====== Technical Information:  DNS Services on Ubuntu Server ======

[[https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-16-04|A nice reference for configuration of bind on Ubuntu server]]

**Config files are under:** ''/etc/bind''

**In** ''named.conf.options'':
  * Add an ACL section above the "options" section:<code>acl "trusted" {
	192.168.0.123;
	192.168.0.8;
	192.168.0.12;
	192.168.0.220;
};</code>
  * Add to "options" section (after "directory"):<code>	recursion yes;
	allow-recursion { trusted; };
	listen-on { 192.168.0.123; };
	allow-transfer { none; };</code>
  * Uncomment the "forwarders" section, and add upstream DNS servers to it

**In** ''named.conf.local'':
  * Add zone(s) for local network/subnets:<code>zone "samudio.net" {
	type master;
	file "/etc/bind/zones/db.samudio.net";
	allow-transfer { 192.168.0.8; };		# ns2 private IP address - secondary
};</code>
  * Add reverse zone(s):<code>zone "168.192.in-addr.arpa" {
	type master;
	file "/etc/bind/zones/db.168.192";
	allow-transfer { 192.168.0.8; };		# ns2 private IP address - secondary
};</code>

**Create forward zone file:**
  * ''cd /etc/bind ; mkdir zones ; cp db.local zones/db.samudio.net''
  * Edits to forward zone file (''/etc/bind/zones/db.samudio.net'')<code>@    IN    SOA   ns1.samudio.net. admin.samudio.net. (
			3        ; Serial
; name servers - NS records
	IN    NS    ns1.samudio.net.
	IN    NS    ns2.samudio.net.
; 192.168.0.0/24 - A records
	host1.samudio.net.    IN    A    192.168.0.101
	host2.samudio.net.    IN    A    192.168.0.102</code>

**Create reverse zone file(s):**
  * ''cd /etc/bind/zones ; cp ../db.127 ./db.168.192''
  * Edits to reverse zone file(s):<code>@    IN    SOA   ns1.samudio.net. admin.samudio.net. (
			3        ; Serial
; name servers - NS records
	IN    NS    ns1.samudio.net.
	IN    NS    ns2.samudio.net.
; PTR records
	123.0    IN    PTR    ns1.samudio.net.    ; 192.168.0.123
	125.0    IN    PTR    ns2.samudio.net.    ; 192.168.0.125
	101.0    IN    PTR    host1.samudio.net.  ; 192.168.0.101
	102.0    IN    PTR    host2.samudio.net.  ; 192.168.0.102</code>

**Check BIND configuration syntax, zone(s), and reverse zone(s):**
  * ''named-checkconf''
  * ''named-checkzone samudio.net db.samudio.net''
  * ''named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.168.192''

**Restart BIND:**  ''systemctl restart bind9''

**Secondary DNS server differences:**
  * The forwarders section in named.conf.options should contain 8.8.8.8 and similar
  * In named.conf.local, type should be "slave", with masters pointing to primary<code>zone "samudio.net" {
	type slave;
	file "slaves/db.samudio.net";
	masters { 192.168.0.123; };	# ns1
};</code><code>zone "168.192.in-addr.arpa" {
	type slave;
	file "slaves/db.168.192";
	masters { 192.168.0.123; };	# ns1
};</code>

**If using UFW firewall, remember to update rules (on all DNS servers):** ''ufw allow Bind9''

**On clients, in** ''/etc/network/interfaces'':<code>	dns-nameservers 192.168.0.123 192.168.0.125 8.8.8.8
	dns-search samudio.net</code>

**Refresh network interface (on clients):** ''ifdown --force eth0 && ip addr flush dev eth0 && ifup --force eth0''

**Check /etc/resolv.conf on client for correct update, should look like:**
<code>
	nameserver 192.168.0.123
	nameserver 192.168.0.125
	nameserver 8.8.8.8
	search samudio.net
</code>

// [[tech:linux:ubuntu:start|Ubuntu info]] ... [[tech:linux:start|Linux info]] //