Raspberry Pi Authoritative DNS Server: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
 
(51 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Domain Information'''
<source lang="bash">
Domain      : shahed.biz
Name Server  : ns8533.hostgator.com
Name Server  : ns8534.hostgator.com
Subdomain    : dev.shahed.biz (public)
CNAME of dev : cki00.ddns.net (noip.com)
</source>
'''Netowrk Information'''
<source lang="bash">
GTW : 10.19.83.1    (Gateway/Router)
DMZ : 10.19.83.5    (dev.shahed.biz  & Name server)
LAN : 10.19.83.0/24 (Private network & range 0~255)
</source>
==Install==
==Install==
<source lang="bash">
<source lang="bash">
sudo su
sudo su
apt update
apt update && apt upgrade
apt upgrade
apt install bind9 bind9utils bind9-doc dnsutils
apt install bind9 bind9utils bind9-doc dnsutils
nano /etc/default/bind9
#apt purge  bind9 bind9utils bind9-doc dnsutils
#sudo apt autoremove
</source>
</source>


<code>nano /etc/default/bind9</code>
<source lang="ini">
<source lang="ini">
# run resolvconf?
# run resolvconf?
Line 19: Line 36:
<code>nano /etc/bind/named.conf.options</code>
<code>nano /etc/bind/named.conf.options</code>
<source lang="ini">
<source lang="ini">
acl trusted {
acl internals {
         127.0.0.0/8;
         127.0.0.0/24; # 0-255
         10.19.83.0/24;
         10.19.83.0/24; # 0-255
};
 
acl externals {
        10.19.83.0/29;  # 0-7
        !10.19.83.0/24; # 0-255
};
};


options {
options {
         directory "/var/cache/bind";
         directory "/var/cache/bind";
        auth-nxdomain no;
         forwarders {
         forwarders {
                 8.8.8.8;    # Google DNS
                 8.8.8.8;    # Google DNS
Line 31: Line 54:
                 10.19.83.1; # Router DNS
                 10.19.83.1; # Router DNS
         };
         };
        auth-nxdomain no;
         dnssec-validation auto;
         dnssec-validation auto;
         listen-on-v6 { none; };
         listen-on-v6 { none; };
         listen-on port 53 {
         listen-on port 53 {
                 127.0.0.1;
                 127.0.0.1;
                 10.19.83.3;
                 10.19.83.5;
         };
         };
         allow-transfer { none; };
         allow-transfer { none; };
         allow-query { trusted; };
         allow-query { internals; };
         allow-recursion { trusted; };
         allow-recursion { internals; };
};                                                                                                                                                               
};                                                                                                                                                               
</source>
</source>
Line 46: Line 68:
==Keygen==
==Keygen==
<source lang="bash">
<source lang="bash">
dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER apn.dev.shahed.biz
dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER ddn.dev.shahed.biz
dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER dns.dev.shahed.biz
dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER gtw.dev.shahed.biz
</source>
</source>


Line 67: Line 87:
};
};


zone "dns.dev.shahed.biz" {
zone "ddn.dev.shahed.biz" {
         type master;
         type master;
         file "/etc/bind/zones/db.dns.dev.shahed.biz";
         file "/etc/bind/zones/db.ddn.dev.shahed.biz";
         notify yes;
         notify yes;
         allow-update { key dns.dev.shahed.biz.; };
         allow-update { key ddn.dev.shahed.biz.; };
         allow-query { any; };
         allow-query { any; };
};
};


key dns.dev.shahed.biz. {
key ddn.dev.shahed.biz. {
         algorithm HMAC-MD5;
         algorithm HMAC-MD5;
         secret "8+JJL3HnWswtBVzwAetEYg==";
         secret "BOpzhxmLpMwUIJR9Z3mMvQ==";
};
};
// consider adding the 1918 zones here
// consider adding the 1918 zones here
Line 83: Line 103:
</source>
</source>


== Forward Lookup Zone==
===Forward Lookup Zone===
<source lang="bash">
<source lang="bash">
mkdir /etc/bind/zones
mkdir /etc/bind/zones
Line 91: Line 111:


<source lang="ini">
<source lang="ini">
;
;
; BIND data file for local interface ;
; BIND forward data file
$TTL    600    ;  10S
;
$TTL    600    ;  10M
$ORIGIN dev.shahed.biz.
$ORIGIN dev.shahed.biz.


