Setting up DNS on my network
Posted by hank, Tue Mar 25 00:09:00 UTC 2008
I decided to set up bind9 today on my Gutsy server. It wasn’t too painful after I finally found some posts from someone who knew what they were doing (2 tutorials I read contained invalid configurations…).
First, you install bind:
sudo apt-get install bind9Then, you edit /etc/bind/named.conf:
acl homenet { 192.168.1.0/24; };
options {
directory "/etc/bind/zones";
};
zone "." IN {
type hint;
file "named.root";
};
zone "who" IN {
type master;
file "who.db";
allow-query { homenet; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "rev.1.168.192.in-addr.arpa";
};
This makes an ACL for my home network (192.168.1.1 - 192.168.1.254), sets the directory where my zone files live, defines a zone for the root DNS servers, defines a domain called .who, where all my machines will live, and only allows my home network IP space to query it, and also defines the reverse lookup zone.
Now, I simply had to make the zone files. Here’s what I came up with for zones/who.db:
$ORIGIN who.
$TTL 86400
@ IN SOA ns.who. rofl.who. (
2006081401
28800
3600
604800
38400
)
IN NS ns.who
IN A 192.168.1.134
* IN A 192.168.1.134
rofl IN A 192.168.1.134
ns IN A 192.168.1.134
davros IN A 192.168.1.3
Basically, everything goes to my machine at 192.168.1.134 except things going to davros. It’s lame, but it’s a good template.
Here’s the Reverse lookup zone:
$ORIGIN .
$TTL 86400
1.168.192.in-addr.arpa IN SOA ns1.who. rofl.who. (
2006081401;
28800;
604800;
604800;
86400
)
NS ns1.who.
$ORIGIN 1.168.192.in-addr.arpa.
134 PTR rofl.who.
3 PTR davros.who.
Restart the bind service with sudo /etc/init.d/bind9 restart. Also, add it to your /etc/resolv.conf. Try it out like this:
hank@davros:~$ dig davros.who
; <<>> DiG 9.4.1-P1 <<>> davros.who
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38320
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;davros.who. IN A
;; ANSWER SECTION:
davros.who. 86400 IN A 192.168.1.3
;; AUTHORITY SECTION:
who. 86400 IN NS ns.who.who.
;; ADDITIONAL SECTION:
ns.who.who. 86400 IN A 192.168.1.134
;; Query time: 1 msec
;; SERVER: 192.168.1.134#53(192.168.1.134)
;; WHEN: Mon Mar 24 23:22:46 2008
;; MSG SIZE rcvd: 81
I then added it to my DD-WRT settings on my Linksys WRT54Gv8 router under Setup -> Basic Setup:
My router now simply sends out its IP as the sole DNS server, but routes all the DNS requests to the right spots. Brilliant. Let me know if I did something stupid/wrong…
Blog Posts
