Want to set up my own DNS for domain, self-hosted

Discussion in 'Networking & Security' started by cdr_74_premium, Jul 11, 2018 at 11:27 PM.

  1. cdr_74_premium

    cdr_74_premium [H]ard|Gawd

    Messages:
    1,282
    Joined:
    Oct 20, 2010
    Well, 20+ years after I first started playing with computers, I finally achieved my dream. My own little static IP and business internet connection. Not crazy fast or anything, but hey, no blocked ports... I can run my own server! The beauty of the first world =D

    That was after I got a PowerEdge 860 as a gift. I don't give a flying damn if it's old and not impressive at all. It looks like a server, and it is effin' noise like the ones I dreamed about since forever, so the kid in me is raving. I am having fun. My wife is not, but... well... 1) I can't hear a thing she says right now; and 2) kitchen appliances! =)

    After replacing the Pentium D with a Xeon X3220 and max'ing the hell out of the RAM up to staggering 8GBs, I got 2 3TB failing hard drives that a client was tossing out and it's on CentOS 7 with more storage than I could ever hope to use, even though it probably will crap out on me (hopefully not so) soon. SSH, Apache and Nextcloud running, but not really set up properly just yet. I realized that I want to move my domain out of NoSupportLinuxHosting - because why pay 1 dollar a month now that I am being deafened by that beast of a server, eh? - and even though I could use free DNS from the company I buy the domain name from, there's no learning in that. So I wanted to use my own little noisy blade of pure fun as the primary DNS, and the free offer will be the secondary. Trouble is, even though I could find tons of stuff about setting up a caching server, I was not able to find anything that would get me going with that particular stupid idea I have.

    Thus, I would really like to tap the wealth of amazing knowledge only found @ [H], and see if one of the fine folks here are able to steer me into the right direction.

    TL;DR: got server, static IP, want to learn how to set it up as a primary dns for a domain name.
     
    IdiotInCharge likes this.
  2. ChristianVirtual

    ChristianVirtual [H]ard DCOTM Mar 2016,Aug 2017

    Messages:
    2,319
    Joined:
    Feb 23, 2013
  3. Vengance_01

    Vengance_01 [H]ardness Supreme

    Messages:
    5,503
    Joined:
    Dec 23, 2001
    Better get familiar with bind dns... :)
     
    wolfofone and /dev/null like this.
  4. /dev/null

    /dev/null [H]ardForum Junkie

    Messages:
    13,765
    Joined:
    Mar 31, 2001
    I've done DNS for 20'ish years....and including hosting my own. See if your local library has "DNS & BIND" and (completely) understand how DNS works. Then try to setup bind. Ask questions here. I'm happy to help :)
     
    mwarps, Brian_B and wolfofone like this.
  5. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,249
    Joined:
    Oct 4, 2007
    Awesome post, OP - and I love your enthusiasm. You will go far in the industry with that attitude.

    Can you do us all a favor and maybe more clearly define what exactly you are looking to do? Going into this with a bunch of excitement and visions is great, but unless you establish some actual goals you are just going to be toying with stuff and not really achieving anything worthwhile. Take it from me who's messed with labs quite a bit in my career.

    • Who will be using this DNS server?
    • How are you going to be protecting it?
    • What other data will be on this server?
    • Do you have customers that rely on this server?
    • Will this just be strictly a public facing domain, or are you looking to setup an internal domain that is also publicly resolvable?
    Lots of experienced folks in this forum that should be able to help you in many ways.
     
  6. Vengance_01

    Vengance_01 [H]ardness Supreme

    Messages:
    5,503
    Joined:
    Dec 23, 2001
    So I think his post is a bit mis misleading. I believe he wants to host is own public records and be authoritative over his domain records. So if and when you do an ns lookup on any record in his domain it will use his own dns server. That's what I am gathering. I don't think he wants to be another 8.8.8.8 for other ppl to use. OP can you correct me on this?
     
    Cmustang87 likes this.
  7. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,249
    Joined:
    Oct 4, 2007
    Yea, I don't think his intent is to setup a recursive DNS service. I think we are owed a couple answers to some questions here in order to help a bit further. Do you have any questions to add to my list, Vengance_01 ?
     
  8. Ehren8879

    Ehren8879 Little Bitch 3

    Messages:
    4,259
    Joined:
    Sep 24, 2004
    install the epel

    then:

    yum install nsd
     
  9. Mega6

    Mega6 Gawd

    Messages:
    681
    Joined:
    Aug 13, 2017
    If you want to learn, and it appears you do - go hardcore with bind. I set up my own dns with bind years ago and it was way overkill but that wasn't the point. It was a great learning experience.
     
  10. cdr_74_premium

    cdr_74_premium [H]ard|Gawd

    Messages:
    1,282
    Joined:
    Oct 20, 2010
    I did not want to talk too much before making sure people wanted to talk about it, heh. So let's see if I can make it clear.

    Hah, you know me too well! I tend to do that, yes. But with this one I do want to learn stuff to use later on the field - especially now that I am finally working with IT again. Still, I don't think I'll ever hear that enough, because I am a mess and can't do anything for more than 10 minutes if I am not having fun. Thank you for the heads up.

    I will answer without quoting you, with a lenghty explanation to (try to) make sure all is clear. Skip to the questions if that's what you really want.
    At the beginning, it was just a domain name for e-mail, maybe a project or two that ended up never getting off the ground. NoSupportLinuxHosting. Still, e-mails would always end up in other people's junk mail box. So I left the DNS and www part there and got Zoho for e-mail.

