DNS Installation and Configuration on Ubuntu Linux

• Prerequisites for our configuration:

  • 2 servers, one for primary DNS, the other for secondary DNS
  • server 1 - primary DNS
    • static IP 192.168.1.8
    • gateway 192.168.1.1
    • DNS 192.168.1.8, 192.168.1.3
    • hostname ns in file /etc/hostname
    • entry 127.0.1.1 ns in /etc/hosts
  • server 2 - secondary DNS
    • static IP 192.168.1.3
    • gateway 192.168.1.1
    • DNS 192.168.1.8, 192.168.1.3
    • hostname ns2 in file /etc/hostname
    • entry 127.0.1.1 ns2 in /etc/hosts

• Install bind9 DNS server software:

  sudo apt-get install bind9 bind9utils bind9-doc

• Verify content of named.conf. This is the primary configuration file for the bind DNS Server. It usually contains only includes of other configuration files.

  cat /etc/bind/named.conf

  Default content:

  include "/etc/bind/named.conf.options";
  include "/etc/bind/named.conf.local";
  include "/etc/bind/named.conf.default-zones";

• Edit named.conf.options:

  sudo nano /etc/bind/named.conf.options

  The example of the file. The acl clause allows fine-grained control over what hosts or users may perform what operations on the name server. Within the goodclients block, list the IP addresses or networks that should be allowed to use this DNS server. Block forwarders contains the IP addresses of the recursive name servers that we want to forward requests to. We will use Google's public DNS servers (8.8.8.8 and 8.8.4.4).

  acl goodclients {
          192.168.1.0/24;
          localhost;
          localnets;
  };
   
  options {
          directory "/var/cache/bind";
   
          recursion yes;
          allow-query { goodclients; };
   
          forwarders {
                  0.0.0.0;
                  8.8.8.8;
                  8.8.4.4;
          };
          forward only;
   
          dnssec-enable yes;
          dnssec-validation yes;
   
          auth-nxdomain no;    # conform to RFC1035
          listen-on-v6 { any; };
  }

• Make a copy of local zone configuration template. The new file main.mydomain.com will hold our zone configuration.

  sudo cp /etc/bind/db.local /etc/bind/main.mydomain.com

• Define mydomain.com zone in named.conf.local file and point to your newly created zone file main.mydomain.com:

  sudo nano /etc/bind/named.conf.local

  The zone definition should look like this:

  zone "mydomain.com" {
    type master;
    file "/etc/bind/main.mydomain.com";
  };

• Configure your zone definition file main.mydomain.com.

  sudo nano /etc/bind/main.mydomain.com

  The following is mydomain.com zone configuration example. NS entry type identifies the nameservers. The ns, ns2, archive, and mirror entries map the subdomain names to the IP addresses. $TTL entry dictates timeout for the DNS cache (in seconds). After the timeout, the DNS entries are reloaded again.

  ;
  ; BIND data file for local loopback interface
  ;
  $TTL    604800
  @       IN      SOA     mydomain.com. root.mydomain.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
          IN      A       192.168.1.2
  www     IN      A       192.168.1.2
  ;
  @       IN      NS      ns.mydomain.com.
  @       IN      NS      ns2.mydomain.com.
  @       IN      A       192.168.1.2
  @       IN      AAAA    ::1
  ns      IN      A       192.168.1.8
  ns2     IN      A       192.168.1.3

• To apply the new configuration, restart the DNS server:

  sudo service bind9 restart

NOTES

File /etc/nsswitch.conf contains order of preference in using hosts file and DNS. In our scenario, we use DNS first, then the hosts file:

  hosts:          dns files