Bind For Private Network DNS Server: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
No edit summary
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
<source lang="bash">
<syntaxhighlight lang="bash">
sudo su
apt install bind9 bind9utils bind9-doc dnsutils
apt install bind9 bind9utils bind9-doc dnsutils
nano /etc/default/bind9
nano /etc/default/bind9
</source>
</syntaxhighlight>


<source lang="ini">
<syntaxhighlight lang="ini">
# run resolvconf?
# run resolvconf?
RESOLVCONF=no
RESOLVCONF=no
Line 10: Line 11:
# startup options for the server
# startup options for the server
OPTIONS="-u bind -4"
OPTIONS="-u bind -4"
</source>
</syntaxhighlight>


<code>nano /etc/bind/named.conf.options</code>
<code>nano /etc/bind/named.conf.options</code>
<source lang="ini">
<syntaxhighlight lang="ini">
acl "trusted" {
acl "trusted" {
         19.83.10.1;  # gtw
         10.19.83.1;  # gtw
         19.83.10.2;  # apn
         10.19.83.2;  # apn
         19.83.10.3;  # rpi, ns0
         10.19.83.3;  # rpi, dns
         19.83.10.6;  # ceo
         10.19.83.6;  # ceo
         19.83.10.10;  # mac
         10.19.83.10;  # mac
};
};


Line 26: Line 27:
         recursion yes;                # enables resursive queries
         recursion yes;                # enables resursive queries
         allow-recursion { trusted; };  # allows recursive queries from "trusted" clients
         allow-recursion { trusted; };  # allows recursive queries from "trusted" clients
         listen-on { 19.83.10.3; };    # ns0 private IP address - listen on private network only
         listen-on { 10.19.83.3; };    # dns private IP address - listen on private network only
         allow-transfer { none; };      # disable zone transfers by default
         allow-transfer { none; };      # disable zone transfers by default
         forward first;
         forward first;
Line 37: Line 38:
         listen-on-v6 { any; };
         listen-on-v6 { any; };
};                                                                                                                                                               
};                                                                                                                                                               
</source>
</syntaxhighlight>


<code>nano /etc/bind/named.conf.local</code>
<code>nano /etc/bind/named.conf.local</code>
<source lang="ini">
<syntaxhighlight lang="ini">
zone "dev.shahed.biz" {
zone "dev.shahed.biz" {
     type master;
     type master;
Line 46: Line 47:
};
};


zone "19.83.10.in-addr.arpa" {
zone "83.19.10.in-addr.arpa" {
     type master;
     type master;
     file "/etc/bind/zones/db.19.83.10";      # 19.83.10.0/24 subnet
     file "/etc/bind/zones/db.83.19.10";      # 10.19.83.0/24 subnet
};
};
</source>
</syntaxhighlight>


<source lang="bash">
<syntaxhighlight lang="bash">
mkdir /etc/bind/zones
mkdir /etc/bind/zones
cp /etc/bind/db.local /etc/bind/zones/db.dev.shahed.biz
cp /etc/bind/db.local /etc/bind/zones/db.dev.shahed.biz
nano /etc/bind/zones/db.dev.shahed.biz
nano /etc/bind/zones/db.dev.shahed.biz
</source>
</syntaxhighlight>


<source lang="ini">
<syntaxhighlight lang="ini">
;
;
; BIND data file for local loopback interface
; BIND data file for local loopback interface
;
;
$TTL    604800
$TTL    604800
@      IN      SOA    ns0.dev.shahed.biz. admin.dev.shahed.biz. (
@      IN      SOA    dns.dev.shahed.biz. admin.dev.shahed.biz. (
                               3        ; Serial
                               3        ; Serial
                         604800        ; Refresh
                         604800        ; Refresh
Line 71: Line 72:
;
;
; name servers - NS records
; name servers - NS records
@      IN      NS      ns0.dev.shahed.biz.
@      IN      NS      dns.dev.shahed.biz.
;
;
; name servers - A records
; name servers - A records
ns0.dev.shahed.biz.        IN      A      19.83.10.3
dns.dev.shahed.biz.        IN      A      10.19.83.3


