↑ Top
Kaai24
dev studios
| Sign in | DE EN

Bind DNS Server

Setting up a Linux Domain Name System server using Bind (on Ubuntu 16.04)


We all use easy to remember domain names like "kaai24.eu" instead of the IP addresses the computers and servers really use. A translation layer called DNS makes this possible.

Most networks are configured to use the DNS of the provider or the one from Google (8.8.8.8). But you can setup your own and you should if you want more control over your network like blocking or redirecting sites or if you want to manage your own "zone".

Installation

apt install bind9 dnsutils

Configuration

Add to your "/etc/bind/named.conf.options"

forwarders {
    1.1.1.1;
};
allow-query { any; };
rate-limit {
    responses-per-second 5;
    window 5;
};

Add to your "/etc/bind/named.conf.local"

include "/etc/bind/blacklisted.zones";

Blocked zones

Create "/etc/bind/blacklisted.zones"

zone "blockedurl1.com" { type master; file "/etc/bind/zones/master/blockeddomains.db"; };
zone "blockedurl2.com" { type master; file "/etc/bind/zones/master/blockeddomains.db"; };

Create "/etc/bind/zones/master/blockeddomains.db"

;
; BIND data file for example.local
;
$TTL    3600
@       IN      SOA     ns1.example.local. info.example.local. (
                            2014052101         ; Serial
                                  7200         ; Refresh
                                   120         ; Retry
                               2419200         ; Expire
                                  3600)        ; Default TTL
;
@       IN      NS      example.local
                A       127.0.0.1 ; This means that the domain gets directed to the designated address
*       IN      A       127.0.0.1 ; This wildcard entry means that any permutation of x.domain.com gets directed to the designated address
                AAAA    ::1 ; This means that domain.com gets directed to IPv6 localhost
*       IN      AAAA    ::1 ; This wildcard entry means that any permutation of x.domain.com gets directed to IPv6 localhost

Own zones

Add to your "/etc/bind/named.conf.local"

zone "yoururl.com" { type master; file "/etc/bind/zones/master/yoururl.db"; };

And create a matching file simliar to the "blockeddomains.db" file.

Finally check with "named-checkconf" if it reports any config error. If everything is ok (no output) restart the service with "service bind9 restart".

View and flush the cache

The server will now build up a cache from all requests (by default for 7 days). Show the cache:

rndc dumpdb -cache
grep gnu.org /var/cache/bind/named_dump.db

Flush (delete) the cache

rndc flush
rndc reload

More

(Edited 17-06-19)

Comments