Understand the concept of Domain Name System, particularly installation and setup of BIND DNS.
For this lab, we will be using BIND, a free/open-source DNS application. Bind is the complete DNS software, which can be used as an authoritative or caching server or both. It is currently the most widely used DNS application on the Internet and is maintained by the Internet Services Consortium (ISC). The current version as of writing is BIND 9.14.9.
Login to your assigned servers using a remote access tool (Terminal for Linux/Mac platform, or SSH software such as PuTTY for Windows).\\
ssh [email protected] (for group1) password: training
Add ISC Package Repository
sudo apt -y install software-properties-common sudo add-apt-repository -y ppa:isc/bind sudo apt -y update
Install bind9
sudo apt -y install bind9
Verify the installation. Find the location where named is installed.
which named
Check the version number. If there was a previous BIND installation, this will tell you whether it is pointing to the new installation or not.
/usr/sbin/named -V
The output will look something like bellow. Make sure that BIND compiled with SSL
BIND 9.14.9-Ubuntu (Stable Release) <id:623e23e> running on Linux x86_64 4.15.0-74-generic #84-Ubuntu SMP Thu Dec 19 08:06:28 UTC 2019 built by make with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-libjson=/usr' '--with-lmdb=/usr' '--with-gnu-ld' '--with-geoip2' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' '--disable-native-pkcs11' '--enable-dnstap' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/bind9-7apSD3/bind9-9.14.9=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' compiled by GCC 7.4.0 compiled with OpenSSL version: OpenSSL 1.1.1 11 Sep 2018 linked to OpenSSL version: OpenSSL 1.1.1 11 Sep 2018 compiled with libxml2 version: 2.9.4 linked to libxml2 version: 20904 compiled with libjson-c version: 0.12.1 linked to libjson-c version: 0.12.1 compiled with zlib version: 1.2.11 linked to zlib version: 1.2.11 threads support is enabled default paths: named configuration: /etc/bind/named.conf rndc configuration: /etc/bind/rndc.conf DNSSEC root key: /etc/bind/bind.keys nsupdate session key: //run/named/session.key named PID file: //run/named/named.pid named lock file: //run/named/named.lock geoip-directory: /usr/share/GeoIP