FreeBSD: Install an authoritative DNS server (BIND) (with DNSSEC)
pkg install bind914 Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. The following 13 package(s) will be affected (of 0 checked): New packages to be INSTALLED: bind914: 9.14.3 libxml2: 2.9.9 libidn2: 2.2.0 libunistring: 0.9.10_1 bind-tools: 9.14.3 python36: 3.6.9 readline: 8.0.0 libffi: 3.2.1_3 py36-ply: 3.11 py36-setuptools: 41.0.1 libedit: 3.1.20190324,1 json-c: 0.13.1 lmdb: 0.9.23,1 [...] Message from python36-3.6.9: =========================================================================== Note that some standard Python modules are provided as separate ports as they require additional dependencies. They are available as: py36-gdbm databases/py-gdbm@py36 py36-sqlite3 databases/py-sqlite3@py36 py36-tkinter x11-toolkits/py-tkinter@py36 =========================================================================== Message from bind914-9.14.3: BIND requires configuration of rndc, including a "secret" key. The easiest, and most secure way to configure rndc is to run 'rndc-confgen -a' to generate the proper conf file, with a new random key, and appropriate file permissions. The /usr/local/etc/rc.d/named script will do that for you. If using syslog to log the BIND9 activity, and using a chroot'ed installation, you will need to tell syslog to install a log socket in the BIND9 chroot by running: # sysrc altlog_proglist+=named And then restarting syslogd with: service syslogd restart
Test / Analyzer
MX Toolbox – SuperTool
DNS Checker
Verisign Labs – DNSSEC Analyzer
$ ls /usr/local/etc/namedb namedb -> /var/named/etc/namedb $ ls -la /var/named dev etc usr var $ ls -la /var/named/etc/namedb bind.keys dynamic master named.conf named.root rndc.key slave working $ cat /etc/fstab # Device Mountpoint FStype Options Dump Pass# /dev/ada0p2 / ufs rw 1 1 /dev/ada0p3 none swap sw 0 0 /dev/ada0p4 /var ufs rw 2 2 /dev/ada0p5 /tmp ufs rw 2 2 /dev/ada0p6 /usr ufs rw 2 2 fdesc /dev/fd fdescfs rw 0 0 devfs /var/named/dev devfs rw,ruleset=4 0 0
$ /usr/local/sbin/named -fg -t /var/named -u bind -c /usr/local/etc/namedb/named.conf