How to setup a DNS server with PowerDNS | Raspberry Pi


Are you tired of typing in IP addresses for every machine on your network? In this tutorial I will be showing you how to set up your own home DNS server using the Raspberry Pi. Before we start this training, we have assumed that you are running the latest version of Raspbian.

Thankfully PowerDNS is included in Debian repositories. Note there’s also pdns-recursor package which separately provides DNS caching but we’re not going to install that because it’s currently unavailable in the Raspbian repositories. So we’re just going to go ahead and install the DNS server.

sudo apt-get install pdns-server

For this tutorial we’re just going to use the Bind9 backend that gets installed with PowerDNS by default. This backend basically allows us to write our zone configurations using Bind9’s syntax since PowerDNS knows how to read them. Thus, if you were moving off of Bind9 you could still use your old zone files or if you wanted to move to Bind9 later on then your zone files would already be in the correct format.

Configuring A Recursor

Before we begin setting up the zone file we need to configure our recursor. The recursor is that DNS server that will handles queries which the DNS server does not have zone configurations for ( python.org, google.com etc.). We are going to use the sed in the next command to set the recursor in /etc/powerdns/pdns.conf to the Google’s Public DNS (8.8.8.8).

sudo sed -i ‘s/# recursor=/recursor=8.8.8.8/g’ /etc/powerdns/pdns.conf
sudo sed -i ‘s/allow-recursion=127.0.0.1/allow-recursion=127.0.0.1,192.168.0.0\/24/g’ /etc/powerdns/pdns.conf

We are going to restart the pdns service since the recursor has been configured and also we will  install dnsutils so we can put it to test

sudo service pdns restartsudo apt-get install dnsutils

To confirm that the recursion against the DNS server, we’ll execute the following query command for google.com against it.

nslookup google.com localhost

If some names and addresses are returned during this process, it means that everything is working perfectly well.

Configuring a zone

The next thing is to move to the configuration of our own zone. A Zone can typically be called a domain name. With Bind9, you will have a configuration file that states all of your zones and then the main records for those zones are kept in separate files. PowerDNS uses /etc/powerdns/bindbackend.conf as its original configuration file for Bind9. So let’s see how we can open that up and create a zone for us.

zone “example.com” {
          type master;
          file “/etc/powerdns/bind/example.com.zone”;
          allow-update { none; };
};

The example.com can be replaced with the name you want yours to be. Please note that if you are using this project for home networks or for training purposes, you won’t need a real domain. So, you can give it any name that suits you (home.com, home.lan, example.lan, etc.). You can recollect that we made a reference to a file called/etc/powerdns/bind/example.com.zone; this is where the DNS records for (example.com) will go. First we have to create the/etc/powerdns/bind folder.

sudo mkdir /etc/powerdns/bind

Now let’s move on to create /etc/powerdns/bind/example.com.zone using the following codes.

$ORIGIN example.com ; base for unqualified names
$TTL 1h ; default time-to-live
@ IN SOA ns.example.com hostmaster.example.com (
1; serial
1d; refresh
2h; retry
4w; expire
1h; minimum time-to-live
)
     IN NS ns
     IN A 192.168.0.14
ns IN A 192.168.0.14

We have set up some basic things in this zone file. Note that 192.168.0.14 is the IP address of my server, you don’t need to use mine, just replace it with the IP that comes out of your own network. The first record is the (SOA) Start of Authority record. This relays a message to the DNS server about what the primary data source is for the zone and how the propagation should look like. After this, we then setup nameserver record (NS). The function of this record is to direct us to the authoritative DNS server for that zone, which happens to be our server. We now have an A record for the zone so that example.com = 192.168.0.14. And then after that we have another A record so that ns.example.com = 192.168.0.14.

If we now restart PowerDNS and use nslookup we can verify if it is working perfectly

sudo service pdns restart
nslookup example.com localhost

If it worked, it shout return the IP address that you mapped to your domain name (in my case it would be 192.168.0.14).

Adding a new record

The DNS server and the basic zone are all setup at this junction, and in order to add another new record we can issue a command line like this to the file.

webserver               IN      A       192.168.0.15

You will be adding two types of record at most times.  As we’ve seen an A record always maps to an IP

Leave a comment

Your email address will not be published. Required fields are marked *