Syed Jahanzaib – Personal Blog to Share Knowledge !

January 9, 2012

Using WEBMIN to create Forward/Reverse ZONE in BIND / UBUNTU

Filed under: Linux Related — Tags: , , , , , , , , , , , , — Syed Jahanzaib / Pinochio~:) @ 1:08 PM

For some people , installing and configuring BIND for local network using CLI can be a typical task. However it can be done easily in few steps via using GUI base controller known as WEBMIN which is a very nice and powerful GUI to manageย  almost every service of your Linux box via your browser.

In this article we will discuss following topics.

1# Install WEBMIN (Using 2 different methods)
2# Install BIND (Using WEBMIN)
3# Create Forward Zone for our domain
4# Create Reverse Zones for our domain
5# Test Zones via nslookup
6# DNS configuration files

1# Install WEBMIN Using DKPKG

First we need to install webmin. you can either download it from webmin site and install it by issuing following commands.

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.570_all.deb
# then run the following command
dpkg --install webmin_1.570_all.deb

You should now be able to login to Webmin via your browser using the URL


http://192.168.2.1:10000/
OR
https://192.168.2.1:10000/

IF the above method fails to install WEBMIN on your system, Follow this alternate method to install it.

1# Install WEBMIN Using the Webmin APT repository [Alternate Way]

install and update Webmin via APT, edit the /etc/apt/sources.list file by using the following command

nano /etc/apt/sources.list
and add these lines at end.

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

Now Save the file and exit.

You should also fetch and install my GPG key with which the repository is signed, with the commands :

cd /root
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc

You will now be able to install with the commands :

apt-get update
apt-get install webmin

For more information on other distribution installation , please visit http://www.webmin.com

2# INSTALLING BIND via webmin.

After logging in to Webmin ,
Goto SERVERS > BIND DNS Server

It will inform you that bind is not installed, install it via click on “Click Here
As shown in the image below . . .


Now it will download BIND and install it. Make sure your Linux box is connected with the internet. After installation it will show you something
As shown in the image below . . .

Now that BIND is installed, We have to create Forward and Reverse zones for our new domain. In last we will check it by doing nslookup.

3# Adding FORWARD ZONE for our domain

Goto SERVERS > BIND DNS Server

Now you will see BIND DNS SERVER and various icons.
First we have to create forward zone,
Click on CREATE MASTER ZONE
As shown in the image below . . .

> in Zone Type : Select Forward
> in Domain name / Network , type the name you want to configure your domain with.
As shown in the image below . . .

4# Adding REVERSE ZONE for our domain

Goto SERVERS > BIND DNS Server
Now we have to create Reverse Zone,
Click on CREATE MASTER ZONE
As shown in the image below . . .

Now on your TOP RIGHT, click on APPLY CHANGES.

5# TESTING YOUR NEWLY CREATED ZONE using nslookup

Login to your client pc, open command prompt and issue the following command.
nslookup – 192.168.2.1

now type zaib.com and you should see your Linux box ip in response.
As shown in the image below . . .

All Done. Now you can careate hosts record / MX record etc using GUI base DNS MANAGEMENT CONSOLE ๐Ÿ™‚

BIND TIP’S N TRICKS

*** Can’t find server name *** ERROR

When you do NSLOOKUP, you see an error something like.
*** Can’t find server name for address 192.168.2.1: Non-existent domain, Default ServeR: UnKnown

To solve this , jsut add reverse lookup entry for your domain.
Goto SERVERS > BIND DNS Server
Open your newly created zone in EXISTING DNS ZONES
As shown in the image below . . .

After opening zaib.com or your zone,
Click on ADDRESS
Here create an address
In Name: zaib.com
In Address: 192.168.2.1
Click on CREATE and then APPLY CHANGES.
Now from you client side, try to do nslookup, and this time you wont see any error.

Create MX record for MAIL Server ๐Ÿ™‚

Creating an MX Record (Mail Exchange Record).

1) Open your zone , for example zaib.com ,
Click on Mail Server
2) For the name, type in the domain e.g zaib.com
3) For the mail server, type in zaib.com
4) Set the priority to what you like.. 10 is usually default.
5) Click on SAVE and aplpy changes.

Make sure your Linux box have your BIND Server IP at top.

Edit your resolv.conf and set dns name server search order.

# Generated by NetworkManager
search zaib.com
nameserver 127.0.0.1
nameserver 192.168.2.4

Adding Forwarding Entry (For resolving External Hosts)

Goto SERVERS > BIND DNS Server
Click on Forwarding and Transfers
In Servers to forward queries to, type your ISP’s DNS Server IP
As shown in the image below . . .

Now when your client will do query , BIND will first check in zaib.com, if it doesn’t fin any entry, it will forward this query to ISP’S DNS Server.

6# DNS configuration files

/var/lib/bind/MYDOMAIN.NET.PK.HOSTS

$ttl 38400
mydomain.net.pk. IN SOA ubuntu. aacable.hotmail.com. (
1510591216
10800
3600
604800
38400 )
mydomain.net.pk. IN NS ubuntu.
srv1.mydomain.net.pk. IN A 192.168.0.1

/var/lib/bind/192.168.0.rev

$ttl 38400
100.168.192.in-addr.arpa. IN SOA ubuntu. aacable.hotmail.com. (
1510591255
10800
3600
604800
38400 )
0.168.192.in-addr.arpa. IN NS ubuntu.
1.0.168.192.in-addr.arpa. IN PTR srv1.mydomain.net.pk.

/etc/bind/named.conf.options

acl internal {
192.168.0/24;
101.11.11.0/24;
localhost;
};
options {
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
listen-on { any; };
listen-on port 53 { 127.0.0.1; any; };
allow-query { internal; };
allow-query-cache { internal; };
forwarders {
8.8.8.8
};
};

/etc/bind/named.conf.local

zone "mydomain.net.pk" {
type master;
file "/var/lib/bind/mydomain.net.pk.hosts";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/var/lib/bind/192.168.0.rev";
};

Have Fun ๐Ÿ™‚

Sample named.conf.option for caching/forward dns server. useful for ISP

root@ZAIB:/etc/bind# cat named.conf.options

acl goodclients {
# Allwo this series only to query our dns server
192.168.1.0/24;
localhost;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-recursion { goodclients; };
allow-query { goodclients; };

# DNS Forwarded to fetch request from GOOGLE DNS and then cache it
forwarders {
8.8.8.8;
8.8.4.4;
};
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};

 

Reard’s
SYED JAHANZAIB