This article will describe installing BIND and running DNS server for private network.
Table of Contents
1 Install BIND
Install bind9 with apt.
sudo apt-get install -y bind9
2 Configuration
- Private network address is 192.168.11.0/24.
- Private network name is hiroom2.com.
- IP address of DNS server for private network is 192.168.11.70. This DNS server uses recursive query.
- IP address of client is 192.168.11.250.
- IP address of DNS server for internet is 192.168.11.1.
2.1 /etc/bind/named.conf.options
This is the configration file for BIND option.
- Allow query from private network.
- Allow recursive query.
- Open 53/udp and 53/tcp if you running ufw.
options {
directory "/var/cache/bind";
listen-on port 53 { localhost; 192.168.11.0/24; };
allow-query { localhost; 192.168.11.0/24; };
forwarders { 192.168.11.1; };
recursion yes;
}
2.2 /etc/bind/named.conf.local
This configuration file for private network is included by /etc/bind/named.conf.
zone "hiroom2.com" IN {
type master;
file "hiroom2.com.zone";
};
2.3 /var/cache/bind/hiroom2.com.zone
This is a zone file for private network.
- DNS server hostname is server.
- Client hostname is client.
- If you need more, append A record.
$TTL 86400 @ IN SOA hiroom2.com root.hiroom2.com ( 2018050600 3600 900 604800 86400 ) @ IN NS server server IN A 192.168.11.70 client IN A 192.168.11.250
3 Validation
named-checkconf validates /etc/bind/named.conf and included files.
$ named-checkconf
named-checkzone validates zone file.
$ /usr/sbin/named-checkzone hiroom2.com /var/cache/bind/hiroom2.com.zone zone hiroom2.com/IN: loaded serial 2018050600 OK
4 Run BIND
Run BIND with systemd.
sudo systemctl enable bind9 sudo systemctl restart bind9
5 Excution result
Run nslookup on server.
$ nslookup server.hiroom2.com localhost.localdomain Server: localhost.localdomain Address: ::1#53 Name: server.hiroom2.com Address: 192.168.11.70
Run nslookup on client.
$ nslookup client.hiroom2.com 192.168.11.70 Server: 192.168.11.70 Address: 192.168.11.70#53 Name: client.hiroom2.com Address: 192.168.11.250