@      IN      SOA    dns.dev.shahed.biz. root.dns.dev.shahed.biz. (
@      IN      SOA    ns0.dev.shahed.biz. root.dev.shahed.biz. (
                         201908011           ; Serial      YYYYmmddI
                         201908121           ; Serial      YYYYmmddI
                             3600          ; Refresh            01H
                             3600          ; Refresh            01H
                               600          ; Retry              10M
                               600          ; Retry              10M
                             86400          ; Expire            01D
                             86400          ; Expire            01D
                               600 )        ; Negative Cache TTL 10S
                               600 )        ; Negative Cache TTL 10M
; NS Records
; NS Records
@      IN      NS      dns.dev.shahed.biz.
@      IN      NS      ns0.dev.shahed.biz.
@      IN      A      10.19.83.3
@      IN      NS      ns8533.hostgator.com.
; CNAME
@      IN      NS      ns8534.hostgator.com.
ftp            CNAME  dns
@      IN      NS      dev.shahed.biz.
rpi            CNAME  dns
@      IN      A      10.19.83.5
; A  Records
; A  Records
apn            A      10.19.83.2
apn            A      10.19.83.2
dns             A      10.19.83.3
av5             A      10.19.83.9
gtw            A      10.19.83.1
gtw            A      10.19.83.1
mac            A      10.19.83.10
ns0            A      10.19.83.5
one            A      10.19.83.8
pi3            A      10.19.83.3
pih            A      10.19.83.4
piw            A      10.19.83.5
ras            A      10.19.83.12
sha            A      10.19.83.11
; CNAME
ftp            CNAME  ns0
dmz            CNAME  ns0
</source>
</source>


==Reverse Lookup Zone==
===Reverse Lookup Zone===
<source lang="bash">
<source lang="bash">
cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10
cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10
nano /etc/bind/zones/db.10.19.83
nano /etc/bind/zones/db.83.19.10
</source>
</source>


<source lang="ini">
<source lang="ini">
;
;
; BIND reverse data file for local interface
; BIND reverse data file
;
;
$TTL    600    ; 10S
$TTL    600    ; 10M
$ORIGIN 83.19.10.in-addr.arpa.
$ORIGIN 83.19.10.in-addr.arpa.


@      IN      SOA    dns.dev.shahed.biz. root.dns.dev.shahed.biz. (
@      IN      SOA    ns0.dev.shahed.biz. root.dev.shahed.biz. (
                         201908011           ; Serial      YYYYmmddI
                         201908121           ; Serial      YYYYmmddI
                             3600          ; Refresh            01H
                             3600          ; Refresh            01H
                               600          ; Retry              10M
                               600          ; Retry              10M
                             86400          ; Expire            01D
                             86400          ; Expire            01D
                               600 )        ; Negative Cache TTL 10S
                               600 )        ; Negative Cache TTL 10M
; NS  Records
; NS  Records
@      IN      NS      dns.dev.shahed.biz.
@      IN      NS      ns0.dev.shahed.biz.
@      IN      NS      dev.shahed.biz.
; PTR Records
; PTR Records
1.83    IN      PTR    gtw.dev.shahed.biz.
1       IN      PTR    gtw.dev.shahed.biz.
2.83    IN      PTR    apn.dev.shahed.biz.
2       IN      PTR    apn.dev.shahed.biz.
3.83    IN      PTR    dns.dev.shahed.biz.
3       IN      PTR    pi3.dev.shahed.biz.
; PTR CNAME
4      IN      PTR    pih.dev.shahed.biz.
3.83    IN      PTR    ftp.dev.shahed.biz.
5      IN      PTR     dev.shahed.biz.
3.83    IN      PTR    rpi.dev.shahed.biz.
5      IN      PTR    dmz.dev.shahed.biz.
; PTR ORIGIN
5      IN      PTR    ftp.dev.shahed.biz.
3.83    IN      PTR    dev.shahed.biz.
5      IN      PTR    ns0.dev.shahed.biz.
5      IN      PTR    piw.dev.shahed.biz.
8      IN      PTR    one.dev.shahed.biz.
9      IN      PTR    av5.dev.shahed.biz.
10      IN      PTR     mac.dev.shahed.biz.
11      IN      PTR    sha.dev.shahed.biz.
12      IN      PTR    ras.dev.shahed.biz.
</source>
</source>


