Managing DNS Zones with BIND9

By Admin · Feb 25, 2026 · Updated Apr 24, 2026 · 29 views · 1 min read

Introduction

BIND9 is the most widely used DNS server software. Running your own authoritative DNS server gives you full control over your domain's DNS records with no propagation delays from third-party providers.

Installation

sudo apt update
sudo apt install -y bind9 bind9utils

Creating a Forward Zone

Add the zone to /etc/bind/named.conf.local:

zone "example.com" {
    type master;
    file "/etc/bind/zones/db.example.com";
    allow-transfer { 198.51.100.20; };  // Secondary DNS
};

Create the zone file /etc/bind/zones/db.example.com:

$TTL    3600
@       IN  SOA     ns1.example.com. admin.example.com. (
            2026022501  ; Serial (YYYYMMDDNN)
            3600        ; Refresh
            900         ; Retry
            604800      ; Expire
            86400 )     ; Minimum TTL

@       IN  NS      ns1.example.com.
@       IN  NS      ns2.example.com.
@       IN  A       198.51.100.10
www     IN  CNAME   @
mail    IN  A       198.51.100.10
@       IN  MX  10  mail.example.com.

Testing

# Check syntax
sudo named-checkconf
sudo named-checkzone example.com /etc/bind/zones/db.example.com

# Restart and test
sudo systemctl restart bind9
dig @localhost example.com

Important Notes

Always increment the serial number when making changes
Set up a secondary (slave) DNS server for redundancy
Use allow-transfer to restrict zone transfers