root@ns1:~# apt-get install bind9 Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: bind9-doc resolvconf The following NEW packages will be installed: bind9 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 269kB of archives. After this operation, 762kB of additional disk space will be used. Get:1 http://mirror.cs.dixie.edu hardy-updates/main bind9 1:9.4.2.dfsg.P2-2ubuntu0.2 [269kB] Fetched 269kB in 0s (1832kB/s) Selecting previously deselected package bind9. (Reading database ... 17828 files and directories currently installed.) Unpacking bind9 (from .../bind9_1%3a9.4.2.dfsg.P2-2ubuntu0.2_i386.deb) ... Setting up bind9 (1:9.4.2.dfsg.P2-2ubuntu0.2) ... Adding group `bind' (GID 114) ... Done. Adding system user `bind' (UID 105) ... Adding new user `bind' (UID 105) with group `bind' ... Not creating home directory `/var/cache/bind'. wrote key file "/etc/bind/rndc.key" Reloading AppArmor profiles : done. * Starting domain name service... bind [ OK ] root@ns1:~# cd /etc/bind root@ns1:/etc/bind# ls -l total 44 -rw-r--r-- 1 root root 237 2009-07-28 21:43 db.0 -rw-r--r-- 1 root root 271 2009-07-28 21:43 db.127 -rw-r--r-- 1 root root 237 2009-07-28 21:43 db.255 -rw-r--r-- 1 root root 353 2009-07-28 21:43 db.empty -rw-r--r-- 1 root root 270 2009-07-28 21:43 db.local -rw-r--r-- 1 root root 2878 2009-07-28 21:43 db.root -rw-r--r-- 1 root bind 907 2009-07-28 21:43 named.conf -rw-r--r-- 1 root bind 165 2009-07-28 21:43 named.conf.local -rw-r--r-- 1 root bind 695 2009-07-28 21:43 named.conf.options -rw-r----- 1 bind bind 77 2009-09-10 12:34 rndc.key -rw-r--r-- 1 root root 1317 2009-07-28 21:43 zones.rfc1918 root@ns1:/etc/bind# emacs named.conf.options root@ns1:/etc/bind# cat named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you might need to uncomment the query-source // directive below. Previous versions of BIND always asked // questions using port 53, but BIND 8.1 and later use an unprivileged // port by default. // query-source address * port 53; // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; notify yes; // we are master, so notify slaves allow-transfer { 144.38.211.163; }; // allow slave to download entire zone querylog yes; // log all queries allow-query { none; }; // security allow-recursion { none; }; // security auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; root@ns1:/etc/bind# emacs named.conf.local root@ns1:/etc/bind# cat named.conf.local // // Do any local configuration here // zone "clarsen.utahsg.org" { // This server holds the master (primary) information type master; // This is the file where the domain information is stored file "/etc/bind/db.clarsen.utahsg.org"; // All slave (secondary) servers must be listed here to // allow them to transfer a copy of the zone information allow-transfer { 144.38.211.163; localhost; }; // Tell (notify) all slave (secondary) servers when the // domain information changes notify yes; // Allow any IP address to query (ask) about this domain. allow-query { any; }; }; // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; root@ns1:/etc/bind# emacs db.clarsen.utahsg.org root@ns1:/etc/bind# cat db.clarsen.utahsg.org ; FYI ; ; 3600 seconds = 1 hour ; 86400 seconds = 1 day ; 604800 seconds = 1 week ;31449600 seconds = 52 weeks ; ; This TTL (time to live) is for all RR (resource records) that do not have ; TTL otherwise specified. The value is in seconds. If the TTL ; is too large, then it takes a long time to get changes into ; caching servers. If it is too small, then the nameserver gets overworked. ; $TTL 3600 ; RR are good for 1 hour ; There must be an SOA for every zone ; ; SOA (Start of Authority) record. ; Serial - number must increase every time you change this file ; Refresh - How often the secondary name servers should check ; for updated information ; Retry - How often the secondary name servers should retry ; a refresh if the refresh is unsuccessful ; Expire - How long the secondary name servers should keep this ; information before it is bad. ; Minimum/TTL - ; How long negative hits should be stored. This is for ; other servers that ask us about a non-existent RR. ; They should cache the negative response for this long. @ IN SOA ns1.clarsen.utahsg.org. root.ns1.clarsen.utahsg.org. ( 2009091001 ; Serial 3600 ; Refresh every 1 hour 300 ; Retry every 5 minutes 2419200 ; Expire 4 weeks to expire 60 ) ; Negative Cache TTL 1 minute ; ; NS (Name Server) records ; @ IN NS ns1.clarsen.utahsg.org. @ IN NS ns2.clarsen.utahsg.org. ; ; A (Address) records ; ns1 IN A 144.38.211.162 ns2 IN A 144.38.211.163 root@ns1:/etc/bind# /etc/init.d/bind9 restart * Stopping domain name service... bind [ OK ] * Starting domain name service... bind [ OK ] root@ns1:/etc/bind# dig @localhost ns1.clarsen.utahsg.org ; <<>> DiG 9.4.2-P2 <<>> @localhost ns1.clarsen.utahsg.org ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52375 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;ns1.clarsen.utahsg.org. IN A ;; ANSWER SECTION: ns1.clarsen.utahsg.org. 3600 IN A 144.38.211.162 ;; AUTHORITY SECTION: clarsen.utahsg.org. 3600 IN NS ns1.clarsen.utahsg.org. clarsen.utahsg.org. 3600 IN NS ns2.clarsen.utahsg.org. ;; ADDITIONAL SECTION: ns2.clarsen.utahsg.org. 3600 IN A 144.38.211.163 ;; Query time: 11 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Sep 10 12:47:24 2009 ;; MSG SIZE rcvd: 104