    I have been looking for a network storage solution for a while. Not for me, as I barely have any files, but for my wife. She is not an IT head or anything, just want to do stuff on her devices. That means she was maxed out her free Dropbox/OneDrive real quick, and she - as I - did not get along with Google Drive. Life was all over the place recently, so even though I was nowhere near IT and with no hope of ever getting back on it, we did not have money to pay for cloud storage anyway. So I basically attached a external 1TB drive to my TP-Link Router running OpenWRT, set up a network share, and that was it. It sucked hardcore, because it was SLOW.

    Fast forward a few years, I got the IT job and I am moving first. She will catch me up later, and the TP-Link stays there with her. I start my work and borrow a very basic D-Link router as a bandaid for our new house until she arrives with the TP-Link. Shortly after, I get the 'screamer' (heh, the PowerEdge 860) as a gift. My wife would not let me use that thing if she were already here: I only managed to do so because it was already running when she arrived, thus I could not hear her complaining. I had to seize the opportunity. And I did. =)

    I experimented with Ubuntu server 18.04 and CentOS. Maybe because I can only cook instant noodles and frozen chicken nuggets, I couldn't wrap my head around the damn Netplan thing. So CentOS was it.

    My plan was to use it just like the good old TP-Link WDR4300 was being used, and free'ing it to be a switch+AP only, hoping that this setup would deliver faster network data transfer speeds. So, at this point, I had the screamer running with CentOS 7 + BIND as recursive DNS + DHCP. Samba installed, nut waiting my wife to arrive with the TP-Link+External HD to move the data and set it up properly.

    Not too long after that, I discover my new ISP offers cheap static IPs. And I stumble upon Nextcloud. And my mother back in my home country just let me know that she lost 20+ years of work because of a failing hard disk - yes, I was her IT support, but it's been two years since I came up north and I was eating a lot of excrement around here, so I guess she didn't want to add to that. Then a client of the company I now work for wants to scrap three 3TB disks in... Caution!....shape. But working still, two of them sounding just fine.

    Again, I figure that if I set up the Nextcloud thing with the static IP, she can at least back her stuff up here, where I can hook it up to an external disk and deploy it to the moon or whatever if I so desire. And my wife can store her stuff and access it on all her devices. And the company I work for is all about the cloud, and that's nice, but I come from a place in which it's not as easy to trust this kind of thing as it is here, mainly because the economy is so unstable... and my mother is still there, and just lost decades of data. I guess it's time to play, and learn!

    In the end, I managed to set up Nextcloud. I am in the process of testing it with my wife, and as soon as it works ok-ish my mother will join the fun. And I realized that I could just assign an address using my domain name to my new static IP... or better yet, use my server to manage the domain name so it can point it to itself... or hey, why not!... yes, I know, I just went off the rails again.

    By reading the replies here, it seems that I may be better off learning a lot about it before even trying, and my priority deploying nextcloud. Still, I don't want to pay 1 buck a month anymore for DNS, especially now that I found out that NameCheap - where I got my domain from - offers it for free. My plan is to just use their service and, per your guys advice, make my own server the primary after I learn the hoops of it. However, as it seem to be a really complex topic, I was hoping to get a big bulky book and just diving into it. I'll look after the suggestions you guys already gave here, but if anyone has anything else to share, please do so!

    • Who will be using this DNS server?
    Right now it is a recursive for me and my wife. I want it to stay doing that on our internal network, plus being an authoritative server for my domain.
    • How are you going to be protecting it?
    I did the whole basic firewall + SELinux thing, but that's something I do intend to learn as well.
    • What other data will be on this server?
    Books, music, videos, my mom's work stuff. The only thing I would rather not lose if my mom's stuff - I have plenty of HDs here to make backups of everything she puts there, and paying for cloud storage is easy for me as I can get it through the company I work for. So she can park everything here and I'll take care of it somewhere else. On the other hand, even though it wouldn't be nice, it wouldn't be the end of the world if someone broke into the server and stole all her data, for example.

    That's all to say that it's not that much of a deal if the server blows up or something, as making sure everything is properly backed up is one of the things that I want to learn and will strive to do. And that is a hell of a lot more than my mother have right now, same for my wife, whose notebook's HD died without warning at all a few months ago.
    • Do you have customers that rely on this server?
    It's basically family. I want to work hard and make sure it's as professional as possible, because I do want to learn this to use in the workplace, but this is a lab-ish setting so to say. I would say it's the perfect lab setting: things can go wrong, but it's nice if they don't, so much that I will not slack on making sure they do work well.
    • Will this just be strictly a public facing domain, or are you looking to setup an internal domain that is also publicly resolvable?
    Now that's where I am a rookie. But let me see:

    I have one public IP, which is the screamer. I may use various names to get there (VirtualHost or whatever it's called), but right now it just have one A record for it. After that noisy guardian, what I have inside my house are a few android cellphones, my notebook, my wife's notebook, my netbook, a few hundred thousand old machines for random projects (not really, but yes, a few), a Brother printer/scanner, and that's it. I don't see any use for anything fancy past the server, at least for now. So I guess I don't need an internal domain that's also publicly resolvable. Or not. =D

    I love you guys!

    You should. We all should. Life is short and old hardware is plenty, first world internet rocks: indulge, my friend!

    That's exactly it. As I said, it behaves like 8.8.8.8 for my internal network right now, and if it keeps doing so that would be great. But that's it for being a 8.8.8.8.
     
    Last edited: Jul 13, 2018 at 10:50 PM
  11. Brian_B

    Brian_B [H]ard|Gawd

    Messages:
    1,393
    Joined:
    Mar 23, 2012
    bind is the way to go. I used to do a good deal of it a while back, and still do for one of our domains. It isn't terribly complicated to start, just takes some perseverance, trial and error, and googling.
     
  12. Mega6

    Mega6 Gawd

    Messages:
    681
    Joined:
    Aug 13, 2017