Configure Master BIND DNS server on Ubuntu 20.04

You can download this article in PDF format via the link below to support us.
Download the guide in PDF formatturn off

In order to enable the Internet to instantly access the world’s resources, which involves linking computers or sites with a unique domain name, a service that can help achieve this is needed. DNS (Domain Name System) converts human-readable domain names (such as www.computingforgeeks.com) into computer-readable IP addresses and vice versa.

BIND9 (Berkeley Internet Name Domain) is a software package for converting names into IP functions.

Let’s explore how to set up a primary DNS server using BIND9 on Ubuntu 20.04. Before continuing, make sure that the server has been configured with a static IP address. If your server uses DHCP, you must configure a static address to confirm that the IP address will not change after the DNS server is configured.

Bind DNS server installation on Ubuntu 20.04

Before we start installing the necessary packages, it is best to make sure that you are running on the updated Ubuntu server:

sudo apt update -y

Use the following command to download the necessary packages from the Ubuntu base apt:

sudo apt install -y bind9 bind9utils bind9-doc dnsutils

DNS server configuration on Ubuntu 20.04

The main DNS configuration directory is /etc/bind. It contains zone search files and other configuration files.

The global DNS conf file is located at /etc/bind/named.conf. However, this does not apply to local DNS configuration. /etc/bind/named.conf.local Use instead.

Create area

We will /etc/bind/named.conf.local file. Use the text editor of your choice to edit the file.

We will create forward and reverse zones in the file.The following is the forward zone entry computingforgeeks.local area. Change it to your domain name in the configuration.

zone "computingforgeeks.local" IN { // Domain name
    
      type master; // Primary DNS

     file "/etc/bind/forward.computingforgeeks.local.db"; // Forward lookup file

     allow-update { none; }; // Since this is the primary DNS, it should be none.
     
    
};

where:

  • computingforgeeks.local Is the area name.
  • forward.computingforgeeks.local.db Is the name of the forward search area.

Add the following to /etc/bind/named.conf.local For reverse zone

zone "10.16.172.in-addr.arpa" IN { //Reverse lookup name, should match your network in reverse order

     type master; // Primary DNS

     file "/etc/bind/reverse.computingforgeeks.local.db"; //Reverse lookup file

     allow-update { none; }; //Since this is the primary DNS, it should be none.

    

};
  • 10.16.172.in-addr.arpa os reverse DNS zone name. (If the network is 172.16.10.0, The name will be the same as 10.16.172)
  • reverse.computingforgeeks.local.db It is a reverse DNS file.

Configure bind DNS zone lookup file on Ubuntu 20.04

The zone lookup file contains DNS records for the forward and reverse zones.

  1. Find files in forward zone

Copy the sample forward area search file to the file named forward.computingforgeeks.local.db under /etc/bind table of Contents:

sudo cp /etc/bind/db.local /etc/bind/forward.computingforgeeks.local.db

Please pay attention to the syntax of the zone file, the domain name should end with a period (.).

The acronyms on the file have the following description:

  • SOA -Authorization begins
  • NS -Name server
  • A kind -A record
  • MX -Mail exchange
  • CN -Specification name

We must edit the zone file and update the content as shown below. Modify according to your domain name:

sudo vi /etc/bind/forward.computingforgeeks.local.db
$TTL    604800
@       IN      SOA     ns1.computingforgeeks.local. root.ns1.computingforgeeks.local. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;@      IN      A       127.0.0.1
;@      IN      AAAA    ::1

;Name Server Information

@        IN      NS      ns1.computingforgeeks.local.

;IP address of Name Server

ns1     IN      A       172.16.10.2

;Mail Exchanger

computingforgeeks.local.   IN     MX   10   mail.computingforgeeks.local.

;A – Record HostName To Ip Address

www     IN       A      172.16.10.3
mail    IN       A      172.16.10.4

;CNAME record

ftp     IN      CNAME   www.computingforgeeks.local.

