In this tutorial, we will show you how to install BIND9 Master and Slave DNS Server on Ubuntu. BIND is a widely used DNS Server. Ideally, a DNS server consists of 2 machines that work together simultaneously, one acts as a master and the other one act as a slave. If your domain registrar doesn’t provide you with a free DNS server, or if you want to create a custom DNS record, then you might need to host your own DNS server.
In this tutorial, we will cover how to configure BIND9 Master and Slave DNS server. Both servers will use Ubuntu OS. We will start configuring the master then the slave.
Prerequisites
- A server running one of the following operating systems: Ubuntu and any other Debian-based distribution like Linux Mint.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Table of Contents
Install BIND9 Master and Slave DNS Server on Ubuntu
Here are the server’s example data:
Server1 (master) IP address: 108.100.100.1
Server2 (slave) IP address: 108.100.100.2
Domain: idroot.us
This domain will be hosted on this server: 172.217.194.94
ON MASTER
Step1. Update ubuntu repository and install Bind using apt-get.
apt-get update apt-get install bind9
Step2. Configure bind options
*)do this if you haven't installed nano text editor: apt-get install nano nano /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
additional-from-auth no;
additional-from-cache no;
version "Bind Server";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
8.8.4.4;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
allow-recursion { 127.0.0.1; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};Step 3. Store the domain name and zone file setting
nano /etc/bind/named.conf.local
//place these lines at the bottom of file
zone "idroot.us" {
type master;
file "/etc/bind/zones/idroot.us.db";
allow-transfer { 108.200.200.2; };
also-notify { 108.200.200.200.2; };
};Step4. Because in the above config we put the zone file in “/etc/bind/zones/idroot.us.db”, then we need to create the folder and file
mkdir /etc/bind/zones nano /etc/bind/zones/idroot.us.db
$TTL 86400
$ORIGIN idroot.us.
@ IN SOA ns1.idroot.us. root.idroot.us. (
1 ; Serial
86400 ; Refresh
7200 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.idroot.us.
@ IN NS ns2.idroot.us.
ns1 IN A 108.100.100.1
ns2 IN A 108.100.100.2
;also list other computers
@ IN A 172.217.194.94
www IN A 172.217.194.94
Step 5. (last step on master) Restart bind9 DNS service
service bind9 restart
ON SLAVE
Repeat steps 1-2 similar to the master.
Step 3. Configure slave bind options
nano /etc/bind/named.conf.options
zone "idroot.us" {
type slave;
file "/var/cache/bind/idroot.us.db";
masters {108.100.100.1;};
};notice the difference in this config file from the master.
Step 4. Restart bind9 service.
service bind9 restart
What to do next?
This DNS server will not work until you change your domain’s nameserver. It can be done from your domain’s registrar’s website. In this scenario, we change the nameserver to:
ns1.idroot.us
ns2.idroot.us
Testing BIND
This test could be done either on the DNS server itself or from another server, or from your own PC. In this case, we will do the test from another server running Ubuntu OS.
Step 1.Install dnsutils
sudo apt-get install dnsutils
Step 2. Do the dig DNS test
dig idroot.us
Step 3. Do the nslookup dns test
nslookup idroot.us
