-
Always remember to increment the serial when updating the zone files.
Ideally you should ensure that your router/firewall is not allowing public access to your
DNS server (TCP port 53) on your internal DNS server as otherwise you DNS server
will be available to everyone on the internet which obviously isnt ideal/a security risk in
this instance seems as its been set-up for local network DNS queries.
In this set-up we configured the server to use itself for DNS lookup, this also needs to
be set-up on the other clients on your network, If you have a DHCP server you should
specify your DNS servers IP in its settings, as well as the search domain. If you dont
have a DHCP server in your network you should configure these manually for the
network card/interface.

You might also like