Update on running your own recursive nameserver

I upgraded my system to Ubuntu 10.10 today and was surprised to find out that bind refused to start.

After a bit of investigation (without internet access because I decided not to fall back on a temporary nameserver), I found out the correct form the configuration file had to take. I still  don’t understand why it worked in the previous version when it now looks like it was erroneous.

Anyway, the updated and functional file can be found at http://nucco.org/files/named.conf.options

On a side note, my system feels a whole lot snappier right now. Yeap, that’s puzzling as well.


Random Quote:
Say something you’ll be sorry for, I love receiving apologies.

Running Your Own Recursive Nameserver on Ubuntu 10.04 (Lucid)

I got tired of my ISP’s annoying DNS servers that redirect me to search results I don’t want, complete with advertising, every time I mistype a domain name in the browser. So I changed my nameservers to google’s public DNS. I even set up a simple caching nameserver on my system in a bid to improve performance.

This met my needs, because Google doesn’t re-direct non-existent domains. The only problem is that I think google knows quite enough about me already. I don’t need to feed them a list of all the sites I interact with.

So, in part inspired by my recent adventures with name servers, as well as a suggestion by someone in #dns on irc.freenode.net about it not being rocket science to run your own recursive nameserver, I (yea) searched google, and ended up with an interesting set of instructions, which I didn’t need to follow to the letter.

They are here: http://ftp.isc.org/isc/pubs/tn/isc-tn-2007-1.html

On my Ubuntu 10.04 system, all I needed to edit the configuration file, found at /etc/bind/named.conf.options . Remember to install the package ‘bind9’ first :).

I added the following lines, which were of course, dubbed from the ISC site linked a few paragraphs earlier.

controls { 
    inet 127.0.0.1 allow { localhost; }
keys { "rndc-key";}
};

and in the "options {" block, I added the following:

allow-query { 
localhost; localnets; };
listen-on { any; };

Then I added a third block

view "default-recursive" { 
    match-clients { localhost; localnets; };
    match-destinations { localhost; localnets; };
    recursion yes;
}

Saved the configuration file, and then restarted bind ( sudo service bind9 restart )

Finally, I changed my network settings, putting in 127.0.0.1 as the nameserver/DNS server.

Tested, and everything fine.

For a slightly finer explanation of the configuration files, at least the parts that matter, and to the best of my understanding, "localnets" means you’re also allowing other computers on the same LAN as yourself to set their system to use your new nameserver.

127.0.0.1 of course, is the way that your system refers to itself. ‘localhost’ does a similar job, but of course, ‘localhost’ needs to be first resolved to an IP address :)

There, I now run my own recursive DNS server, and I feel pretty happy about it.

My entire config file (the one I edited) is here if you want it: http://nucco.org/files/named.conf.options


-my pic-
Random Quote:
Misfortune, n.: The kind of fortune that never misses. — Ambrose Bierce, "The Devil’s Dictionary"