SLUUG Wiki

We are running a caching name server on the server, chroot'ed to /var/lib/named, running as user "bind", and bound to the loopback interface only. This was installed via:

apt-get install bind9 dnsutils bind9-doc
mkdir -p /var/lib/named /var/lib/named/etc /var/lib/named/var/cache/bind /var/lib/dev 
mkdir -p /var/lib/named/var/run/bind/run
cp -a /etc/bind /var/lib/named/etc/
mknod /var/lib/named/dev/random c 1 8
chown bind:bind /var/lib/named/var/run/bind/run
/etc/init.d/bind9 start

Edit /etc/default/bind9:

OPTIONS="-u bind -t /var/lib/named"

Edit /var/lib/named/etc/bind/named.conf.options and add the following:

listen-on {127.0.0.1;};
forwarders {24.217.0.3;};

TODO: Our forwarder will need to change to whoever our upstream ISP is. This is Charter.

Edit /etc/resolv.conf:

domain sluug.info
nameserver 127.0.0.1

This shouldn't require any further configuration, as we only need caching DNS to support the mail server. If it does, named options are set in /etc/default/bind9.

Change the domain to sluug.org when appropriate.

ln -s /var/lib/named/etc/bind /etc/bind (to make it easier to change settings)

mknod /var/lib/named/dev/null c 1 3
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random

chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind

Make logging changes per HOWTO below.

Unfortunately, I had previously run "apt-get install bind", not realizing that the default was Bind8. I think I've removed all traces of Bind8 - "apt-get remove bind" didn't take everything with it, such as the startup script. (Jeff Muse)

Got some of this from the Bind-Chroot-Howto.