==DDNS Forward Lookup Zone==
===DDNS Forward Zone===
<source lang="bash">
<source lang="bash">
cp /etc/bind/db.local /etc/bind/zones/db.dns.dev.shahed.biz
cp /etc/bind/db.local /etc/bind/zones/db.ddn.dev.shahed.biz
nano /etc/bind/zones/db.dns.dev.shahed.biz
nano /etc/bind/zones/db.ddn.dev.shahed.biz
</source>
</source>


<source lang="ini">
<source lang="ini">
;
;
; BIND data file for dns.dev.shahed.biz
; BIND forward data file for ddn.dev.shahed.biz
;
;
$ORIGIN .
$ORIGIN .
$TTL 86400              ; 1D
$TTL     600            ; 10M
dns.dev.shahed.biz      IN SOA  dns.dev.shahed.biz. root.dns.dev.shahed.biz. (
ddn.dev.shahed.biz      IN SOA  ns0.dev.shahed.biz. root.ddn.dev.shahed.biz. (
                                 201908011           ; serial      YYYYmmddI
                                 201908121           ; serial      YYYYmmddI
                                    28800           ; refresh            08H
                                      600           ; refresh            10M
                                     7200          ; retry              02H
                                     7200          ; retry              02H
                                   604800          ; expire            01W
                                   604800          ; expire            01W
                                    86400 )        ; Negative Cache TTL 01D
                                      600 )        ; Negative Cache TTL 10M
                         NS      dns.dev.shahed.biz.
                         NS      ns0.dev.shahed.biz.
                         A      10.19.83.3
                         A      10.19.83.5
</source>
</source>


Line 171: Line 211:
<source lang="bash">
<source lang="bash">
named-checkconf -z
named-checkconf -z
named-checkzone ddn.dev.shahed.biz /etc/bind/zones/db.ddn.dev.shahed.biz
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10
Line 179: Line 220:
/etc/init.d/bind9 restart
/etc/init.d/bind9 restart
service bind9 restart
service bind9 restart
netstat -tulpn
netstat -tap
reboot
reboot
</source>
<source lang="bash">
rndc dumpdb -cache
rndc flush
rndc reload
</source>
</source>


==Client==
==Client==
<code>nano /etc/resolv.conf</code>
<code>sudo nano /etc/dhcpcd.conf</code>
<source lang="ini">
<source lang="ini">
nameserver 10.19.83.3
# Chorke Academia, Inc.
search dev.shahed.biz
#static domain_name_servers=10.19.83.5 10.19.83.1
static domain_search=dev.shahed.biz
#static host_name=pih
</source>
 
<source lang="bash" highlight="5,6">
sudo systemctl restart dhcpcd
sudo systemctl daemon-reload
 
sudo apt install resolvconf
sudo apt install openresolv
sudo resolvconf -u
</source>
 
===DDNS Client===
<code>$HOME/ddnsclient</code>
<source lang="bash">
#!/bin/bash
: '
@author  "Chorke Academia, Inc."<[email protected]>
@vendor    Chorke Academia, Inc.
@web      http://chorke.org
@version  1.0.00.GA
@since    1.0.00.GA
'
 
