1. Installing and enabling DNS server
Step 1.1: Install BIND9 Packages
sudo apt install bind9 bind9-utils -yStep 1.2: Enable and Start the named Service
sudo systemctl enable named
sudo systemctl start named
Step 1.3: Verify Service Status
Confirm the service is active and running:
sudo systemctl status named2. Configuring the DNS server
Step 2.1: Configure Forwarders
Edit the BIND options file:
sudo nano /etc/bind/named.conf.optionsModify the options block:
EX:
forwarders {
10.0.10.100;
8.8.8.8;
};
recursion yes;
allow-query { any; };
};
Step 2.2: Create Forward Lookup Zone
Edit the local zones file:
sudo nano /etc/bind/named.conf.localAdd the zone definition:
zone "lab.local" {
type master;
file "/etc/bind/db.lab.local";
};
Screenshot:
Step 2.3: Create Zone File
Copy the default template:
sudo cp /etc/bind/db.local /etc/bind/db.lab.localEdit the new zone file:
sudo nano /etc/bind/db.lab.local$TTL 604800
@ IN SOA ns1.lab.local. admin.lab.local. (
2026021101 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS ns1.lab.local.
ns1 IN A 192.168.1.10
server1 IN A 192.168.1.20
Important: Increment the serial number anytime the file is modified.
3. Configuring UFW
Step 3.1: Configure UFW Firewall
Check UFW status:
sudo ufw statusAllow DNS traffic (TCP and UDP port 53):
sudo ufw allow 53/udp
sudo ufw allow 53/tcp
sudo ufw reload
Screenshot:
Step 3.2: Verify BIND is Listening
sudo ss -tulnp | grep :53Confirm that bind9 (named) is listening on TCP and UDP port 53.
Screenshot:
4. Test DNS Resolution
Step 4.1: Test Local DNS Resolution
dig @localhost ns1.lab.localExpected Result: A valid A record is returned.
Screenshot:
Step 4.2: Test from Another Machine
From a second machine:
dig @<DNS_SERVER_IP> server1.lab.localOr using nslookup:
nslookup server1.lab.localExpected Result: The correct IP address is returned.
Screenshot:
