NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Linux > Ubuntu Tips and Tricks

March 16th, 2007, 10:42 GMT · By Mihai Marinof

How to Host Your Own Domain with Bind9 on Ubuntu

Adjust text size:

If you have ever registered a domain, you might have noticed that you were asked to enter the IP address of two name servers. Those name servers are basically two BIND(9) daemons, running as master and slave, on two different machines. This is a commonly used setup for hosting your own domain; in case one breaks, the other will continue to server your website, mail server and any other services you might run. However, this is an optional step and you don't need to follow it if you're only looking to provide a DNS server for your network.

INSTALLING BIND 9

Before we start, keep in mind that you'll need root privileges to install and configure bind. I prefer switching user to root and execute the commands, rather than using sudo so this guide will assume you do the same. Otherwise, add 'sudo' before every command.

Moreover, for this guide, I'll use as an example the domain "linux.lan" and IP addresses "10.10.0.77 and 10.10.0.78". You'll have to replace them with your own.

. Switching to user root in a terminal and check for updates:

CODE

$ sudo passwd root
Password: (Enter the password for current user)
Enter new UNIX password: (Enter the password you want to set for root)
Retype new UNIX password: (Retype root password)
passwd: password updated successfully

$ su -
Password: (Enter root password here)

# apt-get update; apt-get upgrade

. Install BIND9:

CODE

# apt-get install bind9

CONFIGURING BIND

. Ubuntu provides you with a pre-configured version of Bind so you will only have to open the file /etc/bind/named.conf.local in your favorite editor and insert your zones. A zone is a domain name that is referenced in the DNS server.

CODE

zone "linux.lan" {
        type master;
        file "/etc/bind/zones/linux.lan.db";
        };

zone

 "0.10.10.in-addr.arpa" {
     type master;
     file "/etc/bind/zones/rev.0.10.10.in-addr.arpa";
};

. Next, edit the bind options file, /etc/bind/named.conf.options and modify the forwarders directive. This is the DNS server to witch your Bind installation will forward the requests it can't process. Replace the IP given as an example in that file with the DNS IP address provided by your ISP. Also, make sure the forwarders directive ISN'T commented out (has two slashes in front of it). If it does, remove them.

. It's time to add the zone definition files. Create the zones directory:

CODE

# mkdir /etc/bind/zones

. Add the zone definitions to file /etc/bind/zones/linux.lan.db (file does not exist, create it):

CODE

linux.lan.      IN      SOA     ns1.linux.lan. admin.linux.lan. (

                                                        2006081401
                                                        28800
                                                        3600
                                                        604800
                                                        38400 )

linux.lan.      IN      NS              ns1.linux.lan.
                IN      A               10.10.0.77
mail.linux.lan.  IN      MX     10       mail.linux.lan.
linux.lan.      IN      MX     10       mail.linux.lan.

www              IN      A       10.10.0.77
mail              IN      A       10.10.0.77
ns1              IN      A       10.10.0.77

. Create the reverse DNS zone file. Create the file /etc/bind/zones/rev.rev.0.10.10.in-addr.arpa and add:

CODE

@ IN SOA linux.lan. admin.linux.lan. (
                        2006081401;
                        28800;
                        604800;
                        604800;
                        86400 );

                     IN    NS     ns1.linux.lan.
77                   IN    PTR    linux.lan.

. Restart Bind so the changes will take effect:

CODE

# /etc/init.d/bind9 restart

TESTING BIND

. To test DNS resolving, use either host, dig, both or any other tools (nslookup etc):

CODE

# host linux.lan 127.0.0.1
linux.lan has address 10.10.0.7
linux.lan mail is handled by 10 mail.linux.lan.

CODE

# dig linux.lan
; QUESTION SECTION:
;linux.lan.                     IN      A

;; ANSWER SECTION:
linux.lan.              38400   IN      A       10.10.0.77

;; AUTHORITY SECTION:
linux.lan.              38400   IN      NS      ns1.linux.lan.

;; ADDITIONAL SECTION:
ns1.linux.lan.          38400   IN      A       10.10.0.77

CHANGING DEFAULT DNS SERVER

. If the results are similar to the ones above, it's time to make your system use the new DNS server. Edit the file /etc/resolv.conf to look like:

CODE

search linux.lan
nameserver 10.10.0.77
nameserver 123.123.123.123

Where 10.10.0.77 is the server's IP running Bind, which is also reachable by computers in your network or Internet (depending on what you want to do with your DNS server), and 123.123.123.123 is the DNS IP address provided by your ISP.

INSTALLING SLAVE DNS SERVER

. On another machine, follow the same guide above until the ZONES part.
- The following commands are for the slave server unless stated otherwise. -

. Create the zones directory:

CODE

# mkdir /etc/bind/zones

. For BOTH master and slave, edit /etc/bind/named.conf.options and add this line within the options section (somewhere in the middle of the file, not at beginning/end):

CODE

dnssec-enable yes;

. Use dnssec-keygen to generate a .private and .key file:

CODE

# dnssec-keygen -a hmac-md5 -b 128 -n host linux.lan

. Add this in your /etc/bind/named.conf on master AND slave. Open the .private file generated earlier and copy the hashkey from Key:, then paste it to secret directive:

CODE

key "TRANSFER" {
        algorithm hmac-md5;
        secret "HASHKEY-FROM-.PRIVATE-FILE";
};

. On the MASTER server, add the slave IP to /etc/bind/named.conf (again, don't forget to replace the examples with your valid IP addresses):

CODE

server 10.10.0.78 {
        keys {
        TRANSFER;
    };
};

. On the SLAVE server, add the master IP to /etc/bind/named.conf:

CODE

server 10.10.0.77 {
        keys {
        TRANSFER;
    };
};

. Add the following to /etc/bind/named.conf.local (yes, on slave):

CODE

zone "linux.lan" {
        type slave;
        file "/etc/bind/zones/slave_linux.lan.db";
        masters { 10.10.0.77; };
        allow-notify { 10.10.0.77; };
};

. Finally, add this to /etc/bind/named.conf:

CODE

include "/etc/bind/rndc.key";

When Bind will be restarted, there will be a zone transfer. This requires a synchronized clock, so the last step before restarting bind is to run the following command on both servers:

CODE

# apt-get -y install ntpdate

Enjoy!

