Setting Up a DNS Server on My Local System (BIND9)

Step 1: Update the System

Get to WSL (Ubuntu for Windows).
Update the package list:

sudo apt update

Step 2: Install BIND9

Install the DNS server software:

sudo apt install bind9 bind9utils bind9-doc -y

Start and enable BIND9:

sudo systemctl enable bind9
sudo systemctl start bind9

Verify the installation:

sudo systemctl status bind9

Step 3: Configure BIND9 Options

Open the BIND9 options file:

sudo nano /etc/bind/named.conf.options

Modify or add the following configuration to enable forwarding to public DNS servers:

options {
    directory "/var/cache/bind";

    // Enable recursion to allow the server to resolve queries
    recursion yes;

    // Allow queries from any IP
    allow-query { any; };

    // Use Google's public DNS servers as forwarders
    forwarders {
        8.8.8.8;
        8.8.4.4;
    };

    // Disable authoritative answers for NXDOMAIN responses
    auth-nxdomain no;

    // Listen on all IPv6 interfaces
    listen-on-v6 { any; };

    // Optional: Enable DNSSEC validation
    dnssec-validation auto;
};

Save the file and restart BIND9:

sudo systemctl restart bind9

Step 4: Configure DNS Zones

Open the local configuration file for zones:

sudo nano /etc/bind/named.conf.local

Add the forward and reverse lookup zones for your domain (use your local IP and domain name of choice):

zone "victorokonkwo.com" {
    type master;
    file "/etc/bind/db.victorokonkwo.com";
};

zone "74.31.172.in-addr.arpa" {
    type master;
    file "/etc/bind/db.172";
};

Save the file.

Step 5: Create Zone Files

Create the forward zone file (use your local IP and domain name of choice):

sudo nano /etc/bind/db.victorokonkwo.com

Add the following content:

;
; BIND data file for victorokonkwo.com
;
$TTL    604800
@       IN      SOA     ns1.victorokonkwo.com. admin.victorokonkwo.com. (
                          2023111801 ; Serial
                          604800     ; Refresh
                          86400      ; Retry
                          2419200    ; Expire
                          604800 )   ; Negative Cache TTL

        IN      NS      ns1.victorokonkwo.com.
ns1     IN      A       172.31.74.133
@       IN      A       172.31.74.133
www     IN      A       172.31.74.133

Create the reverse zone file:

sudo nano /etc/bind/db.172

Add the following content:

;
; Reverse DNS file for 172.31.74.0/24
;
$TTL    604800
@       IN      SOA     ns1.victorokonkwo.com. admin.victorokonkwo.com. (
                          2023111801 ; Serial
                          604800     ; Refresh
                          86400      ; Retry
                          2419200    ; Expire
                          604800 )   ; Negative Cache TTL

        IN      NS      ns1.victorokonkwo.com.
133     IN      PTR     victorokonkwo.com.

Step 6: Test the Configuration

Check the syntax of the configuration files:

sudo named-checkconf
sudo named-checkzone victorokonkwo.com /etc/bind/db.victorokonkwo.com
sudo named-checkzone 74.31.172.in-addr.arpa /etc/bind/db.172

Restart the BIND9 service:

sudo systemctl restart bind9

Step 7: Test DNS Resolution

Use the dig tool to test the setup:

dig @localhost victorokonkwo.com
dig @localhost www.victorokonkwo.com
dig -x 172.31.74.133

Verify that the correct responses are returned.

Step 8: Configure Firewall

Allow DNS traffic through the firewall:

sudo ufw allow 53
sudo ufw reload

Blog