Skip to main content

DNS Server Configuration on Linux

This article is a quick configuration manual of a Linux DNS server using bind. I believe thatbind do not need much introduction, but before you proceed with the installation and configuration of bind nameserver make sure that bind DNS server is exactly what you want. Default setup and execution of bind on Debian or Ubuntu may take around 200MB of RAM with no zones added to the config file. Unless you reduce the memory usage of a bind via various bind "options" config settings, be prepared to have some spare RAM available just for this service. This fact is even more important if you pay for your own VPS server.

Another DNS nameservers available on a Linux systems are NSD ( Name Server Daemon) or djbdns ( tinydns ). Both are lightweight alternatives to bind9 DNS server and have less RAM requirements. Apparently are even faster. 
In this article we will not go into details of what Domain Name Service ( DNS ) is nor how DNS works. Rather we simply concentrate in a simple configuration of a custom zone and config file for a given domain / host supporting www, mail services.

Sample scenario notes to help you ready this DNS bind howto:
·         nameserver IP address
·         sample domain / host:
·         authoritative nameservers for a zone: ( ) and ( )
·         www and mail services for will point to:
1. bind9 nameserver installation
Unless you prefer to install bind from a source code the installation is rather simple. On a Debian or Ubuntu Linux server you can install a bind nameserver with a following command:
apt-get install bind9 dnsutils
CentOS or Fedora alternative:
yum install bind dnsutils
dnsutils is not compulsory package to run bind webserver, but we will use a dig command which is part of this package as a testing tool of your bind configuration.
2. Creating a DNS zone file
At this stage we will need to create a new zone file for a domain Navigate to /etc/bind/ directory execute following sequence of commands to navigate to zones/master/
cd /etc/bind
mkdir -p zones/master
cd zones/master/
/etc/bind/zones/master directory will contain a zone file for a domain. If you prefer to use another directory to hold this file you are free to do so. The following zone file will hold a DNS record to assist a nameserver resolve a fully qualified domain name to an IP address. Create and save with a following content:
; BIND data file for
$TTL    3h
@       IN      SOA (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 day
@       IN      NS
@       IN      NS    IN      MX      10    IN      A
ns1                     IN      A
ns2                     IN      A
www                     IN      CNAME
mail                    IN      A
ftp                     IN      CNAME
Here is just a quick review of some lines from the above bind DNS zone file:
·         SOA Record: nameserver authoritative for a zone is and is an email address of a person responsible for this DNS zone.
·         NS Records: two nameservers for a zone are ns[1,2]
·         MX ( Mail Exchange): mail exachange record. Number 10 means a preference for discarting a records A : A simply means address inanother words in's zone a ns1 would ahve a A ( address )
·         CNAME Record ( Canonical Name record ): restart the query using the canonical name instead of the original name
3. address-to-name mappings
At this stage the bind DNS server can resolve an IP address mapped to a host. What we should do now is the teach our nameserver the other way around, which is, to resolve a host from an IP address. For this we are going to need yet another file and that isdb.192.168.0 with a following content:
; BIND reverse data file for
$TTL    604800      IN      SOA (
                          1         ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 day
;       IN      NS       IN      NS   IN      PTR
·         PTR: a NDS record used for a mapping of an IP address to a host name.
4. Updating a BIND Configuration File
At this point we should have two files ready:
·         /etc/bind/zones/master/
·         /etc/bind/zones/master/db.192.168.0
All we need to do now is to insert both zone file names into a bind's configuration file named.conf.local. To do that add following lines into this file:
zone "" {
       type master;
       file "/etc/bind/zones/master/";

