Table of Contents

Ubuntu - Bind - Configure Bind9 - Primary Nameserver

Forward Zone File

A DNS Zone resolves names to IP Addresses.

To add a DNS zone to BIND9, turning BIND9 into a Primary server, first edit /etc/bind/named.conf.local:

/etc/bind/named.conf.local
zone "example.com" {
    type master;
    file "/etc/bind/db.example.com";
};

NOTE: If bind will be receiving automatic updates to the file as with DDNS, then use /var/lib/bind/db.example.com rather than /etc/bind/db.example.com both here and in the copy command below.

Use an existing zone file as a template to create the /etc/bind/db.example.com file: 

sudo cp /etc/bind/db.local /etc/bind/db.example.com

Edit the new zone file /etc/bind/db.example.com as follows:

/etc/bind/db.example.com
;
; BIND data file for example.com
;
$TTL    604800
@       IN      SOA     example.com. root.example.com. (
                     2014100501         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
 
@       IN      NS      ns.example.com.
@       IN      A       192.168.1.10
@       IN      AAAA    ::1
ns      IN      A       192.168.1.10

NOTE:

  • Comment: Change this comment to refer to the domain that this file is for.
  • Serial Number:

    must be incremented every time changes are made to a zone file.

    This Serial number can simply be any number, such as 1 or 2 or 3 etc.

    The approach taken here is to use the last date this zone file was edited, in the format yyyymmddss (where ss is the change number for that day; 01 for 1st change, 02 for 2nd change, etc).

  • FQDNs:

    Leave the additional . at the end of the FQDNs (example.com. and root.example.com.).

    • root.example.com. actually refers to an email address of root@example.com. Change this as needed to a valid email address, but with a . instead of the usual @ symbol, and leaving a . at the end.
  • Create an A record for the base domain, example.com.
  • Create an A record for the nameserver; in this example ns.example.com.

NOTE: Add any additional DNS records to the bottom of the zone file.

See Common Record Types for details.

Restart Bind for any changes to take effect: 

sudo systemctl restart bind9.service

Reverse Zone File

A Reverse Zone needs to be added to allow DNS to resolve an address to a name.

Edit /etc/bind/named.conf.local and add the following:

/etc/bind/named.conf.local
zone "1.168.192.in-addr.arpa" {
    type master;
    file "/etc/bind/db.192";
};

NOTE: Replace 1.168.192 with the first three octets of whatever network you are using.

Also, name the zone file /etc/bind/db.192 appropriately. It should match the first octet of your network.

Create the /etc/bind/db.192 file: 

sudo cp /etc/bind/db.127 /etc/bind/db.192

Edit /etc/bind/db.192 changing the same options as /etc/bind/db.example.com:

/etc/bind/db.192
;
; BIND reverse data file for local 192.168.1.XXX net
;
$TTL    604800
@       IN      SOA     ns.example.com. root.example.com. (
                     2014100501         ; Serial                              
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.
10      IN      PTR     ns.example.com.

IMPORTANT: The Serial Number in the Reverse zone needs to be incremented on each change as well.

For each A record you configure in /etc/bind/db.example.com, that is for a different address, you need to create a PTR record in /etc/bind/db.192.

Restart Bind9

sudo systemctl restart bind9.service