Saturday, November 22, 2025

BIND : Configure for Internal Network

 

BIND : Configure for Internal Network

 

Install BIND to Configure DNS (Domain Name System) Server to provide Name or Address Resolution service for client computers.

[1]Install BIND.
root@dlp:~# 
apt -y install bind9 bind9utils
[2]On this example, Configure BIND for Internal Network.
The example follows is for the case that Local network is [10.0.0.0/24], Domain name is [srv.world], Replace them to your own environment.
root@dlp:~# 
vi /etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.root-hints";
// add
include "/etc/bind/named.conf.internal-zones";
root@dlp:~# 
vi /etc/bind/named.conf.options
// add : set ACL entry for local network
acl internal-network {
        10.0.0.0/24;
};

options {
        directory "/var/cache/bind";

        // add like follows
        // add local network set on [acl] section above
        // network range you allow to recieve queries from hosts
        allow-query { localhost; internal-network; };
        // network range you allow to transfer zone files to clients
        // add secondary DNS servers if it exist
        allow-transfer { localhost; };
        // allow recursion
        recursion yes;
        dnssec-validation auto;
        listen-on port 53 { any; };
        // if not listen IPV6, change [any] to [none]
        listen-on-v6 { any; };
};
root@dlp:~# 
vi /etc/bind/named.conf.internal-zones
// create new
// add zones for your network and domain name
zone "srv.world" IN {
        type primary;
        file "/etc/bind/srv.world.lan";
        allow-update { none; };
};
zone "0.0.10.in-addr.arpa" IN {
        type primary;
        file "/etc/bind/0.0.10.db";
        allow-update { none; };
};
root@dlp:~# 
vi /etc/default/named
# if you don't use IPv6 and also suppress logs for IPv6 related, possible to change
# set BIND to use only IPv4

OPTIONS="-u bind 
-4
"
# For how to write the section [*.*.*.*.in-addr.arpa], write your network address reversely like follows
# case of 10.0.0.0/24
# network address     ⇒ 10.0.0.0
# network range       ⇒ 10.0.0.0 - 10.0.0.255
# how to write        ⇒ 0.0.10.in-addr.arpa

# case of 192.168.1.0/24
# network address     ⇒ 192.168.1.0
# network range       ⇒ 192.168.1.0 - 192.168.1.255
# how to write        ⇒ 1.168.192.in-addr.arpa
[3]
Next, Configure Zone Files for each Zone you set in [named.conf] above.
To Configure Zone Files, refer to here.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)