search

DNS With BIND9

mate, It's always a DNS issue, event after you configure everything correctly wait for the refresh time

hashtag
DNS

First of all, let’s install bind9

sudo apt install bind9

Then go the bind9 directory:

cd /etc/bind9

touk@k8snode:/etc/bind$ ls
bind.keys  db.127        db.255    db.local          named.conf.default-zones  named.conf.options  zones.rfc1918
db.0       db.empty      named.conf        named.conf.local          rndc.key

Now, let’s confgiure the file called ‘named.conf.options’:

sudo vim /etc/bind9/named.conf.options

the following output is the content of file:

acl trusted-hosts {
        localhost;
        localnets;
        192.168.1.0/24;
};

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See <http://www.kb.cert.org/vuls/id/800113>

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

         forwarders {
                1.1.1.1;
                8.8.8.8;
         };

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See <https://www.isc.org/bind-keys>
        //========================================================================
        dnssec-validation auto;
        listen-on port 53 { 127.0.0.1; 192.168.1.9; };
        listen-on-v6 { any; };
        allow-query { trusted-hosts; };
        allow-transfer { none; };
        recursion yes;
        allow-recursion { trusted-hosts; };
};

Now, let’s create a zone :

circle-info

💡 For simplicity you can get the zone template config file like this

sudo cp db.local homelab.lan.zone

let’s see my config file:

Now BIND9 don’t know about this zone, so we need to declare it in a special file:

And as you can see we have another zone which is for recursive lookup and that’s why we need to create a file for it :

for simplicity purpose, i follow this naming methode:

sudo cp db.127 db.192.168.1

Note: just like the we did before, we get the temlate from another file then we make our configuration

Let’s take a look at the content of db.192.168.1

circle-info

Reload bind9 with zero downtime:

sudo rndc reconfig

sudo rndc reload <reverse lookup zone file-name>

Now it depends if the NetworkManager or resolved is the on controlling the network configuration

In my case both are running which means, the NetworkMnager is responsible now And for that you have to change your DNS IP:

if it is resolved =⇒ sudo vim /etc/systemd/resolved.conf

If it is NetworkManager =⇒ You have to use the nmcli, check on this page

PreviousRSYNCNextNetworkManager Issue

Last updated