Setting up a Debian server: A practical example of setting up a Linux server
<<< Previous		Next >>>

Chapter 5. DNS server (Bind)

We want to be able to resolve names and addresses. This is done by the DNS server, which takes a name and asks around for the Internet address of that name. It also does the reverse, and asks around for a name to an IP address.

As some security issues has been observed lately in the bind8 version of the service, I have decided on using bind9.

5.1. Installing Bind

To install we need to add the following packages to the system.

apt-get install bind9 
apt-get install webmin-bind8

It should be commented that we use the bind8 module for webmin, as there has yet to be made a webmin module specifically for bind9.

5.2. Configuring DNS

We only want our DNS to answer to queries from the local network. The queries from the outside (The Internet) has been blocked first by the Firewall we were setting up earlier, but

We also want the DNS to actually be able to resolve addresses it does not know about.

5.2.1. Setting up resolvers

To make our DNS resolve addresses it knows nothing about, we specify where it should ask for unknown addresses.

As we have at this point already set up Webmin, there is no reason for NOT using it. Therefore, using Webmin:

Go to Servers->Bind
Select "Forwarding and transfers"
Enter the external DNS servers
Save
Apply changes

5.2.2. Add domain

Next we create our local domain:

Go to Servers->Bind
Select "Create a new master zone"
Chose "Forward"
Enter Your local domain (abode.dk)
Enter Master server (name of the localhost)
Enter an email address
Return to Zone list
Select "Create a new master zone"
Chose "Reverse"
Enter Your local network (192.168.228)
Return to Zone list

Then You add the hosts in the network to Your DNS

I have decided to let myself be guided by people who are smarter than me. It is generally considered a good thing to NOT associate services with a specific host, since this will make it harder to move the service at a later time. It is better to create a DNS record for each distinct service, and then on the client machines refer to the service name instead of the host name.

With that in mind, I have created records for ns, www, ftp, print, mail and ldap. These names will be used in place of the hostname "ember" in the following sections.

Select "abode.dk"
Select "Address"
Enter hostname
Enter address
Select "Yest to update reverse"
Create
Repeat for each host in network

5.2.3. Stop listening

As described earlier, we only want the DNS to listen to our own local network. This can be configured in Webmin as well.

Go to Servers->bind
Select "Addresses and topology"
Select "Listed below"
Enter 127.0.0.1 in the Addresses field
Save
Repeat for each IP to be listened on. Do NOT listen on external addresses.

5.3. Using the DNS server

We are now ready to switch from our old DNS to our new. This is also done in Webmin.

Go to Hardware->Network configuration
Select "DNS Client"
Change DNS servers to reflect the new server
Save

<<< Previous	Home	Next >>>
Administration tool (Webmin)		Authentication using LDAP