FILED UNDER:

TELL US WHAT YOU THINK:

97,116 hits · 14 comments · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Screencast Guide: Capure Your Linux Desktop on Video!

Install Nvidia and ATI Video Drivers on Ubuntu Edgy

Ubuntu/Kubuntu/Edubuntu/Xubuntu 6.10 Edgy Eft Knot 1 Released

Ubuntu Edgy Desktop Effects with Beryl

Dual Boot Ubuntu and Windows

READER COMMENTS:

Comment #1 by: bahattin on 21 Aug 2008, 11:54 UTC	reply to this comment
you can do hosting easily on ubuntu with ehcp, Easy Hosting Control Panel

Comment #2 by: Alex on 08 Jun 2009, 17:46 UTC	reply to this comment
Nice tutorial .. i stated my nameserver with the help of this tutorial .. and works perfect. keep it up

Comment #2.1 by: jidifi on 29 May 2011, 13:21 GMT

It works perfect really ? If so, it would be very funny !

Comment #3 by: Mark Hentov on 04 Oct 2009, 15:37 UTC	reply to this comment
The only part that is not making sense is, "To test DNS resolving, use either host, dig, both or any other tools (nslookup etc):" # host linux.lan 127.0.0.1 linux.lan has address 10.10.0.7 What does 10.10.0.7 and where does it come from?

Comment #4 by: Silvergateway.com on 01 Nov 2009, 15:34 UTC

reply to this comment

As stated above in the article the 10.10.0.7 is the ip address of the server
sudo ifconfig
Will show you your current server ip address. (usually eth0 inet addr: *.*.*.*)

The 10.10.0.7 ip address is only an example, most networks that have a retail router (In a home setup) will default to something like 192.168.0.0. It dose not matter what ip address you use, as long as the rest of the systems on your network are on the same subnet, i.e. 192.168.0.1 - 254.

Host, Dig are linux tools for checking DNS server records, ie. host your-new-domain.com or dig your-new-domain.com... nslookup is the windows version of the same tool, only Linux is better :P

FYI: There are five classes of available IP ranges: Class A, Class B, Class C, Class D and Class E, while only A, B and C are commonly used. Each class allows for a range of valid IP addresses.
More details on IP address can be found at : http://www.computerhope.com/jargon/i/ip.htm

Anyway I hope that answers your question Mark. And thank you for your article Mihai Marinof, it was great for a refresher well I setup a new ubuntu sandbox web server.

Comment #5 by: Alon on 27 Jan 2010, 13:20 UTC	reply to this comment
great article, but it might be slightly better: is the rev.rev.0.10.10.in-addr.arpa is a typo? should it be rev.0.10.10.in-addr.arpa as written in named.conf.local ? bind log files complained that there is no TTL in the files linux.lan.db and rev.0.10.10.in-addr.arpa so the first line in those file should contain $TTL 84600 or similar.

Comment #6 by: dada on 17 Mar 2010, 06:40 UTC	reply to this comment
It is a good tutorial thank you .But I have something to ask if someone can give answer ,what is those numbers ? what is they role in DNS ?and lastly How they could be common for different machines? 2006081401 28800 3600 604800 38400 Thank u for your tutorial ,I really got something from it.And I will appreciate if someone has willingness to lead me to answer.

Comment #7 by: Tim on 01 Aug 2010, 12:09 UTC	reply to this comment
Hi; I know this may sound like a n00b question, but I am a novice/rookie to Linux. How do I make a .DB file?

Comment #8 by: roberto on 02 Aug 2010, 14:47 UTC	reply to this comment
Hi guys, The most of tutorials follow theses instructions. And modifying a little bit to add ttl, the start of the bind will not complain on the log... But when I run the dig or the host, it seems it does not work. Are the new versions of ubuntu blocked ? Or do i do something wrong ? Thanks for your help... Roberto...

Comment #9 by: Garry on 29 Oct 2010, 09:14 UTC	reply to this comment
at the testing bind step... restarting bind9 I get fail. I went ahead and made the modifications suggested in the comments above and there is no change. Still fails to restart. Perhaps someone can share their feedback on this if they were successful. The article is two years old, but seems to be the one that Google ranks on their results.

Comment #10 by: Garry on 29 Oct 2010, 09:21 UTC

reply to this comment

Ok, sorry for the duplicate comment. Here's the solution I had up to the testing point.

On the file named.conf.options make sure the comment out // is removed found in front of the word forwarders {

and also make sure the comment out // is removed found in front of the closing tag };

If you do all that is listed above in the article and the suggested modifications contributed by the commenters plus the modification I just included, when you run /etc/init.d/bind9 restart is will restart successfully. Good luck.

Comment #11 by: airtonix on 20 Jun 2011, 09:11 UTC	reply to this comment
wow setting a password for root is unnecessary since you just use sudo su.

Comment #11.1 by: pat on 05 Oct 2011, 08:26 GMT

... or sudo -i

Comment #12 by: mujahied on 19 Sep 2011, 05:13 UTC	reply to this comment
http://ubuntuforums.org/showthread.php?t=1846297

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use