Many of our Java clients use pure (no control panel) VPSes and sometimes want to run their own nameservers. Some of them may prefer full featured BIND nameserver over DNSmasq described in the other article although BIND comes with larger memory footprint. BIND configuration file 'named.conf' is not installed by default so we need to create it manually.
In this copy and paste tutorial we assume that your server IP is 10.1.1.1 and the domain name you are setting DNS zone for is yourdomain.com. Let's begin with installing required packages and making named to start at boot time.
yum -y install bind-chroot bind bind-utils chkconfig named on
You may have different bind version so replace 9.3.6 with your version accordingly and copy example configuration files.
cp /usr/share/doc/bind-9.3.6/sample/etc/* /var/named/chroot/etc
Optionally, you may delete view internal from
perl -i.bak -ne 'local $/; $f = <>; $f =~ s/view "internal".*?^key ddns_key/key ddns_key/ms; print $f' /var/named/chroot/etc/named.conf
In view external replace my.external.zone with your domain name yourdomain.com. This will also update zone file name.
sed -i 's/my.external.zone/yourdomain.com/g' /var/named/chroot/etc/named.conf
With below command generate and the paste the key into key ddns_key secret field.
SECRET=`/usr/sbin/dns-keygen`; sed -i "s/secret .*$/secret \"$SECRET\";/" /var/named/chroot/etc/named.conf
Copy the other template files into your chrooted
cp -r /usr/share/doc/bind-9.3.6/sample/var/named/* /var/named/chroot/var/named
And now create zone file for yourdomain.com assuming you will be using your own nameservers ns1/ns2.yourdomain.com with the server's public IP. Don't forget to update MYDOMAIN, MYIP.
MYDOMAIN=yourdomain.com; MYIP=10.1.1.1; SERIAL=`date +%s` echo -e "\$TTL 14400 @ 86400 IN SOA ns1.$MYDOMAIN. root.$MYDOMAIN. (``` \t$SERIAL ; serial, timestamp \t86400 ; refresh, seconds \t7200 ; retry, seconds \t3600000 ; expire, seconds \t86400 ) ; minimum, seconds $MYDOMAIN. 86400 IN NS ns1.$MYDOMAIN. $MYDOMAIN. 86400 IN NS ns2.$MYDOMAIN. $MYDOMAIN. IN A $MYIP localhost.$MYDOMAIN. IN A 127.0.0.1 $MYDOMAIN. IN MX 0 $MYDOMAIN. mail IN CNAME $MYDOMAIN. www IN CNAME $MYDOMAIN. ftp IN A $MYIP $MYDOMAIN. IN TXT \"v=spf1 a mx -all\"" > /var/named/chroot/var/named/yourdomain.com.db
Clear the environment variables we used and start named.
unset SECRET MYDOMAIN MYIP SERIAL service named restart
Finally, you may test if the nameserver responds with correct information by querying it from another host and asking for all records of your domain (zone transfer):
$ host -t IXFR yourdomain.com 10.1.1.1 Using domain server: Name: 10.1.1.1 Address: 10.1.1.1#53 yourdomain.com has SOA record ns1.yourdomain.com. root.yourdomain.com. 1352893256 86400 7200 3600000 86400 yourdomain.com descriptive text "v=spf1 a mx -all" yourdomain.com mail is handled by 0 yourdomain.com. yourdomain.com name server ns1.yourdomain.com. yourdomain.com name server ns2.yourdomain.com. yourdomain.com has address 10.1.1.1 ftp.yourdomain.com has address 10.1.1.1 localhost.yourdomain.com has address 127.0.0.1 mail.yourdomain.com is an alias for yourdomain.com. www.yourdomain.com is an alias for yourdomain.com. yourdomain.com has SOA record ns1.yourdomain.com. root.yourdomain.com. 1352893256 86400 7200 3600000 86400
Now register your nameservers in your domain registrar control panel. For example:
ns1.yourdomain.com 10.1.1.1 ns2.yourdomain.com 10.1.1.1
and you are all set.