Linux Tips 12: Ubuntu DNS server setup and configuration

|
Being on Linode, the service offers its own DNS server, and I know that many web hosts, VPS, and dedicated server companies also do the same. However there are real benefits in running your own DNS server, with editing speed and ease of use being one of them. Although for full disclosure I have decided to use Linode's DNS service to reduce load on my own server. Nonetheless, this guide will go through the relatively simple process of setting up a DNS server in Ubuntu Linux.

The first thing one needs to do is to install Bind. Bind is a file based DNS server that is pretty simple to use once you understand it; however there are multiple files to edit. When installed using sudo apt-get install bind9 a default configuration file is created for you as well.

The second step is to update the /etc/bind/named.conf.local configuration file to add our zone. Our zone specifies what domains this DNS server is responsible for. For this tutorial I will use example.com as the sample domain. Therefore in name.conf.local you will add both the zone definition as well as the reverse DNS entry for your IP. They should be written as:


zone "example.com" in {
type master;
file "/etc/bind/zones/example.com.db";
allow-transfer { any;};
};

zone "1.0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/1.0.168.192.db";
};


Please remember to replace example.com with your real domain name and 192.168.0.1 (written in reverse) with your real IP address.

The third, and optional step, is to configure some default DNS server options. The file used to do this is /etc/bind/named.conf.options The main settings that ought to be of interest are: forwarders, notify, and directory. Forwarders specify which DNS server should be used when your DNS server is queried for a domain that it is not responsible for. Notify specifies whether slave DNS servers should be notified of changes when they are made on this server. Directory specifies where DNS configuration files should be looked for if a full file parameter is not used in our zone entries in step two. Samples of three options are:


forwarders { 208.67.222.222; 208.67.222.220; }
notify { yes; }
directory { "/dns/zones"; }


The fourth step in our Ubuntu DNS server setup is creating our zone file. I am assuming that you did not specify a custom zone directory like the options example above. Therefore you will want to create your zone files in the folder /etc/bind/zones by just creating example.com.db and filling it with entries such as:


// TTL = Time to live for records on slave (2 days)
// 2009030700 = Serial for Bind to check whether an update has occured
// 6H = Time between refresh requests
// 1H = Time between retry attempts
// 1W = Expiry time for the record on slave
// 1D = Amount of time an invalid response is stored on slave
$TTL 2D
@ IN SOA ns1.example.com. root.example.com. (
2009030700
6H
1H
1W
1D
)

// ns1.example.com. = Name server
// mail.example.com. = Mail server
// www.example.com. = HTTP server
// *.example.com. = Wildcard entry
example.com. IN NS ns1.example.com.
example.com. IN MX 10 mail.example.com.
ns1 IN A 192.168.0.1
www IN A 192.168.0.1
mail IN A 192.168.0.1
* IN A 192.168.0.1


The above zone definition file sets some basic servers and points them to the computer with the IP address 192.168.0.1. You can host each service on a different IP if they are on different servers. You can also point to other name servers by using CNAME instead of A records. Please note that all domain names end with a ".".

While a reverse DNS zone file is optional, for things like mail servers if a reverse entry is not available it can be flagged as a possible spam server. So it is good practice to do it. For our example zone file the reverse would be in the file 1.0.168.192.db and look like:


// TTL = Time to live for records on slave (2 days)
// 2009030700 = Serial for Bind to check whether an update has occured
// 6H = Time between refresh requests
// 1H = Time between retry attempts
// 1W = Expiry time for the record on slave
// 1D = Amount of time an invalid response is stored on slave
$TTL 2D
@ IN SOA ns1.example.com. root.example.com. (
2009030700
6H
1H
1W
1D
)

IN NS ns1.example.com.
1 IN PTR example.com.


After the files have been created restart bind through the command /etc/init.d/bind9 restart and using the command dig @192.168.0.1 www.example.com to use your own DNS server to query the record www.example.com. If an answer is given (should look like your entry for www in the example.com.db file) then everything is set up correctly. You should now update your domain name registar's DNS records to point to your server.

0 comments:

Post a Comment