Introduction
This page describes how Alexis Huxley installed and configured his DNS server.
Procedure
- Install the packages required for the DNS server by running:
apt -y install bind9 dnsutils
- Disable IPv6 support by completing this sub-procedure:
- Edit /etc/default/named and add to OPTIONS:
OPTIONS="... -4 ..."
- Edit /etc/bind/named.conf.options and comment out:
// listen-on-v6 { any; }; - In the same file, also inside the
options { ... };stanza, add:filter-aaaa-on-v4 yes;
- Edit /etc/default/named and add to OPTIONS:
- Run a script to initialise the zones:
svn co https://svn.pasta.freemyip.com/main/smalltools/trunk ~/opt/smalltools ~/opt/smalltools/bin/dns-edit-zones
and then follow the prompts.
- Rerun the same script to and populate the zone files.
- Test with:
host $(hostname -f) localhost host $(host $(hostname -f) localhost | sed -n 's/.* has address //p') localhost
- To allow
systemctl reload bind9to work (which uses rndc to communicate with named):- Run:
rndc-confgen
- Copy the first part of the output into /etc/bind/rndc.conf.
- Copy the second part of the output into /etc/bind/named.conf.options, but put it outside the
options { ... };stanza. - Run:
systemctl restart bind9
- Test by running:
systemctl reload bind9
- Run:
- Modify /etc/resolv.conf to set:
nameserver 127.0.0.1.
- Modify /etc/resolv.conf on all other hosts (including the old DNS server) with static IP configuration to set:
nameserver <ip-of-this-new-DNS-server>
(For the old dhcpd server on the network this is effectively the same as shutting down that service.)
- If there is a DHCP server on the network then update the IP that it sends as the DNS server that DHCP clients should use.
- If you wish to:
- access your systems’ “public” hostnames from inside the home network, or
- blacklist certain external hostnames (e.g. google-analytics.com)
then see here.