In a previous post I walked you through the installation of BIND9 (Berkley Internet Name Daemon Version 9) on Ubuntu and configuring the installation to function as a caching name server on your local area network (LAN). Caching DNS records on a local server will hopefully boost your network’s performance. That is great, but you probably want your private DNS server to actually help manage the machines on your LAN by maintaining host records and serving those records. Here I show you how to setup a BIND master server to do just that.
Makeup of A Fictional Domain
Here we will consider the set up of a fictional domain named mydomain.lan
on a restricted network (i.e., a LAN located behind a firewall) and the 192.168.1.0
subnet. The domain will have have 4 hosts with the following addresses, names, and roles.
IP Address hostname role alias
192.168.1.99 john DNS/mail server
192.168.1.50 paul web server www
192.168.1.51 george workstation
192.168.1.52 ringo workstation
Note that the web server is configured with the alias (canonical name) www
so that one can navigate to it using www.mydomain.lan
in addition to paul
and paul.mydomain.lan
. Of course your domain will vary in makeup and function to the one considered here, but you should be able to modify the following code to suit your needs.
Configure Zones on BIND
Ubuntu installs BIND with a configuration file /etc/bind/named.conf
that suits most home office and small business needs and does not need to be modified. Instead you will create your local DNS “zone” by editing /etc/bind/named.conf.local
, which is sourced by named.conf
. Open this file with a text editor of your choice (I use vi
here).
sudo vi /etc/bind/named.conf.local
Ignore the commented areas and add a zone definition for your domain to this file.
zone "mydomain.lan" IN {
type master;
file "/etc/bind/zones/mydomain.lan.db";
};
Add a reverse DNS zone definition as well. This will allow the server to map IP addresses to domain names.
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.1.168.192.in-addr.arpa";
};
Create DNS Records
The zone definitions in the previous section refer to files that will contain details about our network mapping. The mydomain.lan.db
file will contain records of the hostname-to-IP address mappings of your domain. The rev.1.168.192.in-addr.arpa
file will contain “reverse” IP address-to-hostname records. Make a directory to hold these files and open mydomain.lan.db
.
sudo mkdir /etc/bind/zones
sudo vi /etc/bind/zones/mydomain.lan.db
For the fictitious domain considered here mydomain.lan.db
is edited to look like the following.
; Use semicolons to add comments.
; Host-to-IP Address DNS Pointers for mydomain.lan
; Note: The extra "." at the end of addresses are important.
; The following parameters set when DNS records will expire, etc.
; Importantly, the serial number must always be iterated upward to prevent
; undesirable consequences. A good format to use is YYYYMMDDI where
; the I index is in case you make more that one change in the same day.
mydomain.lan. IN SOA john.mydomain.lan. hostmaster.mydomain.lan. (
200709131 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; NS indicates that john is the name server on mydomain.lan
; MX indicates that john is (also) the mail server on mydomain.lan
mydomain.lan. IN NS john.mydomain.lan.
mydomain.lan. IN MX 10 john.mydomain.lan.
; Set an alias (canonical name) for paul
www IN CNAME paul.mydomain.lan.
; Set the address for localhost.mydomain.lan
localhost IN A 127.0.0.1
; Set the hostnames in alphabetical order
george IN A 192.168.1.51
john IN A 192.168.1.99
paul IN A 192.168.1.50
ringo IN A 192.168.1.52
After creating the reverse DNS record file
sudo vi /etc/bind/zones/rev.1.168.192.in-addr.arpa
it is edited to look like the following.
; IP Address-to-Host DNS Pointers for 192.168.1.0 subnet
@ IN SOA john.mydomain.lan. hostmaster.mydomain.lan. (
200709131 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; define the authoritative name server
IN NS john.mydomain.lan.
; our hosts, in numeric order
99 IN PTR john.mydomain.lan.
50 IN PTR paul.mydomain.lan.
51 IN PTR george.mydomain.lan.
52 IN PTR ringo.mydomain.lan.
Of course, your DNS records will look different then those above but hopefully by using these configurations as templates you can customize the files to your domain. To initiate your authoritative DNS server restart BIND.
sudo /etc/init.d/bind9 restart
Test your DNS server by typing dig mydomain.lan
at the command prompt. All of the hosts on your local network should appear under AUTHORITY SECTION
in the output of this command.
Permalink
Permalink //
Is there a way to redirect request for a specific urlt (ie vc.example.com) to a local ip? I already tried using CNAME and then have it pointed to a specific A record like below. It still doesn’t work.
vc IN A 10.8.8.10
vc.john.com IN CNAME vc
I want all request for that specific url (vc.john.com) to get redirected to 10.8.8.10. Is this possible?
Any assistance is appreciated.
Permalink //
Note that in the reverse record file rev.1.168.192.in-addr.arpa, a space or tab is required in front of the “NS” line:
; define the authoritative name server
IN NS john.mydomain.lan.
Otherwise, Bind9 won’t load this zone because it expects an argument at the beginning of this line (which we are leaving empty).