Syed Jahanzaib – Personal Blog to Share Knowledge !

January 9, 2012

Using WEBMIN to create Forward/Reverse ZONE in BIND / UBUNTU

Filed under: Linux Related — Tags: , , , , , , , , , , , , — Syed Jahanzaib / Pinochio~:) @ 1:08 PM

For some people , installing and configuring BIND for local network using CLI can be a typical task. However it can be done easily in few steps via using GUI base controller known as WEBMIN which is a very nice and powerful GUI to manage  almost every service of your Linux box via your browser.

In this article we will discuss following topics.

1# Install WEBMIN (Using 2 different methods)
2# Install BIND (Using WEBMIN)
3# Create Forward Zone for our domain
4# Create Reverse Zones for our domain
5# Test Zones via nslookup
6# DNS configuration files

1# Install WEBMIN Using DKPKG

First we need to install webmin. you can either download it from webmin site and install it by issuing following commands.

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.570_all.deb
# then run the following command
dpkg --install webmin_1.570_all.deb

You should now be able to login to Webmin via your browser using the URL


http://192.168.2.1:10000/
OR
https://192.168.2.1:10000/

IF the above method fails to install WEBMIN on your system, Follow this alternate method to install it.

1# Install WEBMIN Using the Webmin APT repository [Alternate Way]

install and update Webmin via APT, edit the /etc/apt/sources.list file by using the following command

nano /etc/apt/sources.list
and add these lines at end.

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

Now Save the file and exit.

You should also fetch and install my GPG key with which the repository is signed, with the commands :

cd /root
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc

You will now be able to install with the commands :

apt-get update
apt-get install webmin

For more information on other distribution installation , please visit http://www.webmin.com

2# INSTALLING BIND via webmin.

After logging in to Webmin ,
Goto SERVERS > BIND DNS Server

It will inform you that bind is not installed, install it via click on “Click Here
As shown in the image below . . .


Now it will download BIND and install it. Make sure your Linux box is connected with the internet. After installation it will show you something
As shown in the image below . . .

Now that BIND is installed, We have to create Forward and Reverse zones for our new domain. In last we will check it by doing nslookup.

3# Adding FORWARD ZONE for our domain

Goto SERVERS > BIND DNS Server

Now you will see BIND DNS SERVER and various icons.
First we have to create forward zone,
Click on CREATE MASTER ZONE
As shown in the image below . . .

> in Zone Type : Select Forward
> in Domain name / Network , type the name you want to configure your domain with.
As shown in the image below . . .

4# Adding REVERSE ZONE for our domain

Goto SERVERS > BIND DNS Server
Now we have to create Reverse Zone,
Click on CREATE MASTER ZONE
As shown in the image below . . .

Now on your TOP RIGHT, click on APPLY CHANGES.

5# TESTING YOUR NEWLY CREATED ZONE using nslookup

Login to your client pc, open command prompt and issue the following command.
nslookup – 192.168.2.1

now type zaib.com and you should see your Linux box ip in response.
As shown in the image below . . .

All Done. Now you can careate hosts record / MX record etc using GUI base DNS MANAGEMENT CONSOLE 🙂

BIND TIP’S N TRICKS

*** Can’t find server name *** ERROR

When you do NSLOOKUP, you see an error something like.
*** Can’t find server name for address 192.168.2.1: Non-existent domain, Default ServeR: UnKnown

To solve this , jsut add reverse lookup entry for your domain.
Goto SERVERS > BIND DNS Server
Open your newly created zone in EXISTING DNS ZONES
As shown in the image below . . .

After opening zaib.com or your zone,
Click on ADDRESS
Here create an address
In Name: zaib.com
In Address: 192.168.2.1
Click on CREATE and then APPLY CHANGES.
Now from you client side, try to do nslookup, and this time you wont see any error.

Create MX record for MAIL Server 🙂

Creating an MX Record (Mail Exchange Record).

1) Open your zone , for example zaib.com ,
Click on Mail Server
2) For the name, type in the domain e.g zaib.com
3) For the mail server, type in zaib.com
4) Set the priority to what you like.. 10 is usually default.
5) Click on SAVE and aplpy changes.

Make sure your Linux box have your BIND Server IP at top.

Edit your resolv.conf and set dns name server search order.

# Generated by NetworkManager
search zaib.com
nameserver 127.0.0.1
nameserver 192.168.2.4

Adding Forwarding Entry (For resolving External Hosts)

Goto SERVERS > BIND DNS Server
Click on Forwarding and Transfers
In Servers to forward queries to, type your ISP’s DNS Server IP
As shown in the image below . . .

Now when your client will do query , BIND will first check in zaib.com, if it doesn’t fin any entry, it will forward this query to ISP’S DNS Server.

6# DNS configuration files

/var/lib/bind/MYDOMAIN.NET.PK.HOSTS

$ttl 38400
mydomain.net.pk. IN SOA ubuntu. aacable.hotmail.com. (
1510591216
10800
3600
604800
38400 )
mydomain.net.pk. IN NS ubuntu.
srv1.mydomain.net.pk. IN A 192.168.0.1

/var/lib/bind/192.168.0.rev

$ttl 38400
100.168.192.in-addr.arpa. IN SOA ubuntu. aacable.hotmail.com. (
1510591255
10800
3600
604800
38400 )
0.168.192.in-addr.arpa. IN NS ubuntu.
1.0.168.192.in-addr.arpa. IN PTR srv1.mydomain.net.pk.

