How to set up DNS server in Ubuntu

by

Domain Name System (DNS) is a system that associates human-readable domain names with IP addresses, allowing users to easily navigate the Internet or their own private network. DNS is important in private networks as it allows devices on the network to communicate with each other using names instead of IP addresses.

Setting up a proper Domain Name System (DNS) is an important part of managing server configuration and infrastructure, as it allows you to easily lookup network interfaces and IP addresses by name.

Configuring your network with fully qualified domain names instead of IP addresses makes it easier to set up and manage your services and applications. Setting up your own DNS server can make your network management even more efficient.

This article will help you install and configure your own DNS server on Ubuntu. The guide is applicable to older versions of Ubuntu and many other Linux distro based on Ubuntu, such as Linux Mint or Pop! OS.

Contents hide
1 Install DNS Server Software
2 Configure DNS Server on Ubuntu
3 Create Zone lookup file
3.1 Forward Zone lookup file
3.2 Reverse Zone lookup file
4 Verify BIND Configuration
4.1 Forward zone
4.2 Reverse zone
5 DNS Record Update
6 Check DNS Server

Install DNS Server Software

BIND (Berkeley Internet Name Domain) is a comprehensive software suite that includes the world’s most widely used DNS (Domain Name System) server software. The most recent major version, BIND 9, was initially released in 2000 and is regularly maintained by the Internet Systems Consortium.

Bind9 is the package name for the DNS server on Ubuntu and is available in the base repository. Installing bind9 is one of the first thing you need to do in order to create your own DNS server. Run the following command to install bind9 and its dependencies.

sudo apt install -y bind9 bind9utils bind9-doc dnsutils

Configure DNS Server on Ubuntu

Bind9 stores its configuration files and zone lookup settings in /etc/bind/ directory. You should use the /etc/bind/named.conf.local file to store your local DNS zone information, rather than using the global /etc/bind/named.conf file.

DNS zones provide a specific scope for managing and defining DNS records.. Since our domains will all be within the linuxpip.local domain, we will use that as our forward zone. Run the following commands to edit zone configuration.

sudo nano /etc/bind/named.conf.local

We’ll need to put both forward zone and reverse zone in the files. The contents of the file should look similar to this.

zone "linuxpip.local" IN { // Domain name

      type master; // Primary DNS

     file "/etc/bind/forward.linuxpip.local.db"; // Forward lookup file

     allow-update { none; }; // Since this is the primary DNS, it should be none.

};

zone "0.168.192.in-addr.arpa" IN { //Reverse lookup name, should match your network in reverse order

     type master; // Primary DNS

     file "/etc/bind/reverse.linuxpip.local.db"; //Reverse lookup file

     allow-update { none; }; //Since this is the primary DNS, it should be none.

};
Code language: JavaScript (javascript)

The first block is configuration for forward zone and the latter is reverse zone.

Create Zone lookup file

With zones created, you can then generate data files holding DNS records for the forward and reverse zones.

Forward Zone lookup file

Copy the sample entries to zone file called forward.linuxpip.local.db for the forward zone under /etc/bind directory.

Here’s a list of record types in the zone file:

SOA – Start of Authority  
NS – Name Server  
A – A record  
MX – Mail for Exchange  
CN – Canonical Name

Domain names should end with a dot (.). Run the following commands to update the zone file.

sudo cp /etc/bind/db.local /etc/bind/forward.linuxpip.local.db
sudo nano /etc/bind/forward.linuxpip.local.db

Put the contents below in the file. You can edit the details to fit your scenario.

$TTL    604800
@       IN      SOA     ns1.linuxpip.local. root.linuxpip.local. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;@      IN      A       127.0.0.1
;@      IN      AAAA    ::1

;Name Server Information

@        IN      NS      ns1.linuxpip.local.

;IP address of Name Server

ns1     IN      A       192.168.0.10

;Mail Exchanger

linuxpip.local.   IN     MX   10   mail.linuxpip.local.

;A – Record HostName To Ip Address

www     IN       A      192.168.0.100
mail    IN       A      192.168.0.150

;CNAME record

ftp     IN      CNAME   www.linuxpip.local.
Code language: PHP (php)

Reverse Zone lookup file

Copy the example entries to the reverse zone file called reverse.linuxpip.local.db, and create reverse pointers for the above forward zone records.

