[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 640
  • Last Modified:

Creating DNS server using ISC BIND in ubuntu linux

Hi,

I am new to ubuntu and have a basic knowledge of networking. I applied to an entry level job and they have given me the below technical assignment as a part of the hiring process:

Create a DNS server using ISC BIND

Your job is to get BIND running as a caching and forwarding DNS server. You have the following specific constraints:


•         It must forward to servers at OpenDNS and/ or  Google
•         You must show evidence of it resolving a public FQDN (output from DIG is preferred)
•         You must provide the content of any configuration files you had to edit or create
•         EXTRA CREDIT – host a zone (provide evidence of resolving a record in the zone)

You have completed the assignment if I have copies of DIG output and configuration files before interview.



I am using ubuntu 11.10. I installed Bind 9 successfully and tried editing the configuration files using a step by step process listed on a forum. However i am having problems. Below are my questions:

1. In named.conf.local file, what should i put for zone? I don't have a domain name. Should i register a domain name first and then use it?

2. In named.conf.options file, in the forwarders section, i should put the address of DNS server address for openDNS. Right?

3. In zone definition file, what should i put for DNS Server name and mail server name.

4. What should i put in the resolv.conf file?

5. Finally if bind works successfully, how to verify it using dig? Does dig mention that it is using BIND as the DNS service?

6. finally how to host a zone and provide evidence of resolving a record in the zone?


I will appreciate any help or suggestion or even a different way of doing this.

Thanks,

Sid
0
sidd101
Asked:
sidd101
  • 2
  • 2
  • 2
  • +1
5 Solutions
 
farzanjCommented:
Study this link:
http://ubuntuforums.org/showthread.php?t=236093

This should answer most of your questions.


dig is a utility to query DNS

You can query your own DNS by issuing command

dig @yourhost <domain to query>
0
 
farzanjCommented:
For further reading, read this one.  It is very elaborate and gives examples.

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch18_:_Configuring_DNS
0
 
PapertripCommented:
1. In named.conf.local file, what should i put for zone? I don't have a domain name. Should i register a domain name first and then use it?
You aren't setting up any zones, you are you only setting up a caching/forwarding resolver.  If you do extra credit then reference the links farzanj posted.
2. In named.conf.options file, in the forwarders section, i should put the address of DNS server address for openDNS. Right?
Yes.
3. In zone definition file, what should i put for DNS Server name and mail server name.
You aren't hosting a zone.  If you do extra credit then reference the links farzanj posted.
4. What should i put in the resolv.conf file?
Doesn't matter, has nothing to do with what they are asking.  If you want you can put 127.0.0.1 as your first nameserver.
5. Finally if bind works successfully, how to verify it using dig? Does dig mention that it is using BIND as the DNS service?
'dig @localhost google.com' like farzanj mentioned.
6. finally how to host a zone and provide evidence of resolving a record in the zone?
If you do extra credit then reference the links farzanj posted.  Create a zone file named test.com, verify using 'dig @localhost test.com'.


I would have given more complete answers, but it just doesn't seem right considering this is an interview question for a job.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
sidd101Author Commented:
Thanks farzanj and papertrip.

taking help from the first forum i am able to run bind and forward to openDNS. I also tried to host a zone, i registered a domain name $$$$.us. The Ubuntu forum which farzanj suggested says to modify the file resolv.conf with the following settings:

// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.
search example.com
nameserver 192.168.0.1


When i dig google.com after doing this, it gives the following error:

sid@ubuntu:~$ dig google.com

; <<>> DiG 9.7.3 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 61705
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;google.com.                  IN      A

;; Query time: 73 msec
;; SERVER: 208.109.255.21#53(208.109.255.21)
;; WHEN: Tue Oct 25 21:28:50 2011
;; MSG SIZE  rcvd: 28




However when i use 127.0.0.1 in the resolv.conf file and then dig google.com, its a success

sid@ubuntu:~$ dig google.com

; <<>> DiG 9.7.3 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28347
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.                  IN      A

;; ANSWER SECTION:
google.com.            93      IN      A      74.125.159.106
google.com.            93      IN      A      74.125.159.147
google.com.            93      IN      A      74.125.159.99
google.com.            93      IN      A      74.125.159.103
google.com.            93      IN      A      74.125.159.104
google.com.            93      IN      A      74.125.159.105

;; AUTHORITY SECTION:
.                  510738      IN      NS      k.root-servers.net.
.                  510738      IN      NS      i.root-servers.net.
.                  510738      IN      NS      h.root-servers.net.
.                  510738      IN      NS      m.root-servers.net.
.                  510738      IN      NS      a.root-servers.net.
.                  510738      IN      NS      e.root-servers.net.
.                  510738      IN      NS      j.root-servers.net.
.                  510738      IN      NS      c.root-servers.net.
.                  510738      IN      NS      g.root-servers.net.
.                  510738      IN      NS      d.root-servers.net.
.                  510738      IN      NS      b.root-servers.net.
.                  510738      IN      NS      l.root-servers.net.
.                  510738      IN      NS      f.root-servers.net.

;; Query time: 28 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Oct 25 21:31:45 2011
;; MSG SIZE  rcvd: 335


Any ideas why is this happening. How can provide proof of hosting a zone and resolving a record in it?
0
 
PapertripCommented:
i registered a domain name $$$$.us
Unnecessary, you can create any zone you want (like test.com in my example) as long as you are just querying your local nameserver for the results.
The Ubuntu forum which farzanj suggested says to modify the file resolv.conf with the following settings:
resolv.conf doesn't need to be edited for what you are doing as I mentioned before.  Use dig @localhost like farzanj and I suggested for your testing.
When i dig google.com after doing this, it gives the following error:
The nameserver at 208.109.255.21 is denying your query request.
However when i use 127.0.0.1 in the resolv.conf file and then dig google.com, its a success
If you setup your forwarders properly, then that result means your server is working as intended.


0
 
xtermCommented:
If you want 208.109.255.21 to recurse, add the following to the options () section of named.conf and reload named
recursion yes;

Open in new window

0
 
sidd101Author Commented:
The suggestions were good, but were a bit confusing to follow partially from my own lack of knowledge of the subject.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now