Install bind9 on Master Server
Login as root and install the bind9 package:
apt-get install bind9
Install package named dnsutils, for testing and troubleshooting any DNS issues.
apt-get install dnsutils
Configuration
In this example, we will be using two systems to setup both master and slave dns server.
Master DNS server details:
Hostname: ns01.companyname.com IP:192.168.5.200
Slave DNS server details:
Hostname: ns02.companyname.com IP: 192.168.5.201
DNS configurations are stored in /etc/bind directory. Primary configuration file is /etc/bind/namd.conf.
Edit this file based on your configuration,
vi /etc/bind/named.conf
with content:
include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; include "/etc/bind/rndc.key";
Edit file named.conf.local,
vi /etc/bind/named.conf.local
with content:
zone "companyname.com" {
type master;
file "/etc/bind/zones/db.companyname.com";
allow-update { key rndc.key; };
allow-transfer { 192.168.5.201; };
};
zone "168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.168.192.in-addr.arpa";
allow-update { key rndc.key; };
allow-transfer { 192.168.5.201; };
};
Create a directory named “zones” in /etc/bind.
mkdir /etc/bind/zones
Create Forward Zone file name db.companyname.com in /etc/bind/zones with content:
;
; BIND data file for companyname.com
;
$TTL 604800
@ IN SOA companyname.com. root.companyname.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
IN A 192.168.5.200
;
@ IN NS ns01.companyname.com.
@ IN A 192.168.5.200
@ IN AAAA ::1
ns01 IN A 192.168.5.200
Create Reverse Zone file name db.168.192.in-addr.arpa in /etc/bind/zones:
;
; BIND reverse data file for local 192.168.5.XXX net
;
$TTL 604800
@ IN SOA ns01.companyname.com. root.companyname.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns01.
200.5 IN PTR ns01.companyname.com.
Setup this server act as a caching server, Add your ISP’s DNS servers.
vi /etc/bind/named.conf.options
Uncomment and add your ISP’s DNS servers
forwarders {
12.34.56.78;
};
Install apparmor-utils
apt-get install apparmor-utils
Edit fileusr.sbin.named,
vi /etc/apparmor.d/usr.sbin.named
find this line:
/etc/bind/** r,
and change to:
/etc/bind/** rw,
Change permission and ownership
chmod -R 755 /etc/bind chown -R bind:bind /etc/bind
Restart service bind:
service bind9 restart
Install bind9 on Slave Server
Login as root and install the bind9 package:
apt-get install bind9
Install package named dnsutils, for testing and troubleshooting any DNS issues.
apt-get install dnsutils
Configuration
vi /etc/bind/named.conf
With content:
include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; include "/etc/bind/rndc.key";
Edit file named.conf.local,
vi /etc/bind/named.conf.local
With content:
zone "companyname.com" {
type slave;
file "/etc/bind/zones/db.companyname.com";
masters { 192.168.5.200; };
};
zone "10.10.in-addr.arpa" {
type slave;
file "/etc/bind/zones/db.168.192.in-addr.arpa";
masters { 192.168.5.200; };
};
Copy the content /etc/bind/rndc.key from master server put into slave server.
Create a blank directory name zones in /etc/bind/.
mkdir /etc/bind/zones
Install apparmor-utils
apt-get install apparmor-utils
Edit file usr.sbin.named,
vi /etc/apparmor.d/usr.sbin.named
find this line:
/etc/bind/** r,
and change to:
/etc/bind/** rw,
Change permission and ownership
chmod -R 755 /etc/bind chown -R bind:bind /etc/bind
Restart service bind:
service bind9 restart
If everything went well, there is no error in log file, On slave server should be appear the same files as master server in directory /etc/bind/zone/.
