Albert Lea Data Wiki

User Tools

Site Tools

Trace: dns
tech:linux:ubuntu:dns

This is an old revision of the document!

Technical Information: DNS Services on Ubuntu Server

A nice reference for configuration of bind on Ubuntu server 

Config files are under /etc/bind

In named.conf.options:
-	Add an ACL section above the "options" section:
	acl "trusted" {
		192.168.0.123;
		192.168.0.8;
		192.168.0.12;
		192.168.0.220;
	};
-	Add to "options" section (after "directory"):
	recursion yes;
	allow-recursion { trusted; };
	listen-on { 192.168.0.123; };
	allow-transfer { none; };
-	Uncomment the "forwarders" section, and add upstream
	DNS servers to it

In named.conf.local:
-	Add zone(s) for local network/subnets:
	zone "samudio.net" {
		type master;
		file "/etc/bind/zones/db.samudio.net";
		allow-transfer { 192.168.0.8; };		# ns2 private IP address - secondary
	};
-	Add reverse zone(s):
	zone "168.192.in-addr.arpa" {
		type master;
		file "/etc/bind/zones/db.168.192";
		allow-transfer { 192.168.0.8; };		# ns2 private IP address - secondary
	};

Create forward zone file:
-	cd /etc/bind ; mkdir zones ; cp db.local zones/db.samudio.net
-	Edits to forward zone file (/etc/bind/zones/db.samudio.net)
	@    IN    SOA   ns1.samudio.net. admin.samudio.net. (
	                              3        ; Serial
	; name servers - NS records
	   IN    NS    ns1.samudio.net.
	   IN    NS    ns2.samudio.net.
	; 192.168.0.0/24 - A records
	host1.samudio.net.    IN    A    192.168.0.101
	host2.samudio.net.    IN    A    192.168.0.102

Create reverse zone file(s):
-	cd /etc/bind/zones ; cp ../db.127 ./db.168.192
-	Edits to reverse zone file(s):
	@    IN    SOA   ns1.samudio.net. admin.samudio.net. (
	                              3        ; Serial
	; name servers - NS records
	   IN    NS    ns1.samudio.net.
	   IN    NS    ns2.samudio.net.
	; PTR records
	123.0    IN    PTR    ns1.samudio.net.    ; 192.168.0.123
	125.0    IN    PTR    ns2.samudio.net.    ; 192.168.0.125
	101.0    IN    PTR    host1.samudio.net.  ; 192.168.0.101
	102.0    IN    PTR    host2.samudio.net.  ; 192.168.0.102

Check BIND configuration syntax, zone(s), and reverse zone(s):
-	named-checkconf
-	named-checkzone samudio.net db.samudio.net
-	named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.168.192

Restart BIND:  systemctl restart bind9

Secondary DNS server differences:
-	The forwarders section in named.conf.options should contain 8.8.8.8 and similar
-	In named.conf.local, type should be "slave", with masters pointing to primary
	zone "samudio.net" {
		type slave;
		file "slaves/db.samudio.net";
		masters { 192.168.0.123; };	# ns1
	};
	zone "168.192.in-addr.arpa" {
		type slave;
		file "slaves/db.168.192";
		masters { 192.168.0.123; };	# ns1
	};

If using UFW firewall, remember to update rules (on all DNS servers):
-	ufw allow Bind9

On clients, in /etc/network/interfaces:
-	dns-nameservers 192.168.0.123 192.168.0.125 8.8.8.8
-	dns-search samudio.net

Refresh network interface (on clients):
-	ifdown --force eth0 && ip addr flush dev eth0 && ifup --force eth0

Check /etc/resolv.conf on client for correct update, should look like:
	nameserver 192.168.0.123
	nameserver 192.168.0.125
	nameserver 8.8.8.8
	search samudio.net

Ubuntu infoLinux info

tech/linux/ubuntu/dns.1466271516.txt.gz · Last modified: 2016/06/18 12:38 by rk4n3

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki