DEV Community

Imdad Rind
Imdad Rind

Posted on

Configure a Private DNS on Debian

note : i am doing this on Debian 10 (buster) and running it on virtual machine and i am using the root or am the root user . so use sudo befour every command

Get important tools

Step 1:

First of all we need some important tools for configure a private DNS so Install Bind9 and tools

 sudo apt install bind9 bind9utils bind9-doc -y
Enter fullscreen mode Exit fullscreen mode

Configure DNS

Step 2:

After installing Bind we can proceed to our main objective to configure a DNS

First open the name.conf.options

 nano /etc/bind/named.conf.options
Enter fullscreen mode Exit fullscreen mode

After opening the file Edit the file to add a acl ( access control list) and in it write your server ip address and clint ip address

acl “trusted” {
    192.168.18.1; 
    192.168.18.11;
 };
Enter fullscreen mode Exit fullscreen mode

In this acl section first ip 192.168.18.1 is our server ip and 192.168.18.11 is our client

After that in the option section write the following

recursion yes;
Allow-recursion {trusted;};
listen-on {192.168.18.1};
allow-transfer {none;};
forwarders {
    8.8.8.8;
    8.8.4.4;
};

Enter fullscreen mode Exit fullscreen mode

named.conf.options

Step 3 :

Now open named.conf.local for defining zones.

 nano /etc/bind/named.conf.local
Enter fullscreen mode Exit fullscreen mode

In this file we define our forward and backward zones

In forward zone we write out domain name in the name section and we provide and path to the forward zone file

And in backward zone we do similar things but in the name section we write our revers ip , in my case it is “18.168.192”

zones

Step 4 :

Now we need to create a folder for our zones

 mkdir /etc/bind/zones
Enter fullscreen mode Exit fullscreen mode

Step 4.1
Copy db.local for making forward zone and name after your domain name

sudo cp /etc/bind/db.local /etc/bind/zones/db.hello.com
Enter fullscreen mode Exit fullscreen mode

Step 4.2

Copy db.127 for creating reverse zone and name it

 sudo cp /etc/bind/db.127 /etc/bind/zones/db.192.168.18
Enter fullscreen mode Exit fullscreen mode

Step 5
Open forward zone file

 nano /etc/bind/zones/db.hello.com
Enter fullscreen mode Exit fullscreen mode

After opening the forward zone do the following

First, you will want to edit the SOA record. Replace the first “localhost” with ns’s FQDN, then replace “root.localhost” with “admin.hello.com”. Every time you edit a zone file, you need to increment the serial value before you restart the named process. We will increment it to “3”.

forward zone

Next, delete the three records at the end of the file (after the SOA record).

delete soa

Now, add the A records for your server & hosts that belong in this zone. This includes any server whose name we want to end with “.hello.com.” (substitute the names and private IP addresses).

Befour that add NS Record for you server

nsRecord

Save and close the db.hello.com file.
Final result

db.hello

Step 6:

Now open reverse zone file

Reverse zone files are where we define DNS PTR records for reverse DNS lookups. Each reverse zone specified in the named.conf.local file, create a reverse zone file. We will base our reverse zone file(s) on the sample db.127 zone file. Copy it to the proper location with the following commands (substituting the destination filename so it matches your reverse zone definition):

nano /etc/bind/zones/db.192.168.18
Enter fullscreen mode Exit fullscreen mode

In the same manner as the forward zone file, you will want to edit the SOA record and increment the serial value.

reverse soa

Now delete the two records at the end of the file (after the SOA record). If you’re not sure which lines to delete, they are marked with a “delete this line” comment below.

deletw line
At the end of the file, add your name server records with the following lines (replace the names with your own).

ptr record
Note that the first column consists of the last two octets of your servers’ private IP addresses in reversed order.

db.192.168.18

Step 7:

Remember to check your conf and zone for errors file by following command

Named-checkconf
Named-checkzone

Google it to know how to use

Or let me be generous

Run the following command to check the syntax of the named.conf* files:

named-checkconf

eg,:

named-checkconf /etc/bind/named.conf.options
Enter fullscreen mode Exit fullscreen mode

To check the “hello.com” forward zone configuration, run the following command:

named-checkzone hello.com /etc/bind/zones/db.hello com  
Enter fullscreen mode Exit fullscreen mode

And to check the “18.168.192.in-addr.arpa” reverse zone configuration, run the following command:

sudo named-checkzone 18.168.192.in-addr.arpa /etc/bind/zones/db.192.168.18  
Enter fullscreen mode Exit fullscreen mode

Step 8:

Restart the Bind by this command

 systemctl restart bind9
Enter fullscreen mode Exit fullscreen mode

Step 9:

Open network interface file for adding dns name and ip

 nano /etc/network/interfaces
Enter fullscreen mode Exit fullscreen mode

dns search

Add the following and remember to change the address to you ones

Step 10:

Install resolvconf

sudo apt install resolvconf
Enter fullscreen mode Exit fullscreen mode

Step 10.1

Restart your networking services, applying the new changes with the following commands

ifdown --force eth1 && sudo ip addr flush dev eth1 && sudo ifup --force eth1

Enter fullscreen mode Exit fullscreen mode

Step 10.2

 cat /etc/resolv.conf

Enter fullscreen mode Exit fullscreen mode

To check the settings for dns

Step 11

Final step to check if domain name or dns is working
Open your bowser and your url
In my case which is

http://hello.com

Thank You ❤️

thank you for reading this far if there is any problem or any suggestion or anything just contact me

Reference

How To Configure BIND as a Private Network DNS Server on Debian 9

Top comments (0)