Facebook Twitter Instagram
    TecAdmin
    • Home
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    You are at:Home»Network Services»DNS»How to Setup Forward Only DNS Server on Ubuntu & Debian

    How to Setup Forward Only DNS Server on Ubuntu & Debian

    By RahulFebruary 15, 20202 Mins Read

    The Domain Name System (DNS) is a hierarchical distributed naming system for computers connected over network. It resolves ip address correspondence to a domain name. A forward-only DNS server does not keep the domain information. If any query comes to this server, it forwards to the configured DNS server. A details information about DNS is available.

    Advertisement

    This article will help you to configure forward only Domain Name System (DNS) using Bind9 on Ubuntu, Debian, and LinuxMint systems.

    Install DNS Packages

    Bind9 is the most popular DNS server used worldwide. It is available under default apt-get repositories. So use the following commands to install the Bind9 domain name system.

    sudo apt update
    sudo apt install bind9
    

    Enable DNS Forwarding

    We are configuring this server as forward only dns server. So edit bind configuration file

    $ sudo vi /etc/bind/named.conf.options
    

    and add the following settings:

    options{
            directory "/var/cache/bind";
          	recursion yes;
            allow-query { 192.168.0.0/32; 127.0.0.1; };
            forwarders {
                    8.8.8.8;
                    8.8.4.4;
             };
    	 forward only;
    
    }
    

    Change the DNS server 8.8.8.8 and 8.8.4.4 with suitable DNS server IPs. Using allow-query we can restrict access of dns server to specific IP ranges. To make it public dns server, comment allow-query line.

    Verify Configuration Files

    After making all configuration, verify all files using the following commands.

    named-checkconf  /etc/bind/named.conf
    named-checkconf  /etc/bind/named.conf.options
    

    If any of the above commands return error or warning, Please fix that before proceeding to the next step.

    Restart DNS

    After successful verification of all files, let’s restart the bind9 service using the following command.

    sudo service bind9 restart
    

    Test Setup

    Finally, your DNS server is successfully configured and ready to use. Let’s verify that DNS is properly responding to queries. Below is the example commands to test it.

    dig tecadmin.net 
    
    
    ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> tecadmin.net
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56343
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;tecadmin.net.			IN	A
    
    ;; ANSWER SECTION:
    tecadmin.net.		299	IN	A	104.27.189.217
    tecadmin.net.		299	IN	A	104.27.188.217
    
    ;; AUTHORITY SECTION:
    .			7776	IN	NS	c.root-servers.net.
    .			7776	IN	NS	i.root-servers.net.
    .			7776	IN	NS	b.root-servers.net.
    .			7776	IN	NS	l.root-servers.net.
    .			7776	IN	NS	h.root-servers.net.
    .			7776	IN	NS	e.root-servers.net.
    .			7776	IN	NS	a.root-servers.net.
    .			7776	IN	NS	f.root-servers.net.
    .			7776	IN	NS	k.root-servers.net.
    .			7776	IN	NS	j.root-servers.net.
    .			7776	IN	NS	m.root-servers.net.
    .			7776	IN	NS	d.root-servers.net.
    .			7776	IN	NS	g.root-servers.net.
    
    ;; Query time: 1332 msec
    ;; SERVER: 192.168.0.60#53(192.168.0.60)
    ;; WHEN: Thu Oct 08 16:24:11 IST 2015
    ;; MSG SIZE  rcvd: 281
    

    bind dns dns server domain name system forward only dns
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp

    Related Posts

    Understanding Reverse DNS: What it is and Why it Matters?

    How to Generate SPF Records for Your Domain

    How to Generate DMARC Records for Your Domain

    View 3 Comments

    3 Comments

    1. Patatties on December 30, 2022 6:02 pm

      /etc/bind/named.conf.options needs another semicolon on the end to close. otherwise this won’t work.

      Should be like this:
      options{
      directory “/var/cache/bind”;
      recursion yes;
      allow-query { 192.168.0.0/32; 127.0.0.1; };
      forwarders {
      8.8.8.8;
      8.8.4.4;
      };
      forward only;

      };

      Reply
    2. Jeff H Silverman on July 3, 2019 2:25 am

      Why did you specify a /32 netmask instead of /24 in the options stanza of the named.conf field?

      Reply
      • Кирилл on July 24, 2020 5:07 pm

        I would even say, why it is not /16.

        Reply

    Leave A Reply Cancel Reply

    Advertisement
    Recent Posts
    • Implementing a Linux Server Security Audit: Best Practices and Tools
    • cp Command in Linux (Copy Files Like a Pro)
    • 15 Practical Examples of dd Command in Linux
    • dd Command in Linux (Syntax, Options and Use Cases)
    • Iptables: Common Firewall Rules and Commands
    Facebook Twitter Instagram Pinterest
    © 2023 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.