install
# install packages
sudo apt-get update
sudo apt-get install bind9 bind9utils bind9-doc
# set BIND to IPv4 mode since our private networking uses IPv4 exclusively
# note: the /etc/default/named will be used as env in `named.service`
sed -i 's/OPTIONS="-u bind"/OPTIONS="-u bind -4"/' /etc/default/named
sudo systemctl restart named
# config named
cd /etc/bind
Edit named.conf.options:
acl allowed_clients {
localhost;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-recursion { allowed_clients; };
allow-query { allowed_clients; };
listen-on { localhost; };
allow-transfer { none; };
forwarders {
1.1.1.1;
8.8.8.8;
};
forward only;
querylog yes;
dnssec-validation no;
listen-on-v6 { any; };
version "not available"; // Disable for security
}
Edit named.conf.local:
Forward zone samples
zone "googleapis.com" {
type forward;
forward only;
forwarders {
1.2.3.4;
5.6.7.8;
};
};
You can also add zones with master type to make set its url to private networks: Ref
Check everything is OK and restart named.service:
# check main configs
sudo named-checkconf /etc/bind/named.conf
# check custom zone configs (if there are any)
sudo named-checkzone example.com /etc/bind/db.example.com
# apply changes
sudo systemctl restart named
#or
sudo rndc reconfig
Now, change the /etc/resolv.conf to use bind:
nameserver 127.0.0.1
Bind as server
Debian Docs Digital Ocean Docs