/etc/bind/named.conf.options

acl internal {
192.168.0/24;
101.11.11.0/24;
localhost;
};
options {
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
listen-on { any; };
listen-on port 53 { 127.0.0.1; any; };
allow-query { internal; };
allow-query-cache { internal; };
forwarders {
8.8.8.8
};
};

/etc/bind/named.conf.local

zone "mydomain.net.pk" {
type master;
file "/var/lib/bind/mydomain.net.pk.hosts";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/var/lib/bind/192.168.0.rev";
};

Have Fun 🙂

Sample named.conf.option for caching/forward dns server. useful for ISP

root@ZAIB:/etc/bind# cat named.conf.options

acl goodclients {
# Allwo this series only to query our dns server
192.168.1.0/24;
localhost;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-recursion { goodclients; };
allow-query { goodclients; };

# DNS Forwarded to fetch request from GOOGLE DNS and then cache it
forwarders {
8.8.8.8;
8.8.4.4;
};
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};

 

Reard’s
SYED JAHANZAIB

15 Comments »

  1. Zaib bhai, that’s awesome…………………..thanks for sharing such a nice how-to…

    I think, there is one writing mistake,,,,,,,might be i am wrong,but i am just pointing it so that you will correct it if you think that it’s just a writing mistake.

    IF the above method fails to install (WEBMIN ) instead of *(ubuntu) on your system.

    Thanks

    Like

    Comment by arbabnazar — January 9, 2012 @ 11:44 PM

    Reply

  2. Zaib thax yaar coz of this steps my 10 day old DNS started to work without “non-existing domain name error.

    Thk u very much

    Sandesh..

    Like

    Comment by Sandesh — February 5, 2012 @ 4:24 PM

    Reply

  3. why i can’t nslookup for reverse address?? my server ip 200.200.200.10, when i try to nslookup the address, it’s not working.. but, when i use the domain the running well

    Like

    Comment by ray — April 5, 2012 @ 7:55 PM

    Reply

  4. Excellent tutorial. Thanks!

    Like

    Comment by Catalin — July 29, 2012 @ 6:01 PM

    Reply

  5. Great! For the first time i have configured bind in my home network without struggling!!! You are my savior!!!^_^

    Like

    Comment by daysleeper — November 20, 2012 @ 1:58 PM

    Reply

  6. Hey in the reverse configuration… my network is x.y.z.130 – x.y.z.134 (I think the snm is .248) how do I set the reverse zone to work in that range only? do i put x.y.z.130/28 in the Domain name/Network field?

    Thanks

    Like

    Comment by ksgamerboi — January 31, 2013 @ 6:35 AM

    Reply

  7. Reblogged this on Welcome To Prasad Linux Blog and commented:
    Good doc for DNS

    Like

    Comment by prasadjadhav — February 16, 2013 @ 7:40 PM

    Reply

  8. Dear sir

    I configured dns server on ubuntu desktop. and its working on
    public IPs properly but can work with nating (private )address
    and give me the following error…
    C:\Users\SAMSUNG>nslookup
    Default Server: ns1.stantelecom.com
    Address: 27.116.56.161

    > cnn.com
    Server: ns1.stantelecom.com
    Address: 27.116.56.161

    *** ns1.stantelecom.com can’t find cnn.com: Query refused
    >

    Liked by 1 person

    Comment by kazimjhon — February 23, 2013 @ 7:08 PM

    Reply

  9. i have 2 VPS with public IP and i would like to host multiple sites. both runn debian 7 with webmin. i have created the first domain and NS1/2 and one replicates to the other. now i installed webmin and i would like to add some more domains for dns zones. how do u do that?

    Like

    Comment by john — December 1, 2013 @ 1:47 AM

    Reply

  10. Hello. Very Nice article! 🙂 .. I have a VPS in digitalocean, is it I use my virtualmin to administrate my sites.
    what Vesta pc automatically makes that meets any need for cloudflare? and how I do it in vitualmin for me to spend not use the limited vestacp?
    weird. with Vesta installed, the same values ​​in all tables in two places: cloudflare and digitalocean, sign spf, dkim, DMARC in my 5 domains
    no matter what I go on hostgator where I recorded my fields and points to any table .. DO or CF will always work.

    when installed virtualmin with the same tables sign all emails only when the hostgator panel point to the DO when I point to c.f. DKIM not sign. pass = Fail !!

    What about the other fact, to not come online my subserver / subdomains, I find it strange that in Webmin / virtualmin when I access server dns bind all virtualserver / fields have a master zone auto created and all records entries!
    but subserver not have master zone! nor are the lists of areas!

    I think the fact of being offline is why. as I must master to create zones for my subservers, but what should I do? assuming you want to use cloudflare, and not dns / we own. already heard of something related to exernos dns, I think that’s what to wanting to do, and at Vesta already does everything alone, but is a very weak panel very aspects, and can use more memory than the virtualmin that does much more that he!

    Hare in virtualmin all sites work on any table, or cloudflare digitalocean, but not with assintar email if it is not in hostgator point my domains for digitalocean which is the same place where I have my vps with virtualmin.

    and the other problem is that subservers, subdomains not come online in virtualmin in any way, no matter the pointing done in hostgator.

    Like

    Comment by morenek — September 14, 2015 @ 7:01 PM

    Reply

    • but also I noticed that the dns records of subserver / subdomains are in the dns settings file of the parent domain. m virtualmin> server configuration> dns records> manually edit records … then why not go online? lack create entries of the children in cloudflare? because in add sites not give to add subdomains.

      Like

      Comment by morenek — September 14, 2015 @ 9:46 PM

      Reply

      • what lack I make in virtualmin for him to apply the dkim signing an external dns (cloudflare with copy and paste, obviously) without the internal dns tables of digital ocean, which is where my vps runs the virtualmin and my sites?

        Like

        Comment by morenek — September 14, 2015 @ 10:22 PM


RSS feed for comments on this post. TrackBack URI

Leave a comment