Jump toUpdate content
Implementing a DNS server using BIND
- apps
- dns
- bind
- domain-name
- IP
DNS (Domain Name System) is a service that translates the IP address of computers connected to the Internet into human-readable domain names & vice-versa. In an environment with a limited amount of Linux machines, it is possible to use the /etc/hosts file for associating an IP address to a DNS name, but when you have a large infrastructure with lots of systems/resources, /etc/hosts may quickly become cumbersome.
BIND or Berkeley Internet Name Domain is open-source software that implements DNS protocols for the Internet. In this tutorial, we need a DNS server machine & a client machine for testing.
- You have an account and are logged into Scaleway console
- You have configured your SSH Key
- You have sudo privileges or access to the root user
Installing BIND
Install BIND and its related tools.
apt-get install bind9 bind9utils bind9-doc dnsutils
Configuring BIND on the primary instance
Edit the
name.conf.localfile:cd /etc/bind
nano named.conf.localePaste the following. Make sure to edit the domain name and the IP address of the secondary machine.
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "scw-domain.ml" IN {
type master;
file "/etc/bind/db.scw-domain.ml";
allow-update { 51.15.250.21; };
allow-transfer { 51.15.250.21; };
notify yes;
};Create your zone file. A zone file must contain at least an SOA, a NS and a A record or CNAME.
nano db.scw-domain.mlPaste the following:
;
; BIND data file for local loopback interface
;
$TTL 10800
scw-domain.ml. IN SOA ns1.scw-domain.ml. admin.scw-domain.ml. (
2018120615 ; Serial
10800 ; Refresh
3600 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Nameserver
scw-domain.ml. IN NS ns1.scw-domain.ml.
scw-domain.ml. IN NS ns2.scw-domain.ml.
ns1 86400 IN A 51.15.242.21
ns1 86400 IN AAAA 2001:bc8:4400:2c00::14:229
ns2 86400 IN A 51.15.250.21
ns2 86400 IN AAAA 2001:bc8:4400:2c00::2c:1f
www 86400 IN A 51.15.242.21
www 86400 IN AAAA 2001:bc8:4400:2c00::14:229
Configuring Bind on the secondary instance
Edit the
name.conf.localfile:cd /etc/bind
nano named.conf.localPaste the following:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "scw-domain.ml" IN {
type slave;
file "/etc/bind/db.scw-domain.ml";
masters { 51.15.242.21; };
allow-transfer { none; };
allow-notify { 127.0.0.1; 51.15.242.21; 51.15.250.21; 2001:bc8:4400:2c00::14:229; };
};On the primary machine, restart the service to verify that the zone replication works properly.
service bind9 restart
The following output displays in the syslog file of the secondary machine:
tail /var/log/syslog
Jan 11 17:24:22 bind-client named[11492]: client @0x7fa0d00c7260 51.15.242.21#42782: received notify for zone 'scw-domain.ml'
Jan 11 17:24:22 bind-client named[11492]: zone scw-domain.ml/IN: notify from 51.15.242.21#42782: zone is up to date
Jan 11 17:24:22 bind-client named[11492]: client @0x7fa0d003b900 2001:bc8:4400:2c00::14:229#53121: received notify for zone 'scw-domain.ml'
Jan 11 17:24:22 bind-client named[11492]: zone scw-domain.ml/IN: notify from 2001:bc8:4400:2c00::14:229#53121: zone is up to date
You can try to resolve hostnames on both servers by typing dig www.scw-domain.ml @ns1.scw-domain.ml & dig www.scw-domain.ml @ns2.scw-domain.ml
You should see in the answer section the following:
;; ANSWER SECTION:
www.scw-domain.ml. 86400 IN A 51.15.242.21