Very recently I decided to change all of my internal hostnames to a new naming scheme. Over the past few years I’ve been maintaining a hostsfile which when edited was then copied to all my machines. While this technically works, it’s a pain and doesn’t really feel like an elegant solution.
I’ve had a Raspberry Pi for a while now and despite having played around with it I hadn’t really used it for anything productive.
As I was changing all of my machines hostnames I thought this might be a good time to set up a DNS server for my Homelab/internal machines.
I didn’t need anything demanding from a DNS server and I wasn’t after anything with high performance. Just something to help me keep track of my machines and virtual machines, or at least the ones with static IP addresses.
Enter the Raspberry Pi. I had an 8GB SD card for it which should be plenty and depending on how the performance turned out I could add other services to it such as DHCP.
First things first, an operating system. I use Archlinux on my Desktop, my Laptop and my Microserver so why not on the Pi? Archlinux ARM seemed like a good choice and as I’m used to Archlinux I decided to go with it over alternatives such as Raspbian.
I downloaded and flashed the Archlinux Arm image to the SD card using the instructions on the Archlinux ARM page.
Once it had booted up, which it did suprisingly quickly, I configured it as I normally do a new Archlinux install and ran updates.
At this point I had to decide what DNS Server Software to use. After considering BIND (which I’ve used before) and Dnsmasq I eventually settled on Unbound.
To get started I followed the instructions from the Archlinux Wiki which gave me a starting point. From there I read through a post on calomel.org which was very useful in understanding all the options available.
Currently I’m using a very simple configuration although I do plan on adding to it.
Here’s my configuration (some information redacted):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 server: username: "unbound" directory: "/etc/unbound" root-hints: "/etc/unbound/root.hints" interface: 0.0.0.0 use-syslog: yes verbosity: 1 access-control: 127.0.0.0/8 allow access-control: 192.168.1.0/24 allow private-domain: "fully.qualified.domain" include: /etc/unbound/forward.conf include: /etc/unbound/reverse.conf remote-control: control-enable: no forward-zone: name: "." forward-addr: 220.127.116.11 forward-addr: 18.104.22.168
My forward.conf and reverse.conf are as follows:
1 2 3 4 local-zone: "fully.qualified.domain." static local-data: "hostname.fully.qualified.domain. IN A 192.168.1.10" local-data: "hostname2.fully.qualified.domain. IN A 192.168.1.15"
1 2 local-data-ptr: "192.168.1.10 hostname.fully.qualified.domain" local-data-ptr: "192.168.1.15 hostname2.fully.qualified.domain"
Pay special attention to spacing and “.”’s or you will almost certainly run into issues.
It is recommended that you update your root hints periodically or at the bare minimum set a cron job to do it.
To test your configuration I recommend using “drill” as explained in the Archlinux Wiki.
You can also resolve hostnames without a FQDN by adding a search domain to
/etc/resolv.conf (in *NIX) although, unless you have statically set your DNS settings this might be overwritten.