zone "" {
       type master;
       file "/etc/bind/zones/master/db.192.168.0";
Last thing before we go ahead to check a configuration is to add and IP address af a stable DNS server to a named.conf.options file. This IP address is used in case that a local DNS server do not know the answer the a name resolution query. In IP address of a DNS server in many cases is provided by your Internet provider. Alternatively if you are google fan use or
Replace a following blog of text withing a named.conf.options file:
       // forwarders {
       // };
with new stable DNS server IP address
        forwarders {
5. Checking bind's zone files and configuration
Before we attempt to start a bind nameserver with a new zone and configuration here are some tools to check if we have not done some typo or misconfiguration.
To check a configuration files run a following command:
With this named-checkconf command the rule is: no news are good news. If no output had been produced your config files looks OK.
To check a DNS zone files we can use named-checkzone command:
named-checkzone /etc/bind/zones/master/
zone loaded serial 1
reverse zone file check:
named-checkzone /etc/bind/zones/master/db.192.168.0
zone loaded serial 2
6. Start / restart bind nameserver
At this point nothing can stop us to run bind9 dns server:
 /etc/init.d/bind9 start
Starting domain name service...: bind9.
Alternatively, if your bind server is already running use a following command to to assist you with its restart:
/etc/init.d/bind9 restart
Stopping domain name service...: bind9.
Starting domain name service...: bind9.
7. Testing a bind server configuration
A dig command from dnsutils package will become handy to help us to test a new configuration of bind nameserver.
dig command can be used from any PC which has a network access the your DNS server but preferably your should start your testing from a localhost. In our this case the IP address of our name server is First we will test host-to-IP resolution:
dig @

; <<>> DiG 9.6-ESV-R1 <<>> @
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60863
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;           IN      A

;; ANSWER SECTION:    10800   IN      CNAME        10800   IN      A

;; AUTHORITY SECTION:        10800   IN      NS        10800   IN      NS

;; ADDITIONAL SECTION:    10800   IN      A    10800   IN      A

;; Query time: 0 msec
;; WHEN: Thu Aug  5 18:50:48 2010
;; MSG SIZE  rcvd: 135
Next we test IP-to-host resolution:
dig @ -x

; <<>> DiG 9.6-ESV-R1 <<>> @ -x
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10810
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;     IN      PTR


;; AUTHORITY SECTION: 604800  IN      NS 604800  IN      NS

;; ADDITIONAL SECTION:    10800   IN      A    10800   IN      A

;; Query time: 0 msec
;; WHEN: Thu Aug  5 18:52:06 2010
;; MSG SIZE  rcvd: 140
Congratulations, you have just created and configured your own DNS zone using bind nameserver.


Popular posts from this blog

CentOS / Redhat : Configure CentOS as a Software Router with two interfaces

Linux can be easily configured to share an internet connection using iptables. All you need to have is, two network interface cards as follows: a) Your internal (LAN) network connected via eth0 with static ip address b) Your external WAN) network is connected via eth1 with static ip address  ( public IP provided by ISP ) Please note that interface eth1 may have public IP address or IP assigned by ISP. eth1 may be connected to a dedicated DSL / ADSL / WAN / Cable router: Step # 1: Enable Packet Forwarding Login as the root user. Open /etc/sysctl.conf file # vi /etc/sysctl.conf Add the following line to enable packet forwarding for IPv4: net.ipv4.conf.default.forwarding=1 Save and close the file. Restart networking: # service network restart Step # 2: Enable IP masquerading In Linux networking, Network Address Translation (NAT) or Network Masquerading (IP Masquerading) is a technique of transceivin

Virtual Box and Alt/Tab Keys

I use virtual box for all my testing activities. It comes too often that I have a virtual box VM window open & I want to switch to my host machine to see some stuff like tutorials etc.. If you press the alt+tab combination it just works inside the VM & doesn't switches to host machine. In these scenarios you can press the host key once ( not hold it ) & then whatever you press goes to host machine. So in general where host key is the default Right Ctrl, just press Right Ctrl once & now press the alt+tab & it will switch you out to host machine. This is really helpful when you have the VM windows open or you're working on seamless mode. Hope it help others too.

AMD Radeon™ HD 7670M on Ubuntu 12.04

Update:   Recently I install kubuntu 13.10 and there is no problem with graphics. It just works  fine out of the box. I've seen many blog posts on how to make AMD HD7670M work on Ubuntu 12.04, specially when its in switchable graphics board like Dell Inspiron 15R 5520. I tried many things to make it work so that I could use the cinnamon desktop on ubuntu & other things too.. But to my surprise even the drivers from AMD site didn't work. Then I tried a combination of those blog posts I read & somehow I became successful in running the full graphics including compiz settings inside My Ubuntu Machine. Following are the steps I followed & it worked... 1. Create a backup of your xorg configuration file: sudo cp /etc/X11/xorg.conf /etc/X11/xorg.conf.BAK 2. Remove/purge current fglrx and fglrx-amdcccle : sudo apt-get remove --purge fglrx* 3. Install the driver: sudo apt-get install fglrx fglrx-amdcccle 4. Install additional