Install bind:
# ipkg install bind
This will install a copy of bind9.
Sample Working Configuration
First thing first, I’m not DNS expert, I’m not expert enough to explain things here, instead I’m sharing my working sample configuration here. Most of the configuration itself is quite self-explanatory so you may copy them and modify for your own environment.
Assumption:
1. Local network address is 192.168.1.0/24
2. The NAS local address is 192.168.1.100
3. The domain name assigned for the local network is mydomain.com
4. Default gateway of the local network is 192.168.1.1
5. The subdomain assigned for diskstation is nas.mydomain.com
6. The name server is configured to allow query from internal network only.
Text highlighted in red is for my network only, you might want to changes to your setting instead.
/opt/etc/named/named.conf
//define the local area network here which is allowed to submit query
acl "home" { 192.168.1.0/24; 127.0.0.1; };
//to make the name server public accessible, replace "home" to "any" for all allow statement, e.g.
// allow-query { "any"; };
// allow-recursion { "any"; };
options {
directory "/opt/etc/named";
allow-query { "home"; };
allow-recursion { "home"; };
// forward to google dns
forwarders { 8.8.8.8; };
};
controls {
inet 127.0.0.1 allow { localhost; } ;
};
logging {
channel dns_log {
file "/opt/var/log/dns.log" versions 3 size 2m;
severity info;
print-severity yes;
print-time yes;
print-category yes;
};
category default {
dns_log;
};
};
// Add local zone definitions here.
zone "localhost" {
type master;
file "db.localhost";
allow-update { none; };
notify no;
};
zone "0.0.127.in-addr.arpa" {
type master;
file "db.localhost.rev";
allow-update { none; };
notify no;
};
//only allow local network to query mydomain.com to preven leaking local network information to public
zone "mydomain.com" {
type master;
file "db.mydomain.com";
allow-query { "home"; };
allow-update { none; };
notify yes;
};
zone "1.168.192.in-addr.arpa" {
type master;
file "db.192.168.1.rev";
allow-query { "home"; };
allow-update { none; };
notify yes;
};
zone "." {
type hint;
file "root.servers";
};
/opt/etc/named/db.localhost
$TTL 86400 ; 24 hours could have been written as 24h
$ORIGIN localhost.
; line below = localhost 1D IN SOA localhost root.localhost
@ 1D IN SOA @ root (
2006080801 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
@ 1D IN NS @
1D IN A 127.0.0.1
/opt/etc/named/db.localhost.rev
$TTL 86400 ;
; could use $ORIGIN 0.0.127.IN-ADDR.ARPA.
@ IN SOA localhost. root.localhost. (
2006080801 ; Serial
3h ; Refresh
15 ; Retry
1w ; Expire
3h ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
/opt/etc/named/db.mydomain.com
$TTL 604800 @ IN SOA nas.mydomain.com. root.mydomain.com. ( 2006080801 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800) ; Negative Cache TTL ; @ IN NS nas //assign NAS IP to nas subdomain nas IN A 192.168.1.100 //wpad is for automatic proxy configuration setting, refer to usage series 27 article for details wpad IN A 192.168.1.100 dell IN A 192.168.1.101 wrt54g IN A 192.168.1.1 //define the rest of the machine of the local network here
/opt/etc/named/db.192.168.1.rev
$TTL 86400 ; 1 day $ORIGIN 1.168.192.in-addr.arpa. @ 1D IN SOA nas.mydomain.com. root.mydomain.com. ( 2006080801 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800) ; Negative Cache TTL IN NS nas.mydomain.com. //define 192.168.1.1 1 IN PTR wrt54g.mydomain.com. //define 192.168.1.101 101 IN PTR dell.mydomain.com. //define the rest of the machine in the LAN 100 IN PTR nas.mydomain.com.
/opt/etc/named/root.servers
. 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
After created the above configuration files, execute the name server
/opt/etc/init.d/S09named start
To investigate whether the name server is running, investigate the logs below
/var/log/messages
/opt/var/log/dns.log
To test the name server
# nslookup
> server 127.0.0.1
> www.yahoo.com
Awesome thanks mate!