DNS Server Ubuntu 11.04

	Configure DNS server which resolves domain name or IP address.
[1]	Install BIND

root@dlp:~# aptitude -y install bind9 bind9utils

[2]	Configure BIND This example is done with grobal IP address [172.16.0.80/29], Private IP address [10.0.0.0/24], Domain name [server.world]. However, Please use your own IPs and domain name when you set config on your server. ( Actually, [172.16.0.80/29] is for private IP address, though. )

root@dlp:~# vi /etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; # make it comment # include "/etc/bind/named.conf.default-zones"; # add include "/etc/bind/named.conf.internal-zones"; include "/etc/bind/named.conf.external-zones"; root@dlp:~# vi /etc/bind/named.conf.internal-zones # create new # define for internal section view "internal" { match-clients { localhost; 10.0.0.0/24; }; zone "." { type hint; file "db.root"; }; # set zone for internal zone "server.world" { type master; file "server.world.lan"; allow-update { none; }; }; # set zone for internal *note zone "0.0.10.in-addr.arpa" { type master; file "0.0.10.db"; allow-update { none; }; }; zone "localhost" { type master; file "db.local"; }; zone "127.in-addr.arpa" { type master; file "db.127"; }; zone "0.in-addr.arpa" { type master; file "db.0"; }; zone "255.in-addr.arpa" { type master; file "db.255"; }; }; root@dlp:~# vi /etc/bind/named.conf.external-zones # create new # define for external section view "external" { match-clients { any; }; # allo any query allow-query { any; }; # prohibit recursion recursion no; # set zone for external zone "server.world" { type master; file "server.world.wan"; allow-update { none; }; }; # set zone for external *note zone "80.0.16.172.in-addr.arpa" { type master; file "80.0.16.172.db"; allow-update { none; }; }; }; # *note : For How to write for reverse resolving, Write network address reversely like below For 10.0.0.0/24 network address⇒ 10.0.0.0 range of network⇒ 10.0.0.0 - 10.0.0.255 how to write⇒ 0.0.10.in-addr.arpa For 172.16.0.80/29 network address⇒ 172.16.0.80 range of network⇒ 172.16.0.80 - 172.16.0.87 how to write⇒ 80.0.16.172.in-addr.arpa

[3]	Limit ranges you allow to access if needed.

root@dlp:~#vi /etc/bind/named.conf.options

options {
# change


directory "/etc/bind
";


// If there is a firewall between you and nameservers you want

// to talk to, you may need to fix the firewall to allow multiple

// ports to talk. See http://www.kb.cert.org/vuls/id/800113


// If your ISP provided one or more IP addresses for stable

// nameservers, you probably want to use them as forwarders.

// Uncomment the following block, and insert the addresses replacing

// the all-0's placeholder.


// forwarders {

// 0.0.0.0;

// };


# query range you allow


allow-query { localhost; 10.0.0.0/24; };

# the range to transfer zone files


allow-transfer { localhost; 10.0.0.0/24; };

# recursion range you allow


allow-recursion { localhost; 10.0.0.0/24; };



auth-nxdomain no; # conform to RFC1035

# make it comment if not use IPV6


#
listen-on-v6 { any; };

};