Step 1: Update the System
Get to WSL (Ubuntu for Windows).
Update the package list:
sudo apt update
Step 2: Install BIND9
Install the DNS server software:
sudo apt install bind9 bind9utils bind9-doc -y
Start and enable BIND9:
sudo systemctl enable bind9
sudo systemctl start bind9
Verify the installation:
sudo systemctl status bind9
Step 3: Configure BIND9 Options
Open the BIND9 options file:
sudo nano /etc/bind/named.conf.options
Modify or add the following configuration to enable forwarding to public DNS servers:
options {
directory "/var/cache/bind";
// Enable recursion to allow the server to resolve queries
recursion yes;
// Allow queries from any IP
allow-query { any; };
// Use Google's public DNS servers as forwarders
forwarders {
8.8.8.8;
8.8.4.4;
};
// Disable authoritative answers for NXDOMAIN responses
auth-nxdomain no;
// Listen on all IPv6 interfaces
listen-on-v6 { any; };
// Optional: Enable DNSSEC validation
dnssec-validation auto;
};
Save the file and restart BIND9:
sudo systemctl restart bind9
Step 4: Configure DNS Zones
Open the local configuration file for zones:
sudo nano /etc/bind/named.conf.local
Add the forward and reverse lookup zones for your domain (use your local IP and domain name of choice):
zone "victorokonkwo.com" {
type master;
file "/etc/bind/db.victorokonkwo.com";
};
zone "74.31.172.in-addr.arpa" {
type master;
file "/etc/bind/db.172";
};
Save the file.
Step 5: Create Zone Files
Create the forward zone file (use your local IP and domain name of choice):
sudo nano /etc/bind/db.victorokonkwo.com
Add the following content:
;
; BIND data file for victorokonkwo.com
;
$TTL 604800
@ IN SOA ns1.victorokonkwo.com. admin.victorokonkwo.com. (
2023111801 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
IN NS ns1.victorokonkwo.com.
ns1 IN A 172.31.74.133
@ IN A 172.31.74.133
www IN A 172.31.74.133
Create the reverse zone file:
sudo nano /etc/bind/db.172
Add the following content:
;
; Reverse DNS file for 172.31.74.0/24
;
$TTL 604800
@ IN SOA ns1.victorokonkwo.com. admin.victorokonkwo.com. (
2023111801 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
IN NS ns1.victorokonkwo.com.
133 IN PTR victorokonkwo.com.
Step 6: Test the Configuration
Check the syntax of the configuration files:
sudo named-checkconf
sudo named-checkzone victorokonkwo.com /etc/bind/db.victorokonkwo.com
sudo named-checkzone 74.31.172.in-addr.arpa /etc/bind/db.172
Restart the BIND9 service:
sudo systemctl restart bind9
Step 7: Test DNS Resolution
Use the dig tool to test the setup:
dig @localhost victorokonkwo.com
dig @localhost www.victorokonkwo.com
dig -x 172.31.74.133
Verify that the correct responses are returned.
Step 8: Configure Firewall
Allow DNS traffic through the firewall:
sudo ufw allow 53
sudo ufw reload
Top comments (0)