How to Build a Domain Name Server in ubuntu Linux
Install BIND9
BIND (the Berkeley Internet Name Daemon), is a very popular DNS server that can handle both authoritative and recursive lookups natively:
Install bind9 using following command
$ sudo apt-get install bind9
If all you want is a recursive DNS service, that's actually all you need to do. If you look in /etc/bind/db.root, you'll find that BIND has been seeded with the latest IP addresses of the root nameservers, allowing it to look up delegation information and issue recursive lookup requests on behalf of other computers right out of the box.
You can test it from a Linux machine without changing your nameserver configuration by specifying the address of your DNS server and performing a manual lookup using the nslookup tool, which is in the dnsutils package:
jon@jbook:~$ nslookup jon.oxer.com.au 192.168.0.2
Server: 192.168.0.2
Address: 192.168.0.2#53
Non-authoritative answer:
Name: jon.oxer.com.au
Address: 202.91.207.154
As you can see, the result was returned non authoritatively because the server had to refer to an external source to obtain the answer. If that worked, you can edit /etc/resolv.conf on your workstations and have them use your DNS server for lookups.
Create an Authoritative Forward Zone
Authoritative nameservers come in two types: master and slave. A master nameserver is explicitly configured with all the details of the zones it manages, while a slave is simply told the names of the zones and pointed at a master to periodically refresh its locally cached copies of the zone by performing a zone transfer. In this hack, you'll learn how to configure a master nameserver.
The most master BIND configuration file is /etc/bind/named.conf. Rather than modify it directly, though, it's best to keep your customizations in separate files and have them "included" into the main configuration. The default installation on Ubuntu includes /etc/bind/named.conf.local, which you can use to define your own zones.
To keep everything neat, create a subdirectory in which to store your actual zone files:
$ sudo mkdir /etc/bind/zones
Now create a zone file for your zone named after the zone itself, such as /etc/bind/zones/example.com.hosts, and put in the file something like the following:
example.com. IN SOA ns1.example.com. hostmaster.example.com. (
2001061407 ; serial
10800 ; refresh
3600 ; retry
432000 ; expire
38400 ) ; ttl
example.com. IN NS ns1.example.com.
example.com. IN NS ns2.example.com.
example.com. IN MX 30 mail.example.com.
www.example.com. IN A 202.91.207.152
mail.example.com. IN A 202.91.207.152
The first line specifies the zone, the Start Of Authority as the nameserver ns1.example.com, and the administrative contact as hostmasterexample.com. Notice that the @ symbol is replaced by a dot in the zone file: BIND treats the first item in the string as the username and the rest as the domain. The subsequent values specify how the zone should be treated by other nameservers, such as how long results can be cached.
The NS records specify the nameservers that are authoritative for this zone, the MX record specifies the mail exchange host for this domain along with a priority from 1 to 100 (lower numbers indicating higher priority), and the A records map specific hostnames to IP addresses.
Note that the full hostnames in the zone file all end in a period, and this is where properly specifying hostnames becomes critical. You might leave the dot off the end of URLs when you type them into your browser, but you can't be ambiguous in the zone file! If you leave the final dot off, BIND assumes the hostname has not been explicitly terminated and appends the domain to it, leaving you with addresses like www.example.com.example.com. You can take advantage of this behavior by deliberately leaving off the domain entirely and specifying just the first part of the hostname without a trailing dot:
www IN A 202.91.207.152
For BIND to know about your new zone file, you need to edit /etc/bind/named.conf.local and add an entry at the end similar to:
zone "example.com" {
type master;
file "/etc/bind/zones/example.com.hosts";
};
Then restart BIND:
$ sudo /etc/init.d/bind9 reload
Now if you try a query against the nameserver for a host in your zone, you will see the result shows your IP address and isn't flagged as "nonauthoritative":
jon@jbook:~$ nslookup www.example.com 192.168.0.2
Server: 192.168.0.2
Address: 192.168.0.2#53
Name: www.example.com
Address: 202.91.207.152
0 Comments