KaliLinux 2018.2: Install BIND for DNS server

This article will describe installing BIND and running DNS server for private network.

1 Install BIND

Install bind9 with apt.

sudo apt-get install -y bind9

2 Configuration

  • Private network address is 192.168.11.0/24.
  • Private network name is hiroom2.com.
  • IP address of DNS server for private network is 192.168.11.70. This DNS server uses recursive query.
  • IP address of client is 192.168.11.250.
  • IP address of DNS server for internet is 192.168.11.1.

2.1 /etc/bind/named.conf.options

This is the configration file for BIND option.

  • Allow query from private network.
  • Allow recursive query.
  • Open 53/udp and 53/tcp if you running ufw.
options {
  directory "/var/cache/bind";
  listen-on port 53 { localhost; 192.168.11.0/24; };
  allow-query { localhost; 192.168.11.0/24; };
  forwarders { 192.168.11.1; };
  recursion yes;
}

2.2 /etc/bind/named.conf.local

This configuration file for private network is included by /etc/bind/named.conf.

zone "hiroom2.com" IN {
  type master;
  file "hiroom2.com.zone";
};

2.3 /var/cache/bind/hiroom2.com.zone

This is a zone file for private network.

  • DNS server hostname is server.
  • Client hostname is client.
  • If you need more, append A record.
$TTL 86400

@ IN SOA hiroom2.com root.hiroom2.com (
  2018050600
  3600
  900
  604800
  86400
)

@      IN NS server
server IN A  192.168.11.70
client IN A  192.168.11.250

3 Validation

named-checkconf validates /etc/bind/named.conf and included files.

$ named-checkconf

named-checkzone validates zone file.

$ /usr/sbin/named-checkzone hiroom2.com /var/cache/bind/hiroom2.com.zone
zone hiroom2.com/IN: loaded serial 2018050600
OK

4 Run BIND

Run BIND with systemd.

sudo systemctl enable bind9
sudo systemctl restart bind9

5 Excution result

Run nslookup on server.

$ nslookup server.hiroom2.com localhost.localdomain
Server:         localhost.localdomain
Address:        ::1#53

Name:   server.hiroom2.com
Address: 192.168.11.70

Run nslookup on client.

$ nslookup client.hiroom2.com 192.168.11.70
Server:         192.168.11.70
Address:        192.168.11.70#53

Name:   client.hiroom2.com
Address: 192.168.11.250