Home Linux DistributionsDebian Install and configure DNS server in Ubuntu 16.04 LTS

Install and configure DNS server in Ubuntu 16.04 LTS

By sk
Published: Updated: 18.2K views

This comprehensive tutorial describes how to install and configure DNS server in Ubuntu 16.04 LTS 64 bit server edition. As you may know already, DNS is the short form of Domain name system, which is used to resolve hostnames into IP addresses and vice versa. For the purpose of this guide, I will be using three systems, one for Primary DNS server, other for secondary DNS, and the third one for DNS client. All systems are running with Ubuntu 16.04 operating systems. Here is the IP and host name of each system.

Primary DNS server:

  • Operating system : Ubuntu 16.04 LTS 64 bit server
  • Hostname : pri.ostechnix.lan
  • IP address : 192.168.1.200/24

Secondary DNS server:

  • Operating system : Ubuntu 16.04 LTS 64 bit server
  • Hostname : sec.ostechnix.lan
  • IP address : 192.168.1.201/24

DNS Client:

  • Operating system : Ubuntu 16.04 LTS 64 bit server
  • Hostname : client.ostechnix.lan
  • IP address : 192.168.1.202/24

Let us get started.

Install and Configure DNS server in Ubuntu 16.04

I will split this guide as as three parts for the sake of simplicity and easy understanding.

  1. Install and configure Caching-only name server,
  2. Install and configure Primary DNS server or Master DNS server
  3. Install and configure Secondary DNS server or Slave DNS server

Let us do it step by step.

Part 1 : Install and configure Caching-only name server,

Make sure your Ubuntu server is up-to-date.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade

Install BIND9

After updating the system, run the following command to install BIND9 packages which are used to setup DNS server.

sudo apt-get install bind9 bind9utils bind9-doc
Install BIND9

Install BIND9

Configuring Caching name server

Caching name server saves the DNS query results locally for a particular period of time. It reduces the DNS server's traffic by saving the queries locally, therefore it improves the performance and efficiency of the DNS server.

To configure Caching name server, edit /etc/bind/named.conf.options file:

sudo nano /etc/bind/named.conf.options

Uncomment the following lines. And then, add your ISP or Google public DNS server IP addresses.

forwarders {
 8.8.8.8;
 };

ostechnix@pri: ~_002

Save and close the file.

And then restart bind9 service to take effect the changes.

sudo systemctl restart bind9

We have successfully installed the caching name server.

Testing Caching name server

Now let us check if it is working or not using command:

dig -x 127.0.0.1

If you see something like below, congratulations! Caching name server is working!

; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22769
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa. IN PTR

;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 604800 IN PTR localhost.

;; AUTHORITY SECTION:
127.in-addr.arpa. 604800 IN NS localhost.

;; ADDITIONAL SECTION:
localhost. 604800 IN A 127.0.0.1
localhost. 604800 IN AAAA ::1

;; Query time: 0 msec
;; SERVER: 192.168.1.200#53(192.168.1.200)
;; WHEN: Tue Aug 23 15:53:59 IST 2016
;; MSG SIZE rcvd: 132

ostechnix@pri: ~_003

Part 2 : Install and configure Primary DNS server

Make sure your Ubuntu server is up-to-date using the following commands:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade

Install BIND9

Run the following command to install BIND9 packages.

sudo apt-get install bind9 bind9utils bind9-doc

Configuring Primary DNS server

All configuration file be will be available under /etc/bind/ directory.

Let us edit bind9 configuration file

Edit ‘/etc/bind/named.conf’ using any editor of your choice:

sudo nano /etc/bind/named.conf

This file should have the following lines in it. If the lines are not there, just add them.

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

ostechnix@pri: ~_004

Save the changes and exit the file.

We need to define the forward and reverse zone files.

To do so, edit named.conf.local file:

sudo nano /etc/bind/named.conf.local

Define the forward and reverse files as shown below.

zone "ostechnix.lan" {
        type master;
        file "/etc/bind/for.ostechnix.lan";
        allow-transfer { 192.168.1.201; };
        also-notify { 192.168.1.201; };
 };
zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/rev.ostechnix.lan";
        allow-transfer { 192.168.1.201; };
        also-notify { 192.168.1.201; };
 };

ostechnix@pri: ~_008

Here, for.ostechnix.lan is the forward zone file. rev.ostechnix.lan is the reverse zone files. And 192.168.1.202 is the IP address of secondary DNS server. We do this because, the secondary DNS will start to fetch the queries if primary server is down.

