Configuring bind9 on Ubuntu 10.04

Some of the applications on Ubuntu 10.04 like Gwibber can fail if they don’t get responses quickly enough from a DNS so one solution is to run a local copy of Bind9.

This article covers how to install bind9 on Ubuntu 10.04 to act as a local dns server speeding up dns queries, configuring bind with your local network, adding slaves and how to use bind with remote servers over a vpn.

Some of the applications on Ubuntu 10.04 like Gwibber can fail if they don’t get responses quickly enough from a DNS so one solution is to run a local copy of Bind9 which will handle the requests locally. This will not only solve some of the problems but would also speed up dns lookups in general.

A simple installation

First you need to install bind:

peter@kira:~$ sudo apt-get update
peter@kira:~$ sudo apt-get install bind9 dnsutils

Configure local networking

Next you need to configure networking to always use your local bind. Now this depends on if you are using static IP’s or DHCP.

For static IP’s simply replace the dns server addresses with that of your server, either 127.0.0.1 or it’s own IP address on your network.

For DHCP, you need to tell it to ignore the dns settings. To do this:

  1. right click the network icon in the tool bar and select Edit Connections
  2. select the interface you want to use the dns server like Auto eth0 and press Edit
  3. Select the IPv4 Settings tab and change the method from Automatic (DHCP) to Automatic (DHCP) addresses only.
  4. Apply everything and you should be set.

Common problems to look out for

The following are common problems you should be aware of before you setup bind9.

IPv4 or IPv6

Ubuntu comes with both IPv4 and IPv6 enabled, however if you are not using IPv6 – or quite probably your ISP is still not supporting it either you may notice bind is a bit slow. This is because it’s trying to do lookups using IPv6 first, timing out so it then uses IPv4 which works.

To fix this you need to turn off IPv6 within bind.

peter@kira:~$ sudo vi /etc/default/bind9

Find the line starting with OPTIONS= and add -4 to it. Here’s what mine looks like.

# run resolvconf?
RESOLVCONF=yes

# startup options for the server
OPTIONS="-4 -u bind"

Once you have done that, when you next start/restart bind9 it will use IPv4 only.

Installing bind9 with dnsmasq already installed

If you already have dnsmasq installed you must either uninstall it first or, if you want to keep it as your DHCP server, disable it’s DNS server first otherwise the installation will fail as both cannot use the same port.

Now with dnsmasq you can’t actually do this but you can trick it by getting it to run on a different port. Simply edit /etc/dnsmasq.conf and add the following line near the top of the file:

port=54

Once you have done that then restart dnsmasq then you’ll be able to install bind.

Next we’ll cover how to create zone files defining your local network

Enable Network Address Translation (NAT) on Linux

Enabling Network Address Translation on Linux is pretty simple. I use it to enable my local network to use a Mobile Broadband stick connected to an old laptop, but this will work for any interface, not just for Mobile Broadband.

Enabling Network Address Translation on Linux is pretty simple. I use it to enable my local network to use a Mobile Broadband stick connected to an old laptop, but this will work for any interface, not just for Mobile Broadband.

What I have is a simple bash script stored in root’s home directory. Then when I first connect to the net I run this script (as root) which configures NAT and the rest of the network can then access the net.

Note: The script only needs to be run once per reboot, and the net connection needs to be up when it’s run. However if the net connection is restarted, as long as the machine has not been rebooted, the Linux kernel keeps the settings.

Here’s the script:

#!/bin/bash
INT=hso0
NET=192.168.2.0/24

iptables -t nat -A POSTROUTING -s $NET -o $INT -j MASQUERADE
iptables -A FORWARD -s $NET -o $INT -j ACCEPT
iptables -A FORWARD -d $NET -m state --state ESTABLISHED,RELATED -i $INT -j ACCEPT
echo 1 >/proc/sys/net/ipv4/ip_forward

echo "Network $NET is now natted over $INT"

For this to work on your local machine, you simply need to edit the first two lines:

  • INT= the network interface to run Network Address Translation. hso0 here is for the Option modem I’m using on this specific laptop, but it could easily be ppp0 etc.
  • NET= the local network you want to allow access to the NAT.

If you don’t know what to use for INT, simply run ifconfig both before and after you connect to the net using your broadband, and the additional interface is more than likely the port to use.

Turn your Mac into a Wifi Base Station

Some people like myself use mobile broadband for their internet connection, either because it’s the only option where they live or like me have had enough of BT (in the UK you usually still need BT for the physical line regardless of the ISP).

Now with the various dongles they work fine on the the local machine and for the local wired network its usually as simple as turning on Internet Sharing (for the 3 network you have to do things differently due to them using a special profile). The problem comes to when you want to share the connection via wifi – but don’t have a wifi router.

On Linux boxes some wifi chipsets support base station mode but things become complicated due to having to configure the card, the firmware etcetera… but what about on a Mac? All recent Mac’s have AirPort cards so can a Mac act as a base station?

To put it simply, yes and it’s supported as standard (I’m using OSX10.5.7). Not only that it can be enabled from a couple of extra clicks.

First open System Preferences and select Sharing:

Next Select (not check) Internet Sharing and make sure AirPort is turned on (I also have Ethernet enabled as well).

Now at this point when you turn on sharing the WiFi connection will be open to anyone – so it’s probably advisable to turn on encryption by Selecting AirPort Options:

That’s all there is to it. You simply turn it on by turning Internet Sharing on and pressing start.