In order to use private nameservers, it’s important you know how to set up a DNS zone on your server, without cPanel, and let it handle DNS requests.
Although we will primarily focus on Ubuntu operating system, namely Ubuntu 16.04, this guide may also prove useful to Linux users since the basic principles are the same.
Regarding our DNS software, we use BIND9. On a hypothetical server, we will first set up a DNS zone with the IP address 1.2.3.4 for the domain name nctest.info with nameservers ns1.nctest.info and ns2.nctest.info.
IMPORTANT: When following the below instructions, you will need to replace 1.2.3.4 and nctest.info with the corresponding IP address of your server and your domain name to ensure it works properly.
Setting up a DNS zone with Ubuntu
1. First of all, you need to connect to your server via SSH.
On Linux and MacOS, you can use the following command:
ssh root@<IP> -pPORT
IP is the IP of the server you are connecting to
PORT: connection port - 22 for a VPS/Dedicated server by default
In our example:
ssh root@1.2.3.4 -p22
For Windows, you can use PuTTY software.
2. Once you are logged in, make sure your server is fully updated. To do this, run the following commands one by one:
apt-get update
apt-get upgrade
apt-get dist-upgrade
3. Once you’ve done this, install BIND using the following command:
apt-get install bind9 bind9utils bind9-doc
Once the command is executed, the BIND9 DNS server is now installed on your system and you can start configuring it.
4. Open the main configuration file using the command:
nano /etc/bind/named.conf
And make sure that the following lines are included in the file:
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
These lines are necessary to include other configuration files, besides the main one, to the application configuration that is needed from us. If the lines are not added, feel free to add them.
Then, press
Control+X, type
Y and press
Enter/return. It will save changes and close the file.
5. Now we need to define our DNS zone. To do so, open the file
/etc/bind/named.conf.local:
nano /etc/bind/named.conf.local
And insert the following to the file:
zone "nctest.info" {
type master;
file "/etc/bind/nctest.info";
};
Keep in mind that
nctest.info should be replaced with your own domain name.
It will tell BIND9 to look for the file /etc/bind/nctest.info to find the DNS zone for nctest.info.
Press Control+X, type Y and press Enter/return.
6. Now you must open the zone file and add the necessary DNS records there:
nano /etc/bind/nctest.info
The following text also needs to be added to the file:
$TTL 86400
@ IN SOA ns1.nctest.info. root.nctest.info. (
2019021501 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS ns1.nctest.info.
@ IN NS ns2.nctest.info.
ns1 IN A 1.2.3.4
ns2 IN A 1.2.3.4
@ IN A 1.2.3.4
IMPORTANT: Do not forget to change the domain name nctest.info and the IP address 1.2.3.4 to the necessary values.
The Serial number should be changed according to the current date in a format YYYYMMDDXX, where XX represents the number of the zone changes on a specific day. If you only create the zone, put 01 there. If it’s the third time in a day that you modify the DNS zone, put 04 instead of XX.
You can also add any necessary DNS records in this file, which will store the zone of your domain name. In order to make any changes to its zone, you will need to open this file and edit it. When you perform any changes, do not forget to increase the Serial number (according to the current date).
Here is an example of a DNS zone:
Once you have done this, press Control+X, type Y and press Enter/return.
7. The next step would be making sure that the BIND9 directory has the correct permissions and owner:
chmod -R 755 /etc/bind
chown -R bind:bind /etc/bind
8. Now that the initial configurations are done, let’s check to see if everything is configured properly. To do so, run the following commands:
named-checkconf /etc/bind/named.conf
named-checkconf /etc/bind/named.conf.local
If these commands do not return anything, it means everything is properly configured.
9. Now check the DNS zone you created:
named-checkzone nctest.info /etc/bind/nctest.info
The output should be as follows:
zone nctest.info/IN: loaded serial 2019021501
OK
10. As the final step, restart your DNS server:
systemctl restart bind9
11. Make sure that tcp/udp port 53 is opened in the firewall.
That’s it! You now can check to see how it works by using the dig command.
IMPORTANT: To ensure it’s working, your private nameservers must be registered with your respective domain registrar. If your domain name is registered with Namecheap, please follow this guide.
You may have noticed we only configured a forward DNS zone. Why? Because it’s not possible to configure a reverse DNS zone and set up the PTR record for your server’s IP address in the same way.
If you have a VPS, please follow this guide to do it. If you have a Dedicated Server, we recommend that you submit a ticket to the Hosting -- VPS and Dedicated Servers department.
Setting up a DNS zone with AlmaLinux
1. First of all, you need to connect to your server via SSH.
On Linux and MacOS, you can use the following command:
ssh root@ -pPORT
IP is the IP of the server you are connecting to
PORT: connection port - 22 for a VPS/Dedicated server by default
In our example:
ssh root@1.2.3.4 -p22
For Windows, you can use PuTTY software.
2. Once you are logged in, make sure your server is fully updated. To do this, run the following command:
dnf -y update
3. Once you have done this, install BIND using the following command:
dnf -y install bind bind-utils
Once the command is executed, the BIND9 DNS server is now installed on your system and you can start configuring it.
4. By default, only localhost is allowed. However, we need our nameservers to reply to queries from all over the world, so it is required to change this configuration.
Open the main configuration file using the command:
nano /etc/named.conf
In the file, change the following parameters to any:
listen-on port 53
allow-query
5. Then, we need to include named.conf.local to the application configuration which we will use to define our DNS zones.
Add the following line to the end of the file:
include "/etc/named/named.conf.local";
Press Control+X, type Y and press Enter/return. It will save changes and close the file.
6. In order to tell BIND9 to look for the file /etc/named/nctest.info to find the DNS zone for nctest.info, open this file:
nano /etc/named/named.conf.local
Here, it should be empty. Now insert the following to the file:
zone "nctest.info" {
type master;
file "/etc/named/nctest.info";
};
Keep in mind that nctest.info should be replaced with your own domain name.
Press Control+X, type Y and press Enter/return.
7. Now, open the zone file and add the necessary DNS records there:
nano /etc/named/nctest.info
The following text also needs to be added to the file:
$TTL 86400
@ IN SOA ns1.nctest.info. root.nctest.info. (
2019021501 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS ns1.nctest.info.
@ IN NS ns2.nctest.info.
ns1 IN A 1.2.3.4
ns2 IN A 1.2.3.4
@ IN A 1.2.3.4
Do not forget to change the domain nctest.info and the IP address 1.2.3.4 to the required values.
The Serial number should be changed according to the current date in a format YYYYMMDDXX, where XX represents the number of the zone changes on a specific day. If you only create the zone, put 01 there. If it’s the third time you modify the DNS zone a day, put 04 instead of XX.
You can also add any needed DNS records in this file. It will store the zone of your domain name, and to make any changes to its zone, you will need to open this file and edit it. When you perform any changes, do not forget to increase the Serial number (according to the current date).
Here is an example of a DNS zone:
Once done, press Control+X, type Y and press Enter/return.
8. The next step would be making sure that the BIND9 directory has the correct permissions and the correct owner:
chmod -R 755 /etc/named
chown -R named:named /etc/named
9. Now that the initial configurations are done, let’s check to see if everything is properly configured. To do so, run the following commands:
named-checkconf /etc/named.conf
named-checkconf /etc/named/named.conf.local
If these commands do not return anything, it means everything is properly configured.
10. Now check the DNS zone you created:
named-checkzone nctest.info /etc/named/nctest.info
The output should be as follows:
zone nctest.info/IN: loaded serial 2019021501
OK
11. As the final step, restart your DNS server:
service named restart
12. Make sure that tcp/udp port 53 is opened in the firewall. You can open it with the following command:
firewall-cmd --add-service=dns --zone=public --permanent
firewall-cmd --reload
That’s it! You now can check to see how it works using the dig command.
IMPORTANT: To ensure it’s working, your private nameservers must be registered with your respective domain registrar. If your domain name is registered with Namecheap, please follow this guide.
You may have noticed we only configured a forward DNS zone. Why? Because it’s not possible to configure a reverse DNS zone and set up the PTR record for your server’s IP address in the same way.
If you have a VPS, please follow this guide to do it. If you have a Dedicated Server, we recommend that you submit a ticket to the Hosting -- VPS and Dedicated Servers department.