How to configure Slave BIND DNS server on Ubuntu 20.04

You can download this article in PDF format via the link below to support us.Download the guide in PDF formatClose

In the previous article, we introduced how to use BIND9 to set up a primary DNS server. We will discuss how to set up a secondary DNS server. The slave DNS server uses the zone transfer method to obtain a copy of the data from the primary DNS. This method keeps zone data in the cache for a specific period of time and uses it to provide DNS queries.

In our setup, we have a primary DNS server whose IP is 172.16.10.2 The domain name is ns1.computingforgeeks.local.

We are building a secondary server 172.16.10.10 with ns2.computingforgeeks.local.

Bind the configuration on the primary DNS

For the master-slave server settings, we need to configure the master DNS server and enable zone transfer to the secondary name server.

We will edit /etc/named.conf.local Files on the main server (ns1.computingforgeeks.local) And add allow-transfer with also-notify parameter.

sudo vim /etc/bind/named.conf.local

This will be done for both forward and reverse entries.

##Forward zone
zone "computingforgeeks.local" IN { // Domain name
    
      type master; // Primary DNS

     file "/etc/bind/forward.computingforgeeks.local.db"; // Forward lookup file

     allow-update { none; }; // Since this is the primary DNS, it should be none.
     allow-transfer  { 172.16.10.10; }; //Allow Transfer of zone from the master server

     also-notify { 172.16.10.10; }; //Notify slave for zone changes

};

##Reverse zone
zone "10.16.172.in-addr.arpa" IN { //Reverse lookup name, should match your network in reverse order

     type master; // Primary DNS

     file "/etc/bind/reverse.computingforgeeks.local.db"; //Reverse lookup file

     allow-update { none; }; //Since this is the primary DNS, it should be none.

     allow-transfer  { 172.16.10.10; }; //Allow Transfer of zone from the master server

     also-notify { 172.16.10.10; }; //Notify slave for zone changes

};

of allow-transfer The parameter allows the zone file to be transferred from the primary DNS to the secondary DNS, and also-notify As long as there is a zone file update from the master server, it can help notify the slave server.

We must restart the DNS service on ns1.computingforgeeks.local:

sudo systemctl restart bind9

Configure slave DNS

Install the necessary packages:

sudo apt-get install -y bind9 bind9utils bind9-doc dnsutils

Edit the file in /etc/bind/named.conf.local and add forward and reverse zone parameters:

sudo vi /etc/bind/named.conf.local
###Forward Zone

zone "computingforgeeks.local" IN { //Domain name

     type slave; //Secondary Slave DNS

     file "/var/cache/bind/forward.computingforgeeks.local.db"; //Forward Zone Cache file

     masters { 172.16.10.2; }; //Master Server IP

};

####Reverse zone

zone "10.16.172.in-addr.arpa" IN { //Reverse lookup name. Should match your network in reverse order

     type slave; // Secondary/Slave DNS

     file "/var/cache/bind/reverse.computingforgeeks.local.db"; //Reverse Zone Cache file

     masters { 172.16.10.2; }; //Master Server IP

};

Restart the DNS service:

sudo systemctl restart bind9

Test slave DNS

To test whether the zone transfer is successful and whether DNS is working on the slave server, we need to configure the client host and use the slave server as its DNS server.

In Ubuntu:

sudo echo "nameserver 172.16.10.10" >> /etc/resolv.conf

Then we can use dig Command to verify DNS.

[email protected]:~# dig www.computingforgeeks.local

; <<>> DiG 9.16.1-Ubuntu <<>> www.computingforgeeks.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24401
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: b1e287dd1d118ad6010000005f8c88233ef562a7063e7a15 (good)
;; QUESTION SECTION:
;www.computingforgeeks.local.	IN	A

;; ANSWER SECTION:
www.computingforgeeks.local. 604800 IN	A	172.16.10.3

;; Query time: 0 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 18:23:31 UTC 2020
;; MSG SIZE  rcvd: 100

you can use it dig domain-name @<nameserver> If you want to explicitly direct the query to the secondary DNS.

dig www.computingforgeeks.local @172.16.10.10

The results show that the slave DNS can handle queries. This implies that the master-slave DNS settings can work normally.

in conclusion

You have successfully set up the slave DNS server on Ubuntu 20.04 using BIND9. Please share your feedback in the comments section.

Other guidelines:

Install PowerDNS on CentOS 8 using MariaDB and PowerDNS-Admin

How to add DNS forwarding lookup zone in Windows Server 2019

How to use Prometheus and Grafana to monitor the BIND DNS server

You can download this article in PDF format via the link below to support us.Download the guide in PDF formatClose

Sidebar