Setting the Hostname on the Name Servers
sudo nano /etc/hosts
add FQDN
server master
"""
127.0.0.1 localhost
192.0.2.1 ns1.example.com ns2
192.0.2.1 ns1.example.com ns2
"""
Server slave
"""
127.0.0.1 localhost
192.0.2.2 ns2.example.com ns2
192.0.2.2 ns2.example.com ns2
"""
Install Bind on Both Name Servers
sudo apt-get update
sudo apt-get install bind9 bind9utils bind9-doc
sudo apt-get install bind9 bind9utils bind9-doc
Configure the Primary Bind Server
sudo nano /etc/bind/named.conf.options
"""
options {
directory "/var/cache/bind";
recursion no;
allow-transfer { none; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
directory "/var/cache/bind";
recursion no;
allow-transfer { none; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
"""
Configuring the Local File
sudo nano /etc/bind/named.conf.local
"""
zone "example.com" { type master;
file "/etc/bind/zones/db.example.com";
allow-transfer { 192.0.2.2; }; # allow slave
};
allow-transfer { 192.0.2.2; }; # allow slave
};
"""
A Bit About Reverse Zones
zone "2.0.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.192.0.2";
};
type master;
file "/etc/bind/zones/db.192.0.2";
};
Create the Forward Zone File
sudo mkdir /etc/bind/zones
sudo cp /etc/bind/db.local /etc/bind/zones/db.example.com
sudo cp /etc/bind/db.127 /etc/bind/zones/db.192.0.2
sudo nano /etc/bind/zones/db.example.com
"""
$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Name servers
example.com. IN NS ns1.example.com.
example.com. IN NS ns2.example.com.
; A records for name servers
ns1 IN A 192.0.2.1
ns2 IN A 192.0.2.2
; Other A records
@ IN A 192.0.2.3
www IN A 192.0.2.3
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Name servers
example.com. IN NS ns1.example.com.
example.com. IN NS ns2.example.com.
; A records for name servers
ns1 IN A 192.0.2.1
ns2 IN A 192.0.2.2
; Other A records
@ IN A 192.0.2.3
www IN A 192.0.2.3
"""
Create the Reverse Zone File
sudo nano db.192.0.2
"""
$TTL 604800
@ IN SOA example.com. admin.example.com. (
5 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Name servers
IN NS ns1.example.com.
IN NS ns2.example.com.
; PTR records
1 IN PTR ns1.example.com.
2 IN PTR ns2.example.com.
3 IN PTR www.example.com.
@ IN SOA example.com. admin.example.com. (
5 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; Name servers
IN NS ns1.example.com.
IN NS ns2.example.com.
; PTR records
1 IN PTR ns1.example.com.
2 IN PTR ns2.example.com.
3 IN PTR www.example.com.
"""
Testing the Files and Restarting the Service
sudo named-checkconf
Configure the Secondary Bind Server
sudo nano /etc/bind/named.conf.options
"""
options {
directory "/var/cache/bind";
recursion no;
allow-transfer { none; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
directory "/var/cache/bind";
recursion no;
allow-transfer { none; };
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
"""
Configuring the Local Configuration File
sudo nano /etc/bind/named.conf.local
"""
zone "example.com" {
type slave;
file "db.example.com";
masters { 192.0.2.1; };
};
type slave;
file "db.example.com";
masters { 192.0.2.1; };
};
zone "2.0.192.in-addr.arpa" {
type slave;
file "db.192.0.2";
masters { 192.0.2.1; };
};
type slave;
file "db.192.0.2";
masters { 192.0.2.1; };
};
"""
Check DNS (Bind) Configuration
named-checkconf /etc/named.conf
If the bind is running in chroot environment use below command also along with above command
named-checkconf -t /var/named/chroot /etc/named.conf
named-checkconf -t /var/named/chroot /etc/named.conf
Check Bind Zone File
named-checkzone demotecadmin.net /var/named/demotecadmin.net.db
Check Configuration file in Older version of Bind
If you are using an older version of the bind, you can have also checked the configuration using below command.
service named configtest
If you are using an older version of the bind, you can have also checked the configuration using below command.
service named configtest
Restart Services
sudo service bind9 restart
Show logs
sudo tail -f /var/log/syslog
Change in your DNS public los NS nameserver for
ns1.example.com
ns1.example.com
Check intodns ans show posible errors
https://intodns.com/example.com
Troubleshoot
Fix erros de write in slave sever
chown -R bind:bind /etc/bind/
Fix error apppmor
nano /etc/apparmor.d/usr.sbin.named
change
/etc/bind/** r,
for
/etc/bind/** rw,
Setting up dkim setup dns zone syntax error on bind in ubuntu
Not sure on the cause, but splitting the long string up into shorter ones separated by spaces and wrapped by ( and ) fixes the issue. For example,
dkim3._domainkey IN TXT ("v=DKIM1; t=s; p=" "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD78Ki2d0zmOlmjYNDC7eLG3af12KrjmPDeYRr3" "q9MGquKRkRFlY+Alq4vMxnp5pZ7lDaAXXwLYjN91YY7ARbCEpqapA9Asl854BCHMA7L+nvk9kgC0" "ovLlGvg+hhqIPqwLNI97VSRedE60eS+CwcShamHTMOXalq2pOUw7anuenQIDAQAB")
sources:
0 Comments