Deploy BIND9 @ Ubuntu

旨在快速建立 DNS Service from BIND with Ubuntu System
 
1. # sudo apt-get install bind9
 
2. # sudo apt-get install dnsutils
 
3. # vim named.conf.local

   1: //

   2: // Do any local configuration here

   3: //

   4:

   5: // Consider adding the 1918 zones here, if they are not used in your

   6: // organization

   7: //include "/etc/bind/zones.rfc1918";

   8: zone "havenlin.org" in {

   9:     type master;

  10:     file "/etc/bind/db.havenlin.org";

  11: };

4. # vim db.havenlin.org

   1: $TTL    38400

   2: @       IN SOA  ns.havenlin.org. admin.havnelin.org. (

   3:                 2014052600      ; Serial Number

   4:                 10800          ; Refresh

   5:                 3600           ; Retry

   6:                 604800         ; Expire

   7:                 38400 )        ; Minimum

   8:

   9: @       IN NS   ns.havenlin.org.

  10: @       IN A    106.187.52.80

  11:

  12: ns      IN A    106.187.52.80

  13: blog    IN A    106.187.52.80

  14: www     IN A    8.8.8.8

5. # vim named.conf.options

   1: options {

   2:

   3:         // If there is a firewall between you and nameservers you want

   4:         // to talk to, you may need to fix the firewall to allow multiple

   5:         // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

   6:

   7:         // If your ISP provided one or more IP addresses for stable

   8:         // nameservers, you probably want to use them as forwarders.

   9:         // Uncomment the following block, and insert the addresses replacing

  10:         // the all-0's placeholder.

  11:

  12:         // forwarders {

  13:         //      0.0.0.0;

  14:         // };

  15: #        dump-file       "/var/cache/bind/cache_dump.db";

  16: #        statistics-file "/var/cache/bind/named.stats";

  17: #        managed-keys-directory "/etc/bind";

  18:

  19:         forwarders {

  20:                 8.8.8.8;

  21:                 8.8.4.4;

  22:                 168.95.1.1;

  23:         };

  24:

  25:         allow-query { any; };

  26:

  27:         //========================================================================

  28:         // If BIND logs error messages about the root key being expired,

  29:         // you will need to update your keys.  See https://www.isc.org/bind-keys

  30:         //========================================================================

  31:         dnssec-validation auto;

  32:

  33:         auth-nxdomain no;    # conform to RFC1035

  34: #       listen-on-v6 { any; };

  35: };

6. # sudo service bind9 restart
 
7. # check

   1: root@wulin:/etc/bind# dig www.havenlin.org @ns.havenlin.org

   2:

   3: ; <<>> DiG 9.9.5-3-Ubuntu <<>> www.havenlin.org @ns.havenlin.org

   4: ;; global options: +cmd

   5: ;; Got answer:

   6: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39137

   7: ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

   8:

   9: ;; OPT PSEUDOSECTION:

  10: ; EDNS: version: 0, flags:; udp: 4096

  11: ;; QUESTION SECTION:

  12: ;www.havenlin.org.              IN      A

  13:

  14: ;; ANSWER SECTION:

  15: www.havenlin.org.       38400   IN      A       8.8.8.8

  16:

  17: ;; AUTHORITY SECTION:

  18: havenlin.org.           38400   IN      NS      ns.havenlin.org.

  19:

  20: ;; ADDITIONAL SECTION:

  21: ns.havenlin.org.        38400   IN      A       106.187.52.80

  22:

  23: ;; Query time: 0 msec

  24: ;; SERVER: 106.187.52.80#53(106.187.52.80)

  25: ;; WHEN: Mon May 26 17:36:40 UTC 2014

  26: ;; MSG SIZE  rcvd: 94

接著等 root 更新

Ref: https://blog.wnlin.org