DNS Server

This document outlines the process of setting up and configuring Forward DNS and Reverse DNS using the BIND9 DNS server on an Ubuntu system. The process includes configuration steps, common practices, and troubleshooting techniques.

Section 1: Setting Up Forward DNS

What is Forward DNS?

Forward DNS (also called Forward Lookup) is the process of mapping a domain name to its corresponding IP address. For example, converting www.example.com to 93.184.216.34. In this setup, the DNS server resolves domain names to IP addresses.

Steps for Forward DNS Configuration

1. Install BIND9 DNS Server

To begin, the first step is to install the BIND9 package, which provides the DNS server functionality:

sudo apt update
sudo apt install bind9 bind9utils bind9-doc

2. Create a Zone File for Your Domain

A zone file is required to define the records for your domain. This file contains the mappings of hostnames to IP addresses for your domain. The zone file can be created at /etc/bind/db.example.com (replace example.com with your actual domain).

Example zone file (/etc/bind/db.example.com):

$TTL 86400
@    IN    SOA   ns1.example.com. admin.example.com. (
                          2025032501 ; Serial
                          3600       ; Refresh
                          1800       ; Retry
                          1209600    ; Expire
                          86400 )    ; Minimum TTL

@    IN    NS    ns1.example.com.
ns1  IN    A     102.50.1.17
www  IN    A     102.50.1.10
iten IN    A     102.20.1.100

NS Record: Indicates that ns1.example.com is the nameserver for this domain.
A Records: Map hostnames to IP addresses (e.g., www.example.com to 102.50.1.10).

3. Define the Zone in BIND Configuration

Next, you'll need to tell BIND9 about the domain and its associated zone file. To do this, edit /etc/bind/named.conf.local:

sudo nano /etc/bind/named.conf.local

Add the following lines:

zone "example.com" {
    type master;
    file "/etc/bind/db.example.com";
};

This configuration tells BIND9 that the domain example.com should use the zone file located at /etc/bind/db.example.com.

4. Restart BIND9

After configuring the zone, restart BIND9 to apply the changes:

sudo systemctl restart bind9

5. Verify Forward DNS Setup

To verify that the forward DNS is working correctly, use dig or nslookup:

dig @102.50.1.17 www.example.com

If configured correctly, it should return the IP address 102.50.1.10.

Section 2: Setting Up Reverse DNS

What is Reverse DNS?

Reverse DNS (also called Reverse Lookup) is the process of resolving an IP address back to a domain name. For example, given the IP address 102.50.1.10, reverse DNS will return a hostname, such as www.example.com.

Steps for Reverse DNS Configuration

1. Create a Reverse DNS Zone File

A reverse zone file is needed to map IP addresses to domain names. In this case, since we are using the 102.50.1.0/24 network, we will create a file /etc/bind/db.102.50 for the reverse lookup.

Example reverse zone file (/etc/bind/db.102.50):

$TTL 86400
@    IN    SOA   ns1.example.com. admin.example.com. (
                          2025032501 ; Serial
                          3600       ; Refresh
                          1800       ; Retry
                          1209600    ; Expire
                          86400 )    ; Minimum TTL

@    IN    NS    ns1.example.com.
17   IN    PTR   ns1.example.com.
10   IN    PTR   www.example.com.

PTR Records: These recorDNS Server Configuration Documentation for BIND9 on Ubuntu Introductionds map IP addresses back to domain names. For example, 102.50.1.10 maps to www.example.com.

2. Define the Reverse Zone in BIND Configuration

To configure the reverse DNS zone, edit /etc/bind/named.conf.local and add the following lines:

sudo nano /etc/bind/named.conf.local

Add the reverse zone configuration for 102.50.1.0/24:

zone "50.102.in-addr.arpa" {
    type master;
    file "/etc/bind/db.102.50";
};

This configuration tells BIND9 that for IP addresses in the range 102.50.1.x, the reverse DNS lookup should use the /etc/bind/db.102.50 zone file.

3. Restart BIND9

After configuring the reverse zone, restart the BIND9 service again:

sudo systemctl restart bind9

4. Verify Reverse DNS Setup

To verify that reverse DNS is configured correctly, use dig or nslookup with an IP address:

dig -x 102.50.1.10 @102.50.1.17

If configured properly, it should return the domain name www.example.com for the IP 102.50.1.10.

Section 3: Additional Configuration and Verification

BIND9 Service Configuration

Ensure BIND9 Starts on Boot Ensure BIND9 starts automatically after a reboot:
```
sudo systemctl enable bind9
```
Check the BIND9 Service Status To verify that BIND9 is running:
```
sudo systemctl status bind9
```
Check DNS Resolution You can use dig or nslookup to test forward and reverse lookups:
- Forward Lookup:
  dig @102.50.1.17 www.example.com
- Reverse Lookup:
  dig -x 102.50.1.10 @102.50.1.17

Firewall Configuration

Ensure that your firewall allows DNS traffic (port 53):

sudo ufw allow 53

Disable IPv6 (Optional)

If you're not using IPv6, you can disable it in BIND9 to avoid related issues:

Open the BIND options file:
```
sudo nano /etc/bind/named.conf.options
```

Add the following:

options {
    listen-on-v6 { none; };
};

Restart BIND9:
```
sudo systemctl restart bind9
```

PreviousAdding GUI to Ubuntu Server NextNTP Server

Last updated 1 month ago

$TTL 86400 @ IN SOA ns1.example.com. admin.example.com. ( 2025032501 ; Serial 3600 ; Refresh 1800 ; Retry 1209600 ; Expire 86400 ) ; Minimum TTL @ IN NS ns1.example.com. ns1 IN A 102.50.1.17 www IN A 102.50.1.10 iten IN A 102.20.1.100

$TTL 86400 @ IN SOA ns1.example.com. admin.example.com. ( 2025032501 ; Serial 3600 ; Refresh 1800 ; Retry 1209600 ; Expire 86400 ) ; Minimum TTL @ IN NS ns1.example.com. 17 IN PTR ns1.example.com. 10 IN PTR www.example.com.