Install and configure BIND on your vps

1. bind9 nameserver installation

Unless you prefer to install bind from a source code the installation is rather simple. On a Debian or Ubuntu Linux server you can install a bind nameserver with a following command:


apt-get install bind9 dnsutils

CentOS or Fedora alternative:

yum install bind dnsutils

dnsutils is not compulsory package to run bind webserver, but we will use a dig command which is part of this package as a testing tool of your bind configuration.

2. Creating a DNS zone file

At this stage we will need to create a new zone file for a domain Navigate to /etc/bind/ directory execute following sequence of commands to navigate to zones/master/

cd /etc/bind
mkdir -p zones/master
cd zones/master/

/etc/bind/zones/master directory will contain a zone file for a domain. If you prefer to use another directory to hold this file you are free to do so. The following zone file will hold a DNS record to assist a nameserver resolve a fully qualified domain name to an IP address. Create and save with a following content:

; BIND data file for
$TTL    3h
@       IN      SOA (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 day
@       IN      NS
@       IN      NS    IN      MX      10    IN      A
ns1                     IN      A
ns2                     IN      A
www                     IN      CNAME
mail                    IN      A
ftp                     IN      CNAME

Here is just a quick review of some lines from the above bind DNS zone file:

  • SOA  Record: nameserver authoritative for a zone is and is an email address of a person responsible for this DNS zone.
  • NS Records: two nameservers for a zone are ns[1,2]
  • MX ( Mail Exchange): mail exachange record. Number 10 means a preference for discarting a records A : A simply means address inanother words in's zone a ns1 would ahve a A ( address )
  • CNAME Record ( Canonical Name record ): restart the query using the canonical name instead of the original name

3. address-to-name mappings

At this stage the bind DNS server can resolve an IP address mapped to a host. What we should do now is the teach our nameserver the other way around, which is, to resolve a host  from an IP address. For this we are going to need yet another file and that is db.192.168.0 with a following content:


; BIND reverse data file for
$TTL    604800      IN      SOA (
                          1         ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 day
;       IN      NS       IN      NS   IN      PTR
  • PTR: a NDS record used for a mapping of an IP address to a host name.

4. Updating a BIND Configuration File

At this point we should have two files ready:
  • /etc/bind/zones/master/
  • /etc/bind/zones/master/db.192.168.0
All we need to do now is to insert both zone file names into a bind's configuration file named.conf.local. To do that add following lines into this file:
zone "" {
       type master;
       file "/etc/bind/zones/master/";

zone "" {
       type master;
       file "/etc/bind/zones/master/db.192.168.0";

Last thing before we go ahead to check a configuration is to add and IP address af a stable DNS server to a named.conf.options file. This IP address is used in case that a local DNS server do not know the answer the a name resolution query. In IP address of a DNS server in many cases is provided by your Internet provider. Alternatively if you are google fan use or

Replace a following blog of text withing a named.conf.options file:

       // forwarders {
       // };

with new stable DNS server IP  address

        forwarders {

5. Checking bind's zone files and configuration

Before we attempt to start a bind nameserver with a new zone and configuration here are some tools to check if we have not done some typo or misconfiguration.
To check a configuration files run a following command:

With this named-checkconf command the rule is: no news are good news. If no output had been produced your config files looks OK.

To check a DNS zone files we can use named-checkzone command:

named-checkzone /etc/bind/zones/master/
zone loaded serial 1

reverse zone file check:

named-checkzone /etc/bind/zones/master/db.192.168.0
zone loaded serial 2

6. Start / restart bind nameserver

At this point nothing can stop us to run bind9 dns server:

 /etc/init.d/bind9 start
Starting domain name service...: bind9.

Alternatively, if your bind server is already running use a following command to to assist you with its restart:

/etc/init.d/bind9 restart
Stopping domain name service...: bind9.
Starting domain name service...: bind9.

7. Testing a bind server configuration

A dig command from dnsutils package will become handy to help us to test a new configuration of  bind nameserver.

dig command can be used from any PC which has a network access the your DNS server but preferably your should start your testing from a localhost. In our this case the IP address of our name server is First we will test host-to-IP resolution:

dig @

; <<>> DiG 9.6-ESV-R1 <<>> @
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Next we test IP-to-host resolution:

dig @ -x

; <<>> DiG 9.6-ESV-R1 <<>> @ -x
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Leave a Reply