2. Reverse zone lookup file

The acronyms in the revese zone file are:

  • PTR -pointer
  • SOA -Authorization begins

Copy the sample reverse zone file to etc/bind To a named reverse.computingforgeeks.local.db.

sudo cp /etc/bind/db.127 /etc/bind/reverse.computingforgeeks.local.db

Edit the contents of the file to suit your domain:

sudo nano /etc/bind/reverse.computingforgeeks.local.db
;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     computingforgeeks.local. root.computingforgeeks.local. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;

;Name Server Information

@       IN      NS     ns1.computingforgeeks.local.
ns1     IN      A       172.16.10.2
;Reverse lookup for Name Server

2      IN      PTR    ns1.computingforgeeks.local.

;PTR Record IP address to HostName

3     IN      PTR    www.computingforgeeks.local.
4     IN      PTR    mail.computingforgeeks.local.

Check BIND DNS syntax on Ubuntu 20.04

of named-checkconf The command is used to check if the syntax is correct or if there are any errors.If there are no errors, the command should return to the shell

sudo named-checkconf

The named-checkzone command is used to check the syntax of the forward and reverse zone files:

#forward zone file
sudo named-checkzone computingforgeeks.local /etc/bind/forward.computingforgeeks.local.db


#reverse zone file
named-checkzone 10.16.172.in-addr.arpa /etc/bind/reverse.computingforgeeks.local.db

The output should be:

#forward zone file
[email protected]:~# sudo named-checkzone computingforgeeks.local /etc/bind/forward.computingforgeeks.local.db
zone computingforgeeks.local/IN: loaded serial 2
OK



#reverse zone file
[email protected]:~# named-checkzone 10.16.172.in-addr.arpa /etc/bind/reverse.computingforgeeks.local.db 
zone 10.16.172.in-addr.arpa/IN: loaded serial 1
OK

Finally restart and enable the BIND service:

sudo systemctl restart bind9
sudo systemctl enable bind9

Update bound DNS records

DNS records should be in /etc/bind/forward.computingforgeeks.local.db with /etc/bind/reverse.computingforgeeks.local.db file.

When updating DNS records, change the serial numbers of the forward and reverse zone files to be greater than the current number.

Test DNS server

On any client computer, change its DNS server to our newly deployed server. In our case it is 172.16.10.2.

The DNS server settings vary depending on the operating system. In Ubuntu:

sudo echo "nameserver 172.16.10.2" >> /etc/resolv.conf

Let’s use dig command. The dig command is used to obtain information about a domain name, including DNS server, domain IP, MX records, etc.

[email protected]:~# dig www.computingforgeeks.local 

; <<>> DiG 9.16.1-Ubuntu <<>> www.computingforgeeks.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65241
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fabd20125b9ccbff010000005f8c7204e1387a993d58c22f (good)
;; QUESTION SECTION:
;www.computingforgeeks.local.	IN	A

;; ANSWER SECTION:
www.computingforgeeks.local. 604800 IN	A	172.16.10.3

;; Query time: 4 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 16:49:08 UTC 2020
;; MSG SIZE  rcvd: 100

The output gives information about the “A” record of computingforgeeks.lan.

To check reverse DNS:

[email protected]:~# dig -x 172.16.10.3

; <<>> DiG 9.16.1-Ubuntu <<>> -x 172.16.10.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62529
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 7b8c9b8971f74afc010000005f8c72a8bdc5ebbdb4869578 (good)
;; QUESTION SECTION:
;3.10.16.172.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
3.10.16.172.in-addr.arpa. 604800 IN	PTR	www.computingforgeeks.local.

;; Query time: 0 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 16:51:52 UTC 2020
;; MSG SIZE  rcvd: 122

This is a proof of work, and both forward and reverse zone lookups can work normally.

in conclusion

We have successfully deployed a local DNS server on Ubuntu 20.04 LTS. This is useful for system administrators in your local network to manage systems and applications. You can let your application communicate via domain name without having to reconfigure the application when the IP changes.

For the slave server configuration check:

How to configure Slave BIND DNS server on Ubuntu

We have other articles discussing how to set up a slave DNS server. If you have any challenges or suggestions, please feel free to contact us.

Install PowerDNS on CentOS 8 using MariaDB and PowerDNS-Admin

Configure master/slave BIND DNS server on CentOS 8 / RHEL 8

How to add DNS A/PTR records in Windows Server

How to add a DNS reverse lookup zone in Windows Server

You can download this article in PDF format via the link below to support us.
Download the guide in PDF formatturn off

Sidebar