; 19.83.10.0/24 - A records
; 10.19.83.0/24 - A records
gtw.dev.shahed.biz.        IN      A      19.83.10.1
gtw.dev.shahed.biz.        IN      A      10.19.83.1
apn.dev.shahed.biz.        IN      A      19.83.10.2
apn.dev.shahed.biz.        IN      A      10.19.83.2
rpi.dev.shahed.biz.        IN      A      19.83.10.3
rpi.dev.shahed.biz.        IN      A      10.19.83.3
ceo.dev.shahed.biz.        IN      A      19.83.10.6
ceo.dev.shahed.biz.        IN      A      10.19.83.6
mac.dev.shahed.biz.        IN      A      19.83.10.10
mac.dev.shahed.biz.        IN      A      10.19.83.10
</source>
</syntaxhighlight>


<source lang="bash">
<syntaxhighlight lang="bash">
cp /etc/bind/db.127 /etc/bind/zones/db.19.83.10
cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10
nano /etc/bind/zones/db.19.83.10
nano /etc/bind/zones/db.10.19.83
</source>
</syntaxhighlight>


<source lang="ini">
<syntaxhighlight lang="ini">
;
;
; BIND reverse data file for local loopback interface
; BIND reverse data file for local loopback interface
;
;
$TTL    604800
$TTL    604800
@      IN      SOA    ns0.dev.shahed.biz. admin.dev.shahed.biz. (
@      IN      SOA    dns.dev.shahed.biz. admin.dev.shahed.biz. (
                               3        ; Serial
                               3        ; Serial
                         604800        ; Refresh
                         604800        ; Refresh
Line 102: Line 103:
;
;
; name servers - NS records
; name servers - NS records
@      IN      NS      ns0.dev.shahed.biz.
@      IN      NS      dns.dev.shahed.biz.
;
;
; PTR Records
; PTR Records
1.10   IN      PTR    gtw.dev.shahed.biz.    ; 19.83.10.1
1.83   IN      PTR    gtw.dev.shahed.biz.    ; 10.19.83.1
2.10   IN      PTR    apn.dev.shahed.biz.    ; 19.83.10.2
2.83   IN      PTR    apn.dev.shahed.biz.    ; 10.19.83.2
3.10   IN      PTR    ns0.dev.shahed.biz.    ; 19.83.10.3
3.83   IN      PTR    dns.dev.shahed.biz.    ; 10.19.83.3
3.10   IN      PTR    rpi.dev.shahed.biz.    ; 19.83.10.3
3.83   IN      PTR    rpi.dev.shahed.biz.    ; 10.19.83.3
6.10   IN      PTR    ceo.dev.shahed.biz.    ; 19.83.10.6
6.83   IN      PTR    ceo.dev.shahed.biz.    ; 10.19.83.6
10.10   IN      PTR    mac.dev.shahed.biz.    ; 19.83.10.10
10.83   IN      PTR    mac.dev.shahed.biz.    ; 10.19.83.10
</source>
</syntaxhighlight>


<code>nano /etc/resolv.conf</code>
<code>nano /etc/resolv.conf</code>
<source lang="ini">
<syntaxhighlight lang="ini">
nameserver 19.83.10.3
nameserver 10.19.83.3
nameserver 8.8.8.8
nameserver 8.8.4.4
search dev.shahed.biz
search dev.shahed.biz
</source>
</syntaxhighlight>


<code>nano /etc/network/interfaces</code>
<code>nano /etc/network/interfaces</code>
<source lang="ini">
<syntaxhighlight lang="ini">
dns-nameservers 19.83.10.3 8.8.8.8 8.8.4.4
dns-nameservers 10.19.83.3
dns-search dev.shahed.biz
dns-search dev.shahed.biz
</source>
</syntaxhighlight>


<source lang="bash">
<syntaxhighlight lang="bash">
/etc/init.d/bind9 restart
named-checkconf -z
named-checkconf -z
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone 19.83.10.in-addr.arpa /etc/bind/zones/db.19.83.10
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10
</source>
 
update-rc.d bind9 enable
# /etc/init.d/bind9 restart
service bind9 start
reboot
</syntaxhighlight>