Save and close the file.

Let us now create the zone files which we defined in the previous step.

First let us create forward zone file as shown below.

sudo nano /etc/bind/for.ostechnix.lan

Add the following lines:

$TTL 86400
@   IN  SOA     pri.ostechnix.lan. root.ostechnix.lan. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          pri.ostechnix.lan.
@       IN  NS          sec.ostechnix.lan.
@       IN  A           192.168.1.200
@       IN  A           192.168.1.201
@       IN  A           192.168.1.202
pri     IN  A           192.168.1.200
sec     IN  A           192.168.1.201
client  IN  A           192.168.1.202

ostechnix@pri: ~_009

Similarly, you can add the other client records as defined in the above file.

Save and close the file. Next create reverse zone.

sudo nano /etc/bind/rev.ostechnix.lan

Add the following lines:

$TTL 86400
@   IN  SOA     pri.ostechnix.lan. root.ostechnix.lan. (
        2011071002  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          pri.ostechnix.lan.
@       IN  NS          sec.ostechnix.lan.
@       IN  PTR         ostechnix.lan.
pri     IN  A           192.168.1.200
sec     IN  A           192.168.1.201
client  IN  A           192.168.1.202
200     IN  PTR         pri.ostechnix.lan.
201     IN  PTR         sec.ostechnix.lan.
202     IN  PTR         client.ostechnix.lan.

ostechnix@pri: ~_007

Save and close the file.

Set the proper permissions and ownership to the bind9 directory.

sudo chmod -R 755 /etc/bind
sudo chown -R bind:bind /etc/bind

Next, we need to verify the DNS configuration files and zone files.

Check the DNS configuration files with commands:

sudo named-checkconf /etc/bind/named.conf
sudo named-checkconf /etc/bind/named.conf.local

If the above commands returns nothing, it means DNS configuration is valid.

Next, check the zone files using commands:

sudo named-checkzone ostechnix.lan /etc/bind/for.ostechnix.lan

Sample output:

zone ostechnix.lan/IN: loaded serial 2011071001
OK

Check the reverse zone file:

sudo named-checkzone ostechnix.lan /etc/bind/rev.ostechnix.lan

Sample output:

 zone ostechnix.lan/IN: loaded serial 2011071002
OK

ostechnix@pri: ~_010

If you got the results as shown above, then everything is good.

Now, it is time to check whether the primary DNS server is working or not.

Edit /etc/network/interfaces file:

sudo vi /etc/network/interfaces

Add the DNS server IP address. In our case, the DNS server IP is the same IP address of this machine itself.

dns-nameservers 192.168.1.200

ostechnix@pri: ~_012

Save and close the file.

Finally, restart Bind9 service.

sudo systemctl restart bind9

Testing primary DNS server

Verify DNS server using dig or nslookup commands.

dig pri.ostechnix.lan

Sample output:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> pri.ostechnix.lan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51989
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pri.ostechnix.lan. IN A

;; ANSWER SECTION:
pri.ostechnix.lan. 86400 IN A 192.168.1.200

;; AUTHORITY SECTION:
ostechnix.lan. 86400 IN NS sec.ostechnix.lan.
ostechnix.lan. 86400 IN NS pri.ostechnix.lan.

;; ADDITIONAL SECTION:
sec.ostechnix.lan. 86400 IN A 192.168.1.201

;; Query time: 0 msec
;; SERVER: 192.168.1.200#53(192.168.1.200)
;; WHEN: Tue Aug 23 16:56:13 IST 2016
;; MSG SIZE rcvd: 110

ostechnix@pri: ~_013

Or, use nslookup command as shown below:

nslookup ostechnix.lan

Sample output:

Server: 192.168.1.200
Address: 192.168.1.200#53

Name: ostechnix.lan
Address: 192.168.1.200
Name: ostechnix.lan
Address: 192.168.1.201
Name: ostechnix.lan
Address: 192.168.1.202

ostechnix@pri: ~_015

If you got results something like above, then primary DNS server is up and is working perfectly!

Part 2: Install and configure Secondary DNS server

You need a separate system to setup this server. We need secondary DNS server, because in case of any problem with Primary DNS, then secondary dns server will still resolve quries.

First, Update server using commands:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade

Install BIND9

Install required bind9 packages:

sudo apt-get install bind9 bind9utils bind9-doc

Configure secondary DNS server

Edit bind9 configuration file:

sudo nano /etc/bind/named.conf

Add the following lines if they are not there.

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

Save and close the file.

