How To Configure DNS Server On Ubuntu 18.04

0

Domain Name System (DNS) is the root of the internet that translates the domain name to IP Address and vice versa. BIND9 (Berkeley Internet Name Domain) package provides the functionality of name to IP conversion.

This post will guide you to configure DNS server on Ubuntu 18.04.

Environment

Domain: itzgeek.local

Primary Name Server: (It is the master server, and all DNS records are created here.)

Server Name: ns1.itzgeek.local

IP Address: 192.168.1.10

Secondary Name Server: (It is a slave server, gets DNS records from the Master server. You can have multiple slave DNS server in your environment. Slave server acts as a backup DNS server and serves clients DNS requests if the primary server goes down.)

Server Name: ns2.itzgeek.local

IP Address: 192.168.1.20

In this post, we set up only the primary DNS server. If you are implementing the secondary NDS server, then take a look at configuring slave DNS server on Ubuntu 18.04.

READ: How To Configure Slave DNS server on Ubuntu 18.04

Prerequisites

Switch to the root user.

su -

OR

sudo su -

Update the repository index.

apt update

Make sure both primary and secondary DNS servers have a static IP address.

READ: How to configure static IP address in Ubuntu 18.04 using ifupdown

If you are using Netplan – a new network tool for configuring networking in Ubuntu 18.04, then.

READ: How To Configure Static IP Address in Ubuntu 18.04 using Netplan

Install DNS Server on Ubuntu 18.04

The package name of DNS Ubuntu 18.04 is bind9 and is available in the base repository. Use the apt command to install bind9 package.

apt install -y bind9 bind9utils bind9-doc dnsutils

Configure DNS Server on Ubuntu 18.04

/etc/bind/ is the main configuration directory of bind9, and it holds configuration files and zone lookup files.

Global configuration file is /etc/bind/named.conf. You should not use this file for your local DNS zone rather you can use /etc/bind/named.conf.local file.

Create Zone’s

Let us begin with creating forward zone for your domain.

nano /etc/bind/named.conf.local

Forward Zone:

The following is the forward zone entry for the itzgeek.local domain in the named.conf.local file.

zone "itzgeek.local" IN { //Domain name
     type master; //Primary DNS
     file "/etc/bind/fwd.itzgeek.local.db"; //Forward lookup file
     allow-update { none; }; // Since this is the primary DNS, it should be none.
};

Reverse Zone:

The following entries are for the reverse zone in the named.conf.local file.

zone "1.168.192.in-addr.arpa" IN { //Reverse lookup name, should match your network in reverse order
     type master; // Primary DNS
     file "/etc/bind/rev.itzgeek.local.db"; //Reverse lookup file
     allow-update { none; }; //Since this is the primary DNS, it should be none.
};

Create Zone lookup file

Once you create zones, you can go ahead and create zone data files which hold DNS records for the forward zone and reverse zone.

Forward Zone lookup file:

Copy the sample entries to zone file called fwd.itzgeek.local.db for forward zone under /etc/bind directory.

Record types in the zone file,

SOA – Start of Authority
NS – Name Server
A – A record
MX – Mail for Exchange
CN – Canonical Name

Domain names should end with a dot (.).

cp /etc/bind/db.local /etc/bind/fwd.itzgeek.local.db

Edit the zone.

nano /etc/bind/fwd.itzgeek.local.db

Update the content shown below. Whenever you change any records in the lookup file, make sure you update the serial number to some random number, higher than current.

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     ns1.itzgeek.local. root.itzgeek.local. (
                             20         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;@      IN      A       127.0.0.1
;@      IN      AAAA    ::1

;Name Server Information
       IN      NS      ns1.itzgeek.local.
       IN      NS      ns2.itzgeek.local.
;IP address of Name Server
ns1     IN      A       192.168.1.10
ns2     IN      A       192.168.1.20

;Mail Exchanger
itzgeek.local.   IN     MX   10   mail.itzgeek.local.

;A - Record HostName To Ip Address
www     IN       A      192.168.1.100
mail    IN       A      192.168.1.150
@       IN       A      192.168.1.200
;CNAME record
ftp     IN      CNAME   www.itgeek.local.

Reverse Zone lookup file:

Copy the sample entries to the zone file called rev.itzgeek.local.db for reverse zone under /etc/bind directory and create reverse pointers for the above forward zone records.

PTR – Pointer
SOA – Start of Authority

cp /etc/bind/db.127 /etc/bind/rev.itzgeek.local.db

Edit the reverse zone file.

nano /etc/bind/rev.itzgeek.local.db

Update the content shown below. Whenever you change any DNS records in the lookup file, make sure to update the serial number to some random number, higher than the current one.

