In this tutorial we will show you how to install BIND9 Master and Slave DNS Server on Ubuntu. BIND is a widely used DNS Server. Ideally, DNS server consist of 2 machines that work together simultaneously, one act as master and the other one act as slave. If your domain registrar doesn’t provide you a free DNS server, or if you want to create a custom DNS record, then you might need to host your own DNS server.
In this tutorial, we will cover how to configure BIND9 Master and Slave DNS server. Both server will use Ubuntu OS. We will start configuring the master then the slave.
Install BIND9 Master and Slave DNS Server on Ubuntu
Here are the servers example data:
Server1 (master) IP address: 108.100.100.1
Server2 (slave) IP address: 108.100.100.2
Domain: idroot.us
This domain will be hosted on this server: 172.217.194.94
ON MASTER
Step1. Update ubuntu repository and install Bind using apt-get.
apt-get update apt-get install bind9
Step2. Configure bind options
*)do this if you haven't installed nano text editor: apt-get install nano nano /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
additional-from-auth no;
additional-from-cache no;
version "Bind Server";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
8.8.4.4;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
allow-recursion { 127.0.0.1; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};Step 3. Store the domain name and zone file setting
nano /etc/bind/named.conf.local
//place these lines at the bottom of file
zone "idroot.us" {
type master;
file "/etc/bind/zones/idroot.us.db";
allow-transfer { 108.200.200.2; };
also-notify { 108.200.200.200.2; };
};Step4. Because in the above config we put zone file in “/etc/bind/zones/idroot.us.db”, then we need to create the folder and file
mkdir /etc/bind/zones nano /etc/bind/zones/idroot.us.db
$TTL 86400
$ORIGIN idroot.us.
@ IN SOA ns1.idroot.us. root.idroot.us. (
1 ; Serial
86400 ; Refresh
7200 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.idroot.us.
@ IN NS ns2.idroot.us.
ns1 IN A 108.100.100.1
ns2 IN A 108.100.100.2
;also list other computers
@ IN A 172.217.194.94
www IN A 172.217.194.94
Step 5. (last step on master) Restart bind9 dns service
service bind9 restart
ON SLAVE
Repeat step 1-2 similar to the master.
Step 3. Configure slave bind options
nano /etc/bind/named.conf.options
zone "idroot.us" {
type slave;
file "/var/cache/bind/idroot.us.db";
masters {108.100.100.1;};
};notice the difference in this config file from the master.
Step 4. Restart bind9 service.
service bind9 restart
What to do next?
This DNS server will not work until you change your domain’s nameserver. It can be done from your domain’s registrar website. In this scenario, we change nameserver to:
ns1.idroot.us
ns2.idroot.us
Testing BIND
This test could be done either on the DNS server itself or from another server, or from your own PC. In this case, we will do the test from another server running Ubuntu OS.
Step 1.Install dnsutils
apt-get install dnsutils
Step 2. Do the dig dns test
dig idroot.us
Step 3. Do the nslookup dns test
nslookup idroot.us
