Configure The Server
apt install -y bind9
/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
listen-on port 53 { 127.0.0.1; 192.168.2.1; 192.168.2.0/32; };
allow-query { 192.168.2.0/24; };
allow-query-cache { 192.168.2.0/24; };
allow-recursion { 192.168.2.0/24; };
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0 s placeholder.
forwarders {
8.8.8.8;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
/etc/bind/named.conf.local
zone "internal.itsltns.io" IN {
type master;
file "internal.itsltns.io.zone";
};
Add The Server:
vim /var/cache/bind/internal.itsltns.io.zone
$TTL 86400
@ IN SOA internal.itsltns.io root.internal.itsltns.io (
2018050600
3600
900
604800
86400
)
@ IN NS ns1
ns1 IN A 192.168.2.1
macbook IN A 192.168.2.2
Checking the Config
Run the following commands:
# Check Config
named-checkconf
# Point to file
/usr/sbin/named-checkzone internal.itsltns.io /var/cache/bind/internal.itsltns.io.zone
# Restart Bind Server
systemctl enable bind9
systemctl restart bind9
Set the Domain Server
vim /etc/resolv.conf
nameserver 127.0.0.1
options edns0
Firewall - Allow
ufw allow 53