Configuring a DNS Server on Linux using BIND
Jul 28, 2025 am 12:37 AM
Install BIND: Use sudo apt install bind9 bind9utils bind9-doc on Ubuntu/Debian, and use sudo dnf install bind bind-utils on CentOS/RHEL; 2. Configure global options: Edit the named.conf.options file to set allow-query, recursion, forwarders and other parameters to allow local network queries and enable recursive resolution; 3. Set forward region: Add forward region definition in named.conf.local and create corresponding region file db.example.local, including SOA, NS and A records to resolve the domain name to IP; 4. Set the reverse zone: Add the reverse zone definition in named.conf.local and create a db.192.168.1 file, configure PTR records to achieve reverse resolution of IP to domain name; 5. Test and start the service: Use named-checkconf and named-checkzone to verify the correctness of the configuration, restart the bind9 or named service after correctness and set up the power-on self-start; 6. Test the resolution function: Test whether the forward and reverse resolution are normal through dig, nslookup or host commands to ensure that the client points to the DNS server IP; in addition, pay attention to security maintenance, such as restricting area transmission, updating serial numbers, monitoring logs, and using rndc for remote management, thereby completing a basic authoritative and recursive DNS server construction.
Setting up a DNS server on Linux using BIND (Berkeley Internet Name Domain) is a common task for managing domain name resolution in a local network or for hosting public domains. BIND is the most widely used DNS server on Unix-like systems. Here's how to configure it step by step on a typical Linux distribution like Ubuntu or CentOS.
1. Install BIND
First, install the BIND package:
On Ubuntu/Debian:
sudo apt update sudo apt install bind9 bind9utils bind9-doc
On CentOS/RHEL/Rocky Linux:
sudo dnf install bind bind-utils
After installation, the main configuration files are usually located in /etc/bind/ (Debian/Ubuntu) or /etc/named.conf (RHEL/CentOS).
2. Basic Configuration ( named.conf.options )
Edit the global options file to define how your DNS server behaves.
On Ubuntu:
sudo nano /etc/bind/named.conf.options
On CentOS:
sudo nano /etc/named.conf
Add or modify the options block:
options {
directory "/var/cache/bind";
// Allow queries from local network (adjust as needed)
allow-query { localhost; 192.168.1.0/24; };
// Enable recursion for internal clients
recursion yes;
allow-recursion { 192.168.1.0/24; };
// Forward DNS queries to external resolvers (optional)
forwarders {
8.8.8.8;
8.8.4.4;
};
dnssec-validation auto;
// Listen on all interfaces
listen-on-v6 { any; };
listen-on { any; };
};Replace
192.168.1.0/24with your actual network subnet.
3. Set Up a Forward Zone (Domain to IP)
Suppose you want to resolve example.local to internal IPs.
Step 1: Define the zone in named.conf.local
sudo nano /etc/bind/named.conf.local
Add:
zone "example.local" {
type master;
file "/etc/bind/zones/db.example.local";
};Make sure the zones directory exists:
sudo mkdir -p /etc/bind/zones
Step 2: Create the forward zone file
sudo nano /etc/bind/zones/db.example.local
Content:
$TTL 86400
@ IN SOA ns1.example.local. admin.example.local. (
2024040501 ; Serial (use YYYYMMDDNN)
3600 ; Refresh
1800 ; Retry
604800; Expire
86400 ); Minimum TTL
; Name Servers
@ IN NS ns1.example.local.
; A Records
@ IN A 192.168.1.10
ns1 IN A 192.168.1.10
www IN A 192.168.1.20
mail IN A 192.168.1.304. Set Up a Reverse Zone (IP to Domain)
To resolve IPs back to hostnames (PTR records).
Step 1: Add reverse zone in named.conf.local
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.192.168.1";
};Step 2: Create the reverse zone file
sudo nano /etc/bind/zones/db.192.168.1
$TTL 86400
@ IN SOA ns1.example.local. admin.example.local. (
2024040501
3600
1800
604800
86400 )
; Name Server
@ IN NS ns1.example.local.
; PTR Records
10 IN PTR ns1.example.local.
20 IN PTR www.example.local.
30 IN PTR mail.example.local.5. Test Configuration and Start BIND
Check for syntax errors:
sudo named-checkconf sudo named-checkzone example.local /etc/bind/zones/db.example.local sudo named-checkzone 1.168.192.in-addr.arpa /etc/bind/zones/db.192.168.1
If no errors, restart the service:
Ubuntu:
sudo systemctl restart bind9
CentOS:
sudo systemctl restart named
Enable on boot:
sudo systemctl enable bind9 # or named
6. Test DNS Resolution
Use dig , nslookup , or host :
dig @localhost www.example.local dig @localhost -x 192.168.1.20 # Reverse lookup
Make sure your client machines use the DNS server by setting their DNS to the server's IP.
Security and Maintenance Tips
- Use access control lists (ACLs) to restrict zone transfers.
- Regularly update serial numbers when editing zone files.
- Monitor logs:
/var/log/syslogor/var/log/messages. - Consider using
rndcfor remote management:sudo rndc reload sudo rndc status
Basically, that's how you set up a basic authoritative and recursive DNS server with BIND. It's not overly complex, but attention to detail in zone files and permissions is key.
The above is the detailed content of Configuring a DNS Server on Linux using BIND. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to limit user resources in Linux? How to configure ulimit?
May 29, 2025 pm 11:09 PM
Linux system restricts user resources through the ulimit command to prevent excessive use of resources. 1.ulimit is a built-in shell command that can limit the number of file descriptors (-n), memory size (-v), thread count (-u), etc., which are divided into soft limit (current effective value) and hard limit (maximum upper limit). 2. Use the ulimit command directly for temporary modification, such as ulimit-n2048, but it is only valid for the current session. 3. For permanent effect, you need to modify /etc/security/limits.conf and PAM configuration files, and add sessionrequiredpam_limits.so. 4. The systemd service needs to set Lim in the unit file
Comparison between Informix and MySQL on Linux
May 29, 2025 pm 11:21 PM
Informix and MySQL are both popular relational database management systems. They perform well in Linux environments and are widely used. The following is a comparison and analysis of the two on the Linux platform: Installing and configuring Informix: Deploying Informix on Linux requires downloading the corresponding installation files, and then completing the installation and configuration process according to the official documentation. MySQL: The installation process of MySQL is relatively simple, and can be easily installed through system package management tools (such as apt or yum), and there are a large number of tutorials and community support on the network for reference. Performance Informix: Informix has excellent performance and
How to adjust mysql into Chinese interface? Easy to set the Chinese language environment of mysql
Jun 04, 2025 pm 06:36 PM
To tune MySQL into a Chinese interface, it can be implemented through MySQLWorkbench or command line tools. 1) In MySQLWorkbench, open "Preferences", select the "Appearance" tab, and then select "Chinese(Simplified)" in the "Language" drop-down menu, and restart. 2) When using command line tools, set the operating system locale variables, such as using "exportLANG=zh_CN.UTF-8" on Linux or macOS, and then run the mysql client.
How does resource usage (CPU, memory) differ between Linux and Windows?
Jun 05, 2025 am 12:13 AM
Linux and Windows have their own advantages and disadvantages in CPU and memory usage: 1) Linux uses time slice-based scheduling algorithms to ensure fairness and efficiency; Windows uses priority scheduling, which may cause low-priority processes to wait. 2) Linux manages memory through paging and switching mechanisms to reduce fragmentation; Windows tends to pre-allocate and dynamic adjustment, and efficiency may fluctuate.
How does the cost of ownership differ between Linux and Windows?
Jun 09, 2025 am 12:17 AM
Linux's cost of ownership is usually lower than Windows. 1) Linux does not require license fees, saving a lot of costs, while Windows requires purchasing a license. 2) Linux has low hardware requirements and can extend the service life of the device. 3) The Linux community provides free support to reduce maintenance costs. 4) Linux is highly secure and reduces productivity losses. 5) The Linux learning curve is steep, but Windows is easier to use. The choice should be based on specific needs and budget.
How does the performance of I/O operations differ between Linux and Windows?
Jun 07, 2025 am 12:06 AM
LinuxoftenoutperformsWindowsinI/Operformanceduetoitscustomizablekernelandfilesystems,whileWindowsoffersmoreuniformperformanceacrosshardware.1)LinuxexcelswithcustomizableI/OschedulerslikeCFQandDeadline,enhancingperformanceinhigh-throughputapplications
How to install Linux alongside Windows (dual boot)?
Jun 18, 2025 am 12:19 AM
The key to installing dual systems in Linux and Windows is partitioning and boot settings. 1. Preparation includes backing up data and compressing existing partitions to make space; 2. Use Ventoy or Rufus to make Linux boot USB disk, recommend Ubuntu; 3. Select "Coexist with other systems" or manually partition during installation (/at least 20GB, /home remaining space, swap optional); 4. Check the installation of third-party drivers to avoid hardware problems; 5. If you do not enter the Grub boot menu after installation, you can use boot-repair to repair the boot or adjust the BIOS startup sequence. As long as the steps are clear and the operation is done properly, the whole process is not complicated.
How to enable the EPEL (Extra Packages for Enterprise Linux) repository?
Jun 17, 2025 am 09:15 AM
The key to enabling EPEL repository is to select the correct installation method according to the system version. First, confirm the system type and version, and use the command cat/etc/os-release to obtain information; second, enable EPEL through dnfinstallepel-release on CentOS/RockyLinux, and the 8 and 9 version commands are the same; third, you need to manually download the corresponding version of the .repo file and install it on RHEL; fourth, you can re-import the GPG key when encountering problems. Note that the old version may not be supported, and you can also consider enabling epel-next to obtain the test package. After completing the above steps, use dnfrepolist to verify that the EPEL repository is successfully added.