# http://zteo.com/posts/your-own-dynamic-dns-in-3-steps
# http://dynupdate.no-ip.com/ip.php
# http://www.antedes.com/getip.php
# http://checkip.dyndns.org
 
IPS='http://dynupdate.no-ip.com/ip.php'
DNSP='/etc/bind/ddnskeys'
 
while true; do
    # first, retrieve ipaddress
    CURIP=`curl -s $IPS | awk '{ print $1 }'`
    OLDIP=`cat $DNSP/oldip`
 
    # compare to previously saved ip
    [ "$CURIP" == "$OLDIP" ] && continue
    echo $CURIP > $DNSP/oldip
 
    # if different, tell dns
    echo "server dev.shahed.biz" > $DNSP/zone
    echo "zone ddn.dev.shahed.biz"  >> $DNSP/zone
    echo "update delete ddn.dev.shahed.biz. A"  >> $DNSP/zone
    echo "update add ddn.dev.shahed.biz. 86400 A $CURIP"  >> $DNSP/zone
    echo "show" >> $DNSP/zone
    echo "send" >> $DNSP/zone
    /usr/bin/nsupdate -k $DNSP/Kddn.dev.shahed.biz.+157+55098.private $DNSP/zone
    sleep 300 # (5M, 30M) = (300, 1800)
done
</source>
</source>


<code>nano /etc/network/interfaces</code>
<source lang="bash">
<source lang="ini">
chmod 755 "$HOME/ddnsclient"
dns-nameservers 10.19.83.3
# nohup "$HOME/ddnsclient" &
dns-search dev.shahed.biz
nohup "$HOME/ddnsclient" 2>> /dev/null >> /dev/null &
</source>
</source>


==Debug==
==Debug==
<source lang="bat">
<source lang="bat">
@rem clear win x dns cache
@rem clear windows dns cache
ipconfig /flushdns
ipconfig /flushdns
ipconfig /displaydns
ipconfig /displaydns
Line 203: Line 304:


<source lang="bash">
<source lang="bash">
scutil --dns
scutil -r hostname
# clear macos dns cache
# clear macos dns cache
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder
sudo killall -HUP mDNSResponder
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
</source>
<source lang="bash">
# clear ubuntu dns cache
sudo systemd-resolve --flush-caches
sudo systemd-resolve --statistics
#sudo /etc/init.d/dns-clean start
</source>
<source lang="bash">
#from local area network
dig @10.19.83.5 shahed.biz
dig @10.19.83.5 dev.shahed.biz
dig @10.19.83.5 apn.dev.shahed.biz
dig @10.19.83.5 ddn.dev.shahed.biz
dig @10.19.83.5 gtw.dev.shahed.biz
</source>
</source>


<source lang="bash">
<source lang="bash">
dig @10.19.83.3 shahed.biz
#from horizon/world wide
dig @10.19.83.3 dev.shahed.biz
dig @dev.shahed.biz shahed.biz
dig @10.19.83.3 apn.dev.shahed.biz
dig @dev.shahed.biz -x 10.19.83.1
dig @10.19.83.3 dns.dev.shahed.biz
dig @dev.shahed.biz dev.shahed.biz
dig @10.19.83.3 gtw.dev.shahed.biz
dig @dev.shahed.biz apn.dev.shahed.biz
dig @dev.shahed.biz ddn.dev.shahed.biz
dig @dev.shahed.biz gtw.dev.shahed.biz
</source>
</source>


