Beginners Guide to Setting Up a DNS Server on Debian 11
Welcome back to DNS Manual! In this guide, we'll focus on setting up your own DNS server on a Debian 11 instance. Running your own DNS server gives you complete control over your domain's DNS settings and can enhance performance and security. Let's get started!
Prerequisites
Before you begin, ensure you have:
- A Debian 11 server with root or sudo access.
- A basic understanding of the terminal and command-line interface.
Step 1: Update Your System
First, update your package lists and upgrade your system to ensure all software is up to date.
sudo apt update sudo apt upgrade -y
Step 2: Install BIND9
BIND9 is the most commonly used DNS server software. Install it using the following command:
sudo apt install bind9 -y
Step 3: Configure BIND9
- Main Configuration File: Open the main configuration file in a text editor, such as
nano.
sudo nano /etc/bind/named.conf.options
- Edit Configuration Options: Uncomment and modify the following lines to specify your DNS server’s configuration:
options {
directory "/var/cache/bind";
// Forward DNS queries to other DNS servers
forwarders {
8.8.8.8; // Google DNS
8.8.4.4; // Google DNS
};
// Allow queries from any IP
allow-query { any; };
// Enable DNS security extensions (DNSSEC)
dnssec-validation auto;
// Listen on all available network interfaces
listen-on-v6 { any; };
};
Save and close the file (in nano, press CTRL+O to save and CTRL+X to exit).
Step 4: Set Up DNS Zone Files
- Create Zone File Directory: Create a directory for your zone files if it doesn’t already exist.
sudo mkdir -p /etc/bind/zones
- Configure Zone Files: Open the BIND configuration file to add your zones.
sudo nano /etc/bind/named.conf.local
Add the following lines, replacing example.com with your domain:
zone "example.com" {
type master;
file "/etc/bind/zones/db.example.com";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.192.168.0";
};
Save and close the file.
- Create Zone Files: Now, create the zone files referenced in the configuration.
sudo nano /etc/bind/zones/db.example.com
Add the following content, replacing example.com with your domain and IP addresses with your server’s IP:
$TTL 604800
@ IN SOA ns1.example.com. admin.example.com. (
2024070901 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.example.com.
ns1 IN A 192.168.0.1
www IN A 192.168.0.1
Save and close the file.
For the reverse DNS zone file:
sudo nano /etc/bind/zones/db.192.168.0
Add the following content:
$TTL 604800
@ IN SOA ns1.example.com. admin.example.com. (
2024070901 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.example.com.
1 IN PTR example.com.
Save and close the file.
Step 5: Test and Restart BIND9
- Check Configuration Syntax: Verify your BIND configuration for syntax errors.
sudo named-checkconf
- Check Zone Files: Verify your zone files for syntax errors.
sudo named-checkzone example.com /etc/bind/zones/db.example.com sudo named-checkzone 0.168.192.in-addr.arpa /etc/bind/zones/db.192.168.0
- Restart BIND9: Restart the BIND9 service to apply the changes.
sudo systemctl restart bind9
- Enable BIND9 at Boot: Ensure BIND9 starts automatically at boot.
sudo systemctl enable bind9
Step 6: Update Domain Registrar
Log in to your domain registrar’s control panel and update your domain's nameserver settings to point to your DNS server’s IP address. Typically, you will need to set ns1.example.com to your server’s IP address (e.g., 192.168.0.1).
Step 7: Verify Your DNS Server
Use online tools or the dig command to verify your DNS server is resolving your domain correctly.
dig @192.168.0.1 example.com
Conclusion
You’ve now set up a basic DNS server on Debian 11 using BIND9! Running your own DNS server provides flexibility and control over your domain’s DNS settings. For more advanced configurations and troubleshooting tips, explore other articles on DNS Manual.