How To Install DNS Server (Bind9) On Ubuntu 20.04

How To Install DNS Server (Bind9) On Ubuntu 20.04

Now I want to share the DNS server installation process on your Ubuntu 20.04 server. DNS server very important tools for your network because many IP address can’t remember so can remember DNS name.

  • My server info :
  • Server IP : 10.66.11.15
  • Disk : 25 GB
  • RAM : 1GB
  • vCPU : 2
  • Service : DNS (bind9)
  • Webmin [For manage DNS from browser]

Step : Prepare your server using change hostname ip or update.

root@ubuntu20:~# lsb_release -a
root@ubuntu20:~# ip r
root@ubuntu20:~# apt update && apt upgrade -y
root@ubuntu20:~# vi /etc/hosts
Sponsored

Insert server ip address and hostname into hosts file.

127.0.0.1       localhost
10.66.11.15     ns1.ubuntu-server.local ns1

Again open vi /etc/hostname file and add server hostname.

ns1

Also open vi /etc/cloud/cloud.cfg file and must be set preserve_hostname: true

preserve_hostname: true

Then reboot your server using command.

root@ubuntu20:~# reboot

Step : Add nameserver ip address as your server ip address into /etc/resolv.conf file.

root@ns1:~# vi /etc/resolv.conf

Insert below details like

nameserver 10.66.11.15
options edns0
search ubuntu-server.local

Step : Now install dns (bind9) package using below command.

root@ns1:~# apt-get install bind9 bind9utils bind9-doc -y
root@ns1:/etc/bind# cd /etc/bind/
root@ns1:/etc/bind# cp named.conf.local named.conf.local.back
root@ns1:/etc/bind# cp db.local db.fwd.ubuntu-server.local
root@ns1:/etc/bind# cp db.local db.rev.ubuntu-server.local
root@ns1:/etc/bind# mkdir /etc/bind/zones
root@ns1:/etc/bind# mv db.fwd.ubuntu-server.local zones
root@ns1:/etc/bind# mv db.rev.ubuntu-server.local zones
root@ns1:/etc/bind# vi named.conf.local

Delete all text from named.conf.local and insert below text. Must be replace your server ip address and file name.

acl "Trusted" {
        10.66.11.15;   # Name Server
};

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        recursion yes;                 		# enables resursive queries
        allow-recursion { Trusted; };  	# allows recursive queries from "trusted" clients
        listen-on { 10.66.11.15; };   		# ns1 private IP address - listen on private network only
        allow-transfer { none; };      		# disable zone transfers by default

        forwarders {
                8.8.8.8;
                8.8.4.4;
        };

        // forwarders {
        //      0.0.0.0;
        // };

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};                         

Step : Goto your zones folder and edit forward and reverse file.

root@ns1:/etc/bind# cd zones
root@ns1:/etc/bind/zones# vi db.fwd.ubuntu-server.local

Delete all text and add below all code into db.fwd.ubuntu-server.local file. And must be replace your server ip address and hostname.

See also  How To Install osTicket v1.14 On Ubuntu 20.04
;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     ns1.ubuntu-server.local. root.ns1.ubuntu-server.local. (
                        6
                        604800
                        86400
                        2419200
                        604800 )
;
@       IN      NS      localhost.
@       IN      A       127.0.0.1
@       IN      AAAA    ::1

;Name Server Information
        IN      NS      ns1.ubuntu-server.local.
;Name Server A records
ns1.ubuntu-server.local.      IN      A       10.66.11.15

Now open reverse file db.rev.ubuntu-server.local

root@ns1:/etc/bind/zones# vi db.rev.ubuntu-server.local

And delete all text from db.rev.ubuntu-server.local and inert below text into this file. Must be change hostname and PTR last octet as your own server details.

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     ns1.ubuntu-server.local. root.ns1.ubuntu-server.local. (
                        5
                        604800
                        86400
                        2419200
                        604800 )
;
@       IN      NS      localhost.
@       IN      A       127.0.0.1
@       IN      AAAA    ::1


;Name Server Information

        IN      NS     ns1.ubuntu-server.local.

;PTR records from ip last two part

11.15      IN      PTR    ns1.ubuntu-server.local.

Note : My IP address 10.66.11.15 so it last two 11.15 PTR record. this is third octet is first and last octet is second.

Sponsored

Step : Now restart dns service and check all is ok.

root@ns1:/etc/bind/zones# service bind9 restart
root@ns1:/etc/bind/zones# service bind9 status
root@ns1:/etc/bind/zones# named-checkzone 66.10.in-addr.arpa db.fwd.ubuntu-server.local
root@ns1:/etc/bind/zones# named-checkzone 66.10.in-addr.arpa db.rev.ubuntu-server.local

This is advanced option for manage DNS from browser.

Now I am install webmin for manage dns server from browser.

root@ns1:/etc/bind/zones# cd
root@ns1:~# apt update
root@ns1:~# vi /etc/apt/sources.list

Insert below two lines into sources.list for install webmin.

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

or.

you can use below details for install webmin manage dns server.

root@ns1:~# wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -
root@ns1:~# sudo add-apt-repository "deb http://download.webmin.com/download/repository sarge contrib"
root@ns1:~# apt-get update
root@ns1:~# apt-get install webmin -y

Now browse server ip address using webmin default port. https://10.66.11.15:10000

Resolve rndc error using create rndc.key file.

read rndc.key file using cat command.

root@ns1:/etc/bind/# cat rndc.key
key "rndc-key" {
        algorithm hmac-sha256;
        secret "aj8uPMxFxe1XE8qZuY9Zjd1vp3S6VeY2fweQwtxUxDg=";
};

Now inert below text as your file details.

############rndc-key collect from rndc-key file############
key "rndc-key" {
        algorithm hmac-sha256;
        secret "aj8uPMxFxe1XE8qZuY9Zjd1vp3S6VeY2fweQwtxUxDg=";
};
options {
        default-key "rndc-key";
        default-server 127.0.0.1;
        default-port 953;
};

 

Conclusion

 


Discover more from Ubuntu-Server.com

Subscribe to get the latest posts sent to your email.

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply