I’m exploring using PowerDNS to replace a good chunk of my DNS infrastructure. Don’t get me wrong; I like Bind. I’m looking for something database driven that is easier to integrate with monitoring and IPAM systems. The first test is to play around with the most basic of services, DNS recursor.
Let’s get started installing PowerDNS Recursor on Ubuntu 20.04.
Create the file ‘/etc/apt/sources.list.d/pdns.list’ with this content:
Caution:
This will install the latest bleeding edge version of PowerDNS visit the PowerDNS Repo for a more stable branch or install from your distro repos_). Skip below to the install section if you don’t want to install this repo.
1
deb [arch=amd64] http://repo.powerdns.com/ubuntu focal-rec-master main
And this to ‘/etc/apt/preferences.d/pdns’:
1
2
3
Package: pdns-*
Pin: origin repo.powerdns.com
Pin-Priority: 600
and execute the following command:
1
curl https://repo.powerdns.com/CBC8B383-pub.asc | sudo apt-key add - &&
Run these commands to install PowerDNS
1
2
3
sudo apt-get update &&
sudo apt-get install pdns-recursor
Edit the config file:
1
sudo vi /etc/powerdns/recursor.conf
Add or change these lines (check that you want to enable validate before you set this option):
1
2
3
4
5
6
7
allow-from=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16
dnssec=validate
dont-query=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32
local-address=10.0.0.2
Restart the process:
1
systemctl restart pdns-recursor
I also recommend you secure the operating system and enable a firewall. That’s all there is to it.
Comments powered by Disqus.