Jump toUpdate content
Implementing a DNS server using BIND
- apps
- dns
- bind
DNS (Domain Name System) is a service that translates the IP address of computers connected to the Internet into human-readable domain names & vice-versa. In an environment with a limited amount of Linux machines, it is possible to use the /etc/hosts file for associating an IP address to a DNS name but when you have a large infrastructure with lots of systems/resources, /etc/hosts becomes easily cumbersome.
BIND or Berkeley Internet Name Domain, is an open source software that implements DNS protocols for Internet. In this tutorial, we need a DNS server machine & a client machine for testing.
- You have an account and are logged into Scaleway console
- You have configured your SSH Key
- You have sudo privileges or access to the root user
Installing BIND
Install BIND and its related tools.
apt-get install bind9 bind9utils bind9-doc dnsutilsConfiguring BIND on the primary instance
Edit the
name.conf.localfile:cd /etc/bindnano named.conf.localePaste the following. Make sure to edit the domain name and the IP address of the secondary machine.
//// Do any local configuration here// // Consider adding the 1918 zones here, if they are not used in your// organization//include "/etc/bind/zones.rfc1918"; zone "scw-domain.ml" IN { type master; file "/etc/bind/db.scw-domain.ml"; allow-update { 51.15.250.21; }; allow-transfer { 51.15.250.21; }; notify yes; };Create your zone file. A zone file must contain at least an SOA, a NS and a A record or CNAME.
nano db.scw-domain.mlPaste the following:
;; BIND data file for local loopback interface;$TTL 10800scw-domain.ml. IN SOA ns1.scw-domain.ml. admin.scw-domain.ml. ( 2018120615 ; Serial 10800 ; Refresh 3600 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL; ; Nameserver scw-domain.ml. IN NS ns1.scw-domain.ml.scw-domain.ml. IN NS ns2.scw-domain.ml.ns1 86400 IN A 51.15.242.21ns1 86400 IN AAAA 2001:bc8:4400:2c00::14:229ns2 86400 IN A 51.15.250.21ns2 86400 IN AAAA 2001:bc8:4400:2c00::2c:1fwww 86400 IN A 51.15.242.21www 86400 IN AAAA 2001:bc8:4400:2c00::14:229
Configuring Bind on the secondary instance
Edit the
name.conf.localfile:cd /etc/bindnano named.conf.localPaste the following:
//// Do any local configuration here// // Consider adding the 1918 zones here, if they are not used in your// organization//include "/etc/bind/zones.rfc1918";zone "scw-domain.ml" IN { type slave; file "/etc/bind/db.scw-domain.ml"; masters { 51.15.242.21; }; allow-transfer { none; }; allow-notify { 127.0.0.1; 51.15.242.21; 51.15.250.21; 2001:bc8:4400:2c00::14:229; }; };On the primary machine, restart the service to verify that the zone replication works properly:
service bind9 restartThe following output should be displayed in the syslog file of the secondary machine
tail /var/log/syslog
Jan 11 17:24:22 bind-client named[11492]: client @0x7fa0d00c7260 51.15.242.21#42782: received notify for zone 'scw-domain.ml'Jan 11 17:24:22 bind-client named[11492]: zone scw-domain.ml/IN: notify from 51.15.242.21#42782: zone is up to dateJan 11 17:24:22 bind-client named[11492]: client @0x7fa0d003b900 2001:bc8:4400:2c00::14:229#53121: received notify for zone 'scw-domain.ml'Jan 11 17:24:22 bind-client named[11492]: zone scw-domain.ml/IN: notify from 2001:bc8:4400:2c00::14:229#53121: zone is up to dateYou can try to resolve hostnames on both servers by typing dig www.scw-domain.ml @ns1.scw-domain.ml & dig www.scw-domain.ml @ns2.scw-domain.ml
You should see in the answer section the following:
;; ANSWER SECTION:www.scw-domain.ml. 86400 IN A 51.15.242.21