Here’s a step-by-step guide demonstrating how to setup BIND DNS server on Ubuntu VPS. This will walk you through installing BIND9, configuring it as a primary (master) DNS server, setting up a domain zone, and ensuring it runs securely and correctly.
What is BIND DNS?
BIND (Berkeley Internet Name Domain) is the most widely used DNS server software on the Internet. It acts as the backbone of DNS (Domain Name System) services, resolving domain names into IP addresses and vice versa.
What Does BIND DNS Do?
BIND allows you to:
- Host authoritative DNS zones (e.g., for
example.com) - Perform recursive DNS queries (if configured)
- Handle forward and reverse DNS lookups
- Serve as primary (master) or secondary (slave) DNS server
- Support features like DNSSEC, TSIG, and views
How It Works
- You configure zone files with mappings like:
example.com → 192.0.2.1(A record)192.0.2.1 → example.com(PTR record)- BIND responds to DNS queries for those zones.
- You can also configure it to forward or recursively resolve external queries (like a caching resolver).
Core BIND Components
| File / Feature | Role |
|---|---|
named |
The BIND daemon |
named.conf |
Main config file |
named.conf.local |
Zone definitions |
named.conf.options |
Global options (like recursion settings) |
| Zone files | Hold actual DNS records |
Use Cases
- Hosting your own DNS for a website
- Running internal DNS for a LAN or enterprise
- Acting as a caching resolver
- Building a DNS infrastructure with master/slave or split-horizon DNS
Why Use BIND?
- Open-source and widely supported
- Highly configurable and powerful
- Proven, stable, and trusted in production environments
Prerequisites
- Ubuntu 24.04 VPS
- Root access or a user with
sudoprivileges - A registered domain (e.g.,
example.com) - Your VPS’s public IP address (e.g.,
192.0.2.1)
How to Setup BIND DNS Server on Ubuntu VPS
To setup BIND DNS server on Ubuntu VPS, follow the steps provided below:
-
Install BIND9
Update your package list and install BIND9 and its utilities.
sudo apt update sudo apt install bind9 bind9utils bind9-doc dnsutils -y
Enable and start the BIND service:
sudo systemctl enable named sudo systemctl start named
-
Configure BIND9
-
Define Your Zone in
named.conf.localsudo nano /etc/bind/named.conf.local
Add the following block (replace with your actual domain and zone file path):
zone "example.com" { type master; file "/etc/bind/zones/db.example.com"; allow-transfer { none; }; }; -
Create the Zones Directory
sudo mkdir /etc/bind/zones
-
-
Create the Forward Zone File
sudo nano /etc/bind/zones/db.example.com
Paste this template and adjust accordingly:
$TTL 604800 @ IN SOA ns1.example.com. admin.example.com. ( 3 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns1.example.com. @ IN A 192.0.2.1 ns1 IN A 192.0.2.1 www IN A 192.0.2.1
Explanation:
ns1.example.com.is your name serveradmin.example.com.is your email (replace@with.)wwwand@point to your VPS IP
-
Verify Configurations
-
Check Syntax:
sudo named-checkconf sudo named-checkzone example.com /etc/bind/zones/db.example.com
Fix any errors if they appear.
-
-
Restart BIND9
sudo systemctl restart named
-
Configure Domain Registrar
At your domain registrar:
- Set your domain’s nameserver to your VPS (e.g.,
ns1.example.com) - Create a glue record (A record) for
ns1.example.compointing to192.0.2.1
- Set your domain’s nameserver to your VPS (e.g.,
-
Test the DNS Server
Use
digto test:dig @192.0.2.1 example.com dig @192.0.2.1 www.example.com
You should see a proper A record response for each.
-
Harden the Server (Optional but Recommended)
-
Limit Recursion (no open resolver):
Edit
/etc/bind/named.conf.options:sudo nano /etc/bind/named.conf.options
Inside the
options {}block, add:recursion no; allow-query { any; };Restart BIND:
sudo systemctl restart named
-
Conclusion
You now know how to setup BIND DNS server on Ubuntu VPS.