<source lang="bash">
<source lang="bash">
#from lan only
nslookup shahed.biz
nslookup shahed.biz
nslookup dev.shahed.biz
nslookup dev.shahed.biz
nslookup apn.dev.shahed.biz
nslookup apn.dev.shahed.biz
nslookup dns.dev.shahed.biz
nslookup ddn.dev.shahed.biz
nslookup gtw.dev.shahed.biz
nslookup gtw.dev.shahed.biz
</source>
</source>
Line 229: Line 354:
* [https://www.linuxbabe.com/ubuntu/set-up-authoritative-dns-server-ubuntu-18-04-bind9 Set Up Authoritative DNS Server on Ubuntu 18.04, 16.04 with BIND9]
* [https://www.linuxbabe.com/ubuntu/set-up-authoritative-dns-server-ubuntu-18-04-bind9 Set Up Authoritative DNS Server on Ubuntu 18.04, 16.04 with BIND9]
* [https://buildthings.wordpress.com/raspberry-pi-bind9-dns-ddns-dynamic-dns-dnssec-keygen-nsupdate-ddnsclient-on-off-switch-ham-radio-arduino-attiny-remote-base/ Raspberry Pi Bind9 DNS/DDNS (Dynamic DNS) Server]
* [https://buildthings.wordpress.com/raspberry-pi-bind9-dns-ddns-dynamic-dns-dnssec-keygen-nsupdate-ddnsclient-on-off-switch-ham-radio-arduino-attiny-remote-base/ Raspberry Pi Bind9 DNS/DDNS (Dynamic DNS) Server]
* [http://www.zytrax.com/books/dns/ch4/#stealth Stealth (DMZ/Hidden Master) Name Server]
* [https://domoticproject.com/configuring-dns-server-raspberry-pi/ Configuring a DNS Server in Raspberry Pi]
* [https://domoticproject.com/configuring-dns-server-raspberry-pi/ Configuring a DNS Server in Raspberry Pi]
* [http://bikramdhoju.com.np/network&system/DNS-Series-2/ Setting up Private DNS Server with BIND9]
* [http://bikramdhoju.com.np/network&system/DNS-Series-2/ Setting up Private DNS Server with BIND9]
* [http://www.zytrax.com/books/dns/ch6/mydomain.html DNS Sample External Domain Zone file]
* [http://www.zytrax.com/books/dns/ch7/address_match_list.html BIND Definition of Address List Match]
* [http://www.zytrax.com/books/dns/ch6/#stealth Stealth (Split/DMZ) DNS Server]
* [http://www.zytrax.com/books/dns/ch7/statements.html List of Statements]

Latest revision as of 17:56, 31 August 2020

Domain Information

Domain       : shahed.biz
Name Server  : ns8533.hostgator.com
Name Server  : ns8534.hostgator.com
Subdomain    : dev.shahed.biz (public)
CNAME of dev : cki00.ddns.net (noip.com)

Netowrk Information

GTW : 10.19.83.1    (Gateway/Router)
DMZ : 10.19.83.5    (dev.shahed.biz  & Name server)
LAN : 10.19.83.0/24 (Private network & range 0~255)

Install

sudo su
apt update && apt upgrade
apt install bind9 bind9utils bind9-doc dnsutils
#apt purge  bind9 bind9utils bind9-doc dnsutils
#sudo apt autoremove

nano /etc/default/bind9

# run resolvconf?
RESOLVCONF=no

# startup options for the server
OPTIONS="-u bind -4"

Options

nano /etc/bind/named.conf.options

acl internals {
        127.0.0.0/24;  # 0-255
        10.19.83.0/24; # 0-255
};

acl externals {
        10.19.83.0/29;  # 0-7
        !10.19.83.0/24; # 0-255
};

options {
        directory "/var/cache/bind";
        auth-nxdomain no;
        forwarders {
                8.8.8.8;    # Google DNS
                8.8.4.4;    # Google DNS
                10.19.83.1; # Router DNS
        };
        dnssec-validation auto;
        listen-on-v6 { none; };
        listen-on port 53 {
                127.0.0.1;
                10.19.83.5;
        };
        allow-transfer { none; };
        allow-query { internals; };
        allow-recursion { internals; };
};

