Wednesday, February 23, 2011

[Level 2] DNS setup on Ubuntu.

If you want to instal DNS on Ubuntu,
the steps of DNS setup as the following:

1. install bind9
# apt-get -y install bind9

2. setup named.conf.local
# cat /etc/bind/named.conf.local
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

# This is the zone definition. replace example.com with your domain name
zone "example.com" {
        type master;
        file "/etc/bind/zones/example.com.db";
        };

# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone "0.168.192.in-addr.arpa" {
     type master;
     file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};

3. setup named.conf.options
# cat /etc/bind/named.conf.options
options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    forwarders {
        168.95.1.1;
    };

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };
};

4. create zones folder
# mkdir /etc/bind/zones

5. create forward database
# cat /etc/bind/zones/example.com.db
; example.com
$TTL    604800
@       IN      SOA     ns1.example.com. root.example.com. (
                     2006020201 ; Serial
                         604800 ; Refresh
                          86400 ; Retry
                        2419200 ; Expire
                         604800); Negative Cache TTL
;
@       IN      NS      ns1
        IN      MX      10 mail
        IN      A       192.168.0.1
ns1     IN      A       192.168.0.1
www     IN      A       192.168.0.2
mail    IN      A       192.168.0.3
client1 IN      A       192.168.0.201
client2 IN      A       192.168.0.202
client3 IN      A       192.168.0.203
client4 IN      A       192.168.0.204
client5 IN      A       192.168.0.205

6. create reverse database
# cat /etc/bind/zones/rev.0.168.192.in-addr.arpa
; example.com
$TTL    604800
@       IN      SOA     ns1.example.com. root.example.com. (
                     2006020201 ; Serial
                         604800 ; Refresh
                          86400 ; Retry
                        2419200 ; Expire
                         604800); Negative Cache TTL
;

@                 IN      NS      ns1.example.com.
1                 IN      PTR     ns1.example.com.
2                 IN      PTR     www.example.com.
3                 IN      PTR     mail.example.com.
201               IN      PTR     client1.example.com.
202               IN      PTR     client1.example.com.
203               IN      PTR     client2.example.com.
204               IN      PTR     client3.example.com.
205               IN      PTR     client4.example.com.

7. restart DNS server
# /etc/init.d/bind9 restart

8. modify resolv.conf
# cat /etc/resolv.conf
// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.
search example.com
nameserver 192.168.0.1

9. test forward name query:
# dig www.example.com
; <<>> DiG 9.7.0-P1 <<>> www.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57524
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.example.com.        IN    A

;; ANSWER SECTION:
www.example.com.    604800    IN    A    192.168.0.2

;; AUTHORITY SECTION:
example.com.        604800    IN    NS    ns1.example.com.

;; ADDITIONAL SECTION:
ns1.example.com.    604800    IN    A    192.168.0.1

;; Query time: 0 msec
;; SERVER: 192.168.1.20#53(192.168.1.20)
;; WHEN: Thu Feb 24 00:25:06 2011
;; MSG SIZE  rcvd: 83

10. test reverse name query:
# nslookup 192.168.0.1
Server:        192.168.0.1
Address:    192.168.0.1#53

1.0.168.192.in-addr.arpa    name = ns1.example.com.


Wish this helps.
regards,
Stanley Huang