Set up Caching Nameserver on Windows using BIND

I think most of you who are running Linux as the operating system already know that you can set up a caching nameserver on your home computer in order to speed up dns queries. But what if you’re on Windows and want to achieve the same thing (cache dns request)? Well thanks to BIND port for Windows, now you can also set up your own DNS Server on Windows easily (although in my case because my ISP DNS Server often down and running CentOS inside Virtual Machine just for this purpose isn’t all that useful considering there’s already a port of BIND / Named for Windows).

And to make things short, let’s get straight to the point ;)

1. First you’ll need to grab Bind from the ISC homepage (grab the Windows version of course), and at the time i wrote this, the latest Bind / Named version is 9.5.0–P1

2. When you’ve finished downloading BIND, now just you need to extract it somewhere on your harddrive and then followed by running BINDInstall.exe to install BIND. But first as a note, in this example i choose to Install BIND into C:\BIND

3. After the installation process finished, you’ll need to set up an environment variable path first to make it easier for you to call various BIND tools from any directory inside the command prompt. To do this you just need to go into Control Panel -> System -> Advanced -> Environment Variable. And then add / edit PATH to your BIND\bin directory … and based from this example the BIND\bin directory would be C:\BIND\bin

4. Now you need to create two folders / directories inside your BIND directory, let’s called it log (the end result would be C:\BIND\log) and zone (C:\BIND\zone)

5. Now to set up caching nameserver on windows using bind (so you can start the BIND service), you need to create a filename inside the etc directory under BIND directory called named.conf and then write these lines into the named.conf

options { directory "c:\bind\zone"; allow-query { localhost; }; forwarders { XXXXXX; XXXXXX; }; forward only; query-source address * port 53; }; logging { channel queries_log { file "c:\bind\log\queries.log"; print-severity yes; print-time yes; }; category queries { queries_log ; }; }; zone "localhost." IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa." IN { type master; file "localhost.rev"; allow-update { none; }; }; include "c:\bind\etc\rndc.key";

Note: Change XXXX into your ISP DNS Server, and also i put a logging for every request made but you can always turned off the logging feature if you want

6. Now you need to create two files inside the zone directory (C:\Bind\Zone) called localhost.zone, and localhost.rev and then write these lines:

localhost.zone

$TTL 86400 @ IN SOA @ root ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS @ IN A 127.0.0.1 IN AAAA ::1

localhost.rev

$TTL 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost.

7. Now you need to open the command prompt and type:

cd C:\BIND\bin rndc-confgen -a

8. Now go into windows directory -> system32 -> drivers -> etc … and create a filename called resolv.conf and write this line into resolv.conf

nameserver 127.0.0.1

9. Now we need to start the BIND service first. To do this you just need to type services.msc from the RUN Command or you can also get into Windows services from Control Panel -> Administrative Tools -> Services … and then start the ISC BIND service

10. Since everything has been configured, the last step would be testing it of course, to do this you just need to go into the command prompt and type:

dig reaper-x.com

At the first time you’ll see something like this (note: result may vary)

Query time: 453 msec

Now type (again)

dig reaper-x.com

and if you get (or at least the query time gets reduced)

Query time: 0 msec

11. Finally you just need to change the preferred DNS Server in your connection into 127.0.0.1 and you’re done

That means you’ve configured your caching nameserver using BIND on windows to cache dns request, congrats :)

But wait, what if you want to flush your dns cache? .. in order to flush your dns cache, all you have to do is just execute this command in the command prompt

rndc flush

Well basically that’s all about it :)

BrollyLSSJ said Aug 6, 2009 at 4:42 am

Thank you for this great Tutorial. It works like a charm. the first “dig.exe Reaper-x.com” took about 2000 Seconds, but the second try took 64ms.

Link to this comment Reply to this comment
Bryce said May 12, 2009 at 8:05 pm

This is definitely one of the best articles on getting Bind up and running on windows.

One question I have is this:

How can one set up DNS on one’s development computer such that

– multiple Apache web server instances can be accomodated, each listening on different ports
– custome TLD’s can be created for use within the the computer (ex. “.foo”)

For example, I am running Bind 9 on my MS Windows XP Pro development laptop. I have two instances of Apache running, an instance of Tomcat, and SSL on port 443 which maps to one of the apache doc roots.

CURRENT SETUP
=============

IP ADDRESS SERVER INSTANCE DOMAIN NAME DOCUMENT ROOT FOLDER
———- ————— ———– ——————–
127.0.0.1:80 Apache 2.0.0.59 http://bluenote/ c:\http\www1

127.0.0.1:8888 Apache 2.2.11 http://bluenote:8888/ c:\http\www2
127.0.0.1:443 Apache 2.2.11 (SSL) https://bluenote/ c:\http\www2

127.0.0.1:8080 Apache Tomcat http://bluenote:8080/ c:\http\www3

Right now, I have to browse each site by using the “bluentoe” domain and appending a port number. I’d like to create different domains and sub domains mapped to each ip/port to facilitate development, especially with SSL certificates. I cannot simply modify the “hosts” file because the hosts file does not support IP addresses with a port number appended to them. For example, I CANNOT do the following with the windows hosts file:

127.0.0.1 bluenote.foo
127.0.0.1:8888 secure.bluenote.foo # (http) only
127.0.0.1:443 secure.bluenote.foo # (https)
127.0.0.1:8080 otherdomain.foo

You can probably see what I’m trying to do. I want to create a made-up top level domain for use only on my development computer. Specifically, I want to do some testing with SSL certificates. Different internal domain names need to map to different instances of multiple webservers which listen on different ports.

Anyone have any ideas? I am at my wits end trying to figure this out so any help is GREATLY appreciated!

Thanks in advance,

Bryce

Link to this comment Reply to this comment
Terry Mohn said Feb 14, 2009 at 1:12 am

Using windows 2000 pro. and get error when named
attempts to start. error= “.\socket.:633: INSIST(err==0)failed, followed by error= exiting (due to assertion failure)

I found another post with the same problem but no solutions suggested. Any help appreciated.

P.S. I downloaded version 9.6 from isc site.

Link to this comment Reply to this comment
Reaper-X said Nov 28, 2008 at 9:46 am

can you try running the dig tools supplied with BIND? or are you sure that bind already running in the background?

i just tried nslookup and dig, and it works fine

nslookup http://www.yahoo.com

Server: localhost
Address: 127.0.0.1

Non-authoritative answer:
Name: www-real.wa1.b.yahoo.com
Address: 209.131.36.158
Aliases: http://www.yahoo.com, http://www.wa1.b.yahoo.com

dig http://www.yahoo.com

; < <>> DiG 9.5.0-P1 < <>> http://www.yahoo.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 1303
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.yahoo.com. IN A

;; ANSWER SECTION:
http://www.yahoo.com. 273 IN CNAME http://www.wa1.b.yahoo.com.
http://www.wa1.b.yahoo.com. 38 IN CNAME www-real.wa1.b.yahoo.com.
www-real.wa1.b.yahoo.com. 37 IN A 209.131.36.158

;; AUTHORITY SECTION:
wa1.b.yahoo.com. 97 IN NS yf2.yahoo.com.
wa1.b.yahoo.com. 97 IN NS yf1.yahoo.com.

;; ADDITIONAL SECTION:
yf1.yahoo.com. 1274 IN A 68.142.254.15
yf2.yahoo.com. 1757 IN A 68.180.130.15

;; Query time: 15 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Nov 28 09:45:16 2008
;; MSG SIZE rcvd: 162

Link to this comment Reply to this comment
Teddie Ruxpin said Nov 27, 2008 at 7:00 pm

I followed your instructions but when I do an nslookup I get the following errors:

C:\>nslookup
*** Can’t find server name for address 127.0.0.1: Server failed
Default Server: resolver1.opendns.com
Address: 208.67.222.222

>

Any ideas how to fix this?

Link to this comment Reply to this comment
Reaper-X said Oct 10, 2008 at 8:03 am

Gamach, i just search the net for your problem and found this page

Based from that page, i’m guessing that you’re experiencing the same problem like on that page too (although it’s for sql server)

So try to check the ISC Bind service logon to use the username created specifically for Bind (the installation process ask you this) and don’t forget to use the same password when creating the BIND service

Link to this comment Reply to this comment
Gamach said Sep 16, 2008 at 2:40 pm

Hi Reaper,
i got a problem at step 9; trying to start the isp bind service … when i click START a error 1069 pop’up “the fail of openning a session fail the start of this service” … ty to debug me :P

Link to this comment Reply to this comment
Billy said Sep 5, 2008 at 5:41 pm

Reaper-X

Thank you. I am facing the problem to host the webpage with my own computer. I would try to set it up according to your great guidelines.

Try my best now.

Link to this comment Reply to this comment
Reaper-X said Jul 16, 2008 at 10:01 am

Your welcome Jack glad you like it :)

Link to this comment Reply to this comment
Jack Long said Jul 15, 2008 at 9:44 pm

Hello,

Thank you so much for this tutorial.. I was searching for a way to make a caching server on windows for a long time.

Link to this comment Reply to this comment