In this tutorial we will show you how to install BIND9 Master and Slave DNS Server on Ubuntu. BIND is a widely used DNS Server. Ideally, DNS server consist of 2 machines that work together simultaneously, one act as master and the other one act as slave. If your domain registrar doesn’t provide you a free DNS server, or if you want to create a custom DNS record, then you might need to host your own DNS server.
In this tutorial, we will cover how to configure BIND9 Master and Slave DNS server. Both server will use Ubuntu OS. We will start configuring the master then the slave.
Install BIND9 Master and Slave DNS Server on Ubuntu
Here are the servers example data:
Server1 (master) IP address: 108.100.100.1
Server2 (slave) IP address: 108.100.100.2
Domain: idroot.us
This domain will be hosted on this server: 172.217.194.94
ON MASTER
Step1. Update ubuntu repository and install Bind using apt-get.
1 2 | apt-get update apt-get install bind9 |
Step2. Configure bind options
1 2 3 4 | *)do this if you haven't installed nano text editor: apt-get install nano nano /etc/bind/named.conf.options |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | options{ directory"/var/cache/bind"; additional-from-authno; additional-from-cacheno; version"Bind Server"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders{ 8.8.8.8; 8.8.4.4; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validationauto; allow-recursion{127.0.0.1;}; auth-nxdomainno; # conform to RFC1035 listen-on-v6{any;}; }; |
Step 3. Store the domain name and zone file setting
1 | nano /etc/bind/named.conf.local |
1 2 3 4 5 6 7 8 | //place these lines at the bottom of file zone"idroot.us"{ typemaster; file"/etc/bind/zones/idroot.us.db"; allow-transfer{108.200.200.2;}; also-notify{108.200.200.200.2;}; }; |
Step4. Because in the above config we put zone file in “/etc/bind/zones/idroot.us.db”, then we need to create the folder and file
1 2 | mkdir /etc/bind/zones nano /etc/bind/zones/idroot.us.db |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | $TTL 86400 $ORIGINidroot.us. @ IN SOA ns1.idroot.us.root.idroot.us.( 1 ;Serial 86400 ;Refresh 7200 ;Retry 2419200 ;Expire 604800) ;NegativeCacheTTL ; @ IN NS ns1.idroot.us. @ IN NS ns2.idroot.us. ns1 IN A 108.100.100.1 ns2 IN A 108.100.100.2 ;alsolistothercomputers @ IN A 172.217.194.94 www IN A 172.217.194.94 |
Step 5. (last step on master) Restart bind9 dns service
1 | service bind9 restart |
ON SLAVE
Repeat step 1-2 similar to the master.
Step 3. Configure slave bind options
1 | nano /etc/bind/named.conf.options |
1 2 3 4 5 | zone"idroot.us"{ typeslave; file"/var/cache/bind/idroot.us.db"; masters{108.100.100.1;}; }; |
notice the difference in this config file from the master.
Step 4. Restart bind9 service.
1 | service bind9 restart |
What to do next?
This DNS server will not work until you change your domain’s nameserver. It can be done from your domain’s registrar website. In this scenario, we change nameserver to:
ns1.idroot.us
ns2.idroot.us
Testing BIND
This test could be done either on the DNS server itself or from another server, or from your own PC. In this case, we will do the test from another server running Ubuntu OS.
Step 1.Install dnsutils
1 | apt-get install dnsutils |
Step 2. Do the dig dns test
1 | dig idroot.us |
Step 3. Do the nslookup dns test
1 | nslookup idroot.us |
