Albert Lea Data Wiki

User Tools

Site Tools

Trace: dns
tech:linux:ubuntu:dns

Technical Information: DNS Services on Ubuntu Server

A nice reference for configuration of bind on Ubuntu server

Config files are under: /etc/bind

In named.conf.options:

  • Add an ACL section above the “options” section:
    acl "trusted" {
	192.168.0.123;
	192.168.0.8;
	192.168.0.12;
	192.168.0.220;
};
  • Add to “options” section (after “directory”):
    	recursion yes;
	allow-recursion { trusted; };
	listen-on { 192.168.0.123; };
	allow-transfer { none; };
  • Uncomment the “forwarders” section, and add upstream DNS servers to it

In named.conf.local:

  • Add zone(s) for local network/subnets:
    zone "samudio.net" {
	type master;
	file "/etc/bind/zones/db.samudio.net";
	allow-transfer { 192.168.0.8; };		# ns2 private IP address - secondary
};
  • Add reverse zone(s):
    zone "168.192.in-addr.arpa" {
	type master;
	file "/etc/bind/zones/db.168.192";
	allow-transfer { 192.168.0.8; };		# ns2 private IP address - secondary
};

Create forward zone file:

  • cd /etc/bind ; mkdir zones ; cp db.local zones/db.samudio.net
  • Edits to forward zone file (/etc/bind/zones/db.samudio.net)
    @    IN    SOA   ns1.samudio.net. admin.samudio.net. (
			3        ; Serial
; name servers - NS records
	IN    NS    ns1.samudio.net.
	IN    NS    ns2.samudio.net.
; 192.168.0.0/24 - A records
	host1.samudio.net.    IN    A    192.168.0.101
	host2.samudio.net.    IN    A    192.168.0.102

Create reverse zone file(s):

  • cd /etc/bind/zones ; cp ../db.127 ./db.168.192
  • Edits to reverse zone file(s):
    @    IN    SOA   ns1.samudio.net. admin.samudio.net. (
			3        ; Serial
; name servers - NS records
	IN    NS    ns1.samudio.net.
	IN    NS    ns2.samudio.net.
; PTR records
	123.0    IN    PTR    ns1.samudio.net.    ; 192.168.0.123
	125.0    IN    PTR    ns2.samudio.net.    ; 192.168.0.125
	101.0    IN    PTR    host1.samudio.net.  ; 192.168.0.101
	102.0    IN    PTR    host2.samudio.net.  ; 192.168.0.102

Check BIND configuration syntax, zone(s), and reverse zone(s):

  • named-checkconf
  • named-checkzone samudio.net db.samudio.net
  • named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.168.192

Restart BIND: systemctl restart bind9

Secondary DNS server differences:

  • The forwarders section in named.conf.options should contain 8.8.8.8 and similar
  • In named.conf.local, type should be “slave”, with masters pointing to primary
    zone "samudio.net" {
	type slave;
	file "slaves/db.samudio.net";
	masters { 192.168.0.123; };	# ns1
};
    zone "168.192.in-addr.arpa" {
	type slave;
	file "slaves/db.168.192";
	masters { 192.168.0.123; };	# ns1
};

If using UFW firewall, remember to update rules (on all DNS servers): ufw allow Bind9

On clients, in /etc/network/interfaces: 

	dns-nameservers 192.168.0.123 192.168.0.125 8.8.8.8
	dns-search samudio.net

Refresh network interface (on clients): ifdown –force eth0 && ip addr flush dev eth0 && ifup –force eth0

Check /etc/resolv.conf on client for correct update, should look like: 

	nameserver 192.168.0.123
	nameserver 192.168.0.125
	nameserver 8.8.8.8
	search samudio.net

Ubuntu infoLinux info

tech/linux/ubuntu/dns.txt · Last modified: 2016/06/19 15:02 by rk4n3

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki