A Complete Guide to Install PowerDNS on Ubuntu Server 22.04
PowerDNS Authoritative is a DNS server software and alternative to BIND for Unix and Linux operating systems, including Ubuntu. It supports multiple database backends such as MySQL/MariaDB and PostgreSQL, DNSSEC, and provides load balancing and caching via DNSDist.
I also cover the PowerDNS for FreeBSD users, check this out: A Complete Guide to Install PowerDNS on FreeBSD 14.
In this tutorial, we’ll guide you through the installation process of PowerDNS on Ubuntu 22.04 step-by-step.
Prerequisite
Before we begin, it’s important to ensure that you have the following:
- A Linux server running Ubuntu 22.04.
See more: 15 Steps to Install Ubuntu Server 22.04 LTS - A non-root user with sudo/root privileges.
- A MariaDB server is installed.
See more: Step-by-Step Guide: Installing MariaDB on Ubuntu 22.04 - A domain name is pointed to a server IP address.
In addition, you might also consider setting up glue records on your domain name registrar if you’re interested in hosting your own authoritative servers.
Step 1 – Preparing the Ubuntu Server
Before installing PowerDNS on the Ubuntu server, you must complete the following tasks:
- Disable
systemd-resolved
service: It is a service that provides name resolution for applications and it’s running on default port53
. You must disable thesystemd-resolved
to allow the PowerDNS to run on default DNS port53
. - Setting up DNS Resolver: With the
systemd-resolved
disabled, you must make a change on the DNS resolver configuration by using the static/etc/resolv.conf
file. Instead of usingsystemd-resolved
for managing the DNS resolver, you can define the DNS resolver on your own, such as by using Google or CloudFlare public DNS. - Setting up FQDN: To set up a DNS server, you must have the proper FQDN (Fully Qualified Domain Name), which combination of the server hostname, the domain name, and the server IP address.
Disable systemd-resolved Service
1. First, run the following command to disable the systemd-resolved
service.
sudo systemctl disable --now systemd-resolved
2. Now, verify the status of the systemd-resolved
service to ensure that the service is stopped and disabled.
sudo systemctl status systemd-resolved
If stopped, you should expect to see an output such as Active: inactive (dead)
.
Setting up DNS Resolver
1. Now, run the following command to remove the symlink file of /etc/resolv.conf
. Then, create a new /etc/resolv.conf
file with the Google DNS resolver 8.8.8.8
.
# remove symlink file /etc/resolv.conf
sudo unlink /etc/resolv.conf
# create a new file /etc/resolv.conf with content
# nameserver 8.8.8.8
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf
2. Run the ping
command below to ensure that the Google DNS resolver is working.
ping ubuntu.com -c3
If successful, you should receive ICMP replies from the server ubuntu.com
like this:
Setting up FQDN for Ubuntu Server
1. Run the following command to set the FQDN of your server. In this demo, the FQDN of the server would be ns1.mydomain.dev
.
sudo hostnamectl set-hostname ns1.mydomain.dev
2. Now. open the /etc/hosts
file using vim
.
sudo vim /etc/hosts
Insert the following lines and be sure to change the server IP address, FQDN, and hostname.
192.168.5.10 ns1.mydomain.dev ns1
Save and close the file.
3. Next, run the following command to check the FQDN of the server. If successful, you should get the output such as ns1.mydomain.dev
.
sudo hostname -f
Step 2 – Installing PowerDNS Authoritative on Ubuntu
After preparing the server, we’ll move on to the installation of the PowerDNS Authoritative Server via the official PowerDNS repository.
Without delay, let’s dive in.
1. First, open the official PowerDNS repository manager and select the PowerDNS version for your installation. In this example, we’ll install PowerDNS Authoritative 4.7.
2. Add the GPG key of the PowerDNS repository using the following command.
curl https://repo.powerdns.com/FD380FBB-pub.asc | gpg --dearmor \
| sudo tee /usr/share/keyrings/pdns.gpg >/dev/null
3. Then, add the PowerDNS repository version 4.7 using the following command.
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/pdns.gpg] \
http://repo.powerdns.com/ubuntu jammy-auth-47 main" \
| sudo tee /etc/apt/sources.list.d/pdns.list
4. Now, run the following command to enable the pinning repository for the PowerDNS package. With this, PowerDNS packages from the PowerDNS repository will be prioritized over the distribution repository.
echo -e "Package: pdns-*\nPin: origin repo.powerdns.com\nPin-Priority: 600\n" \
| sudo tee /etc/apt/preferences.d/pdns
5. Next, run the following command to refresh your package index and apply the new PowerDNS repository.
sudo apt update
6. Now, install the PowerDNS server and PowerDNS backend MySQL to your Ubuntu machine using the apt install
command below.
sudo apt install pdns-server pdns-backend-mysql
Input y
when prompted, then press ENTER.
7. Once installed, run the following systemctl
command to ensure that the PowerDNS service pdns
is running and enabled.
# checking if pdns service is enabled
sudo systemctl is-enabled pdns
# checking if pdns service is running
sudo systemctl status pdns
When successful, you should expect an output like the following:
8. Lastly, you may want to run the following command to ensure that the PowerDNS is running on the default DNS port 53
.
ss -tulpn | grep 53
You should see an output like this:
Step 3 – Adding MariaDB Database and Importing Database Schema
After installing the PowerDNS server, you can move on to setting up the MariaDB database and user. Then, you must import the PowerDNS database schema to the new database.
1. Log in to the MariaDB server using the following command.
sudo mariadb -u root -p
When prompted, input your MariaDB root password.
2. Now, run the following queries to create a new database pdns
and user pdnsadmin
. And be sure to change the password pdns_P4ssw0rd_db
with a new password.
CREATE DATABASE pdns;
GRANT ALL ON pdns.* TO pdnsadmin@localhost IDENTIFIED BY 'pdns_P4ssw0rd_db';
FLUSH PRIVILEGES;
3. Type quit
to exit from the MariaDB server.
quit
4. Next, run the mariadb
command below to import the PowerDNS database schema /usr/share/pdns-backend-mysql/schema/schema.mysql.sql
to the pdns
database with the user pdnsadmin
.
sudo mariadb -u pdnsadmin -p pdns < /usr/share/pdns-backend-mysql/schema/schema.mysql.sql
When prompted, input the password of the pdnsadmin
user.
5. Lastly, run the following command to ensure that the PowerDNS database schema is available on the pdns
database.
sudo mysqlshow pdns
If successful, you should see multiple tables on the pdns
database like this:
Step 4 – Integrating PowerDNS with MariaDB on Ubuntu
This section will cover how to set up and integrate the PowerDNS with the MariaDB database server.
1. Create a new PowerDNS configuration file /etc/powerdns/pdns.d/pdns.local.gmysql.conf
using vim
editor.
sudo vim /etc/powerdns/pdns.d/pdns.local.gmysql.conf
Insert the following configuration to enable the integration of PowerDNS and the MariaDB database. Be sure to customize the details of the database name, user, and password.
# pdns with MySQL/MariaDB backend
launch+=gmysql
# gmysql parameters
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=pdnsadmin
gmysql-password=pdns_P4ssw0rd_db
gmysql-dnssec=yes
# gmysql-socket=
Save and close the file.
2. Now, run the following command to change the permission and ownership of the file /etc/powerdns/pdns.d/pdns.local.gmysql.conf
.
# change permission file /etc/powerdns/pdns.d/pdns.local.gmysql.conf
# to 640 and ownership to pdns user
sudo chmod 640 /etc/powerdns/pdns.d/pdns.local.gmysql.conf
sudo chown pdns:pdns /etc/powerdns/pdns.d/pdns.local.gmysql.conf
3. After that, run the command below to stop the PowerDNS service. Then, verify the integration of PowerDNS and the MariaDB server to ensure that the database connection is successful.
# stopping pdns service
sudo systemctl stop pdns
# starting pdns server from command line
pdns_server --daemon=no --guardian=no --loglevel=9
Assuming the integration is successful, the output you receive should be similar to this:
Press Ctrl+c
to terminate the process.
4. Next, run the following command to start the PowerDNS service and ensure that the service is running.
# start pdns service
sudo systemctl start pdns
# checking pds service status
sudo systemctl status pdns
If successful, the output you receive should look something like this:
5. Lastly, run the following command to check the PowerDNS version.
dig chaos txt version.bind @127.0.0.1 +short
If successful, you should get the PowerDNS version 4.7.3. Also, this confirms that the PowerDNS is running.
Now that you’ve completed the previous step, you should have the PowerDNS running with the MariaDB backend. Moving forward, you’ll be setting up zones using the PowerDNS utility pdnsutil
.
Step 5 – Creating the Name Server
In the following steps, we’ll walk you through the configuration of the name server on PowerDNS by utilizing the pdnsutil
.
The pdnsutil
is a command-line interface for managing zones and DNSSEC on PowerDNS. It interacts with the PowerDNS database backend and can be run remotely.
Below is the name server configuration that we want to achieve:
Name Server | IP Address |
---|---|
ns1.mydomain.dev | 192.168.5.10 |
1. To begin, run the pdnsutil
command below to create a new zone mydomain.dev
, and the name server ns1.mydomain.dev
.
pdnsutil create-zone mydomain.dev ns1.mydomain.dev
2. Now, run the following command to add the PowerDNS server IP address 192.168.5.10
as an A
record for the name server ns1.mydomain.dev
.
pdnsutil add-record mydomain.dev ns1 A 192.168.5.10
3. Next, verify the list of available DNS records on the zone mydomain.dev
using the following command.
pdnsutil list-zone mydomain.dev
If the operation is successful, you should get three different records, NS
, SOA
, and A
records. The SOA
record is automatically generated by the PowerDNS server, and you need to modify it with the proper setting.
4. Run the following command to modify the zone mydomain.dev
. This will open the default text editor on your system.
pdnsutil edit-zone mydomain.dev
Change the default SOA
record with the proper configuration like this:
Save and close the file, then input a
to apply the changes.
5. Now, run the following command to verify the A
record of the name server ns1.mydomain.dev
.
dig ns1.mydomain.dev @127.0.0.1
If successful, the A
record of the ns1.mydomain.dev
should return the PowerDNS server IP address 192.168.5.10
.
6. Furthermore, you may also verify the SOA
record of the name server ns1.mydomain.dev
using the following command.
dig SOA ns1.mydomain.dev @127.0.0.1
Ensure that you have a proper SOA
record configuration like this:
Step 6 – Adding Forward Zone via pdnsutil
Having the name server configured, the next step is to add the forward zone and domain names and sub-domains to the PowerDNS server. The forward zone is the domain mapping that ensures each domain name is pointed to its corresponding IP address.
Before adding the domain name to PowerDNS, you must first create a zone. As for this example, the zone mydomain.dev
is created, so we just continue.
Below are the details of domain and sub-domains that you will be creating:
Domain Name | DNS Record | IP Address/Handled By |
---|---|---|
mydomain.dev | A | 192.168.5.20 |
www.mydomain.dev | CNAME | mydomain.dev |
blog.mydomain.dev | A | 192.168.5.25 |
ftp.mydomain.dev | A | 192.168.5.30 |
mail.mydomain.dev | A | 192.168.5.35 |
mydomain.dev | MX | mail.mydomain.dev |
1. Run the pdnsutil
command below to add the domain names mydomain.dev
and www.mydomain.dev
to the PowerDNS. In this example, the domain name mydomain.dev
will be pointed to the IP address 192.168.5.20
, and the www.mydomain.dev
is a CNAME
or an alias that also points to the mydomain.dev
.
# create A record mydomain.dev to IP address 192.168.5.20
pdnsutil add-record mydomain.dev @ A 192.168.5.20
# create CNAME www.mydomain.dev to mydomain.dev
pdnsutil add-record mydomain.dev www CNAME mydomain.dev
2. Now, add sub-domains blog.mydomain.dev
and ftp.mydomain.dev
using the following command. In this scenario, the sub-domain blog.mydomain.dev
will be pointed to IP address 192.168.5.25
, and the ftp.mydomain.dev
will be pointed to 192.168.5.30
.
# create A record blog.mydomain.dev to IP address 192.168.5.25
pdnsutil add-record mydomain.dev blog A 192.168.5.25
# create A record ftp.mydomain.dev to IP address 192.168.5.30
pdnsutil add-record mydomain.dev ftp A 192.168.5.30
3. After that, run the following command to add a new sub-domain mail.mydomain.dev
, which will be pointed to IP address 192.168.5.35
. Then, add the MX
record for the domain mydomain.dev
to the mail server mail.mydomain.dev
.
# create A record for mail server
# mail.mydomain.dev to IP address 192.168.5.35
pdnsutil add-record mydomain.dev mail A 192.168.5.35
# adding MX record for mydomamain.dev to mail server mail.mydomain.dev
pdnsutil add-record mydomain.dev @ MX "10 mail.mydomain.dev"
4. Next, run the following command to ensure that you have the proper zone configuration. Then, verify the list of DNS records on the zone mydomain.dev
.
# checking zone configurations
pdnsutil check-all-zones
# list available zones for mydomain.dev
pdnsutil list-zone mydomain.dev
If you have proper zone configuration, you should expect an output like this:
And so far, you’ll have the following DNS records on the zone mydomain.dev
.
5. Lastly, to ensure that you’re proper forward zones, run the following dig
commands to query the domain name and sub-domains that you’ve configured. The parameter +short
will print the shortened output.
# checking A record for mydomain.dev
dig A mydomain.dev @127.0.0.1 +short
# checking CNAME record for www.mydomain.dev
dig CNAME www.mydomain.dev @127.0.0.1 +short
# checking A record for blog.mydomain.dev
dig A blog.mydomain.dev @127.0.0.1 +short
# checking A record for ftp.mydomain.dev
dig A ftp.mydomain.dev @127.0.0.1 +short
# checking A record for mail.mydomain.dev
dig A mail.mydomain.dev @127.0.0.1 +short
# checking MX record for mail.mydomain.dev
dig MX mail.mydomain.dev @127.0.0.1 +short
If you’ve proper forward zone configuration, each domain name will be pointed to the correct IP address like this:
Step 7 – Adding Reverse Zone and PTR Records via pdnsutil
Now that you have created a forward zone on PowerDNS, the next step is to create a reverse zone and add a PTR record for each domain name that you’ve configured.
While the forward zone translates the domain name to the IP address, the reverse zone translates the IP address to the corresponding domain name. The reverse zone and PTR records are needed, especially if you want to host a mail server.
1. First, run the following command to create a new reverse zone 5.168.192.in-addr.arpa
and add the name server ns1.mydomain.dev
into it. Then, add the A record for the name server ns1.mydomain.dev
to the proper PowerDNS IP address 192.168.5.10
.
The reverse zone name is taken from the reverse IP address prefix. In this example, each domain name is pointed to the subnet IP address 192.168.5.0/24
, so the name of the reverse zone should be 5.168.192.in-addr.arpa
.
# create reverse zone 5.168.192.in-addr.arpa with
# default name server ns1.mydomain.dev
pdnsutil create-zone 5.168.192.in-addr.arpa ns1.mydomain.dev
# add A record for name server ns1.mydomain.dev to IP address 192.168.5.10
pdnsutil add-record 5.168.192.in-addr.arpa ns1 A 192.168.5.10
2. Now, run the following commands to add the PTR record for each domain name.
Domain | IP Address | PTR Record |
---|---|---|
ns1.mydomain.dev | 192.168.5.10 | 10 |
mydomain.dev | 192.168.5.20 | 20 |
blog.mydomain.dev | 192.168.5.25 | 25 |
ftp.mydomain.dev | 192.168.5.30 | 30 |
mail.mydomain.dev | 192.168.5.35 | 35 |
# adding PTR record for ns1.mydomain.dev with IP address 192.168.5.10
pdnsutil add-record 5.168.192.in-addr.arpa 10 PTR ns1.mydomain.dev
# adding PTR record for mydomain.dev with IP address 192.168.5.20
pdnsutil add-record 5.168.192.in-addr.arpa 20 PTR mydomain.dev
# adding PTR record for blog.mydomain.dev with IP address 192.168.5.25
pdnsutil add-record 5.168.192.in-addr.arpa 25 PTR blog.mydomain.dev
# adding PTR record for ftp.mydomain.dev with IP address 192.168.5.30
pdnsutil add-record 5.168.192.in-addr.arpa 30 PTR ftp.mydomain.dev
# adding PTR record for mail.mydomain.dev with IP address 192.168.5.35
pdnsutil add-record 5.168.192.in-addr.arpa 35 PTR mail.mydomain.dev
3. Lastly, run the following command to verify the PTR record for each IP address.
# checking PTR record for IP address 192.168.5.10
dig -x 192.168.5.10 @127.0.0.1 +short
# checking PTR record for IP address 192.168.5.20
dig -x 192.168.5.20 @127.0.0.1 +short
# checking PTR record for IP address 192.168.5.25
dig -x 192.168.5.25 @127.0.0.1 +short
# checking PTR record for IP address 192.168.5.30
dig -x 192.168.5.30 @127.0.0.1 +short
# checking PTR record for IP address 192.168.5.35
dig -x 192.168.5.35 @127.0.0.1 +short
If successful, each IP address should be pointed to the proper domain name like this:
Conclusion
Excellent work! You’ve installed PowerDNS on your Ubuntu 22.04 machine with MariaDB as the database backend. Furthermore, you have also created a name server, forward zone, and reverse zone on PowerDNS using pdnsutil
.
You can now add more domain names to PowerDNS, set up DNSSEC, and install PowerDNS-Admin or poweradmin for managing PowerDNS via the web browser.
Also, go check our new category about FreeBSD Howto’s.