PTR – Pointer  
SOA – Start of Authority
sudo cp /etc/bind/db.127 /etc/bind/reverse.linuxpip.local.db
sudo nano /etc/bind/reverse.linuxpip.local.db

Update the file with the content shown below.

$TTL    604800
@       IN      SOA     linuxpip.local. root.linuxpip.local. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;1.0.0  IN      PTR     localhost.

;Name Server Information

@       IN      NS     ns1.linuxpip.local.

;Reverse lookup for Name Server

10      IN      PTR    ns1.linuxpip.local.

;PTR Record IP address to HostName

100     IN      PTR    www.linuxpip.local.
150     IN      PTR    mail.linuxpip.local.
Code language: PHP (php)

Verify BIND Configuration

In order to check BIND configuration for syntax error, use named-checkconf command to check named.conf* files for any syntax errors.

sudo named-checkconf

Similarly, you can use a built-in command in BIND called named-checkzone to check for syntax errors in zone files.

Forward zone

sudo named-checkzone linuxpip.local /etc/bind/forward.linuxpip.local.db

Output:

zone linuxpip.local/IN: loaded serial 3
OK

Reverse zone

named-checkzone 0.168.192.in-addr.arpa /etc/bind/reverse.linuxpip.local.db

Output:

zone 0.168.192.in-addr.arpa/IN: loaded serial 3
OK

Run the following commands to restart bind9 service and enable it on system startup.

sudo systemctl restart bind9
sudo systemctl enable bind9

Check the status of the bind9 service using the following commands.

sudo systemctl status bind9

DNS Record Update

Whenever you change a DNS record, do not forget to change the serial number in the zone file and reload the zone.

Remember to replace linuxpip.local and 0.168.192.in-addr.arpa with your zone names.

**### Forward Zone ###**

sudo rndc reload **linuxpip.local** 

**### Reverse Zone ###**

sudo rndc reload **0.168.192.in-addr.arpa**
Code language: CSS (css)

Check DNS Server

The next step is to verify that our DNS server responds properly to imcoming requests. In order to do that, go to any client machine and add our new DNS server IP Address in /etc/resolv.conf file.

sudo nano /etc/resolv.conf

Add the line below to the very last line of the file.

nameserver 192.168.0.10
Code language: CSS (css)

Then, use dig to perform a DNS lookup.

dig www.linuxpip.local
Code language: CSS (css)

You should see an output that looks like this if things go well.

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.linuxpip.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18022
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxpip.local.             IN      A

;; ANSWER SECTION:
www.linuxpip.local.      604800  IN      A       192.168.0.100

;; AUTHORITY SECTION:
linuxpip.local.          604800  IN      NS      ns1.linuxpip.local.

;; ADDITIONAL SECTION:
ns1.linuxpip.local.      604800  IN      A       192.168.0.10

;; Query time: 0 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 30 12:42:18 EST 2019
;; MSG SIZE  rcvd: 96
Code language: CSS (css)

Confirm the reverse lookup with dig command.

dig -x 192.168.0.100
Code language: CSS (css)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 192.168.0.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37122
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;100.0.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
100.0.168.192.in-addr.arpa. 604800 IN   PTR     www.linuxpip.local.

;; AUTHORITY SECTION:
0.168.192.in-addr.arpa. 604800  IN      NS      ns1.linuxpip.local.

;; ADDITIONAL SECTION:
ns1.linuxpip.local.      604800  IN      A       192.168.0.10

;; Query time: 0 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 30 12:43:20 EST 2019
;; MSG SIZE  rcvd: 120
Code language: CSS (css)

We hope that the article helps you successfully set up a DNS server in Ubuntu. You may be interested in our Linux software roundups, including 8 Best Open Source CMDB software, Best Linux Video Converters or Best Python Graphics Libraries. If you have any suggestion, please feel free to leave a comment below.

Click to rate this post!
[Total: 1 Average: 4]
How to use pipenv in VSCode
conda: command not found - possible fixes
How to quickly find a file in VSCode
How to increase font size of PuTTY's terminal
"File too big" in Notepad++ - what to do?
How to fix Access to docs.googleusercontent.com was denied in Google Drive
How to decrease font size of PuTTY's terminal
Download audio only with youtube-dl

Leave a Comment