Linux LAN domain – BIND9 and Debian

Disclaimer :: the information in this post was altered in order to avoid disclosing the real details of our internal network.

I wanted to change my LAN domain to srv.dth. All devices connected to my network must resolve this domain automatically and certain devices will have their own FQDN, like: printer.srv.dth.

domain:  srv.dth
host:    hs.srv.dth       // "home server", machine where the DNS server will run
host IP:

router.srv.dth            // ISP router
router1.srv.dth           // Home network
router2.srv.dth           // Lab 
hs.srv.dth                // DNS server
printer.srv.dth           // Printer
cam0.srv.dth              // Security cameras

vim /etc/hosts       localhost.localdomain   localhost	hs.srv.dth	     	hs

vim /etc/hostname


install bind

apt-get update && apt-get install bind9 bind9utils

Now reboot


Type hostname and hostname -f

# hostname
# hostname -f

Add to named.conf.local:

zone "srv.dth" IN {
  // this is the authoritative server for srv.dth
  type master;
  file "/etc/bind/zones/srv.dth";
  allow-query { any; };

zone "" {
  // this is the authoritative server for
  // the network
  type master;
  file "/etc/bind/zones/rev.10.0.0";

After mkdir /etc/bind/zones, create the DNS zone file with vim /etc/bind/zones/srv.dth

; DNS zone for srv.dth
$ORIGIN srv.dth.    ; designates the start of this zone file in the namespace
$TTL 1h            ; default expiration time of all resource records without their own TTL value
@        IN  SOA   ns.srv.dth. admin.srv.dth. (
                        2017050101   ; serial
                        8H           ; refresh
                        4H           ; retry
                        4W           ; expire
                        1D )         ; minimum
; Name Server and Mail eXchange
srv.dth.  IN  NS    ns.srv.dth.        ; ns.srv.dth is a nameserver for srv.dth
@         IN  NS    ns2.srv.dth.       ; ns.somewhere.example is a backup nameserver for srv.dth
@         IN  MX    10 mail.srv.dth.   ; mail.srv.dth is the mailserver for srv.dth
; Hosts
srv.dth.  IN  A
ns        IN  A
mail      IN  A
www       IN  CNAME srv.dth.
cloud     IN  CNAME srv.dth.
router0   IN  A
router1   IN  A
router2   IN  A
printer   IN  A
cam0      IN  A
cam1      IN  A
cam2      IN  A

Then create the reverse zone with vim /etc/bind/zones/rev.10.0.0

; reverse pointers for subnet
@        IN  SOA   ns.srv.dth. admin.srv.dth. (
                       2017050101     ; serial
                       8H             ; refresh
                       4H             ; retry
                       4W             ; expire
                       1D )           ; minimum
; Define the authoritative name server
              NS      ns.srv.dth.
; Hosts
10            PTR     hs.srv.dth.     ; 1 for the last digit of
10            PTR     ns.srv.dth.
10            PTR     www.srv.dth.
10            PTR     cloud.srv.dth.
10            PTR     mail.srv.dth.
10            PTR     cloud.srv.dth.
1             PTR     router1.srv.dth.
2             PTR     router2.srv.dth.
15            PTR     printer.srv.dth. ; 15 for the last digit of
20            PTR     cam0.srv.dth.
21            PTR     cam1.srv.dth.
22            PTR     cam2.srv.dth.

Now make sure hs.srv.dth has a static IP and that both hs.srv.dth and its router will have only (hs’s ip) as DNS. Also if using network-manager, make sure to disable dnsmasq with vim /etc/NetworkManager/NetworkManager.conf


I always like to reboot both hs.srv.dth and the router. After that, I reconnect to the network from my laptop and can check if it works by typing printer.srv.dth on my browser.

And from a console

[dth@slayer ~]$ host srv.dth
srv.dth has address
srv.dth mail is handled by 10 mail.srv.dth.
[dth@slayer ~]$ host domain name pointer mail.srv.dth. domain name pointer www.srv.dth. domain name pointer ns.srv.dth. domain name pointer hs.srv.dth. domain name pointer cloud.srv.dth.
[dth@slayer ~]$ host domain name pointer printer.srv.dth.
[dth@slayer ~]$ host domain name pointer cam0.srv.dth.

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading Facebook Comments ...
Loading Disqus Comments ...