Table of Contents
1 System environment
Private network address is 192.168.11.0/24.
Private network name is my.net.
IP address of DNS server is 192.168..11.67.
IP address of local machine inside private network is 192.168.11.70.
2 Install bind
Install bind9 with apt.
sudo apt-get install -y bind9
3 Configuration
Ubuntu 16.04 have config files at /etc/bind and zone file at /var/cache/bind.
3.1 /etc/bind/named.conf
Not using named.conf.default-zones, using new config file named.conf.my-zones.
$ diff -uprN /etc/bind/named.conf{.org,}— /etc/bind/named.conf.org 2016-04-30 04:54:33.437692485 +0900+++ /etc/bind/named.conf 2016-04-30 05:33:38.114870069 +0900@@ -8,4 +8,5 @@ include “/etc/bind/named.conf.options”; include “/etc/bind/named.conf.local”;-include “/etc/bind/named.conf.default-zones”;+include “/etc/bind/named.conf.my-zones”;+// include “/etc/bind/named.conf.default-zones”;
3.2 /etc/bind/named.conf.options
Allow query from private network and disallow recursion query. If you running ufw, please open 53/udp and 53/tcp.
$ diff -uprN /etc/bind/named.conf.options{.org,}— /etc/bind/named.conf.options.org 2016-04-30 05:05:15.885386136 +0900+++ /etc/bind/named.conf.options 2016-04-30 05:16:45.325945144 +0900@@ -1,5 +1,8 @@ options { directory “/var/cache/bind”;+ listen-on port 53 { localhost; 192.168.11.0/24; };+ allow-query { localhost; 192.168.11.0/24; };+ recursion no; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple
3.3 /etc/bind/named.conf.my-zones
This is new file for zone my.net. my.net.zone is new file.
$ cat /etc/bind/named.conf.my-zoneszone “my.net” IN { type master; file “my.net.zone”;};
3.4 /var/cache/bind/my.net.zone
This is new file for private network name resolution.
Mapping 192.168.11.67, which is IP address of DNS server, to ubuntu-16.04 as NS record. Mapping 192.168.11.70, which is IP address of local machine, to ubuntu 14.04 as A record. If you want to map more, please append A record.
$ cat /var/cache/bind/my.net.zone$TTL 86400@ IN SOA my.net root.my.net ( 2016043008 3600 900 604800 86400)@ IN NS ubuntu-16.04ubuntu-16.04 IN A 192.168.11.67ubuntu-14.04 IN A 192.168.11.70
3.5 Validation
named-checkconf validates /etc/bind/named.conf and included files.
$ named-checkconf
named-checkzone validates zone file.
$ named-checkzone my.net /var/cache/bind/my.net.zonezone my.net/IN: loaded serial 2016043008OK
4 Run bind
Run bind with systemd.
$ sudo systemctl enable bind9$ sudo systemctl start bind9
5 Excution result
/etc/resolv.conf is as below. This uses 192.168.11.67 for private network name resolution and uses 192.168.11.1 for internet name resolution.
$ cat /etc/resolv.conf# Dynamic resolv.conf(5) file for glibc resolver(3) generated by# resolvconf(8)# DO NOT EDIT THIS FILE BY HAND — YOUR CHANGES WILL BE# OVERWRITTENsearch my.netnameserver 192.168.11.67nameserver 192.168.11.1
Running ping command to ubuntu-14.04.my.net and ubuntu-16.04.my.net, name resolution is worked.
$ ping -c 4 ubuntu-14.04.my.netPING ubuntu-14.04.my.net (192.168.11.70) 56(84) bytes of data.64 bytes from 192.168.11.70: icmp_seq=1 ttl=64 time=0.370 ms64 bytes from 192.168.11.70: icmp_seq=2 ttl=64 time=0.273 ms64 bytes from 192.168.11.70: icmp_seq=3 ttl=64 time=0.388 ms64 bytes from 192.168.11.70: icmp_seq=4 ttl=64 time=0.406 ms— ubuntu-14.04.my.net ping statistics —4 packets transmitted, 4 received, 0% packet loss, time 3001msrtt min/avg/max/mdev = 0.273/0.359/0.406/0.053 mshiroom2@ubuntu-16:~$ ping -c 4 ubuntu-16.04.my.netPING ubuntu-16.04.my.net (192.168.11.67) 56(84) bytes of data.64 bytes from 192.168.11.67: icmp_seq=1 ttl=64 time=0.020 ms64 bytes from 192.168.11.67: icmp_seq=2 ttl=64 time=0.043 ms64 bytes from 192.168.11.67: icmp_seq=3 ttl=64 time=0.038 ms64 bytes from 192.168.11.67: icmp_seq=4 ttl=64 time=0.038 ms— ubuntu-16.04.my.net ping statistics —4 packets transmitted, 4 received, 0% packet loss, time 2999msrtt min/avg/max/mdev = 0.020/0.034/0.043/0.011 ms
