BIND9 is the most widely deployed DNS server software. This guide configures BIND9 as an authoritative DNS server and a local recursive resolver on Ubuntu 24.04 LTS.
Tested and valid on:
- Ubuntu 24.04 LTS
Prerequisites
- Ubuntu 24.04 LTS server
- A user with sudo privileges
- A registered domain name (for authoritative DNS)
Step 1 – Install BIND9
Install BIND9 and utilities:
sudo apt update
sudo apt install bind9 bind9utils bind9-doc -yStep 2 – Configure BIND as a Caching Resolver
Edit the named options:
sudo nano /etc/bind/named.conf.optionsAdd:
options {
directory "/var/cache/bind";
forwarders {
1.1.1.1;
8.8.8.8;
};
dnssec-validation auto;
listen-on { any; };
allow-query { localhost; 192.168.1.0/24; };
};Step 3 – Add a Zone for Your Domain
Edit the local zones file:
sudo nano /etc/bind/named.conf.localAdd a forward zone:
zone "example.com" {
type master;
file "/etc/bind/zones/db.example.com";
};Step 4 – Create the Zone File
Create the zone directory and zone file:
sudo mkdir /etc/bind/zones
sudo nano /etc/bind/zones/db.example.comAdd:
$TTL 604800
@ IN SOA ns1.example.com. admin.example.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.example.com.
ns1 IN A 192.168.1.10
@ IN A 192.168.1.10
www IN A 192.168.1.10Step 5 – Check and Restart BIND9
Verify the configuration:
sudo named-checkconf
sudo named-checkzone example.com /etc/bind/zones/db.example.com
sudo systemctl restart bind9Step 6 – Test DNS Resolution
Test with dig:
dig @localhost example.com
dig @localhost www.example.comStep 7 – Allow DNS Through the Firewall
Open the DNS port:
sudo ufw allow Bind9Conclusion
BIND9 is now running as a DNS server on Ubuntu 24.04 LTS. It resolves queries for your local zone and forwards external queries to upstream resolvers.