==References==
==References==
{|
| valign="top" |
* [https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-an-authoritative-only-dns-server-on-ubuntu-14-04 How To Configure Bind as an Authoritative-Only DNS Server on Ubuntu 14.04]
* [https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-an-authoritative-only-dns-server-on-ubuntu-14-04 How To Configure Bind as an Authoritative-Only DNS Server on Ubuntu 14.04]
* [https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-16-04 How To Configure BIND as a Private Network DNS Server on Ubuntu 16.04]
* [https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-16-04 How To Configure BIND as a Private Network DNS Server on Ubuntu 16.04]
Line 142: Line 147:
* [https://domoticproject.com/configuring-dns-server-raspberry-pi/ Configuring a DNS Server in Raspberry Pi]
* [https://domoticproject.com/configuring-dns-server-raspberry-pi/ Configuring a DNS Server in Raspberry Pi]
* [http://bikramdhoju.com.np/network&system/DNS-Series-2/ Setting up Private DNS Server with BIND9]
* [http://bikramdhoju.com.np/network&system/DNS-Series-2/ Setting up Private DNS Server with BIND9]
* [[Raspberry Pi Authoritative DNS Server]]
| valign="top" |
| valign="top" |
|-
| colspan="3" |
----
|-
| valign="top" |
* [https://audun-nes.medium.com/configure-coredns-as-basic-dns-server-on-your-local-area-network-at-home-e67463b83ba3 CoreDNS » Configure as basic DNS server at Home]
| valign="top" |
| valign="top" |
|}

Latest revision as of 18:25, 21 August 2024

sudo su
apt install bind9 bind9utils bind9-doc dnsutils
nano /etc/default/bind9
# run resolvconf?
RESOLVCONF=no

# startup options for the server
OPTIONS="-u bind -4"

nano /etc/bind/named.conf.options

acl "trusted" {
        10.19.83.1;   # gtw
        10.19.83.2;   # apn
        10.19.83.3;   # rpi, dns
        10.19.83.6;   # ceo
        10.19.83.10;  # mac
};

options {
        directory "/var/cache/bind";
        recursion yes;                 # enables resursive queries
        allow-recursion { trusted; };  # allows recursive queries from "trusted" clients
        listen-on { 10.19.83.3; };     # dns private IP address - listen on private network only
        allow-transfer { none; };      # disable zone transfers by default
        forward first;
        forwarders {
                8.8.8.8;
                8.8.4.4;
        };
        dnssec-validation auto;
        auth-nxdomain no;              # conform to RFC1035
        listen-on-v6 { any; };
};

nano /etc/bind/named.conf.local

zone "dev.shahed.biz" {
    type master;
    file "/etc/bind/zones/db.dev.shahed.biz"; # zone file path
};

zone "83.19.10.in-addr.arpa" {
    type master;
    file "/etc/bind/zones/db.83.19.10";       # 10.19.83.0/24 subnet
};
mkdir /etc/bind/zones
cp /etc/bind/db.local /etc/bind/zones/db.dev.shahed.biz
nano /etc/bind/zones/db.dev.shahed.biz
;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     dns.dev.shahed.biz. admin.dev.shahed.biz. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
; name servers - NS records
@       IN      NS      dns.dev.shahed.biz.
;
; name servers - A records
dns.dev.shahed.biz.        IN      A      10.19.83.3

; 10.19.83.0/24 - A records
gtw.dev.shahed.biz.        IN      A      10.19.83.1
apn.dev.shahed.biz.        IN      A      10.19.83.2
rpi.dev.shahed.biz.        IN      A      10.19.83.3
ceo.dev.shahed.biz.        IN      A      10.19.83.6
mac.dev.shahed.biz.        IN      A      10.19.83.10
cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10
nano /etc/bind/zones/db.10.19.83
;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     dns.dev.shahed.biz. admin.dev.shahed.biz. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
; name servers - NS records
@       IN      NS      dns.dev.shahed.biz.
;
; PTR Records
1.83    IN      PTR     gtw.dev.shahed.biz.    ; 10.19.83.1
2.83    IN      PTR     apn.dev.shahed.biz.    ; 10.19.83.2
3.83    IN      PTR     dns.dev.shahed.biz.    ; 10.19.83.3
3.83    IN      PTR     rpi.dev.shahed.biz.    ; 10.19.83.3
6.83    IN      PTR     ceo.dev.shahed.biz.    ; 10.19.83.6
10.83   IN      PTR     mac.dev.shahed.biz.    ; 10.19.83.10

nano /etc/resolv.conf

nameserver 10.19.83.3
search dev.shahed.biz

nano /etc/network/interfaces

dns-nameservers 10.19.83.3
dns-search dev.shahed.biz
named-checkconf -z
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10

update-rc.d bind9 enable
# /etc/init.d/bind9 restart
service bind9 start
reboot

References