Wednesday, 28 June 2023

How to create own DNS server at Ubuntu-Server-20.4 LTS

For Creating own DNS server we need some requirements


1. I am using Ubuntu Server 20.4 LTS server.

2. Domain name: shaharul.abc

3. DNS server Name: ns.shaharul.abc

4. IP: 192.168.9.92


Let's start,


First update repo

sudo apt update


Then install Bind9 package and utils

sudo apt install -y bind9 bind9-utils


Then need to create a zones for DNS server.

sudo nano /etc/bind/named.conf.local


In created zone file we need to add a forward zone and reverse zone. in named.conf.local file paste below configurations. 

Forward Zones Config

zone "shaharul.abc" IN { // Domain name

     type master; // Primary DNS

     file "/etc/bind/shaharul.abc.db"; // Forward Zone file

     allow-update { none; }; // Since this is the primary DNS, it should be none.

};


Reverse Zones Config


zone "9.168.192.in-addr.arpa" IN { // Reverse lookup name, should match your network in reverse order

     type master; // Primary DNS

     file "/etc/bind/r.shaharul.abc.db"; // Reverse lookup file

     allow-update { none; }; // Since this is the primary DNS, it should be none.

};


In the  shaharul.abc.db and r.shaharul.abc.db  zone file we need to add some record. 

Record types in the zone file,

SOA – Start of Authority
NS – Name Server
A – A record
MX – Mail for Exchange
CN – Canonical Name

Edit shaharul.abc.db file 

sudo nano /etc/bind/shaharul.abc.db


and paste below configurations and please don't forget to use your domain name server and ip address instead of mine. 


$TTL    86400
@       IN      SOA     ns.shaharul.abc. root.shaharul.abc. (
                         200101         ; Serial
                         21600          ; Refresh
                         3600           ; Retry
                         604800         ; Expire
                         86400 )        ; Negative Cache TTL
;
;Name Server Information

@        IN      NS      ns.shaharul.abc.

;IP address of Name Server

ns      IN      A       192.168.9.92  

;Mail Exchanger

@       IN     MX   10   mail.shaharul.abc.

;A – Record HostName To Ip Address

www     IN       A      192.168.9.90
mail    IN       A      192.168.9.91

;CNAME record

ftp     IN      CNAME   www.shaharul.abc.


Edit r.shaharul.abc.db file 


sudo nano /etc/bind/r.shaharul.abc.db


and paste below configurations


$TTL    86400
@       IN      SOA     ns.shaharul.abc. root.shaharul.abc. (
                         200101         ; Serial
                         21600          ; Refresh
                         3600           ; Retry
                         604800         ; Expire
                         86400 )        ; Negative Cache TTL
;
;Name Server Information

@       IN      NS     ns.shaharul.abc.

;Reverse lookup for Name Server

92      IN      PTR    ns.shaharul.abc.

;PTR Record IP address to HostName

90     IN      PTR    www.shaharul.abc.
91     IN      PTR    mail.shaharul.abc.


Edit named.conf.options and uncomment forworders line and make dnssec-validation no; by default it will be dnssec-validation auto;


sudo nano /etc/bind/named.conf.options

Now Make changes to the below lines

        forwarders        { 8.8.8.8; };
        dnssec-validation no;


Now we need to check the syntax of DNS configurations

sudo named-checkconf

 

Also need to check forward zone and reverse zone syntax configurations


To check forward zone syntax configurations

sudo named-checkzone shaharul.abc /etc/bind/shaharul.abc.db


Output should comes with OK status.


To check Reverse zone syntax configurations

sudo named-checkzone 9.168.192.in-addr.arpa /etc/bind/r.shaharul.abc.db


Output should comes with OK status.


Now reload the zones files configurations


sudo rndc reload


Now verify the DNS server is by dig command is it lookup or not.


dig www.shaharul.abc @192.168.9.92


Out put should like this 

; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> www.shaharul.abc @192.168.9.92
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39950
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 4cd7099044f151b6010000006294e2b3015aa1aa44435255 (good)
;; QUESTION SECTION:
;www.shaharul.abc.             IN      A

;; ANSWER SECTION:
www.shaharul.abc.      86400   IN      A       192.168.9.90

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10) (UDP)
;; WHEN: Mon May 30 11:28:51 EDT 2022
;; MSG SIZE  rcvd: 90


Confirm the reverse lookup also


dig -x 192.168.9.90 @192.168.9.92


Output Should like this


; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> -x 192.168.9.90 @192.168.9.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39359
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 0c88a96d72425621010000006294e3c4c0eccc894ea351b7 (good)
;; QUESTION SECTION:
;90.9.168.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
90.9.168.192.in-addr.arpa. 86400 IN    PTR     www.shaharul.abc.

;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10) (UDP)
;; WHEN: Mon May 30 11:33:24 EDT 2022
;; MSG SIZE  rcvd: 114

Done. You can now check dns via nslookup command


at

No comments:

Post a Comment

Thanks for your valuable feedback.

Subscribe to: Post Comments (Atom)

Comprehensive IP Calculator: Supporting Both IPv4 and IPv6

Download:  Download Whether you're a network engineer, IT professional, or simply a tech enthusiast, understanding IP addresses is cruci...