Table of Contents
Ubuntu - Bind - Configure Bind9 - Primary Nameserver
Forward Zone File
A DNS Zone resolves names to IP Addresses.
To add a DNS zone to BIND9, turning BIND9 into a Primary server, first edit /etc/bind/named.conf.local:
- /etc/bind/named.conf.local
zone "example.com" { type master; file "/etc/bind/db.example.com"; };
NOTE: If bind will be receiving automatic updates to the file as with DDNS, then use /var/lib/bind/db.example.com rather than /etc/bind/db.example.com both here and in the copy command below.
Use an existing zone file as a template to create the /etc/bind/db.example.com file:
sudo cp /etc/bind/db.local /etc/bind/db.example.com
Edit the new zone file /etc/bind/db.example.com as follows:
- /etc/bind/db.example.com
; ; BIND data file for example.com ; $TTL 604800 @ IN SOA example.com. root.example.com. ( 2014100501 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL @ IN NS ns.example.com. @ IN A 192.168.1.10 @ IN AAAA ::1 ns IN A 192.168.1.10
NOTE:
- Comment: Change this comment to refer to the domain that this file is for.
- Serial Number:
must be incremented every time changes are made to a zone file.
This Serial number can simply be any number, such as 1 or 2 or 3 etc.
The approach taken here is to use the last date this zone file was edited, in the format yyyymmddss (where ss is the change number for that day; 01 for 1st change, 02 for 2nd change, etc).
- FQDNs:
Leave the additional . at the end of the FQDNs (example.com. and root.example.com.).
- root.example.com. actually refers to an email address of root@example.com. Change this as needed to a valid email address, but with a . instead of the usual @ symbol, and leaving a . at the end.
- Create an A record for the base domain, example.com.
- Create an A record for the nameserver; in this example ns.example.com.
NOTE: Add any additional DNS records to the bottom of the zone file.
See Common Record Types for details.
Restart Bind for any changes to take effect:
sudo systemctl restart bind9.service
Reverse Zone File
A Reverse Zone needs to be added to allow DNS to resolve an address to a name.
Edit /etc/bind/named.conf.local and add the following:
- /etc/bind/named.conf.local
zone "1.168.192.in-addr.arpa" { type master; file "/etc/bind/db.192"; };
NOTE: Replace 1.168.192 with the first three octets of whatever network you are using.
Also, name the zone file /etc/bind/db.192 appropriately. It should match the first octet of your network.
Create the /etc/bind/db.192 file:
sudo cp /etc/bind/db.127 /etc/bind/db.192
Edit /etc/bind/db.192 changing the same options as /etc/bind/db.example.com:
- /etc/bind/db.192
; ; BIND reverse data file for local 192.168.1.XXX net ; $TTL 604800 @ IN SOA ns.example.com. root.example.com. ( 2014100501 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns. 10 IN PTR ns.example.com.
IMPORTANT: The Serial Number in the Reverse zone needs to be incremented on each change as well.
For each A record you configure in /etc/bind/db.example.com, that is for a different address, you need to create a PTR record in /etc/bind/db.192.
Restart Bind9
sudo systemctl restart bind9.service