Setting Up Your Own DNS Server

Setting up your own DNS server can seem daunting, but it's an incredibly rewarding project that enhances your understanding of networking and increases your control over your internet experience. In this guide, we'll walk through the process of setting up a DNS server using two of the most popular DNS server software: BIND (Berkeley Internet Name Domain) and Unbound. Whether you’re looking to manage your own domain or simply want a better solution for local name resolution, we’ve got you covered!

Prerequisites

Before diving into the setup, make sure you have the following:

A server: This can be a dedicated machine, a virtual private server (VPS), or even an old computer that you can run continuously.
Operating System: This guide will primarily focus on Linux distributions like Ubuntu and CentOS. Make sure your server is up-to-date.
Root Access: You need to have root or sudo privileges to install packages and make system changes.
Basic Command Line Knowledge: Familiarity with using a terminal will help you navigate through these steps more efficiently.

Step 1: Installing BIND

BIND is the most widely used DNS server software. The installation process varies slightly depending on your OS:

On Ubuntu

Update your package index:
```
sudo apt update
```

Install BIND9:

sudo apt install bind9 bind9utils bind9-doc

Start and enable the BIND service:

sudo systemctl start bind9
sudo systemctl enable bind9

On CentOS

Install BIND:
```
sudo yum install bind bind-utils
```

Start and enable the BIND service:

sudo systemctl start named
sudo systemctl enable named

Step 2: Configuring BIND

Now that BIND is installed, it's time to configure it.

Main Configuration File

The main configuration file for BIND is located at /etc/bind/named.conf on Ubuntu and /etc/named.conf on CentOS. Open it with your favorite text editor:

sudo nano /etc/bind/named.conf  # for Ubuntu
sudo nano /etc/named.conf       # for CentOS

In the configuration file, ensure your options field looks something like this:

options {
    directory "/var/cache/bind";
    allowed-ip { any; }; // Specify IP addresses allowed to query your DNS server
    recursion yes;       // Allow recursive queries
    forwarders {
        8.8.8.8;         // Example of Google DNS for forwarding unresolved queries
        8.8.4.4;
    };
};

Zone Files

Next, you need to define the zones for your DNS server. Here’s how to set up a simple forward zone.

Open or create a new zone file:

sudo nano /etc/bind/named.conf.local  // for Ubuntu

In this file, add the following configuration (replace example.com with your domain):

zone "example.com" {
    type master;
    file "/etc/bind/db.example.com";
};

Create the zone database file:

sudo cp /etc/bind/db.empty /etc/bind/db.example.com
sudo nano /etc/bind/db.example.com

Populate it with the following template:

\$TTL    604800
@       IN      SOA     ns.example.com. admin.example.com. (
                          2         ; Serial
                     604800         ; Refresh
                      86400         ; Retry
                    2419200         ; Expire
                     604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.example.com.
@       IN      A       192.0.2.1    ; Your server's public IP
ns      IN      A       192.0.2.1    ; Your server's public IP
www     IN      A       192.0.2.1    ; Your server's public IP

Replace 192.0.2.1 with your server's actual IP address.

Check the configuration for any syntax errors:

sudo named-checkconf
sudo named-checkzone example.com /etc/bind/db.example.com  # for Ubuntu

Restart the BIND service to apply changes:

sudo systemctl restart bind9  # for Ubuntu
sudo systemctl restart named   # for CentOS

Step 3: Verifying Your DNS Server

After configuring and starting BIND, it’s crucial to verify that your DNS server is running correctly.

Use the dig command to test your DNS server:
```
dig @localhost example.com
```
You should see an ANSWER SECTION that contains the records you defined in your zone file.
If you encounter any issues, check the logs located in /var/log/syslog on Ubuntu or /var/log/messages on CentOS for error messages.

Step 4: Setting Up Unbound (Optional)

If you prefer a lighter-weight DNS resolver, Unbound is a great alternative. It's faster and designed for security and efficiency.

Installing Unbound

Install Unbound:

sudo apt install unbound  # for Ubuntu
sudo yum install unbound   # for CentOS

Start and enable Unbound service:

sudo systemctl start unbound
sudo systemctl enable unbound

Configuring Unbound

Open the configuration file:

sudo nano /etc/unbound/unbound.conf

Add the following options:

server:
    verbosity: 1
    interface: 0.0.0.0
    access-control: 0.0.0.0/0 allow
    root-hints: "/var/lib/unbound/root.hints"

Ensure you have proper access control and security settings as needed.

Restart Unbound

Restart the Unbound service:

sudo systemctl restart unbound

Testing Unbound

Verify Unbound is working with the dig command:

dig @localhost example.com

Step 5: Configuring Your Network to Use Your DNS Server

To ensure that your devices use your new DNS server, you need to change the DNS settings on your network router or individual devices.

Router: Log in to your router’s web interface and change the DNS settings to point to your server's IP address.
Individual Devices: You can manually set the DNS server in the network settings of each device.

Conclusion

Setting up your own DNS server using BIND or Unbound can greatly enhance your networking capabilities and offer a customized experience tailored to your needs. Whether you choose to use BIND for its robustness or Unbound for its efficiency, having your own DNS server allows you to gain more control over your internet environment.

Now that you've followed these steps, you can start experimenting with DNS management, create subdomains, or even establish a local network DNS setup! Happy networking!

Networking & Infrastructure - DNS Works