How to install and configure DNS
Install DNS
sudo apt-get install -y bind9 bind9-docConfigure Forwarders
sudo vi /etc/bind/named.conf.options
...
forwarders {
xxx.xxx.xxx.xxx;
xxx.xxx.xxx.xxx;
};Now configure the domain
Add the DNS zones
sudo vi /etc/bind/named.conf.local
...
zone "internal" {
type master;
notify no;
file "/etc/bind/db.internal";
};
zone "0.0.10.in-addr.arpa" {
type master;
notify no;
file "/etc/bind/db.0.0.10";
};
...Create the actual zone files.
Tip, Use the date format for the serial yyyymmddss (where ss is the serial number)
sudo cp -p /etc/bind/db.local /etc/bind/db.internal
sudo vi /etc/bind/db.internal
;
; BIND data file for internal domain
;
$TTL 604800
@ IN SOA ns.internal. root.internal. (
2010122701 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS myth.internal.
; Management (10.0.0)
; Servers
homer IN A 10.0.0.1
marge IN A 10.0.0.3
printer IN A 10.0.0.4
wireless IN A 10.0.0.5
myth IN A 10.0.0.7
frame IN A 10.0.0.8
jumpstart IN A 10.0.0.9
; Server roles
proxy IN CNAME myth
time IN CNAME myth
ns IN CNAME myth
mythtv IN CNAME myth
web IN CNAME myth
; Domains
lazygeek IN CNAME myth
abacushill IN CNAME myth
muggridge IN CNAME myth
; Clients
bart IN A 10.0.0.11
barney IN CNAME barney-wireless
barney-fixed IN A 10.0.0.12
barney-wireless IN A 10.0.0.13
itchy IN CNAME itchy-wireless
itchy-fixed IN A 10.0.0.14
itchy-wireless IN A 10.0.0.15
maggie IN CNAME maggie-fixed
maggie-fixed IN A 10.0.0.16
maggie-wireless IN A 10.0.0.17
atom-fixed IN A 10.0.0.18
atom IN CNAME atom-fixed
lisa IN A 10.0.0.19
mini IN CNAME mini-fixed
mini-fixed IN A 10.0.0.20
mini-wireless IN A 10.0.0.21
shell IN CNAME shell-fixed
shell-fixed IN A 10.0.0.22
shell-wireless IN A 10.0.0.23
; Mobile Clients
rob-phone IN A 10.0.0.30
tanya-phone IN A 10.0.0.31
; Other machines
homertest IN A 10.0.0.101
jsflash IN A 10.0.0.120
jstest IN A 10.0.0.121
; DHCP addresses
dhcp-201 IN A 10.0.0.201
dhcp-202 IN A 10.0.0.202
dhcp-203 IN A 10.0.0.203
dhcp-204 IN A 10.0.0.204
dhcp-205 IN A 10.0.0.205
dhcp-206 IN A 10.0.0.206
dhcp-207 IN A 10.0.0.207
dhcp-208 IN A 10.0.0.208
dhcp-209 IN A 10.0.0.209
dhcp-210 IN A 10.0.0.210
dhcp-211 IN A 10.0.0.211
dhcp-212 IN A 10.0.0.212
dhcp-213 IN A 10.0.0.213
dhcp-214 IN A 10.0.0.214
dhcp-215 IN A 10.0.0.215
dhcp-216 IN A 10.0.0.216
dhcp-217 IN A 10.0.0.217
dhcp-218 IN A 10.0.0.218
dhcp-219 IN A 10.0.0.219
dhcp-220 IN A 10.0.0.220
dhcp-221 IN A 10.0.0.221
dhcp-222 IN A 10.0.0.222
dhcp-223 IN A 10.0.0.223
dhcp-224 IN A 10.0.0.224
dhcp-225 IN A 10.0.0.225
; Routers, etc
vodafone IN A 10.0.0.252
annex IN A 10.0.0.253
skinner IN A 10.0.0.254Reverse Zone file
Now create the reverse DNS file
sudo cp -p /etc/bind/db.127 /etc/bind/db.0.0.10
sudo vi /etc/bind/db.0.0.10
;
; BIND reverse data file for internal domain
;
$TTL 604800
@ IN SOA ns.internal. root.internal. (
2010122701 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS myth.
