How to set up at Bind9 DNS

26 février 2025 Antoine Commentaires 0 Commentaire

A DNS is a service that resolves the FQDN(Fully Qualified Domain Name).

In this tutorial, I will teach you how to set up a DNS for your network, using Bind9!

To start, we will make sure our machine is fully updated and upgraded.

apt update -y && apt upgrade -y

Secondly, this will be my network for this article:

Domain: sio.tp

LAN Network : 192.168.1.0 /24

DNS : 192.168.1.107 /24

NGINX(Web1): 192.168.1.101 /24

Make sure to change the configuration to yours and remember you can keep track of which IP corresponds to the service in this tutorial by looking here.

And thirdly, remember you can check the syntax of each file with:
named-checkconf <yourfile>
Installing Bind9

To start, we’ll install with the apt install command, all the essentials.

apt install bind9 bind9utils bind9-doc

If you wish to check if it was correctly installed, type systemctl status bind9.service

Configuring it

Next step is to edit the etc/hostname with your FQDN

DNS.sio.tp

Will be the one I use, now edit etc/hosts to associate your FQDN with your IP address.

127.0.0.1 localhost
127.0.0.1 DNS.sio.tp
192.168.1.107 DNS.sio.tp

Now /etc/resolv.conf to specify your machine’s IP address as a DNS.

domain sio.tp
search sio.tp
nameserver 192.168.1.107

Network

For Bind9, it uses different configuration file which will happen to be named named.conf.xxxx (xxxx standing for blank) and in /etc/bind/.

The first one to edit is /etc/bind/named.conf.options . This one will specify every rules that your DNS needs to work efficiently.

ACL – to specify which network will have access to the DNS.
forwarders – your vmbr1 ip to redirect DNS request that are not addressed to you.
allow-query – to specify which network will accept requests from this DNS.


acl LAN {
192.168.1.0/24;
};



options {
        directory "/var/cache/bind";
        allow-query { localhost; LAN; };

        forwarders {
                192.168.1.254;
        };
        recursion yes;

        dnssec-validation auto;

        listen-on-v6 { any; };
};

DNS Zone configuration

Now edit the /etc/bind/named.conf.local

zone "sio.tp" IN {
        type master;
        file "/etc/bind/zones/sio.tp";
};


zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/zones/sio.tp.rev";
};

Now we need to create directories to specify our zones.

mkdir /etc/bind/zones
cp /etc/bind/db.local /etc/bind/zones/sio.tp

Now edit the files to make your configuration.

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     sio.tp. root.sio.tp. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      DNS.

DNS     IN      A       192.168.1.107

Web1    IN      A       192.168.1.101

Every time that you add a container to your Proxmox, you need to specify its name and IP in this file

Verify it and it should look like this:

zone sio.tp/IN: loaded serial 2
OK

Reverse DNS zone configuration

We have to create a file on our post.

cp /etc/bind/db.127 /etc/bind/zones/sio.tp.rev

Once it’s done, you will have to edit it.

;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA sio.tp. root.sio.tp. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS DNS.
DNS IN A 192.168.1.107
107 IN PTR DNS.
101 IN PTR Web1.

Verify it with the usual manner. named-checkzone sio.tp /etc/bind/zones/sio.tp.rev

Now restart the bind service.

systemctl restart bind9

Client configuration (Web1)

To use the DNS, you need to specify it’s IP address in etc/resolv.conf

search sio.tp
nameserver 192.168.1.107

Antoine Blanc – Portfolio