Menu

How to configure DNS server in ubuntu 14.04


DNS Server. Domain Name System (DNS) is the name resolution protocol for TCP/IP networks, such as the Internet. Client computers query a DNS server to resolve memorable, alphanumeric DNS names to the IP addresses that computers use to communicate with each other.More Info



DNS server installation
Step 1: Update the repositories.
# sudo apt-get update
Step 2 : Install bind9 using the below command.
# sudo apt-get install bind9
Now installation is over, please proceed with configuration.
Caching nameserver
Caching nameserver will remember all the DNS queries made and serves locally when the domain is queried second time. Default configuration will act as a caching nameserver, you just need is to add public DNS IPs in the configuration file.
Step 3 : Open /etc/bind/named.conf.options file and find forwarders column , uncomment and edit like the following.
forwarders {
       8.8.8.8;
       8.8.4.4;
       };
Here 8.8.8.8 and 8.8.4.4 are google public DNS servers .
Step 4 : Now start/restart the service.
# sudo service bind9 restart
Step 5 : Now test using dig command . open /etc/resolv.conf and edit nameserver ip to 127.0.0.1 or your serverIP.
nameserver 127.0.0.1
Now type the below command to see results.
root@hackthesec:~$ dig www.hackthesec.co.in
................
;; Query time: 83 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
.................
It took 83 msec for the first time . Now try the same command again.
root@hackthesec:~$ dig www.hackthesec.co.in
................
;; Query time: 5 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
.................
Now reduced to 5 msec . This time it serves from local.
Primary master
Primary master configuration is just like managing DNS records for particular domain locally ( Eg: hackthesec.co.in ).
Scenario details:
Domain name : hackthesec.co.in
Server ip : 192.168.6.5
Server hostname : ns.hackthesec.co.in
Webserver ip : 192.168.6.10 ( www.hackthesec.co.in) .
We need to create 2 zone files , Forward zone and reverse zone.
Forward zone file
Step 6 : Create forward zone file db.hackthesec.co.in by copying db.local conf file.
# sudo cp /etc/bind/db.local /etc/bind/db.hackthesec.co.in
Step 7 : Now open /etc/bind/db.hackthese.co.in and edit like below.
; BIND data file for local loopback interface
;
$TTL    604800
@ IN SOA ns.hackthesec.co.in. root.ns.hackthesec.co.in. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.hackthesec.co.in.
@       IN      A       192.168.6.5
@       IN      AAAA    ::1
ns      IN      A       192.168.6.5
www     IN  A 192.168.6.10

Reverse zone file
Step 8 : Create reverse zone file db.192 by copying db.172 conf file.
# sudo cp /etc/bind/db.127 /etc/bind/db.192
Step 9 : Now open /etc/bind/db.192 file and edit like below.
; BIND reverse data file for local loopback interface
;
$TTL    604800
@ IN SOA ns.hackthesec.co.in. root.hackthesec.co.in. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@      IN      NS      ns.
5      IN      PTR     ns.hackthesec.co.in.
10     IN      PTR     www.hackthesec.co.in.

Step 10 : Now open /etc/bind/named.conf.local configuration file and add the below lines to include forward and reverse zone files . 6.168.192 in reverse column is just first three octets of your network.
// Forward zone
zone "hackthesec.co.in" {
        type master;
        file "/etc/bind/db.hackthesec.co.in";
};
//reverse zone
zone "6.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.192";
}

Step 11 : Now restart the service.
# sudo service bind9 restart
Step 12 : Now test using nslookup or dig commands.
root@hackthesec:~$ nslookup www.hackthesec.co.in
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: www.hackthesec.co.in
Address: 192.168.6.10
Now test reverse lookup
root@hackthesec:~$ nslookup 172.27.6.10
Server: 127.0.0.1
Address: 127.0.0.1#53
10.6.27.172.in-addr.arpa name = www.hackthesec.co.in.
Hack The Sec
Hack The Sec Twitter
Hack The Sec Facebook

About Author:


I am a Linux Administrator and Security Expert with this site i can help lot's of people about linux knowladge and as per security expert i also intersted about hacking related news.TwitterFacebook

Next
Newer Post
Previous
Older Post

0 comments:

Post a Comment

 
Top