;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     itzgeek.local. root.itzgeek.local. (
                             20         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;1.0.0  IN      PTR     localhost.

;Name Server Information
       IN      NS     ns1.itzgeek.local.
       IN      NS     ns2.itzgeek.local.
;Reverse lookup for Name Server
10      IN      PTR    ns1.itzgeek.local.
20      IN      PTR    ns2.itzgeek.local.
;PTR Record IP address to HostName
100     IN      PTR    www.itzgeek.local.
150     IN      PTR    mail.itzgeek.local.
200     IN      PTR    itzgeek.local.

Check BIND Configuration Syntax

Use named-checkconf command to check the syntax and named.conf* files for any errors.

named-checkconf

Command will return to the shell if there are no errors.

Also, you can use named-checkzone to check the syntax errors in zone files.

For the forward zone

named-checkzone itzgeek.local /etc/bind/fwd.itzgeek.local.db

Output:

zone itzgeek.local/IN: loaded serial 20
OK

For the reverse zone

named-checkzone 1.168.192.in-addr.arpa /etc/bind/rev.itzgeek.local.db

Output:

zone 1.168.192.in-addr.arpa/IN: loaded serial 20
OK

Restart bind service.

systemctl restart bind9

Enable it on system startup.

systemctl enable bind9

Check the status of bind9 service.

systemctl status bind9

Output:

 bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2018-06-17 13:33:05 UTC; 21s ago
     Docs: man:named(8)
 Main PID: 2683 (named)
    Tasks: 4 (limit: 2323)
   CGroup: /system.slice/bind9.service
           └─2683 /usr/sbin/named -f -u bind

Jun 17 13:33:05 server named[2683]: network unreachable resolving './NS/IN': 2001:500:3::42#53
Jun 17 13:33:05 server named[2683]: managed-keys-zone: Key 19036 for zone . acceptance timer complete: key now tr
Jun 17 13:33:05 server named[2683]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now tr
Jun 17 13:33:05 server named[2683]: resolver priming query complete
Jun 17 13:33:06 server named[2683]: checkhints: b.root-servers.net/A (199.9.14.201) missing from hints
Jun 17 13:33:06 server named[2683]: checkhints: b.root-servers.net/A (192.228.79.201) extra record in hints
Jun 17 13:33:06 server named[2683]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) missing from hints
Jun 17 13:33:06 server named[2683]: checkhints: b.root-servers.net/AAAA (2001:500:84::b) extra record in hints
Jun 17 13:33:06 server named[2683]: checkhints: l.root-servers.net/AAAA (2001:500:9f::42) missing from hints
Jun 17 13:33:06 server named[2683]: checkhints: l.root-servers.net/AAAA (2001:500:3::42) extra record in hints

Verify DNS

Go to any client machine and add our new DNS server IP Address in /etc/resolv.conf file.

nano /etc/resolv.conf

Make an entry like below.

nameserver 192.168.1.10

OR

Read the below tutorial to set DNS server IP in Linux.

READ: How to Set DNS IP address in CentOS / Fedora

READ: How to Set DNS IP address in Ubuntu / Debian – ifupdown

READ: How To Set DNS IP Address in Ubuntu 18.04 – Netplan

Use the dig command to check the forward zone.

dig www.itzgeek.local

If you get command not found, then install bind-utils package.

Output:

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> www.itzgeek.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60898
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.itzgeek.local.             IN      A

;; ANSWER SECTION:
www.itzgeek.local.      604800  IN      A       192.168.1.100

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Jun 17 13:44:57 UTC 2018
;; MSG SIZE  rcvd: 62

The DNS server’s answer for the forward lookup: 192.168.1.100 as IP address for www.itzgeek.local.

Confirm the reverse lookup with dig command.

dig -x 192.168.1.100

Output:

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> -x 192.168.1.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25695
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;100.1.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
100.1.168.192.in-addr.arpa. 604800 IN   PTR     www.itzgeek.local.

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Jun 17 13:45:50 UTC 2018
;; MSG SIZE  rcvd: 86

The DNS server’s answer for reverse lookup: www.itzgeek.local as a name for 192.168.1.100.

This result confirms that both zone lookups are working fine.

You now have successfully configured DNS server on Ubuntu 18.04 as the master server.

In our next post, we will configure slave DNS server on Ubuntu 18.04.

READ: How To Configure Slave DNS server on Ubuntu 18.04

That’s All.

Further Reading

You might also like

How To Configure DNS Server On Ubuntu 18.04

0