Complete Guide to the Installation and Configuration of DNS Server with Bind9 on Debian 10

pasiris


Introduction: What is Bind9?

Bind9 (Domain Internet Name Berkeley) is the open-source software used to build and manage DNS server. DNS (domain name system) functions as a translator Domain name (Example: tjktkel8.org) become IP address (Example: 192.168.78.116), thus facilitating communication on the internet.

DNS Server Installation and Configuration Steps in Debian 10

1. Update Operating System

Before the installation, make sure the system package is updated.

sudo apt update && sudo apt upgrade -y

2. Install Bind9

Install Bind9 along with the aids needed.

sudo apt install bind9 bind9utils bind9-doc -y

Check whether the Bind9 service is running:

sudo systemctl status bind9

If it hasn’t been running, activate and start service:

sudo systemctl enable bind9
sudo systemctl start bind9

3. Configuration of Bind9 as a DNS Server

3.1 Edit the main configuration bind9

The main file configuration Bind9 is on /etc/bind/named.conf.options. Edit the file:

sudo nano /etc/bind/named.conf.options

Find and edit the following blocks to set DNS Forwarding (Optional):

options {
directory "/var/cache/bind";
recursion yes;      // Aktifkan rekursi untuk DNS resolver.
allow-query { any; };
forwarders {
8.8.8.8;        // DNS Google sebagai resolver cadangan.
8.8.4.4;
};
dnssec-validation auto;
};

Save and exit the editor.

3.2 Create a zone for the domain

Add the zone to your domain in the file /etc/bind/named.conf.local.

sudo nano /etc/bind/named.conf.local

Add the following configuration:

zone "tjktkel8.org" {
type master;
file "/etc/bind/db.tjkt1";
};
zone "78.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.tjkt2";
};

The file above defines two zones:

  • Forward zone: to map the domain to the IP.
  • Reverse Zone: To map the IP to the domain.

3.3 Configuration of Forward Zone Files

Create a zone file for db.tjkt1.

sudo nano /etc/bind/db.tjkt1.com

SUBMIT:

$TTL    604800
@       IN      SOA     ns1.tjktkel8.org. root.tjktkel8.org. (
2         ; Serial
604800         ; Refresh
86400         ; Retry
2419200         ; Expire
604800 )       ; Negative Cache TTL
@       IN      NS      ns1.tjktkel8.org.
@       IN      A       192.168.78.116
ns1     IN      A       192.168.78.116
www     IN      A       192.168.78.116

3.4 Configuration of Reverse Zone Files

Create a reverse zone file for IP 192.168.78.0/24.

sudo nano /etc/bind/db.tjkt2

SUBMIT:

$TTL    604800
@       IN      SOA     ns1.tjktkel8.org. root.tjktkel8.org. (
2         ; Serial
604800         ; Refresh
86400         ; Retry
2419200         ; Expire
604800 )       ; Negative Cache TTL
@       IN      NS      ns1.tjktkel8.org.
116     IN      PTR     tjktkel8.org.
116     IN      PTR     www.tjktkel8.org.

4. Verification and restart Bind9

4.1 Configuration verification

Check whether the Bind9 configuration is correct:

sudo named-checkconf

Check the zone file:

sudo named-checkzone example.com /etc/bind/db.tjkt1
sudo named-checkzone 1.168.192.in-addr.arpa /etc/bind/db.tjkt1

If there are no mistakes, continue.

4.2 Restart Bind9 Services

Restart Bind9 to apply changes:

sudo systemctl restart bind9

5. Open the DNS port on the Firewall (UFW)

Bind9 uses Port 53 For DNS. Make sure the port is open in the firewall.

sudo ufw allow 53/tcp
sudo ufw allow 53/udp

Check the Firewall status:

sudo ufw status

6. Configuration of clients to use DNS Server

In clients (for example other computers), change the settings DNS in order to use the debian server IP as DNS Resolver.

  • On Linux: Edit the file /etc/resolv.conf: Copy codenameserver 192.168.1.10
  • On Windows:
    1. Open Control panel > Network and internet > Network connection.
    2. Right -click on the network, select Property.
    3. Choose Internet Protocol Version 4 (TCP/IPv4)click Property.
    4. Enter the debian server IP in the column Preferred dns server.

7. Testing DNS Server

7.1 Domain Name Resolution Test

On servers or clients who use DNS Server, run the command:

nslookup tjktkel8.org 192.168.78.116

Expected output:

Server:  192.168.78.116
Address: 192.168.78.116#53
Name:    tjktkel8.org.com
Address: 192.168.78.116

7.2 IP resolution test (reverse lookup)

Run the following command:

nslookup 192.168.78.116

Expected output:

116.78.168.192.in-addr.arpa  name = tjktkel8.org.

8. problem solving

  • Check the Bind9 log:
    If there is a problem, check log on /var/log/syslog: Bashcopy codesudo tail -f /var/log/syslog
  • Check service status:
    Make sure the service runs correctly: Bashcopy Codesudo systemctl status bind9



Game Center

Game News

Review Film
Rumus Matematika
Anime Batch
Berita Terkini
Berita Terkini
Berita Terkini
Berita Terkini
review anime

Gaming Center

Related Posts