Craig Francis


BIND Setup

So to begin with the setup:

  1. You need to ensure BIND is installed. If your running OSX, then this has already been done for you. While Linux/BSD/Solaris usually needs to have it installed separately.
  2. Next you want to setup the '/etc/named.conf' file:

    //--------------------------------------------------
    // Include keys file
    //--------------------------------------------------

    include "/etc/rndc.key";

    //--------------------------------------------------
    // Global config file
    //--------------------------------------------------

    options {

    directory "/var/named/emma/";

    //query-source address * port 53;

    listen-on { 127.0.0.1; };

    include "/var/named/emma/forwarders.conf";

    forward only;

    //recursion no;

    };

    //--------------------------------------------------
    // Zone Config
    //--------------------------------------------------

    zone "emma.domain.com" in {
    type master;
    file "db.emma.domain.com";
    };

    zone "2.168.192.in-addr.arpa" in {
    type master;
    file "db.2.168.192";
    };

    //zone "gemma.domain.com" in {
    // type master;
    // file "db.gemma.domain.com";
    //};
    //
    //zone "0.168.192.in-addr.arpa" in {
    // type master;
    // file "db.0.168.192";
    //};

    //--------------------------------------------------
    // Logging setup
    //--------------------------------------------------

    logging {
    category default {
    _default_log;
    };
    channel _default_log {
    file "/Library/Logs/named.log";
    severity info;
    print-time yes;
    };
    };

    In this example, I am using the network 192.168.2, this can be changed, but if you do, you should also change the in-addr record... see above, its written backwards.

    Also in this example (commented out), I am using the network 192.168.2, as the virtual network provided by Parallels. While 192.168.0 is the external (home) network, with the second computer "gemma".

  3. If you do not already have a '/etc/rndc.key' file, you need to run:

    sudo rndc-confgen -a
  4. The '/var/named/emma/forwarders.conf' file contains:

    forwarders {
    192.168.0.1;
    };

    This is the IP address for DNS servers you want to forward queries onto, like when you want to resolve craigfrancis.co.uk.

    If you have multiple IP addresses, then you can easily add them. But make sure you add the semi-colon at the end of each one!

    Normally you can find the forwarders IP address by typing:

    cat /etc/resolv.conf

    If you have a few of these forwarder files, each one setup for a different network... then when you join a different network, you can use the following shell script to update the configuration:

    #!/bin/sh

    ##########
    # Define required variables
    ##########

    ROOT="/var/named/emma";

    ##########
    # Check the location
    ##########

    if [ -z $1 ]; then
    echo "Location not specified";
    exit 0;
    fi

    if [ ! -f $ROOT/forwarders/$1 ]; then
    echo "Invalid location specified";
    exit 0;
    fi

    ##########
    # Switch the config
    ##########

    cp $ROOT/forwarders/$1 $ROOT/forwarders.conf

    ##########
    # Reload the config
    ##########

    sudo /usr/sbin/rndc reconfig

    ##########
    # Flush the DNS cache
    ##########

    #lookupd -flushcache
    #dscacheutil -flushcache sudo killall -HUP mDNSResponder

    NOTE: In OSX 10.4, you need to use lookupd.

  5. Now each of the 'db' files needs to be created...

    /var/named/emma/db.emma.domain.com

    $TTL 86400 ; 1 day
    @ IN SOA ns.emma.domain.com. root.emma.domain.com. (
    2003040101 ; Serial
    10800 ; Refresh after 3 hours
    3600 ; Retry after 1 hour
    604800 ; Expire after 1 week
    86400 ) ; Minimum TTL of 1 day

    ; name servers
    emma.domain.com. IN NS ns.emma.domain.com.

    ; address mappings
    emma.domain.com. IN A 192.168.2.2
    *.emma.domain.com. IN A 192.168.2.2

    /var/named/emma/db.2.168.192

    $TTL 86400 ; 1 day
    @ IN SOA ns.emma.domain.com. root.emma.domain.com. (
    2003040103 ; Serial
    10800 ; Refresh after 3 hours
    3600 ; Retry after 1 hour
    604800 ; Expire after 1 week
    86400 ) ; Minimum TTL of 1 day

    IN NS ns.emma.domain.com.
    2 IN PTR emma.domain.com.

    /var/named/emma/db.gemma.domain.com

    $TTL 86400 ; 1 day
    @ IN SOA ns.gemma.domain.com. root.gemma.domain.com. (
    2003040101 ; Serial
    10800 ; Refresh after 3 hours
    3600 ; Retry after 1 hour
    604800 ; Expire after 1 week
    86400 ) ; Minimum TTL of 1 day

    ; name servers
    gemma.domain.com. IN NS ns.gemma.domain.com.

    ; address mappings
    gemma.domain.com. IN A 192.168.0.21
    *.gemma.domain.com. IN A 192.168.0.21

    /var/named/emma/db.0.168.192

    $TTL 86400 ; 1 day
    @ IN SOA ns.gemma.domain.com. root.gemma.domain.com. (
    2003040103 ; Serial
    10800 ; Refresh after 3 hours
    3600 ; Retry after 1 hour
    604800 ; Expire after 1 week
    86400 ) ; Minimum TTL of 1 day

    IN NS ns.gemma.domain.com.
    21 IN PTR gemma.domain.com.
    22 IN PTR emma.domain.com.

    You might have noticed in this last one, the record for 192.168.0.22... its not really used by us, but it does give a reverse DNS look-up record for that IP address.

Now the configuration has been done, we need to get BIND to start when booting the computer. On an OSX system, you just need to create the following file:

/Library/LaunchDaemons/org.isc.named.wildcard.startup.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>org.isc.named.wildcard.startup</string>
<key>OnDemand</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/named</string>
<string>-f</string>
<string>-c</string>
<string>/etc/named.conf</string>
</array>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>

If you are running this on Linux/BSD/Solaris, it will use a different startup method, dependent on the distro

And to finish it off, you should re-start your computer to ensure the service starts up correctly.

To use this service just for one domain, then create a file such as:

/etc/resolver/domain.com

nameserver 127.0.0.1

Alternatively to work for all domains, open your network configuration, and add "127.0.0.1" as your DNS server on the main network interface.

Then in your Terminal run:

ping emma.domain.com

If the IP address 192.168.2.2 it returned, the DNS setup has been successful... otherwise, please read the debug instructions.

When its all running correctly, then have a look at the Apache configuration, to see how the remainder of my setup works.

Any feedback would be greatly appreciated, I don't include comments due to the admin time required, but if you email me, I will reply and make appropriate updates. Also, if you would like to take a copy of this article, please read the terms this article is released under. This article was originally written Sunday 17th June 2007 and was updated on Friday 14th September 2007.