Step 1. Create named.conf file with the following content:
Note: options "directory", ", "pid-file", "dump-file", "statistics-file" might have other values if you configure bind server on Linux. The following values are for FreeBSD.
Note: do not forget to put ";" after every IP, incuding last IP, and to enclose rules between { }.
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
forwarders { 213.157.176.3; 213.157.176.1; };
allow-recursion { 10.0.0.1/16; 127.0.0.1; };
allow-transfer { 213.157.176.3; 213.157.176.1; 192.162.16.0/24; };
listen-on { 127.0.0.1; 86.X.Y.Z; };
};
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "master/localhost.rev";
};
zone "Z.Y.X.86.in-addr.arpa" {
type master;
file "master/Z.Y.X.86.in-addr.arpa"Few explanations regarding following variables:forwarders { 213.157.176.3; 213.157.176.1; };
allow-recursion { 10.0.0.1/16; 127.0.0.1; };
allow-transfer { 213.157.176.3; 213.157.176.1; 192.162.16.0/24; };
listen-on { 127.0.0.1; 86.X.Y.Z; };
forwarders - here you place your ISP DNS Servers (or other DNS servers from root, that accept your IPs). This is also useful for DNS cache.allow-recursion - allow only to IP placed here (or to subnets) to query the DNS server. You must place here all IPs or subnets that will use the DNS server.
allow-transfer - allow only to these servers to transfer zones from current DNS server (there can be DNS slave servers for example).
listen-on - the IP on which will run the DNS server.
Step 2. Create the file for the domain "example.com", (we asume example.com is the domain you want to setup) with the following content:
$TTL 3600 ; 1 ora example.com. IN SOA ns1.example.com. admin.example.com. ( 2006051501 ; Serial 10800 ; Refresh 3600 ; Retry 604800 ; Expire 86400 ; Minimum TTL ) ; DNS Servers IN NS ns1.example.com. IN NS ns2.example.com. ; MX Records IN MX 10 mx.example.com. IN MX 20 mail.example.com. IN A 86.X.Y.Z
; Machines localhost IN A 127.0.0.1 ns1 IN A 86.X.Y.Z ns2 IN A 86.X.Y.Z mx IN A 86.X.Y.Z mail IN A 86.X.Y.Z ; Aliases www IN CNAME @Note: be careful not to omit "." when defining zone, after every host name. If you omit ".", bind will add after machine name the origin of zone (in our case example.com). So "." at the end of hostname in zone means the
exact name of hostname.
Step 3. Add in /etc/resolv.conf the following line:
nameserver 127.0.0.1
Step 4. Test the DNS server
After you've configured bind (named.conf) and you've created zone file you will start bind service to test if it works. After you've stared bind (/etc/rc.d/named -forcestart) you must have answer when pinging the domain name from localhost. Try to ping every hostname defined as A records in your zone file.
Note: NS and MX records from zone must all have defined A records in order to properly work. If NS and MX records do not have A records defined with the same name it won't answer to ping either from localhost or from outside and it won't work.
Test example (from localhost):
#ping ns1.example.com
If after configuration hosts defined in DNS server zone answers to ping then from localhost everything works well. To test from outside you must wait for DNS to propagate to the Internet. This will take up to 24 hours.
Then you must the proper answer to queries on zone records (NS, MX, subdomains).
If DNS server does not answers when you ping on A records from localhost:
- check if name server is started (ps awux | grep named)
- check if name server is listen on port 53 (netstat -an | grep 53)
- you can start named in foreground with "named -f" to check error messages or you can activate logs for named service)
As a note you should also have open port 953 which is used by rndc service to reload named server.
Test DNS server with dig:
dig -x @ domeniu.com anyIf you do not want to see all records but only MX or NS replace "any" with NS or MX. If digs returns your records defined in your zone then you've succesfuly setup your DNS server, and you must wait for DNS records to propagate to the Internet.
Test DNS Server with nslookup:
#nslookup >set q=any >example.com ^DExample:
webserver# nslookup > set q=any > example.com Server: 127.0.0.1 Address: 127.0.0.1#53 example.com origin = ns1.example.com mail addr = webmaster.example.com serial = 2007061061 refresh = 21600 retry = 3600 expire = 604800 minimum = 86400 example.com nameserver = ns1.example.com. example.com mail exchanger = 10 mail.example.com. Name: example.com Address: 86.X.Y.ZQuery the DNS Server by using local DNS server:
> lserver example.com Default server: example.com Address: 86.X.Y.Z#53Example DNS server query for MX records with nslookup:
# nslookup -type=mx example.com Server: 127.0.0.1 Address: 127.0.0.1#53 example.com mail exchanger = 10 mail.example.com.Query the DNS server in verbose mode, useful for debug:
> set debug > example.com Server: 127.0.0.1 Address: 127.0.0.1#53 ------------ QUESTIONS: example.com, type = A, class = IN ANSWERS: -> example.com internet address = 86.X.Y.Z AUTHORITY RECORDS: -> example.com nameserver = ns1.example.com. ADDITIONAL RECORDS: -> ns1.example.com internet address = 86.X.Y.Z ------------ Name: example.com Address: 86.X.Y.ZQuery of the DNS server in more verbose mode (debug 2):
> set d2 > example.comHowto configure a Slave DNS server:
The Slave DNS server usualy is setup for redundancy. It will share the load with MasterDNS server and will answer to DNS request if the Master DNS server is not accesible. Usualy is not recommended to use two Master DNS servers (it is possible). You can use multiple Slave DNS servers. A Slave DNS server can transfer DNS zones to other SlaveDNS server (of course if it is configured to do that).
How it works: the Master DNS server read DNS records from file and then sends those records to the Slave DNS server. The zone file from Slave DNS server is a copy of the zone file from Master DNS server.
Example for Master and Slave DNS servers:
zone "example.com" in { type master; file "/etc/namedb/example.com";
zone "example.com" in { type slave; file "/etc/namedb/slave.example.com"; masters { 86.X.Y.Z; };
