Ubuntu 10.04
Sponsored Link

Install/Configure BIND
2010/07/19
  Build DNS server which resolves domain name or IP address. It's neccessary to configure router so that TCP and UDP packets to 53 can pass through.

[1] Install BIND
root@ubuntu:~#
aptitude -y install bind9
[2] Configure BIND This example is done with grobal IP address [172.16.0.80/29], Private IP address [10.0.0.0/24], Domain name [srv.world]. However, Please use your own IPs and domain name when you set config on your server. ( Actually, [172.16.0.80/29] is for private IP address, though. )
root@ubuntu:~#
vi /etc/bind/named.conf


include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
# make it comment

#
include "/etc/bind/named.conf.default-zones";
# add

include "/etc/bind/named.conf.internal-zones";
include "/etc/bind/named.conf.external-zones";


root@ubuntu:~#
vi /etc/bind/named.conf.internal-zones
 
# create new


# define for internal section

view "internal" {
match-clients {

localhost;

10.0.0.0/24;

};

zone "." {

type hint;

file "db.root";

};

# set zone for internal

zone "srv.world" {

type master;

file "srv.world.lan";

allow-update { none; };

};

# set zone for internal *note

zone "0.0.10.in-addr.arpa" {

type master;

file "0.0.10.db";

allow-update { none; };

};

zone "localhost" {

type master;

file "db.local";

};

zone "127.in-addr.arpa" {

type master;

file "db.127";

};

zone "0.in-addr.arpa" {

type master;

file "db.0";

};

zone "255.in-addr.arpa" {

type master;

file "db.255";

};

};


root@ubuntu:~#
vi /etc/bind/named.conf.external-zones
 
# create new


# define for external section

view "external" {
match-clients {

any;

};

zone "." {

type hint;

file "db.root";

};

# set zone for external

zone "srv.world" {

type master;

file "srv.world.wan";

allow-update { none; };

};

# set zone for external *note

zone "80.0.16.172.in-addr.arpa" {

type master;

file "80.0.16.172.db";

allow-update { none; };

};

};


# *note : For How to write for reverse resolving, Write network address reversely like below.

for 10.0.0.0/24
network address
⇒ 10.0.0.0

range of network
⇒ 10.0.0.0 - 10.0.0.255

how to write
⇒ 0.0.10.in-addr.arpa


for 172.16.0.80/29
network address
⇒ 172.16.0.80

range of network
⇒ 172.16.0.80 - 172.16.0.87

how to write
⇒ 80.0.16.172.in-addr.arpa
[3] Limit ranges you allow to access if needed.
root@ubuntu:~#
vi /etc/bind/named.conf.options


options {
# change

directory "
/etc/bind
";


// If there is a firewall between you and nameservers you want

// to talk to, you may need to fix the firewall to allow multiple

// ports to talk. See http://www.kb.cert.org/vuls/id/800113


// If your ISP provided one or more IP addresses for stable

// nameservers, you probably want to use them as forwarders.

// Uncomment the following block, and insert the addresses replacing

// the all-0's placeholder.


// forwarders {

//       0.0.0.0;

// };


# range you allow to be asked ( set if you use your DNS only in LAN )

allow-query { localhost; 10.0.0.0/24; };

# range you allow to be transfered ( if you use secondary DNS )

allow-transfer { localhost; 10.0.0.0/24; };

# range you allow to be recursioned ( set if you use your DNS only in LAN )

allow-recursion { localhost; 10.0.0.0/24; };


auth-nxdomain no; # conform to RFC1035

# make it comment if not use IPV6

#
listen-on-v6 { any; };

};
 
Tweet