Keygen

dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER ddn.dev.shahed.biz

Zones

nano /etc/bind/named.conf.local

include "/etc/bind/rndc.key";
zone "dev.shahed.biz" {
    type master;
    file "/etc/bind/zones/db.dev.shahed.biz";     # zone file path
    allow-update { key rndc-key; };
};

zone "83.19.10.in-addr.arpa" {
    type master;
    file "/etc/bind/zones/db.83.19.10";           # 10.19.83.0/24 subnet
    allow-update { key rndc-key; };
};

zone "ddn.dev.shahed.biz" {
        type master;
        file "/etc/bind/zones/db.ddn.dev.shahed.biz";
        notify yes;
        allow-update { key ddn.dev.shahed.biz.; };
        allow-query { any; };
};

key ddn.dev.shahed.biz. {
        algorithm HMAC-MD5;
        secret "BOpzhxmLpMwUIJR9Z3mMvQ==";
};
// consider adding the 1918 zones here
// include "/etc/bind/zones.rfc1918";

Forward Lookup Zone

mkdir /etc/bind/zones
cp /etc/bind/db.local /etc/bind/zones/db.dev.shahed.biz
nano /etc/bind/zones/db.dev.shahed.biz
;
; BIND forward data file
;
$TTL     600    ;  10M
$ORIGIN dev.shahed.biz.

@       IN      SOA     ns0.dev.shahed.biz. root.dev.shahed.biz. (
                        201908121           ; Serial       YYYYmmddI
                             3600           ; Refresh            01H
                              600           ; Retry              10M
                            86400           ; Expire             01D
                              600 )         ; Negative Cache TTL 10M
; NS Records
@       IN      NS      ns0.dev.shahed.biz.
@       IN      NS      ns8533.hostgator.com.
@       IN      NS      ns8534.hostgator.com.
@       IN      NS      dev.shahed.biz.
@       IN      A       10.19.83.5
; A  Records
apn             A       10.19.83.2
av5             A       10.19.83.9
gtw             A       10.19.83.1
mac             A       10.19.83.10
ns0             A       10.19.83.5
one             A       10.19.83.8
pi3             A       10.19.83.3
pih             A       10.19.83.4
piw             A       10.19.83.5
ras             A       10.19.83.12
sha             A       10.19.83.11
; CNAME
ftp             CNAME   ns0
dmz             CNAME   ns0

Reverse Lookup Zone

cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10
nano /etc/bind/zones/db.83.19.10
;
; BIND reverse data file
;
$TTL     600    ; 10M
$ORIGIN 83.19.10.in-addr.arpa.

@       IN      SOA     ns0.dev.shahed.biz. root.dev.shahed.biz. (
                        201908121           ; Serial       YYYYmmddI
                             3600           ; Refresh            01H
                              600           ; Retry              10M
                            86400           ; Expire             01D
                              600 )         ; Negative Cache TTL 10M
; NS  Records
@       IN      NS      ns0.dev.shahed.biz.
@       IN      NS      dev.shahed.biz.
; PTR Records
1       IN      PTR     gtw.dev.shahed.biz.
2       IN      PTR     apn.dev.shahed.biz.
3       IN      PTR     pi3.dev.shahed.biz.
4       IN      PTR     pih.dev.shahed.biz.
5       IN      PTR     dev.shahed.biz.
5       IN      PTR     dmz.dev.shahed.biz.
5       IN      PTR     ftp.dev.shahed.biz.
5       IN      PTR     ns0.dev.shahed.biz.
5       IN      PTR     piw.dev.shahed.biz.
8       IN      PTR     one.dev.shahed.biz.
9       IN      PTR     av5.dev.shahed.biz.
10      IN      PTR     mac.dev.shahed.biz.
11      IN      PTR     sha.dev.shahed.biz.
12      IN      PTR     ras.dev.shahed.biz.

