Configuring bind9 on Ubuntu 10.04

Some of the applications on Ubuntu 10.04 like Gwibber can fail if they don’t get responses quickly enough from a DNS so one solution is to run a local copy of Bind9.

This article covers how to install bind9 on Ubuntu 10.04 to act as a local dns server speeding up dns queries, configuring bind with your local network, adding slaves and how to use bind with remote servers over a vpn.

Configuring BIND to resolve remote hosts over a VPN

Now I use vpn’s to access remote hosts securely, however as I run a local nameserver I also have those zones configured locally, reducing both the traffic over the vpn, and removing problems of the remote dns server causing problems with the local network.

Note: For this to work the remote dns server must be configured to allow you to perform zone transfers. You may need to have a kind chat with the remote administrators if they don’t.

Configuring this is exactly like you would with a slave, even if your local bind instance is a master – as it’s going to run as a slave to the remote server.

Now to keep the config separate I create a new named.conf file for each vpn, then configure the zone(s).

Here our remote network has the domain: remotenetwork.example.com and the remote dns server is on the ip address: 192.168.3.1

peter@kira:~# cd /etc/bind
peter@kira:/etc/bind# vi named.conf.myvpn
zone "remotenetwork.example.com" {
        type slave;
        file "/etc/bind/zones/remotenetwork.example.com";
        masters { 192.168.3.1; };
        forwarders { };
};
zone "3.168.192.in-addr.arpa" {
        type slave;
        file "/etc/bind/zones/rev-192.168.3";
        masters { 192.168.3.1; };
        forwarders { };
};

Next tell bind of the new config by adding named.conf.myvpn to named.conf:

peter@kira:/etc/bind# vi named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.myvpn";
include "/etc/bind/named.conf.default-zones";

Finally make sure that the directory /etc/bind/zones exists and apparmor is configured from the slave example on the previous page.

Then when you restart bind it will keep itself in sync with the remote server and you’ll be able to resolve against it. You may find it’s best to have the vpn up and running when you first do this so bind can do the initial transfer but that’s all that’s required to get your vpn working.

Author: petermount1

Java nut working in the online gaming industry, prolific Open Source Java developer and member of the XSF Technical Review team

4 thoughts on “Configuring bind9 on Ubuntu 10.04”

  1. Great page. It worked just like you said it would.
    I have set up secondary DNS on Ubuntu 10.04, and the zones have transferred from Go Daddy’s Primary DNS to my secondary.

    It would be great if you could put some info regarding TSIG on Ubuntu 10.04 for secondary DNS.

    Great page! Thank you for sharing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s