FreeBSD 12 & BIND 914

FreeBSD: Install an authoritative DNS server (BIND) (with DNSSEC)

pkg install bind914
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 13 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        bind914: 9.14.3
        libxml2: 2.9.9
        libidn2: 2.2.0
        libunistring: 0.9.10_1
        bind-tools: 9.14.3
        python36: 3.6.9
        readline: 8.0.0
        libffi: 3.2.1_3
        py36-ply: 3.11
        py36-setuptools: 41.0.1
        libedit: 3.1.20190324,1
        json-c: 0.13.1
        lmdb: 0.9.23,1
[...]
Message from python36-3.6.9:

===========================================================================

Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py36-gdbm       databases/py-gdbm@py36
py36-sqlite3    databases/py-sqlite3@py36
py36-tkinter    x11-toolkits/py-tkinter@py36

===========================================================================
Message from bind914-9.14.3:

BIND requires configuration of rndc, including a "secret"
key.  The easiest, and most secure way to configure rndc is
to run 'rndc-confgen -a' to generate the proper conf file,
with a new random key, and appropriate file permissions.

The /usr/local/etc/rc.d/named script will do that for you.

If using syslog to log the BIND9 activity, and using a
chroot'ed installation, you will need to tell syslog to install
a log socket in the BIND9 chroot by running:

  # sysrc altlog_proglist+=named

And then restarting syslogd with: service syslogd restart

Test / Analyzer

MX Toolbox – SuperTool
DNS Checker
Verisign Labs – DNSSEC Analyzer

$ ls /usr/local/etc/namedb
namedb -> /var/named/etc/namedb

$ ls -la /var/named
dev
etc
usr
var

$ ls -la /var/named/etc/namedb
bind.keys
dynamic
master
named.conf
named.root
rndc.key
slave
working

$ cat /etc/fstab
# Device        Mountpoint      FStype    Options           Dump    Pass#
/dev/ada0p2     /               ufs       rw                1       1
/dev/ada0p3     none            swap      sw                0       0
/dev/ada0p4     /var            ufs       rw                2       2
/dev/ada0p5     /tmp            ufs       rw                2       2
/dev/ada0p6     /usr            ufs       rw                2       2
fdesc           /dev/fd         fdescfs   rw                0       0
devfs           /var/named/dev  devfs     rw,ruleset=4      0       0
$ /usr/local/sbin/named -fg -t /var/named -u bind -c /usr/local/etc/namedb/named.conf

Leave a Reply

Your email address will not be published. Required fields are marked *