DDNS Forward Zone

cp /etc/bind/db.local /etc/bind/zones/db.ddn.dev.shahed.biz
nano /etc/bind/zones/db.ddn.dev.shahed.biz
;
; BIND forward data file for ddn.dev.shahed.biz
;
$ORIGIN .
$TTL     600            ; 10M
ddn.dev.shahed.biz      IN SOA  ns0.dev.shahed.biz. root.ddn.dev.shahed.biz. (
                                201908121           ; serial       YYYYmmddI
                                      600           ; refresh            10M
                                     7200           ; retry              02H
                                   604800           ; expire             01W
                                      600 )         ; Negative Cache TTL 10M
                        NS      ns0.dev.shahed.biz.
                        A       10.19.83.5

Server

named-checkconf -z
named-checkzone ddn.dev.shahed.biz /etc/bind/zones/db.ddn.dev.shahed.biz
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10
update-rc.d bind9 enable
/etc/init.d/bind9 restart
service bind9 restart
netstat -tulpn
netstat -tap
reboot
rndc dumpdb -cache
rndc flush
rndc reload

Client

sudo nano /etc/dhcpcd.conf

# Chorke Academia, Inc.
#static domain_name_servers=10.19.83.5 10.19.83.1
static domain_search=dev.shahed.biz
#static host_name=pih
sudo systemctl restart dhcpcd
sudo systemctl daemon-reload

sudo apt install resolvconf
sudo apt install openresolv
sudo resolvconf -u

DDNS Client

$HOME/ddnsclient

#!/bin/bash
: '
 @author   "Chorke Academia, Inc."<[email protected]>
 @vendor    Chorke Academia, Inc.
 @web       http://chorke.org
 @version   1.0.00.GA
 @since     1.0.00.GA
'

# http://zteo.com/posts/your-own-dynamic-dns-in-3-steps
# http://dynupdate.no-ip.com/ip.php
# http://www.antedes.com/getip.php
# http://checkip.dyndns.org

IPS='http://dynupdate.no-ip.com/ip.php'
DNSP='/etc/bind/ddnskeys'

while true; do
    # first, retrieve ipaddress
    CURIP=`curl -s $IPS | awk '{ print $1 }'`
    OLDIP=`cat $DNSP/oldip`

    # compare to previously saved ip
    [ "$CURIP" == "$OLDIP" ] && continue
    echo $CURIP > $DNSP/oldip

    # if different, tell dns
    echo "server dev.shahed.biz" > $DNSP/zone
    echo "zone ddn.dev.shahed.biz"  >> $DNSP/zone
    echo "update delete ddn.dev.shahed.biz. A"  >> $DNSP/zone
    echo "update add ddn.dev.shahed.biz. 86400 A $CURIP"  >> $DNSP/zone
    echo "show" >> $DNSP/zone
    echo "send" >> $DNSP/zone
    /usr/bin/nsupdate -k $DNSP/Kddn.dev.shahed.biz.+157+55098.private $DNSP/zone
    sleep 300 # (5M, 30M) = (300, 1800)
done
chmod 755 "$HOME/ddnsclient"
# nohup "$HOME/ddnsclient" &
nohup "$HOME/ddnsclient" 2>> /dev/null >> /dev/null &

Debug

@rem clear windows dns cache
ipconfig /flushdns
ipconfig /displaydns
scutil --dns
scutil -r hostname
# clear macos dns cache
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
# clear ubuntu dns cache
sudo systemd-resolve --flush-caches
sudo systemd-resolve --statistics
#sudo /etc/init.d/dns-clean start
#from local area network
dig @10.19.83.5 shahed.biz
dig @10.19.83.5 dev.shahed.biz
dig @10.19.83.5 apn.dev.shahed.biz
dig @10.19.83.5 ddn.dev.shahed.biz
dig @10.19.83.5 gtw.dev.shahed.biz
#from horizon/world wide 
dig @dev.shahed.biz shahed.biz
dig @dev.shahed.biz -x 10.19.83.1
dig @dev.shahed.biz dev.shahed.biz
dig @dev.shahed.biz apn.dev.shahed.biz
dig @dev.shahed.biz ddn.dev.shahed.biz
dig @dev.shahed.biz gtw.dev.shahed.biz
#from lan only
nslookup shahed.biz
nslookup dev.shahed.biz
nslookup apn.dev.shahed.biz
nslookup ddn.dev.shahed.biz
nslookup gtw.dev.shahed.biz

References