I was unable to find a great resource for installing, configuring and securing a DNS server, so I decided to write one. This article is in a step by step tutorial for BIND9 using Ubuntu Server 11.10.


As root install BIND9:

apt-get install -y bind9 dnsutils


I belive that Apparmor will suffice so I don't run BIND9 in a chrooted directory.

Caching Name Server

By default BIND9 is setup to act as a caching name server, so we may as well configure it. Edit the file /etc/bind/named.conf.options

// Path: /etc/bind/named.conf.options
// Google's public DNS
// Uncomment the below line
forwarders {;;

I've set the above config to pull from Google's Public DNS; however, you can set any DNS you like.

You will have to restart BIND for the settings to take effect

sudo service bind9 restart

Editing Records

Here are some common record types.