DNS Server
From Knowledge76
Contents |
Overview
This article describes how to install and configure DNS services on Ubuntu Server Edition.
Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified domain names (FQDN) to one another. In this way, DNS alleviates the need to remember IP addresses. Computers that run DNS are called name servers. Ubuntu ships with BIND9 (Berkley Internet Naming Daemon), the most common program used for maintaining a name server on GNU/Linux.
Installation
At the terminal type the following command to install BIND9 DNS server.
sudo apt-get install bind9
Configuration
Configure Server Host Name and Domain
Check that your servers host name and domain are configured correctly.
sudo nano /etc/hosts
Run the following command to test.
hostname -f
Configure bind9 for Secure Chroot
sudo /etc/init.d/bind9 stop sudo nano /etc/default/bind9
Change: OPTIONS="-u bind" TO: OPTIONS="-u bind -t /var/lib/named"
Configure Internet Name Resolution Forwarders
Your internal DNS server will resolve internal computer names and IP addresses. External names should be resolved by DNS servers on the internet. The following allows your internal DNS server to forward unknown name request to your ISP's DNS servers. Substitute the below addresses with your ISP's DNS server addresses.
sudo nano /etc/bind/named.conf.options
forwarders {
205.171.3.65;
205.171.2.65;
};
Setup Chroot Jail
Chroot helps keep your bind9 DNS server secure. The following commands can be cut and pasted into your terminal - one at a time.
sudo mkdir -p /var/lib/named/etc sudo mkdir /var/lib/named/dev sudo mkdir -p /var/lib/named/var/cache/bind sudo mkdir -p /var/lib/named/var/run/bind/run sudo mv /etc/bind /var/lib/named/etc sudo ln -s /var/lib/named/etc/bind /etc/bind sudo mknod /var/lib/named/dev/null c 1 3 sudo mknod /var/lib/named/dev/random c 1 8 sudo chmod 666 /var/lib/named/dev/* sudo chown -R bind:bind /var/lib/named/var/* sudo chown -R bind:bind /var/lib/named/etc/bind
sudo nano /etc/init.d/sysklogd
Change: SYSLOGD="-u syslog" TO: SYSLOGD="-a /var/lib/named/dev/log"
sudo nano /etc/resolv.conf
Remove current lines and replace with:
search mydomain.lan nameserver 127.0.0.1
sudo /etc/init.d/sysklogd restart sudo /etc/init.d/bind9 start
Test:
ping www.google.com
Setup our Internal Network Zones
Setup our Internal Network Zones
sudo mkdir /etc/bind/zones/ sudo nano /etc/bind/zones/master_mydomain.lan
Example file. Modify for your needs.
$TTL 3D
@ IN SOA thisserver.mydomain.lan. hostmaster.mydomain.lan. (
200611251 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
TXT "MyDomain.LAN, serving YOUR domain :)"
NS thisserver ; Inet Address of name server
; MX 10 mail ; Primary Mail Exchanger
localhost A 127.0.0.1
thisserver A 10.10.1.1
Configure Bind9 to Use Your New Network Zone
sudo nano /etc/bind/named.conf.local
zone "mydomain.lan" {
type master;
file "/etc/bind/zones/master_mydomain.lan";
};
Restart the Bind9 Service
sudo /etc/init.d/bind9 start
Test
ping thisserver.mydomain.lan from another computer
