You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

For the internet to deliver instant access to resources all over the world, which involves linking the computers or the sites with a unique domain name, there is need for a service that will help deliver this. DNS (Domain Name System ) translates human readable domain names, e.g www.computingforgeeks.com to a computer readable IP address and vice versa.

BIND9 (Berkeley Internet Name Domain) is the package provides the conversion of the name to IP functionality.

Let us explore how to setup a master DNS server using BIND9 on Ubuntu 20.04. Ensure your server has a static IP address configured before you continue. If your server is using DHCP you’ll have to configure static one to affirm no IP address change will happen once the DNS Server is configured.

Bind DNS Server Installation on Ubuntu 20.04

Before we begin installation of the necessary packages, it is always good to make sure you are running on an updated Ubuntu server:

sudo apt update -y

Download the necessary packages from Ubuntu base using apt:

sudo apt install -y bind9 bind9utils bind9-doc dnsutils

DNS Server Configuration on Ubuntu 20.04

The DNS main configuration directory is /etc/bind. It contains the zone-lookup files and other configuration files.

The global DNS conf file is located at /etc/bind/named.conf. This is however not used for local DNS configuration. /etc/bind/named.conf.local is used instead.

Create zones

We will do so in the /etc/bind/named.conf.local file. Use a text editor of your choice to edit the file.

We shall create the forward and reverse zones in the file. Below is a forward zone entry for computingforgeeks.local domain. Change it your domain name in your configuration.

zone "computingforgeeks.local" IN { // Domain name
    
      type master; // Primary DNS

     file "/etc/bind/forward.computingforgeeks.local.db"; // Forward lookup file

     allow-update { none; }; // Since this is the primary DNS, it should be none.
     
    
};

Where:

  • computingforgeeks.local is the zone name.
  • forward.computingforgeeks.local.db is the name of the forward lookup zone.

Add the following to the /etc/bind/named.conf.local for reverse zone

zone "10.16.172.in-addr.arpa" IN { //Reverse lookup name, should match your network in reverse order

     type master; // Primary DNS

     file "/etc/bind/reverse.computingforgeeks.local.db"; //Reverse lookup file

     allow-update { none; }; //Since this is the primary DNS, it should be none.

    

};
  • 10.16.172.in-addr.arpa os the zone name of reverse DNS. (If network is 172.16.10.0, the name will be reversed as in 10.16.172)
  • reverse.computingforgeeks.local.db is the reverse DNS file.

Configure Bind DNS zone lookup files on Ubuntu 20.04

The zone lookup files hold the DNS records for the forward and reverse zones.

  1. Foward zone lookup file

Copy the sample forward zone lookup file to a file called forward.computingforgeeks.local.db under the /etc/bind directory:

sudo cp /etc/bind/db.local /etc/bind/forward.computingforgeeks.local.db

Take note of the zone file syntax, domain names should end with a dot (.)

The acronyms on the file have the following description:

  • SOA – Start of Authority
  • NS – Name Server
  • A – A record
  • MX – Mail for Exchange
  • CN – Canonical Name

We have to edit the zone file and update the content as below. Modify it as per your domain name:

sudo vi /etc/bind/forward.computingforgeeks.local.db
$TTL    604800
@       IN      SOA     ns1.computingforgeeks.local. root.ns1.computingforgeeks.local. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;@      IN      A       127.0.0.1
;@      IN      AAAA    ::1

;Name Server Information

@        IN      NS      ns1.computingforgeeks.local.

;IP address of Name Server

ns1     IN      A       172.16.10.2

;Mail Exchanger

computingforgeeks.local.   IN     MX   10   mail.computingforgeeks.local.

;A – Record HostName To Ip Address

www     IN       A      172.16.10.3
mail    IN       A      172.16.10.4

;CNAME record

ftp     IN      CNAME   www.computingforgeeks.local.

