Config Master DNS Ubuntu 22.04

From: https://computingforgeeks.com/configure-master-bind-dns-server-on-ubuntu/

1 bind DNS Server Install	2 Bind DNS Server Config	Create Zones	3 Config Bind DNS Zone Lookup Files
1 Forward Zone Lookup File	2 Reverse Zone Lookup File	4 Check Bind DNS Syntax	5 Updating Bind DNS Records
6 Testing DNS Server	Conclusion
Configure Master BIND DNS Server on Ubuntu 22.04|20.04
By Victor Shamallah- October 22, 202222140


DNS Server Ubuntu 20 04

For the internet to deliver instant access to resources all over the world, 
which involves linking the computers or the sites with a unique domain name, 
there is need for a service that will help deliver this. DNS (Domain Name System)
translates human readable domain names, e.g www.computingforgeeks.com to a 
computer readable IP address and vice versa.

BIND9 (Berkeley Internet Name Domain) is the package provides the conversion of
the name to IP functionality.

Let us explore how to setup a master DNS server using BIND9 on Ubuntu 
22.04|20.04. Ensure your server has a static IP address configured before you 
continue. If your server is using DHCP you’ll have to configure static one to 
affirm no IP address change will happen once the DNS Server is configured.



#1) Bind DNS Server Installation

Before we begin installation of the necessary packages, it is always good to 
make sure you are running on an updated Ubuntu server:

sudo apt update -y

Download the necessary packages from Ubuntu base using apt:

sudo apt install -y bind9 bind9utils bind9-doc dnsutils



#2) Bind DNS Server Configuration

The DNS main configuration directory is /etc/bind. 
It contains the zone-lookup files and other configuration files.

The global DNS conf file is located at /etc/bind/named.conf. This is however not
used for local DNS configuration. /etc/bind/named.conf.local is used instead.



Create Zones

We will do so in the /etc/bind/named.conf.local file. Use a text editor of your
choice to edit the file.

Create the forward and reverse zones in the file. Below is a forward 
zone entry for computingforgeeks.local domain. Change it your domain name in 
your configuration.

zone "computingforgeeks.local" IN 
{ // Domain name
      type master; // Primary DNS
     file "/etc/bind/forward.computingforgeeks.local.db"; // Forward lookup file
     allow-update { none; }; // Since this is the primary DNS, it should be none.
};

Where:

computingforgeeks.local is the zone name.
forward.computingforgeeks.local.db is the name of the forward lookup zone.

Add the following to the /etc/bind/named.conf.local for reverse zone

zone "10.16.172.in-addr.arpa" IN 
{ //Reverse lookup name, should match your network in reverse order
     type master; // Primary DNS
     file "/etc/bind/reverse.computingforgeeks.local.db"; //Reverse lookup file
     allow-update { none; }; //Since this is the primary DNS, it should be none.
};

10.16.172.in-addr.arpa os the zone name of reverse DNS. (If network is 
172.16.10.0, the name will be reversed as in 10.16.172)
reverse.computingforgeeks.local.db is the reverse DNS file.




#3) Configure Bind DNS zone lookup files

The zone lookup files hold the DNS records for the forward and reverse zones.

How To Setup Django Applications wi...
Remaining Time -14:28
How To Setup Django Applications with Apache and mod_wsgi on Ubuntu



1 Foward zone lookup file


Copy the sample forward zone lookup file to a file called 
forward.computingforgeeks.local.db under the /etc/bind directory:

sudo cp /etc/bind/db.local /etc/bind/forward.computingforgeeks.local.db

Take note of the zone file syntax, domain names should end with a dot (.)

The acronyms on the file have the following description:

SOA    – Start of Authority
NS     – Name Server
A      – A record
MX     – Mail for Exchange
CNAME  – Canonical Name

We have to edit the zone file and update the content as below. Modify it as per your domain name:
 
sudo vi /etc/bind/forward.computingforgeeks.local.db

$TTL    604800
@       IN      SOA     ns1.computingforgeeks.local. root.ns1.computingforgeeks.local. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
;@      IN      NS      localhost.
;@      IN      A       127.0.0.1
;@      IN      AAAA    ::1

;Name Server Information

@        IN      NS      ns1.computingforgeeks.local.

;IP address of Name Server

ns1     IN      A       172.16.10.2

;Mail Exchanger

computingforgeeks.local.   IN     MX   10   mail.computingforgeeks.local.

;A – Record HostName To Ip Address

www     IN       A      172.16.10.3
mail    IN       A      172.16.10.4

;CNAME record

ftp     IN      CNAME   www.computingforgeeks.local.



