Bootstrap FreeKB - Bind Named DNS - Install Bind DNS server on Docker
Bind Named DNS - Install Bind DNS server on Docker

Updated:   |  Bind Named DNS articles

A Docker image contains the code used to create a Docker container, such as creating a Nginx web server, or a mySQL server, or a home grown app, and the list goes on. In this way, an image is like a template used to create a container. An image is kind of like a virtual machine, but much more light weight, using significantly less storage a memory (containers are usually megabytes in size).

 

The docker pull command can be used to pull down the latest BInd DNS server image.

~]# docker pull sameersbn/bind
Using default tag: latest
latest: Pulling from sameersbn/bind
0c0db0fec9f4: Pull complete
Digest: sha256:d115ce58bf4666666ad1d328ba49c291085452b5cacb910f087ee12e37d76ca7
Status: Downloaded newer image for sameersbn/bind:latest
docker.io/sameersbn/bind:latest

 

Or you could create Dockerfile so that the Dockerfile contains something like this.

FROM bind:latest

 

Then use the docker build command to create the image, running this command in the same directory as the Dockerfile.

docker build . --tag bind:latest

 

The docker images command can be used to display the Bind DNS Server image.

~]# docker images
REPOSITORY          TAG       IMAGE ID       CREATED         SIZE
sameersbn/bind      latest    55516ab380dc   15 months ago   343MB

 

Use the ip address command to list the IP addresses of the Docker system, and make note of the non-Docker interface IP address. In this example, IP address 192.168.0.15 of the ens192 interface would be used.

~]# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:ad:31:5d brd ff:ff:ff:ff:ff:ff
    altname enp11s0
    inet 192.168.0.15/24 brd 192.168.0.255 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ee:d0:56:8e brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:eeff:fed0:568e/64 scope link
       valid_lft forever preferred_lft forever

 

The following command can then be used to create and start the Bind DNS server container. Let's break down this command.

  • The docker run command is used to create and start the container.
  • The --detach flag is used to run the container in the background.
  • The --volume option is used to mount the /usr/local/docker/bind directory on the Docker server to the /data/bind directory in the Docker container.
  • The --name option is used to name the container bind.
  • The --publish option is used to configure the container to listen on port 53, for both UDP and TCP, using the IP address you got from the output of the ip address command (see above), which adds a rule to iptables to allow connections between the Docker system and container on port 53.
  • The --restart unless-stopped option is used so that the container is started if the Docker server is restarted
  • The --env WEBMIN_ENABLED=false option disable the web browser admin console or the --env WEBADMIN_ENABLED=true, --env ROOT_PASSWORD=itsasecret and --publish 10000:10000 can be used to setup the WebAdmin console, which would be accessible at https://<docker system hostname>:10000.
  • The sameersbn/bind image is used.
docker run 
--detach
--volume /usr/local/docker/bind:/data/bind
--publish <ip address>:53:53/tcp
--publish <ip address>:53:53/udp
--name bind
--restart unless-stopped
--env WEBMIN_ENABLED=false
sameersbn/bind

 

If you want to disable IPv6, use the -4 option when starting the container.

docker run 
--detach
--volume /usr/local/docker/bind:/data/bind
--publish <ip address>:53:53/tcp
--publish <ip address>:53:53/udp
--name bind
--restart unless-stopped
--env WEBMIN_ENABLED=false
sameersbn/bind -4

You can now configure Bind as an internal cache-only DNS server.




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


June 21 2023 by Jibun no Kage
So... this example is ONLY to create a DNS cache server? HOW ABOUT SAYING THAT CLEARLY IN THE TITLE? What a waste of time, it was to read your article and MISLEADING. You are NOT creating a DNS server but a DNS Cache Server. That is a complete DIFFERENT animal.

Add a Comment


Please enter 63ebe1 in the box below so that we can be sure you are a human.