Tips for bind setup on ubuntu linux

I needed to setup bind on a VPS that only had ssh access and no DNS servers available. I googled and found some good looking articles however it wasn’t quite enough for me to get it working on my server (See references below for the articles – you may want to read through these before continuing). I ended up getting a copy of ‘Bind and DNS’ 5th edition by Paul Albitz and Criket Li (Orielly) which explained the whole process really well. It turns out that if I had known the following things my dns server would have been up and running.

What does the ‘.’ mean on the end of domains in the config file?

So the article says ‘You must ensure you have the full stop on your domain/hostname’ but why? The ‘.’ on the domain indicates that it is an absolute name. In the config file if you do not put the dot on the end of the name it will automatically append the name of your zone onto the name (eg ‘www.google.com’ would become www.google.com.google.com’). This is why missing the dot will stop your config from working. You can
also think of the dot as ‘root’.

Bad:

bob.yourdomainzone.com = bob.yourdomainzone.com.yourdomainzone.com

Good:

bob = bob.yourdomainzone.com

bob.yourdomainzone.com. = bob.yourdomainzone.com

How do i check to see if I have configured bind correctly?

There are three main ways to check up on your bind config you should use them all (in this order).

1. run named-checkconf this will report any errors in your config or nothing if it looks ok (bind version 9 or later required).

2. run named-checkzone yourdomain.com db.configfileforyourdomain for each of your zone config files. This tool will give an ok message or error messages (bind version 9 or later required).

3. run grep named /var/log/daemon.log this will print the lines from daemon.log which contain ‘named’ which
is the name of the bind server process. Reading through the output will show you any errors bind/named had while trying to start. This is useful when you run into that pesky “ * Starting domain name service… bind           [ fail ] ” message.

My DNS server is running and works on the server, but how do I get it to work for people on the internet?

Simply setting up your DNS is not enough, in order for your dns(s) to start resolving you need do two things:

1. You need to register your two nameservers hostnames and IP addresses with your domain provider as valid name servers. If you don’t do this then your nameservers will not  be able to be found as this registration links your nameserver hostname (eg.  ‘ns1.yourdomain.com’) with your nameserver IP address. Most domain name providers will give you a control panel that allows you to register your nameservers. You will know you have the right section as it will let you enter a hostname and an IP address.

Sample Image

2. You need to set your two nameservers as the nameservers for your domain. Your domain providers control panel should have a section for this too. You will know you have the right section as you it should only let you enter addresses (eg. ns1.yourdomain.com) NOT IP Addresses.

Sample Image

If you only have one server you need to setup two hostnames (A records) under your domain that point to the IP of your nameserver. It is common to use ‘ns1.yourdomain.com’ and ‘ns2.yourdomain.com’.

OK it is all working but I don’t really understand how it works?

I highly recommend you get hold of a copy of the book ‘DNS and BIND’ from Orielly. It explains the whole domain name system and also has information on how you can secure your domain name server.

Reference

  • This Article on ZAPHU (http://www.zaphu.com/2007/09/14/ubuntu-dns-server-guide-bind-master-server-setup/)
  • This one on ulyssesonline (http://ulyssesonline.com/2007/11/07/how-to-setup-a-dns-server-in-ubuntu/)
  • Another by Rich Buggy (http://www.buggy.id.au/2007/02/10/ubuntu-sbs-domain-name-server/)
  • DNS and BIND, 5th edition by Paul Albitz and Criket Li, Published by Orielly