Table of Contents
1 Install BIND
Install bind9 with apt.
sudo apt-get install -y bind9
2 Configuration
- Private network address is 192.168.11.0/24.
- Private network name is hiroom2.com.
- IP address of DNS server for private network is 192.168.11.70. This DNS server uses recursive query.
- IP address of client is 192.168.11.250.
- IP address of DNS server for internet is 192.168.11.1.
2.1 /etc/bind/named.conf.options
This is the configration file for BIND option.
- Allow query from private network.
- Allow recursive query.
- Open 53/udp and 53/tcp if you running ufw.
options { directory “/var/cache/bind”; listen-on port 53 { localhost; 192.168.11.0/24; }; allow-query { localhost; 192.168.11.0/24; }; forwarders { 192.168.11.1; }; recursion yes;}
2.2 /etc/bind/named.conf.local
This configuration file for private network is included by /etc/bind/named.conf.
zone “hiroom2.com” IN { type master; file “hiroom2.com.zone”;};
2.3 /var/cache/bind/hiroom2.com.zone
This is a zone file for private network.
- DNS server hostname is server.
- Client hostname is client.
- If you need more, append A record.
$TTL 86400@ IN SOA hiroom2.com root.hiroom2.com ( 2018050600 3600 900 604800 86400)@ IN NS serverserver IN A 192.168.11.70client IN A 192.168.11.250
3 Validation
named-checkconf validates /etc/bind/named.conf and included files.
$ named-checkconf
named-checkzone validates zone file.
$ /usr/sbin/named-checkzone hiroom2.com /var/cache/bind/hiroom2.com.zonezone hiroom2.com/IN: loaded serial 2018050600OK
4 Run BIND
Run BIND with systemd.
sudo systemctl enable bind9sudo systemctl restart bind9
5 Excution result
Run nslookup on server.
$ nslookup server.hiroom2.com localhost.localdomainServer: localhost.localdomainAddress: ::1#53Name: server.hiroom2.comAddress: 192.168.11.70
Run nslookup on client.
$ nslookup client.hiroom2.com 192.168.11.70Server: 192.168.11.70Address: 192.168.11.70#53Name: client.hiroom2.comAddress: 192.168.11.250