2. Reverse zone lookup file

The acronyms in the revese zone file are:

  • PTR – Pointer
  • SOA – Start of Authority

Copy the sample reverse zone file in etc/bind to a file called reverse.computingforgeeks.local.db.

sudo cp /etc/bind/db.127 /etc/bind/reverse.computingforgeeks.local.db

Edit the contents in the file to fit your domain:

sudo nano /etc/bind/reverse.computingforgeeks.local.db
;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     computingforgeeks.local. root.computingforgeeks.local. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;

;Name Server Information

@       IN      NS     ns1.computingforgeeks.local.
ns1     IN      A       172.16.10.2
;Reverse lookup for Name Server

2      IN      PTR    ns1.computingforgeeks.local.

;PTR Record IP address to HostName

3     IN      PTR    www.computingforgeeks.local.
4     IN      PTR    mail.computingforgeeks.local.

Check BIND DNS syntax on Ubuntu 20.04

The named-checkconf command is used to check if the syntax is okay or if there is any error. The command should return to shell if there is no error

sudo named-checkconf

The named-checkzone command is used to check the syntax of the forward and reverse zone files:

#forward zone file
sudo named-checkzone computingforgeeks.local /etc/bind/forward.computingforgeeks.local.db


#reverse zone file
named-checkzone 10.16.172.in-addr.arpa /etc/bind/reverse.computingforgeeks.local.db

The output should be:

#forward zone file
[email protected]:~# sudo named-checkzone computingforgeeks.local /etc/bind/forward.computingforgeeks.local.db
zone computingforgeeks.local/IN: loaded serial 2
OK



#reverse zone file
[email protected]:~# named-checkzone 10.16.172.in-addr.arpa /etc/bind/reverse.computingforgeeks.local.db 
zone 10.16.172.in-addr.arpa/IN: loaded serial 1
OK

Finally restart and enable BIND service:

sudo systemctl restart bind9
sudo systemctl enable bind9

Updating Bind DNS Records

A DNS record should be updated in both the /etc/bind/forward.computingforgeeks.local.db and /etc/bind/reverse.computingforgeeks.local.db files.

On updating the DNS record, change the serial number of both the forward and reverse zone files to a number greater than the current.

Testing the DNS Server

On any client machine, change its DNS server to our newly deployed server. In our case, it is 172.16.10.2.

DNS server setting varies with the operating system. In Ubuntu:

sudo echo "nameserver 172.16.10.2" >> /etc/resolv.conf

Let’s test our DNS resolution using the dig command. The dig command is used to get the information about a domain name, this includes things like the DNS server, the IP of the domain, the MX records, etc.

[email protected]:~# dig www.computingforgeeks.local 

; <<>> DiG 9.16.1-Ubuntu <<>> www.computingforgeeks.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65241
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fabd20125b9ccbff010000005f8c7204e1387a993d58c22f (good)
;; QUESTION SECTION:
;www.computingforgeeks.local.	IN	A

;; ANSWER SECTION:
www.computingforgeeks.local. 604800 IN	A	172.16.10.3

;; Query time: 4 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 16:49:08 UTC 2020
;; MSG SIZE  rcvd: 100

The output has given the information about the ‘A’ record of computingforgeeks.lan

To check the reverse DNS:

[email protected]:~# dig -x 172.16.10.3

; <<>> DiG 9.16.1-Ubuntu <<>> -x 172.16.10.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62529
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 7b8c9b8971f74afc010000005f8c72a8bdc5ebbdb4869578 (good)
;; QUESTION SECTION:
;3.10.16.172.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
3.10.16.172.in-addr.arpa. 604800 IN	PTR	www.computingforgeeks.local.

;; Query time: 0 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 16:51:52 UTC 2020
;; MSG SIZE  rcvd: 122

This is a working proof that both the forward and reverse zone lookups are working fine.

Conclusion

We have successfully deployed a local DNS server on Ubuntu 20.04 LTS. This can be useful to a system administrator in your local network to manage your systems and applications. You could have your applications communicating via the domain names, this gets rid of having to re-configure your applications when the IPs change.

For Slave Server configuration check:

How To Configure Slave BIND DNS Server on Ubuntu

We have other articles exploring how to setup a slave DNS server. Feel free to reach to us any time you have a challenge or suggestion.

Install PowerDNS on CentOS 8 with MariaDB & PowerDNS-Admin

Configure Master / Slave BIND DNS Server on CentOS 8 / RHEL 8

How To add DNS A/PTR Record in Windows Server

How To add DNS Reverse Lookup Zone in Windows Server

You can support us by downloading this article as PDF from the Link below. Download the guide as PDF