2. Reverse zone lookup file

The acronyms in the revese zone file are:

PTR – Pointer
SOA – Start of Authority

Copy the sample reverse zone file in etc/bind
 to a file called reverse.computingforgeeks.local.db.

sudo cp /etc/bind/db.127 /etc/bind/reverse.computingforgeeks.local.db

Edit the contents in the file to fit your domain:

sudo nano /etc/bind/reverse.computingforgeeks.local.db 

;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     computingforgeeks.local. root.computingforgeeks.local. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;

;Name Server Information

@       IN      NS     ns1.computingforgeeks.local.
ns1     IN      A       172.16.10.2
;Reverse lookup for Name Server

2      IN      PTR    ns1.computingforgeeks.local.

;PTR Record IP address to HostName

3     IN      PTR    www.computingforgeeks.local.
4     IN      PTR    mail.computingforgeeks.local.



#4) Check BIND DNS syntax

The named-checkconf command is used to check if the syntax is okay or if there 
is any error. The command should return to shell if there is no error

sudo named-checkconf

The named-checkzone command is used to check the syntax of the forward and 
reverse zone files:

#forward zone file
sudo named-checkzone computingforgeeks.local 
    /etc/bind/forward.computingforgeeks.local.db

#reverse zone file
sudo named-checkzone 10.16.172.in-addr.arpa 
    /etc/bind/reverse.computingforgeeks.local.db


The output should be:

#forward zone file
root@master:~# sudo named-checkzone computingforgeeks.local /etc/bind/forward.computingforgeeks.local.db
zone computingforgeeks.local/IN: loaded serial 2
OK

#reverse zone file
root@master:~# named-checkzone 10.16.172.in-addr.arpa /etc/bind/reverse.computingforgeeks.local.db 
zone 10.16.172.in-addr.arpa/IN: loaded serial 1
OK

Finally restart and enable BIND service:

sudo systemctl restart bind9
sudo systemctl enable bind9



#5) Updating Bind DNS Records

A DNS record should be updated in both the 
/etc/bind/forward.computingforgeeks.local.db 
and 
/etc/bind/reverse.computingforgeeks.local.db files.

On updating the DNS record, change the serial number of both the forward and 
reverse zone files to a number greater than the current.



#6) Testing the DNS Server

On any client machine, change its DNS server to our newly deployed server. In 
our case, it is 172.16.10.2.

DNS server setting varies with the operating system. In Ubuntu:

$ sudo vim /etc/resolv.conf
nameserver 172.16.10.2

Let’s test our DNS resolution using the dig command. The dig command is used to
get the information about a domain name, this includes things like the DNS 
server, the IP of the domain, the MX records, etc.

root@ubuntu:~# dig www.computingforgeeks.local 

; <<>> DiG 9.16.1-Ubuntu <<>> www.computingforgeeks.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65241
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fabd20125b9ccbff010000005f8c7204e1387a993d58c22f (good)
;; QUESTION SECTION:
;www.computingforgeeks.local.	IN	A

;; ANSWER SECTION:
www.computingforgeeks.local. 604800 IN	A	172.16.10.3

;; Query time: 4 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 16:49:08 UTC 2020
;; MSG SIZE  rcvd: 100

The output has given the information about the ‘A’ record of 
computingforgeeks.lan

To check the reverse DNS:

root@ubuntu:~# dig -x 172.16.10.3

; <<>> DiG 9.16.1-Ubuntu <<>> -x 172.16.10.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62529
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 7b8c9b8971f74afc010000005f8c72a8bdc5ebbdb4869578 (good)
;; QUESTION SECTION:
;3.10.16.172.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
3.10.16.172.in-addr.arpa. 604800 IN	PTR	www.computingforgeeks.local.

;; Query time: 0 msec
;; SERVER: 172.16.10.10#53(172.16.10.10)
;; WHEN: Sun Oct 18 16:51:52 UTC 2020
;; MSG SIZE  rcvd: 122

This is a working proof that both the forward and reverse zone lookups are 
working fine.



Conclusion

We have successfully deployed a local DNS server on Ubuntu 22.04|20.04 LTS. This
can be useful to a system administrator in your local network to manage your 
systems and applications. You could have your applications communicating via the
domain names, this gets rid of having to re-configure your applications when the
IPs change.

For Slave Server configuration check:

How To Configure Slave BIND DNS Server on Ubuntu

We have other articles exploring how to setup a slave DNS server. Feel free to reach to us any time you have a challenge or suggestion.

Install PowerDNS on CentOS 8 with MariaDB & PowerDNS-Admin
Configure Master / Slave BIND DNS Server on CentOS 8 / RHEL 8
How To add DNS A/PTR Record in Windows Server