Set Up a BIND9 DNS Server on Ubuntu

Posted on Mar 28, 2025 in Service Computing

Understanding the Domain Name System (DNS)

The Domain Name System (DNS) is a standard technology for managing the names of websites and other internet domains. DNS technology allows you to type names into your web browser, like example.com, and your computer automatically finds that address on the internet. A key element of the DNS is a worldwide collection of DNS servers.

What is a DNS Server?

A DNS server is any computer registered to join the Domain Name System. A DNS server runs special-purpose networking software, features a public IP address, and contains a database of network names and addresses for other internet hosts.

Local DNS Servers

A local DNS server, which performs domain name lookups, is usually located on the network to which your computer is attached. If you are using an Internet Service Provider (ISP), your DNS server is typically at your ISP. If you are using the network at your college or office, you probably have a local DNS server somewhere nearby in a server room.

Setting Up BIND9 on Ubuntu

This document covers the following topics for setting up a BIND9 DNS server:

  • Installation
  • Configuration
    • Caching Name Server
    • Primary Master
  • Troubleshooting (Mentioned, details not covered below)
    • Testing
    • Logging
  • Common Record Types (Mentioned, details not covered below)

Step 1: Install BIND9

We will use BIND as our DNS server software. We will install bind9 on our Ubuntu system. Open a command prompt and run the following command to install bind9:

sudo apt-get install bind9

Step 2: Understand BIND9 Configuration Files

The DNS configuration files are stored in the /etc/bind/ directory. The primary configuration file is /etc/bind/named.conf.

The include line specifies the filename containing DNS options (usually /etc/bind/named.conf.options). The directory line in the /etc/bind/named.conf.options file tells BIND where to look for files. All files BIND uses will be relative to this directory.

The file named /etc/bind/db.root describes the root nameservers in the world. These servers change over time, so the /etc/bind/db.root file must be maintained occasionally. This is usually done through updates to the bind9 package.

A zone section defines a master server, and its data is stored in a file mentioned in the file option.

It is possible to configure the same server to be a caching name server, primary master, and secondary master. A server can be the Start of Authority (SOA) for one zone while providing secondary service for another zone, all while providing caching services for hosts on the local LAN.

Step 3: Configure Caching and Forwarding

To configure the DNS to cache requests and forward unknown requests to other DNS servers, open the /etc/bind/named.conf.options file:

sudo vi /etc/bind/named.conf.options

Uncomment or add the forwarders section and replace the X.X.X.X placeholders with the IP addresses of the primary and secondary DNS servers of your ISP or public DNS servers:

forwarders {
    x.x.x.x;
    x.x.x.x;
};

Replace X.X.X.X with the IP addresses of actual nameservers. For example, using Google Public DNS as forwarders (currently 8.8.8.8 and 8.8.4.4):

forwarders {
    8.8.8.8;
    8.8.4.4;
};

Step 4: Configure Server’s Network Interface

Make the server use its own DNS for lookups. It is recommended to assign a static IP address to critical servers. For a detailed explanation, see documentation on how to configure a static IP on Ubuntu.

Edit Network Interfaces

Edit the /etc/network/interfaces file:

sudo vi /etc/network/interfaces

Set DNS Configuration

Change or add the dns-nameservers, dns-search, and dns-domain directives. Ensure the dns-nameservers points to the local machine (127.0.0.1) if BIND9 is running on it.

# The primary network interface
auto eth0
iface eth0 inet static
    address 192.168.1.98
    netmask 255.255.255.0
    gateway 192.168.1.1
    network 192.168.1.0
    broadcast 192.168.1.255
    dns-nameservers 127.0.0.1
    dns-search techienote.home
    dns-domain techienote.home

Restart the networking service to apply changes:

sudo /etc/init.d/networking restart

Step 5: Configure BIND9 as a Primary Master

To add a DNS zone to BIND9, turning it into a Primary Master server, first edit /etc/bind/named.conf.local:

sudo vi /etc/bind/named.conf.local

Define Zones

Add a zone for your local domain (e.g., techienote.home):

zone "techienote.home" {
    type master;
    file "/etc/bind/zones/techienote.home.db";
};

Also, add a zone for reverse DNS lookups for the local network (adjust the network part 1.168.192 according to your subnet):

zone "1.168.192.in-addr.arpa" {
    type master;
    file "/etc/bind/zones/rev.1.168.192.in-addr.arpa";
};

Create Zones Directory

Create the directory specified in the file directive within your zone definitions:

sudo mkdir /etc/bind/zones

Configure Forward Lookup Zone

Create and configure the zone file for the local domain:

sudo vi /etc/bind/zones/techienote.home.db

Add example settings, changing them to match your hostnames and IP addresses:

; Use semicolons to add comments.
; Host-to-IP Address DNS Pointers for techienote.home
; Note: The extra "." at the end of the domain names are important.

$TTL 86400    ; 1 day (default TTL)

@ IN SOA server.techienote.home. hostmaster.techienote.home. (
            2012111302 ; Serial (YYYYMMDDII format recommended)
            8H         ; Refresh (8 hours)
            4H         ; Retry (4 hours)
            4W         ; Expire (4 weeks)
            1D         ; Minimum TTL (1 day)
            )

; NS record indicates the Name Server for the domain
@       IN NS server.techienote.home.

; A records for hosts in the domain (use FQDN or relative names)
localhost   IN A 127.0.0.1
server      IN A 192.168.1.98
; Add other hosts here, e.g.:
; client1     IN A 192.168.1.100

Note: The serial number must always be incremented each time you change the zone file. A common format is YYYYMMDDII, where II is an index incremented if you make more than one change on the same day.

Configure Reverse Lookup Zone

Create and edit the reverse lookup configuration file (the filename should match the one specified in named.conf.local):

sudo vi /etc/bind/zones/rev.1.168.192.in-addr.arpa

Add example settings for reverse lookups (PTR records). The numbers represent the last octet of the IP address:

; Reverse lookup zone for 192.168.1.x network
$TTL 86400    ; 1 day

@ IN SOA server.techienote.home. hostmaster.techienote.home. (
            2012111302 ; Serial (should match forward zone or be managed independently)
            8H         ; Refresh
            4H         ; Retry
            4W         ; Expire
            1D         ; Minimum TTL
            )

; NS record
@       IN NS server.techienote.home.

; PTR records (map IP address octet to hostname)
98      IN PTR server.techienote.home.
; Add other reverse entries here, e.g.:
; 100     IN PTR client1.techienote.home.

Step 6: Restart BIND9 Service

Restart the BIND9 service to apply all configuration changes:

sudo service bind9 restart

You should now have a basic caching and primary master DNS server running on your Ubuntu system.