We’ve been doing this setup in our related post for setting up the DNS service on the CentOS system. We want to cover the same scenario for Ubuntu users. There is a significant difference between this process on Ubuntu and CentOS. We’ll use the BIND9 service for DNS. So, let’s dive into how to install DNS on Ubuntu server!
OS Version: Ubuntu 18.04.3 (LTS) x64
IP addresses:
- 12.13.14.15: Example local network IP
- 13.14.15.16: Example Ubuntu DNS server IP we are setting up with BIND9
- 14.15.16.17: Example IP our test domain should resolve to.
Installation
Before we install DNs on Ubuntu server, let’s make sure the system is up to date:
$ sudo apt-get update
Then we should make sure we have the static IP address set! When we set the static IP we can proceed to the BIND9 service installation:
$ sudo apt-get install bind9
Service is installed now! Our next few steps will be:
- Creating a database for the domain our DNS will be resolving
- Create the DNS “zone” in the configuration file for each domain we want this DNS server to resolve
Create DNS database
DNS server needs to have the list of files that collectively represent the database in order to know what domains it is responsible for. We will create a database file for the example domain bluegrid.awesome
and it will resolve to example IP address 14.15.16.17.
Database files are located at /var/cache/bind/
so let’s open/create db.bluegrid.awesome
:
$ sudo nano /var/cache/bind/db.bluegrid.awesome
And now, in there and add the following lines (use your own IP addresses, we are using example ones):
$TTL 1d
$ORIGIN bluegrid.awesome.
@ IN SOA ns root (
2020031201 ; Serial
12h ; Refresh
15m ; Retry
3w ; Expire
2h ; Minimum
)
@ IN A 14.15.16.17
@ IN NS ns
ns IN A 14.15.16.17
@ IN MX 10 mail
mail IN A 14.15.16.17
www IN A 14.15.16.17
ftp IN CNAME www
We can check the syntax, of course, to make sure we don’t have a typo or similar error in this file:
named-checkzone bluegrid.awesome /var/cache/bind/db.bluegrid.awesome
zone bluegrid.awesome/IN: loaded serial 2020031201
OK
Creating the DNS zone
BIND9 uses /etc/bind/named.conf as the
main configuration file to load all other configuration files. This is important to know because when we create a zone file it will be automatically loaded into the named.conf
. The reason is simple, named.conf
loads zone configuration file /etc/bind/named.conf.local
by default (look at include directives – no action needed here! Just observe):
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
Let’s create a zone! Open /etc/bind/named.conf.local
and add the following lines at the top of the file (use your own example or test domain):
zone "bluegrid.awesome" IN {
type master;
file "db.bluegrid.awesome";
};
So, now it should look like this:
zone "bluegrid.awesome" IN {
type master;
file "db.bluegrid.awesome";
};
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
Now, we should make sure that options for this BIND9 service are in order. Add the following lines in the /etc/bind/named.conf.options
file (replace our example IP’s with your own):
listen-on port 53 { 127.0.0.1; 13.14.15.16;};
listen-on-v6 port 53 { ::1; };
dump-file "/var/cache/bind/cache_dump.db";
statistics-file "/var/cache/bind/named_stats.txt";
memstatistics-file "/var/cache/bind/named_mem_stats.txt";
secroots-file "/var/cache/bind/named.secroots";
recursing-file "/var/cache/bind/named.recursing";
allow-query { localhost; 12.13.14.0/24;};
It should look like this now:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
listen-on port 53 { 127.0.0.1; 13.14.15.16;};
listen-on-v6 port 53 { ::1; };
dump-file "/var/cache/bind/cache_dump.db";
statistics-file "/var/cache/bind/named_stats.txt";
memstatistics-file "/var/cache/bind/named_mem_stats.txt";
secroots-file "/var/cache/bind/named.secroots";
recursing-file "/var/cache/bind/named.recursing";
allow-query { localhost; 12.13.14.0/24;};
};
If we didn’t mess something up along the way we should be able to fire up the bind9 service or restart it if it was already started:
$ sudo systemctl restart bind9
Test the DNS service resolution
Let’s check out if the server will resolve our example domain bluegrid.awesome
(don’t forget to change the IP of your test DNS server accordingly):
dig @13.14.15.16 bluegrid.awesome
; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> @13.14.15.16 bluegrid.awesome
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20574
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: d87b1afa08b3a10595ffb5a25f3693f51dde98812e00e50d (good)
;; QUESTION SECTION:
;bluegrid.awesome. IN A
;; ANSWER SECTION:
bluegrid.awesome. 86400 IN A 14.15.16.17
;; AUTHORITY SECTION:
bluegrid.awesome. 86400 IN NS ns.bluegrid.awesome.
;; ADDITIONAL SECTION:
ns.bluegrid.awesome. 86400 IN A 14.15.16.17
;; Query time: 0 msec
;; SERVER: 13.14.15.16#53(13.14.15.16)
;; WHEN: Fri Aug 14 13:39:01 UTC 2020
;; MSG SIZE rcvd: 122
That’s it!
Related Articles:
How to install DNS on CentOS
How to setup static IP address on CentOS 8