To set up a DNS server on Debian, follow these steps: Install Required Packages
sudo apt-get install bind9 dnsutils
Edit the named.conf.options file:
sudo vim /etc/bind/named.conf.options
Update the file to the following form:
acl mynetwork {192.168.1.0/24; 127.0.0.1; };
options {
directory "/var/cache/bind";
auth-nxdomain no;
forwarders {192.168.1.1; 8.8.8.8; };
listen-on-v6 { none; };
allow-query { mynetwork; };
};
Save the changes and exit the editor.
This configuration sets up a basic DNS server on Debian, restricting access, specifying DNS providers for forwarding, and enabling IPv6 support.
This file, named.conf.local, serves as the local DNS server configuration and plays a crucial role in defining the zones associated with the domains managed by this server. It is responsible for specifying the forward lookup zone and reverse lookup zone for the server's domains.
To make changes to the zone configuration, open the named.conf.local file using a text editor. In this example, we use Vim:
sudo vim /etc/bind/named.conf.local
Within the named.conf.local file, you'll define the zones for which this DNS server is authoritative. Below is an example of how to configure zones for the domain "nixway.loc" and its associated reverse lookup zone "1.168.192.in-addr.arpa":
zone "nixway.loc" {
type master;
file "/etc/bind/zones/nixway/flz.nixway.zone";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/nixway/rlz.nixway.zone";
};
zone "nixway.loc": This block defines the forward lookup zone for the domain "nixway.loc". The type master; directive indicates that this DNS server is the authoritative master server for this zone. The associated zone file, containing the forward lookup zone data, is specified with file "/etc/bind/zones/nixway/flz.nixway.zone";.
zone "1.168.192.in-addr.arpa": This block defines the reverse lookup zone for the IP addresses in the domain "nixway.loc". Like the forward lookup zone, it is set as a master server with type master;. The associated zone file for reverse lookup, containing the mapping of IP addresses to domain names, is specified with file "/etc/bind/zones/nixway/rlz.nixway.zone";.
These configurations are crucial for the DNS server to correctly resolve domain names to IP addresses (forward lookup) and IP addresses to domain names (reverse lookup). Ensure that the specified zone files contain accurate and up-to-date information for proper DNS functionality.
To configure the forward lookup zone for the "nixway.loc" domain, you need to edit the zone file. Open the file using a text editor. In this example, we use Vim:
sudo vim /etc/bind/zones/nixway/flz.nixway.zone
Below is an example of a forward lookup zone file for the "nixway.loc" domain:
;
; Forward Lookup Zone
;
$TTL 30
$ORIGIN nixway.loc.
@ IN SOA ns1.nixway.loc. admin.nixway.loc. (
2015050101 ; Serial
1d ; Refresh
1h ; Retry
1w ; Expire
2h ; Negative Cache TTL
)
@ IN NS ns1.nixway.loc.
@ IN NS ns.provider.org.
@ IN A 192.168.1.10
ns1 IN A 192.168.1.10
nixway.loc IN A 192.168.1.10
www IN CNAME nixway.loc.
Explanation of Forward Lookup Zone Configuration:
Ensure that there is a blank line at the end of the zone file, as indicated. This is crucial for proper parsing of the file.
This forward lookup zone configuration provides the necessary information for DNS resolution, associating domain names with their corresponding IP addresses and aliases.
To perform the conversion of IP addresses to domain names, the reverse lookup zone must be configured. Create and edit the reverse lookup zone file using a text editor. In this example, we use Vim:
sudo vim /etc/bind/zones/nixway/rlz.nixway.zone
Below is an example of a reverse lookup zone file for the "nixway.loc" domain:
;
; Reverse Lookup Zone for nixway.loc
;
$TTL 30
@ IN SOA ns1.nixway.loc. root.nixway.loc. (
201505013 ; Serial
1d ; Refresh
1h ; Retry
1w ; Expire
2h ; Negative Cache TTL
)
@ IN NS nixway.loc.
10 IN PTR ns1.nixway.loc.
You can add more reverse lookup records for specific IP addresses. For example, to map the IP address 192.168.1.1 to the domain name "router," you can add the following line:
router IN A 192.168.1.1
This line states that the IP address 192.168.1.1 corresponds to the domain name "router" in the reverse lookup zone.
Ensure that there is a blank line at the end of the zone file.
This reverse lookup zone configuration facilitates the translation of IP addresses to domain names, providing crucial information for DNS resolution in the opposite direction.
Verify the zone files for errors using the command:
named-checkconf -z
If there are no errors, update the information about the zones:
rndc reload
Edit the resolv.conf file using a text editor:
sudo vim /etc/resolv.conf
Present it in the following form:
domain nixway.loc
search nixway.loc
nameserver 192.168.1.10
nameserver 192.168.1.1
Perform a DNS test with the following commands:
nslookup nixway.loc
nslookup 192.168.1.10
The expected result should be:
Server: nixway.loc
Address: 192.168.1.10
If your DHCP server is responsible for assigning IP addresses, ensure it provides the router's IP (192.168.1.10) as the default DNS server. Confirm correctness using the following commands:
For Windows:
tracert nixway.loc
For Unix based Operating Systems:
traceroute nixway.loc
If the route goes directly to the address 192.168.1.10, everything is working correctly. If not, try clearing the DNS cache and rebuilding:
For Windows:
ipconfig /flushdns
Don't forget to forward necessary ports on the router if needed.