Install DNS server (bind9) on VPS or Cloud – Windows Imprimer

  • 0

IF YOU ARE NOT FAMILIAR WITH MANUALLY INSTALL AND EDIT OF NAMESERVERS, WE SUGGEST YOU TO GET CONTROL PANEL FOR YOUR SERVER.

Installing Bind on Windows

Download and install the Bind 9 Software

* Download the latest version of bind from https://www.isc.org/downloadables/11
* Create a folder on your desktop called bind and extract the downloaded zip to it.
* Open the newly created bind folder and run BINDInstall.exe
* In the Bind 9 Installer window enter:
o Target Directory: c:named
o Service Account Name: named
o Service Account Password: Enter a secure password to use for the service to use
o Confirm Service Account Password: Enter the password again
o Ensure that Automatic Startup is selected
o Ensure that Keep Config files after uninstall is selected.
* Click Install.
* When the installer reports "BIND Installation completed successfully", click OK.
* Click Exit to close the installer.

Configure Bind

* Create a c:namedzones folder
* Download named.conf and db.yourdomain.com.txt and save them to:
o c:namedetcnamed.conf
o c:namedzonesdb.yourdomain.com.txt
* Open a command prompt and run:
o cd c:namedbin
o rndc-confgen -a
o rndc-confgen > ..etcrndc.conf
* Close the command prompt
* Open c:namedetcrndc.conf in notepad
* Cut to the clipboard the section below the line that says:

# Use with the following in named.conf, adjusting the allow list as needed:

* Save & close rndc.conf
* Open c:namedetcnamed.conf in notepad
* Paste the contents of the clipboard into the bottom of this file
* Remove the hashes (#) from the beginning of the pasted lines.
* Remove the line that says "End of named.conf"
* Save & close named.conf

Configure your zone

* Open c:namedetcnamed.conf in notepad.
* In the zone definition for yourdomain.com, modify the zone and file lines to reflect the domain you are configuring.
* Save and close named.conf
* Rename c:namedzonesdb.yourdomain.com.txt to reflect your previous change in named.conf
* Open this zone file in notepad.
* Substitute all references to yourdomain.com for the domain you are configuring.
* Substitute namesever-hostname for the hostname of your nameserver.
* Edit the last line so that the A record reflects the IP address of your server.
* Edit the serial line to reflect today's date. The format for this line is YYYYMMDDRR where:

YYYY = The year (e.g. 2005)
MM = The month (e.g. 02)
DD = The day (e.g. 22)
RR = Today's revision of this file (e.g. 01)

* Save and close the zone file.

Start the Bind service

* Start -> Progam Files -> Administrative Tools -> Services
* Locate the "ISC Bind" service, right click on it and select start.
* If it fails to start, errors can be found in the Event Viewer.

Create a Bind Reload batch file

To make reloading your nameserver easier, I recommend placing a batch file on your destop to reload the nameserver. Reloading the nameserver enables Bind to re-read all the configuration and zone files (and thus allow implement any changes) without the need to restart the service.

* Create a text file called "reload bind.bat" on the desktop, with the following content

@echo off
c:namedbinrndc reload
pause

If you wish your Bind server to serve recursion

Should you require your Bind server to allow recursive queries, that is that it will need to be able to look up zones other than the ones you are hosting on this server (e.g. if this is to provide DNS service to a local network), you will need to enable recursion.

You will first need to generate a root hints file so your server knows where the root servers are. Ensure your Windows DNS configuration is pointing to a working DNS server (such as that of your ISP), open a command prompt and run:

c:namedbindig NS . @m.root-servers.net > c:namedzonesdb.root.hint.txt

Now add the following lines to your c:namedetcnamed.conf configuration file:

zone "." IN {

type hint;

file "db.root.hint.txt";

};

Also, in the global "options" section, change "recursion no" to "recursion yes" and, on the follwing line, add the following line to specify the range of IP addresses which you wish to allow recursion for:

allow-recursion { 192.168.1.0/24; };

Reload Bind for these changes to take effect.

Active Directory Integration

Should you wish for BIND to be the authoritate source of information for your Active Directory domain (if you don't know what this is, don't worry about this section) then you will need to delegate some of the special Active Directory subdomains to your Active Directory server.

; The address of my Active Directory server

yourdnsdc IN A 192.168.160.54

; services over tcp
_tcp IN NS yourdnsdc.yourdomain.com.

; services over udp
_udp IN NS yourdnsdc.yourdomain.com.

; domain controllers
_msdcs IN NS yourdnsdc.yourdomain.com.

; subnet locations
_sites IN NS yourdnsdc.yourdomain.com.


Cette réponse était-elle pertinente?

« Retour

["\r\n