Next, we need to define zone files.

To do so, edit named.conf.local file:

sudo nano /etc/bind/named.conf.local

Add or modify the following lines. Replace IP address and zone files with your own values.

zone "ostechnix.lan" {
        type slave;
        file "/var/cache/bind/for.ostechnix.lan";
        masters { 192.168.5.200; };
 };
zone "1.168.192.in-addr.arpa" {
        type slave;
        file "/var/cache/bind/rev.ostechnix.lan";
        masters { 192.168.5.200; };
 };

ostechnix@sec: ~_016

Here,  192.168.1.200 is the IP address of the primary DNS server.

Please note that the path of zone files must be /var/cache/bind/ directory. It is because AppArmor only allow write access inside it by default.

Next set the proper permission and ownership to the bind directory.

sudo chmod -R 755 /etc/bind
sudo chown -R bind:bind /etc/bind

Then, edit network configuration file and add the primary and secondary DNS server's IP address.

sudo nano /etc/network/interfaces
[...]
dns-nameservers 192.168.1.200
dns-nameservers 192.168.1.201

ostechnix@sec: ~_017

Save and close the file.

Finally, reboot your system to take effect the all changes.

Testing Secondary DNS server

As I mentioned already, we use "dig" or "nslookup" commands to test DNS server.

Let us verify the secondary DNS server with command:

dig sec.ostechnix.lan

Sample Output:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> sec.ostechnix.lan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49308
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sec.ostechnix.lan. IN A

;; ANSWER SECTION:
sec.ostechnix.lan. 86400 IN A 192.168.1.201

;; AUTHORITY SECTION:
ostechnix.lan. 86400 IN NS sec.ostechnix.lan.
ostechnix.lan. 86400 IN NS pri.ostechnix.lan.

;; ADDITIONAL SECTION:
pri.ostechnix.lan. 86400 IN A 192.168.1.200

;; Query time: 2 msec
;; SERVER: 192.168.1.200#53(192.168.1.200)
;; WHEN: Tue Aug 23 18:19:47 IST 2016
;; MSG SIZE rcvd: 110

ostechnix@sec: ~_018

Similarly, you can verify primary DNS server with command:

dig pri.ostechnix.lan

Or, just use nslookup command as shown below.

nslookup ostechnix.lan

Note: Please note that the zone files will be transferred only when the Serial Number on the Primary DNS server is higher than the Secondary DNS server's serial number.

Configuring DNS client

Edit network configuration file in the client system:

sudo nano /etc/network/interfaces

Add the nameserver IP addresses.

[...]
nameserver 192.168.1.200
nameserver 192.168.1.201

Save and close the file. Then, reboot your system to take effect the changes.

Test the DNS servers using any one of the following commands:

dig pri.ostechnix.lan
dig sec.ostechnix.lan
dig client.ostechnix.lan
nslookup ostechnix.local

At this stage, you will have working primary and secondary DNS servers.

Don't forget to download the following free EBOOK that explains how to install and configure various server applications on your Ubuntu system.

That's all for now. If you find this guide useful, please share it on your social networks and support OSTechNix.

Cheers!

Thanks for stopping by!

How can I benefit from this blog:

Have a Good day!!

You May Also Like

27 comments

Bhagwant Singh March 2, 2019 - 1:26 am

will you please evaluate that how we can create a forward lookup zone and reverse lookup zone i tried thrice but nothing is working, so i need your help..

Reply
Roger May 10, 2019 - 10:43 pm

To configure a DNS server is it necessary for the domain to be registered?

Reply
sk May 11, 2019 - 11:49 am

Yes, you should register the domain. If it is local DNS server, it is not required.

Reply
bhargavi June 22, 2019 - 7:09 pm

Hi
When I run “dig pri.ostechnix.lan” in the output part I am not getting details related to secondary domain name server. Is there anything need to be configured.

Reply
Louis November 14, 2019 - 7:48 pm

Hello when i type nslookup “localhost” the server says “server can’t find “localhost”: SERVFAIL

Reply
Edno December 13, 2019 - 1:36 am

Great guide. It helped me a lot!
I didn’t find where to rate, but you got five of five stars.
Thanks!!!

Reply
Diegoo October 17, 2021 - 5:43 pm

Hi, i am following this guide and I have a question.
Do you have to configure a specific hostname or IP to the catching only server or do you leave it by default?
Thanks in advance!

Reply
sk October 17, 2021 - 9:58 pm

You can configure your own IP and hostname of your chioce for the caching server.

Reply
1 2

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More