[Ubuntu] BIND9 and Custom Name Servers

What is BIND9?

BIND /?ba?nd/, or named /?ne?mdi?/, is the most widely used DNS software on the Internet. On Unix-like operating systems it is the de facto standard.

 

Installation Ubuntu/Debian

For the most part the Linux VPS will come with bind9 or named installed on the VPS however if you do not have it installed or have removed the package you can install it with the following command

apt-get install bind9

 

With the service installed we should for security purposes configure it to run in a chroot environment.

Stop the bind service.

/etc/init.d/bind9 stop

 

Edit the daemon file

vi /etc/default/bind9

 

change the following line from

OPTIONS="-u bind"

 

to

OPTIONS="-u bind -t /var/lib/named"

 

Now we need to edit the startup script so the service will run as the unprivilidges user "nobody" 

vi /etc/init.d/bind9

 

edit the following line

OPTIONS="-u bind"

 

to

OPTIONS="-u nobody -t /var/lib/named"

 

We now create the necessary directories under /var/lib:

mkdir -p /var/lib/named/etc

mkdir /var/lib/named/dev

mkdir -p /var/lib/named/var/cache/bind

mkdir -p /var/lib/named/var/run/bind/run

 

Then move the config directory from /etc to /var/lib/named/etc:

mv /etc/bind /var/lib/named/etc

 

Create a symlink to the new config directory from the old location (to avoid problems when bind is upgraded in the future):

ln -s /var/lib/named/etc/bind /etc/bind

 

Make null and random devices, and fix permissions of the directories:

mknod /var/lib/named/dev/null c 1 3

mknod /var/lib/named/dev/random c 1 8

chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random

chown -R bind:bind /var/lib/named/var/*

chown -R bind:bind /var/lib/named/etc/bind

Logging, finally we need to edit the startup file for sysklogd to log and important messages in relation to bind9

vi /etc/init.d/sysklogd

 

modify the following line

SYSLOGD=""

 

to

SYSLOGD="-a /var/lib/named/dev/log"

 

Finally its time to create your first zone file you will need to edit named.conf.default-zones

vi /etc/bind/named.conf.default-zones


add your zone

zone "yourdomain.com" {

        type master;

        file "/etc/bind/zones/db.yourdomain.com";

};


save the file, now we need to make the zones folder

mkdir /etc/bind/zones

 

Copy the default or local zone file or create a new zone file.

cp /etc/bind/db.local /etc/bind/zones/db.yourdomain.com


open and edit the zone file.

vi /etc/bind/zones/db.yourdomain.com

enter the following and modify the records as needed.

;

; BIND data file for local loopback interface

;

$TTL    3600

@       IN      SOA     yourdomain.com. root.yourdomain.com (

                      2013061801                ; Serial

                         604800         ; Refresh

                          86400         ; Retry

                        2419200         ; Expire

                         604800 )       ; Negative Cache TTL

;

@                       IN      A       1.1.1.1

yourdomain.com.   IN      NS      ns1.yourdomain.com.

yourdomain.com.   IN      NS      ns2.yourdomain.com.

www                     IN      A       1.1.1.1

ns1                     IN      A       1.1.1.1

ns2                     IN      A       1.1.1.1

@                       IN      AAAA    ::1


Finally we need to create the rDNS entry for the domain edit the named.conf.defautl-zones file

vi /etc/bind/named.conf.default-zones


enter the following

zone"1.1.1.1.in-addr.arpa" {

        type master;

        file "1.1.1.1.in-addr.arpa.zone";

};


note you will need to change the 1.1.1.1 to your ip address but in reverse eg if your ip address is 123.56.89.89 the reverse address would be 89.89.56.123.in-addr.arpa

now that you have completed this save the file and then restart bind

/etc/init.d/bind9 restart

 

Registering your private name servers

Each Registrar is different and we have a list of how to videos at the following link http://myhosting.com/vps-guide/# expand DNS & FTP/SSH and Server Management and watch your registrars respective video.

 

Was this article helpful?
0 out of 0 found this helpful