Bind

Step By Step Install Bind DNS Slave Server on Ubuntu 20.04

Mohammad Hossein Khoshraftar Yari

Today, I want to install the Bind DNS Slave server on Ubuntu 20.04. In the last post, I wrote about how to install the Bind Master server.

Content:

  1. What is Bind and, its requirement for installing??
  2. Master Bind Server
    1. Install Bind on the Master Server
    2. Configure Forward and Reverse Zones
    3. Create the Forward zone file
    4. Create the Reverse zone file
    5. Configure Options File
  3. Slave Bind Server
    1. Install Bind on the Slave Server
    2. Configure Forward and Reverse Zone

1- What is Bind and, its requirements for installing?

Berkeley Internet Name Domain (BIND) is the most popular Domain Name System (DNS) server in use today. It was developed in the 1980s at the University of Berkley and is currently in version 9. BIND is an open-source system free to download and use, offered under the Mozilla Public License.

1-1-LAB Requirement:

1- 2X Ubuntu Servers version 20.04 from here.

2- update and upgrade your Ubuntu Servers to the latest with this command:

     apt update -y && apt upgrade -y

1-2-LAB Configuration:

  • 1- Master Bind Server:
    • FQDN: Bind01.khoshraftar.com
    • IP: 172.17.116.10
  • 2-Slave Bind Server:
    • FQDN: Bind02.khoshraftar.com
    • IP: 172.17.116.11

3- Bind Slave Server

3-1-Install Bind on the Slave server

     sudo apt install bind9  bind9-utiles

3-2-Create the Forward zone directory

     mkdir /var/lib/bind/zones

3-3-Create the Reverse zone directory

     mkdir /var/lib/bind/reverse

3-4-Configure Forward and Reverse Zone

     sudo vim /etc/bind/named.conf.local

Add the following parameters in the file:

## Forward zone
zone "khoshraftar.com" IN {
    type slave;                                         #Type is Slave
    file "/var/lib/bind/zones/khoshraftar.com.db";      #where save the zone sync
        masters {
                172.17.116.10;                          #who is the Master server?
        };
         allow-query { any; };
         allow-transfer {none; };                       #Not allow zone transfer
};
## Reverse zone
zone "116.17.172.in-addr.arpa" IN {
    type slave;
    file "/var/lib/bind/reverse/116.17.172.in-addr.arpa";
        masters {
                172.17.116.10;
        };
        allow-query { any; };
        allow-transfer { none; };
};

3-5-Verify the syntax of the /etc/named.conf file:

      named-checkconf /etc/bind/named.conf.options

If the command displays no output, the syntax is correct.

Step By Step Install Bind DNS Master Server on Ubuntu 20.04

Mohammad Hossein Khoshraftar Yari

Today, I want to install the Bind DNS Master server on Ubuntu 20.04.

Content:

  1. What is Bind and, its requirement for installing??
  2. Master Bind Server
    1. Install Bind on the Master Server
    2. Configure Forward and Reverse Zones
    3. Create the Forward zone file
    4. Create the Reverse zone file
    5. Configure Options File

1- What is Bind and, its requirements for installing?

Berkeley Internet Name Domain (BIND) is the most popular Domain Name System (DNS) server in use today. It was developed in the 1980s at the University of Berkley and is currently in version 9. BIND is an open-source system free to download and use, offered under the Mozilla Public License.

1-1-LAB Requirement:

1- 2X Ubuntu Servers version 20.04 from here.

2- update and upgrade your Ubuntu Servers to the latest with this command:

     apt update -y && apt upgrade -y

1-2-LAB Configuration:

  • 1- Master Bind Server:
    • FQDN: Bind01.khoshraftar.com
    • IP: 172.17.116.10
  • 2-Slave Bind Server:
    • FQDN: Bind02.khoshraftar.com
    • IP: 172.17.116.11

2- Master Bind Server

2-1- Install Bind on the Master Server

     sudo apt install bind9  bind9-utiles
  • bind9 – The BIND 9 DNS server software.
  • bind9utils – Utilities that make working with BIND 9 easier.
  • bind9-doc – A documentation package for BIND 9.

After installation, the BIND 9 service should be running. You can check the status with this command:

     systemctl status bind9

2-2- Configure Forward and Reverse Zones

     sudo vim /etc/bind/named.conf.local

Add the following parameters:

## Forward zone
zone "khoshraftar.com" IN {
    type master;
    file "/etc/bind/zones/khoshraftar.com.deb";
        allow-query { any; };
        allow-transfer { 172.17.116.11; };          #Slave Ip address
};

## Reverse zone
zone "116.17.172.in-addr.arpa" IN {
    type master;
    file "/etc/bind/reverse/116.17.172.in-addr.arpa";
        allow-query { any; };
        allow-transfer { 172.17.116.11; };          #Slave Ip address
};

2-3-Create the Forward zone file and directory

mkdir /etc/bind/zones   
sudo vim /etc/bind/zones/khoshraftar.com.db

Add the following parameters:

; base zone file for khosharftar.com

$TTL         2d    ;  	                default TTL
$ORIGIN	     khoshraftar.com. ; 	base domain-name

; Start of Authority RR defining the key characteristics of the zone (domain)
@         IN      SOA   bind01.khoshraftar.com.      admin.khoshraftar.com. (
                                2024042702           ; serial number
                                12h                  ; refresh
                                15m                  ; update retry
                                3w                   ; expiry
                                2h                   ; minimum
                                )
; name server for Master Bind
@                   IN      NS      bind01.khoshraftar.com.
; name server for Slave Bind 
@                   IN      NS      bind02.khoshraftar.com.

bind01              IN      A       172.17.116.10
bind02              IN      A       172.17.116.11
www                 IN      A       172.17.116.13

2-4-Create the Reverse zone file and directory

mkdir /etc/bind/reverse
sudo vim /etc/bind/reverse/116.17.172.in-addr.arpa

Add the following parameters:

; Reverse zone file for 116.17.172.in-addr.arpa
;
$TTL 3600
@   IN   SOA   bind01.khoshraftar.com.   admin.khoshraftar.com. (
                  2024042703     ; Serial
                  3600           ; Refresh
                  1800           ; Retry
                  604800         ; Expire
                  86400          ; Minimum TTL
                  )

@       IN      NS      bind01.khoshraftar.com.
@       IN      NS      bind02.khoshraftar.com.
; Write your PTR Record
10      IN      PTR     bind01.khoshraftar.com.
11      IN      PTR     bind02.khoshraftar.com.
13      IN      PTR     www.khoshraftar.com.

2-5-Configure Options File

     sudo vim /etc/bind/named.conf.options

Add the following parameters:

acl  "trusted"  {       #An acl directive that defines our local area network (LAN).
     	 172.17.116.0/24;
     	 172.17.116.10;
    	 172.17.116.11;
	};
options {
       	 directory "/var/cache/bind";
	 recursion yes;  		#enable_Recursion_Queries
       	 allow-recursion {
                      		  trusted;
        		};
      	  allow-query {   
                    		    trusted;
      		  };
      	  listen-on {
                     		   172.17.116.10; 172.17.116.11;	
        		};
        	allow-transfer {
                     		   trusted;
       		 };
       	 forwarders {
                      		  4.2.2.4;
     		   };
      	 dnssec-validation auto;
};

2-6-Verify the syntax of the /etc/named.conf file:

      named-checkconf /etc/bind/named.conf.options

If the command displays no output, the syntax is correct.