Personal Caching Domain Name Server with BIND9 on Windows Vista

posted in: Networking, Technical | 0

BIND9 is a popular domain server application in *nix platform. It serves an important roles in providing an open source DNS application for the Internet and local area network (LAN).
This how-to will explains how to install a Win32 BIND9 version that can be used as a personal caching DNS server in Windows Vista.

Step 1: Download BIND9 binary application for Win32 from Internet System Consortium website.

Step 2: Unzip the downloaded file to a folder (i.e., c:\bind9) and run the installer file named “BINDInstall.exe”. This will install Bind9 to the destination folder at \Windows\System32\dns\bin\.

BIND9 Installer window















Step 3: During the installation process, the installer will ask for a “Service Account Password”, select “automatic startup” then click install. Exit the installer when finished.

Step 4: Open the Command Prompt as Administrator / Run as Administrator and type the following commands :
cd c:\windows\System32\dns\bin (press enter)
wrote key file “C:\Windows\system32\dns\etc\rndc.key”

rndc-confgen -a (press enter)

Step 5: Close the command Prompt

Now there should be six files existed in the folder c:\windows\system32\dns\etc as shown in the picture below, except session.key file.

Six existing BIND9 files


Note that The file “rndc.key” file has been created at step 4.

Step 6: Open Notepad (Run as Administrator) and copy and paste the following:

options {directory "c:\windows\system32\dns\etc";
pid-file none;
version "not currently available";
listen-on {;;; };

controls {
inet allow { localhost; } keys { rndc_key; };

key "rndc_key" {
algorithm hmac-md5;
secret "o690RparSJLi5da4mjPB/Q==";

zone "." IN {
type hint;
file "root.hints";

zone "localhost" IN {
type master;
file "zone.localhost";

allow-update { none; };

zone "" IN {
type master;
file "revp.127.0.0";
allow-update { none; };

include "filter.conf";

Note that before saving this file it is need to change the key string secret “o690RparSJLi5da4mjPB/Q==” to the same key string found in the file rndc.key. The key in your rndc.key file will be different to the one shown here. To get the key, open rndc.key file using Notepad and copy & paste the corresponding secret key into named.conf.

Also, it is needed to change the line listen-on {;;; }; with the corresponding IP address(es) that match the network where the caching DNS will be used.

Save the file as named.conf (Note: Run Notepad as Administrator to have rights to write or save at c:\Windows\System32\dns\etc\)

Step 7: Create a new file using Notepad and copy & paste the following root hints information into the file.

; <<>> DiG 9.3.2 <<>> NS .
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1378
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 15

;.                IN    NS

.            518400    IN    NS    A.ROOT-SERVERS.NET.
.            518400    IN    NS    I.ROOT-SERVERS.NET.
.            518400    IN    NS    C.ROOT-SERVERS.NET.
.            518400    IN    NS    H.ROOT-SERVERS.NET.
.            518400    IN    NS    M.ROOT-SERVERS.NET.
.            518400    IN    NS    E.ROOT-SERVERS.NET.
.            518400    IN    NS    K.ROOT-SERVERS.NET.
.            518400    IN    NS    L.ROOT-SERVERS.NET.
.            518400    IN    NS    B.ROOT-SERVERS.NET.
.            518400    IN    NS    J.ROOT-SERVERS.NET.
.            518400    IN    NS    D.ROOT-SERVERS.NET.
.            518400    IN    NS    G.ROOT-SERVERS.NET.
.            518400    IN    NS    F.ROOT-SERVERS.NET.

A.ROOT-SERVERS.NET.    3600000    IN    A
B.ROOT-SERVERS.NET.    3600000    IN    A
C.ROOT-SERVERS.NET.    3600000    IN    A
D.ROOT-SERVERS.NET.    3600000    IN    A
E.ROOT-SERVERS.NET.    3600000    IN    A
F.ROOT-SERVERS.NET.    3600000    IN    A
G.ROOT-SERVERS.NET.    3600000    IN    A
H.ROOT-SERVERS.NET.    3600000    IN    A
I.ROOT-SERVERS.NET.    3600000    IN    A
J.ROOT-SERVERS.NET.    3600000    IN    A
K.ROOT-SERVERS.NET.    3600000    IN    A
L.ROOT-SERVERS.NET.    3600000    IN    A
M.ROOT-SERVERS.NET.    3600000    IN    A

When done, save the file as root.hints at C:\Windows\System32\dns\etc\.

Step 8: Create a new file using Notepad and copy & paste the following zone localhost information into the file.

; loopback/localhost zone file
$ORIGIN localhost.
@              IN  SOA   @  root (
1   ; Serial
8H  ; Refresh
15M ; Retry
1W  ; Expire
1D) ; Minimum TTL
IN   NS   @
IN   A

When done, save the file as zone.localhost at C:\Windows\System32\dns\etc\.

Step 9: Create a new file using Notepad and copy & paste the following information into the file.

; reverse pointers for localhost
@    IN   SOA  localhost. root.localhost. (
1    ; serial
8H   ; refresh
15M  ; retry
1W   ; expire
1D ) ; minimum
IN   NS   localhost.
1    IN   PTR  localhost.

When done, save the file as revp.127.0.0 at C:\Windows\System32\dns\etc\.

Step 10: Create a new file using Notepad and leave it empty (a blank file). Save the file as filter.conf at C:\Windows\System32\dns\etc\. It is an empty file and It will be filled with filter information if Bind9 is to be used to block adverts.

Step 11: Starting BIND9. In order to start the new BIND9, Open a Command Prompt (Run as Administrator) and type the following:

services.msc (press enter)

This will open Windows Services list as shown below.

Windows Services List


Scroll to find ISC BIND service line (as shown in the picture above), then right-click to open Properties dialog box for ISC BIND.

ISC BIND Service Properties












Set the option Startup type to Automatic and click Start button to start ISC BIND for the first time. If there are no errors, BIND9 will be started and the Service status will changed from Stopped to Started.

If there is an Windows error message saying: Windows could not start the ISC BIND on Local Computer. Error 1067: The process terminated unexpectedly. Then check Log On Properties for ISC BIND. Click on the Log On tab in the Properties window and check that log-on setting matched the one shown below.

ISC BIND Log On setting












Click OK to close the Properties window and try to restart ISC BIND via Services window again. When done, BIND9 is now running in local computer ( and ready to be used.

To test or use BIND9 as a personal DNS Caching server at the computer in which it is installed, put as Preferred DNS server in the network setting of the computer.

Reference page: