How to implement a DNS server using BIND

DNS Server & BIND Overview

DNS (Domain Name System) is a service which translates the IP address of computers connected to the Internet into human-readable domain names & vice-versa. In environment with only a limited numbers of Linux machines, it is possible to use the /etc/hosts file for associating an IP address with a DNS name but when you have a large infrastructure with lots of systems/resources, /etc/hosts becomes easily cumbersome.

BIND or Berkeley Internet Name Domain, is an open source software that implements DNS protocols for internet. In this tutorial, we need a DNS server machine & a client machine for testing.

Requirements:

• You have an account and are logged into console.scaleway.com
• You have configured your SSH Key
• You have sudo privileges or access to the root user.

DNS Core Concepts

• RR (Resource Records): defines data types in the Domain Name System
• A record: maps a hostname to an IPV4 address
• AAAA record: maps a hostname to an IPV6 address
• NS (Name server) record: identifies authoritative DNS server for the zone
• MX (Mail Exchanger) record: specifies a mail server responsible for accepting incoming mail in the zone
• CNAME (canonical name) record: specifies alias of one name to another name,
• PTR (Pointer) record: are reverse DNS record, for instance an IP address to a hostname
• SOA (Start of Authority) record: contains information about DNS zones & other DNS records
• TXT (Text) record: provides the ability to associate arbitrary text with a host or other human readable information about a server, network, data center, or other accounting information.

In addition, the mechanism for pointing the server to its zone data files is the configuration files. By default, four configuration files exist:

• named.conf: main configuration file which should not be edited as it serves as a reference point to all the other configurations file.
• named.conf.options: all the configuration options for the DNS server are stored in this file.
• named.conf.default-zones: contains default forward, reverse, and broadcast zones.
• named.conf.local: contains the local DNS server configuration, and this is where you declare the zones associated with this server’s domains.

Installing BIND

Install BIND and its related tools:

apt-get install bind9 bind9utils bind9-doc dnsutils

Configuring BIND on the Primary Instance

1 . Edit the name.conf.local file:

cd /etc/bind
nano named.conf.locale

2 . Paste the following. Make sure to edit the domain name and the IP address of the secondary machine.

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "scw-domain.ml" IN {
                type master;
                file "/etc/bind/db.scw-domain.ml";
                allow-update { 51.15.250.21; };
                allow-transfer { 51.15.250.21; };
                notify yes;
        };

3 . Create your zone file. A zone file must contain at least an SOA, a NS and a A record or CNAME.

nano db.scw-domain.ml

4 . Paste the following:

;
; BIND data file for local loopback interface
;
$TTL    10800
scw-domain.ml.  IN      SOA     ns1.scw-domain.ml. admin.scw-domain.ml. (
                        2018120615      ; Serial
                          10800         ; Refresh
                          3600          ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;

; Nameserver

scw-domain.ml.  IN      NS      ns1.scw-domain.ml.
scw-domain.ml.  IN      NS      ns2.scw-domain.ml.
ns1     86400   IN      A       51.15.242.21
ns1     86400   IN      AAAA    2001:bc8:4400:2c00::14:229
ns2     86400   IN      A       51.15.250.21
ns2     86400   IN      AAAA    2001:bc8:4400:2c00::2c:1f
www     86400   IN      A       51.15.242.21
www     86400   IN      AAAA    2001:bc8:4400:2c00::14:229

Configuring Bind on the Secondary Instance

1 . Edit the name.conf.local file:

cd /etc/bind
nano named.conf.local

2 . Paste the following:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "scw-domain.ml" IN {
                type slave;
                file "/etc/bind/db.scw-domain.ml";
                masters { 51.15.242.21; };
		            allow-transfer { none; };
                allow-notify { 127.0.0.1; 51.15.242.21; 51.15.250.21; 2001:bc8:4400:2c00::14:229;  };
        };

3 . On the primary machine, restart the service to verify that the zone replication works properly:

service bind9 restart

The following output should be displayed in the syslog file of the secondary machine

tail /var/log/syslog

Jan 11 17:24:22 bind-client named[11492]: client @0x7fa0d00c7260 51.15.242.21#42782: received notify for zone 'scw-domain.ml'
Jan 11 17:24:22 bind-client named[11492]: zone scw-domain.ml/IN: notify from 51.15.242.21#42782: zone is up to date
Jan 11 17:24:22 bind-client named[11492]: client @0x7fa0d003b900 2001:bc8:4400:2c00::14:229#53121: received notify for zone 'scw-domain.ml'
Jan 11 17:24:22 bind-client named[11492]: zone scw-domain.ml/IN: notify from 2001:bc8:4400:2c00::14:229#53121: zone is up to date

You can try to resolve hostnames on both servers by typing dig www.scw-domain.ml @ns1.scw-domain.ml & dig www.scw-domain.ml @ns2.scw-domain.ml

You should see in the answer section the following:

;; ANSWER SECTION:
www.scw-domain.ml.	86400	IN	A	51.15.242.21