How to Setup Forward Only DNS Server on Ubuntu & LinuxMint

The Domain Name System (DNS) is a hierarchical distributed naming system for computers connected over network. It resolves ip address correspondence to a domain name. A forward only dns server does not keep the domain information. If any query comes to this server, it forward it to configured dns server. A details information about DNS is available.
This article will help you to configure forward only Domain Name System (DNS) using Bind9 on Ubuntu, Debian and LinuxMint systems.

Install DNS Packages

Bind9 is the most popular dns server used world-wide. It is available under default apt-get repositories. So use following commands to install Bind9 domain name system.

$ sudo apt-get update $ sudo apt-get install bind9 

Enable DNS Forwarding

We are configuring this server as forward only dns server. So edit bind configuration file

$ sudo vi /etc/bind/named.conf.options 

and add following values.

 options{         directory "/var/cache/bind";        recursion yes;         allow-query { 192.168.0.0/32; 127.0.0.1; };         forwarders {                 8.8.8.8;                 8.8.4.4;          };   forward only;  } 

Change the dns server 8.8.8.8 and 8.8.4.4 with suitable dns server ips. Using allow-query we can restrict access of dns server to specific ip ranges. To make it public dns server, comment allow-query line.

Verify Configuration Files

After making all configuration, verify all files using following commands.

$ named-checkconf  /etc/bind/named.conf $ named-checkconf  /etc/bind/named.conf.options 

If any of above commands returns any error or warning, Please fix that before proceeding to next step.

Restart DNS

After successfully verification of all files, let’s restart bind9 service.

$ sudo service bind9 restart 

Test Setup

Finally your dns server is successfully configured and ready to use. Let’s verify that DNS is properly responding on queries. Below is example commands to test it.

$ dig tecadmin.net    ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> tecadmin.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56343 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 1  ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;tecadmin.net.   IN A  ;; ANSWER SECTION: tecadmin.net.  299 IN A 104.27.189.217 tecadmin.net.  299 IN A 104.27.188.217  ;; AUTHORITY SECTION: .   7776 IN NS c.root-servers.net. .   7776 IN NS i.root-servers.net. .   7776 IN NS b.root-servers.net. .   7776 IN NS l.root-servers.net. .   7776 IN NS h.root-servers.net. .   7776 IN NS e.root-servers.net. .   7776 IN NS a.root-servers.net. .   7776 IN NS f.root-servers.net. .   7776 IN NS k.root-servers.net. .   7776 IN NS j.root-servers.net. .   7776 IN NS m.root-servers.net. .   7776 IN NS d.root-servers.net. .   7776 IN NS g.root-servers.net.  ;; Query time: 1332 msec ;; SERVER: 192.168.0.60#53(192.168.0.60) ;; WHEN: Thu Oct 08 16:24:11 IST 2015 ;; MSG SIZE  rcvd: 281 

Thanks for Visit Here