Wednesday, December 15, 2010

Debian simple DNS server setup

We are going setup a simple Debian DNS server for local purpose using bind9.
apt-get install -y rsyslog bind9 bind9-doc dnsutils
Once the server installed let our system know which dns server to use (a one we just installed), ensure that 127.0.0.1 is the first nameserver in the list (file /etc/resolv.conf):
nameserver 127.0.0.1
In case you do no need the server to listen on ipv6 set the following option (file /etc/bind/named.conf.options):
listen-on-v6 { none; };
Restart bind9 daemon:
/etc/init.d/bind9 restart
and verify with:
root@ns1:~# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 192.168.10.2:53         0.0.0.0:*               LISTEN      816/named       
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      816/named       
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      816/named       
udp        0      0 192.168.10.2:53         0.0.0.0:*                           816/named       
udp        0      0 127.0.0.1:53            0.0.0.0:*                           816/named       
That pretty it, let ensure its working. First we need install dnsutils package that comes with dig command, so here we go:
root@ns1:~# dig debian.org
; <<>> DiG 9.7.2-P3 <<>> debian.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64434
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;debian.org.   IN A

;; ANSWER SECTION:
debian.org.  3600 IN A 128.31.0.51
debian.org.  3600 IN A 206.12.19.7

;; AUTHORITY SECTION:
debian.org.  28606 IN NS ns2.debian.org.
debian.org.  28606 IN NS ns4.debian.com.
debian.org.  28606 IN NS ns1.debian.org.

;; ADDITIONAL SECTION:
ns1.debian.org.  28606 IN AAAA 2607:f8f0:610:4000:214:38ff:feee:b65a
ns4.debian.com.  28606 IN A 194.177.211.209
ns4.debian.com.  28606 IN AAAA 2001:648:2ffc:deb::10:10

;; Query time: 96 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Dec 15 21:47:12 2010
;; MSG SIZE  rcvd: 196
Notice the server responded to our request was 127.0.0.1. Read more here and here. Consider chroot your dns server, details here.

No comments :

Post a Comment