Linux: Setting Up Your Own DNS Server

Hi and good day to y'all. In this entry I'm gonna share how do I setup my local DNS server for my network assignment.

Scenario:

• DNS server: 192.168.1.2/24
• Web server: 192.168.1.1/24
• FTP server: 192.168.1.3/24
• Domain: test.com
• Network: 192.168.1.0/24

Steps:

1. Download required packages; bind9, dnsutils, nscd

 sudo apt-get install bind9 dnsutils nscd

After installation finished, all bind9 DNS server files is located in /etc/bind/


2. Edit named.conf.local

sudo gedit /etc/bind/named.conf.local

Add the following text in the file. It defines what and where the zones are. Put your domain name in the quote("") but don't delete the quote sign. First one is the forward lookup and below one is reverse lookup. I only will show forward in this tut as it quite the same. Anything, just post a comment ;-)

zone "test.com" {
        type master;
        file "/etc/bind/zones/db.test.com";
};

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/zones/rev.1.168.192.in-addr.arpa";
};

3. Create "zones" folder

sudo mkdir /etc/bind/zones

4. Copy record template

sudo cp /etc/bind/db.local /etc/bind/zones/db.test.com

5. Edit record. The crucial part of DNS server. This is where the server will lookup when a client request for IP address. For more info about DNS record types, see here: click here

sudo gedit /etc/bind/zones/db.test.com

 $TTL    604800
test.com.        IN      SOA     ns1.test.com. support.test.com. (
                     2010072504         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL

; DNS
test.com. IN NS ns1.test.com.

; Sub-domains
@       IN      A       192.168.1.1
ns1     IN      A       192.168.1.2
web     IN      A       192.168.1.1
ftp     IN      A       192.168.1.3

6. Add rules in iptables to allow incoming connection on port 53(DNS)

sudo gedit /etc/iptables.up.rules

Add the following:

iptables -I INPUT -p udp -m udp --dport 53 -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 53 -j ACCEPT

7.  Edit bind9 options

sudo gedit /etc/bind/named.conf.options

Add the following. Add ISP or other DNS server in the 'forwarders' section if you want you DNS server query other DNS server if it couldn't find answer for client request

options {
    directory "/var/cache/bind";
        query-source address * port 53;
notify-source * port 53;
transfer-source * port 53;
    // forwarders {
    //     0.0.0.0;
    // };

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };
};

8. Now, restart both bind9 and nscd daemon by using command:

sudo /etc/init.d/bind9 restart
sudo /etc/init.d/nscd restart

9. Before test, it's advisable to disconnect from internet because the Network Manager maybe will use different DNS server. Then, edit the /etc/resolv.conf

search test.com
nameserver 127.0.0.1

Basically, we will tell the computer(server) to perform query to itself. However, for other client, put the DNS server IP address, in this case 192.168.1.2.

10. Test. dig test.com

Things to ponder:

1. For linux mint 11 users. I couldn't make the DNS server running. "SERVFAIL" error. But mint 8 and 10 is working well at least for me :)