; Management (10.0.0)
; Servers
1 IN PTR homer.internal.
3 IN PTR marge.internal.
4 IN PTR printer.internal.
5 IN PTR wireless.internal.
7 IN PTR myth.internal.
8 IN PTR frame.internal.
9 IN PTR jumpstart.internal.
; Clients
11 IN PTR bart.internal.
12 IN PTR barney-fixed.internal.
13 IN PTR barney-wireless.internal.
14 IN PTR itchy-fixed.internal.
15 IN PTR itchy-wireless.internal.
16 IN PTR maggie-fixed.internal.
17 IN PTR maggie-wireless.internal.
18 IN PTR atom-fixed.internal.
19 IN PTR lisa-fixed.internal.
20 IN PTR mini-fixed.internal.
21 IN PTR mini-wireless.internal.
22 IN PTR shell-fixed.internal.
23 IN PTR shell-wireless.internal.
; Mobile Clients
30 IN PTR rob-phone.internal.
31 IN PTR tanya-phone.internal.
; Other machines
101 IN PTR homertest.internal.
120 IN PTR jsflash.internal.
121 IN PTR jstest.internal.
; DHCP addresses
201 IN PTR dhcp-201.internal.
202 IN PTR dhcp-202.internal.
203 IN PTR dhcp-203.internal.
204 IN PTR dhcp-204.internal.
205 IN PTR dhcp-205.internal.
206 IN PTR dhcp-206.internal.
207 IN PTR dhcp-207.internal.
208 IN PTR dhcp-208.internal.
209 IN PTR dhcp-209.internal.
210 IN PTR dhcp-210.internal.
211 IN PTR dhcp-211.internal.
212 IN PTR dhcp-212.internal.
213 IN PTR dhcp-213.internal.
214 IN PTR dhcp-214.internal.
215 IN PTR dhcp-215.internal.
216 IN PTR dhcp-216.internal.
217 IN PTR dhcp-217.internal.
218 IN PTR dhcp-218.internal.
219 IN PTR dhcp-219.internal.
220 IN PTR dhcp-220.internal.
221 IN PTR dhcp-221.internal.
222 IN PTR dhcp-222.internal.
223 IN PTR dhcp-223.internal.
224 IN PTR dhcp-224.internal.
225 IN PTR dhcp-225.internal.
; Routers, etc
252 IN PTR vodafone.internal.
253 IN PTR annex.internal.
254 IN PTR skinner.internal.Storing files in a different location
If you want to keep the bind files on a different device, say a RAID device there’s a few more steps. It is assumed that the structure will be:\\
bind\etc
bind\cache
sudo chown -R root:bind bindThe files that change are:
- etc\named.conf.options
- etc\named.conf.local
- etc\db.internal
- etc\db.0.0.10
I have used symbolic links from the default /etc/bind directory
cd /etc/named
sudo mv named.conf.options named.conf.options.old
sudo mv named.conf.local named.conf.local.old
sudo ln -s /media/store/apps/bind/etc/named.conf.options
sudo ln -s /media/store/apps/bind/etc/named.conf.localLast job to do is update app-armor to allow /usr/sbin/named access to these directories
sudo vi /etc/apparmor.d/usr.sbin.named
...
/etc/bind/** r,
/var/lib/bind/** rw,
/var/lib/bind/ rw,
/var/cache/bind/** rw,
/var/cache/bind/ rw,
# Bind files are on RAID
/media/store/apps/bind/etc/** r,
/media/store/apps/bind/cache/ rw,
/media/store/apps/bind/cache/** rw,
...Now update the profile
sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.namedFinally restart bind
sudo /etc/init.d/bind9 restartReferences
Configuring forwarders
Configuring DNS Domain
Ubuntu BIND 9 HowTo
Ubuntu AppArmor HowTo