Install Bind9 for Windows
A Local Caching DNS Resolver


Download Bind9

Works well under Windows Vista but is not easy to get working without some prior knowledge.
This is how I installed and set up Bind9 to act as a simple DNS caching resolver on my Vista system. I don't claim this is the best setup but it works for me.

1) Unzip the downloaded file to a folder and run "BINDInstall.exe". This will install Bind9 to the folder Windows\System32\dns\bin\.
2) The install will ask for a "Service Account Password", select "automatic startup" then click install. Exit the installer when finished.



3) Open a Administrator Command Prompt and type :-
cd c:\windows\System32\dns\bin    (press enter)
rndc-confgen -a    (press enter)


Close the command prompt.

4) You now need six files in the folder c:\windows\system32\dns\etc


The file "rndc.key" has been created by the previous operation.

named.conf can be created by copying and pasting the following in to notepad.
options {  directory "c:\windows\system32\dns\etc";
  edns-udp-size 1460;
    pid-file none;
  version "not currently available";
  listen-on { 127.0.0.1; 192.168.1.0/24; };
    recursion yes;
};

controls {
        inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

key "rndc_key" {
        algorithm hmac-md5;
        secret "yV7rlyRdlLGCsWNMu2wnkQ==";
};

zone "." IN {
  type hint;
  file "root.hints";
};

zone "localhost" IN {
  type master;
  file "zone.localhost";

  allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
  type master;
  file "revp.127.0.0";
  allow-update { none; };
};

  include "filter.conf";

Before saving this file you need to change the key "yV7rlyRdlLGCsWNMu2wnkQ==" to the same key found in your file "rndc.key".
Note: your key will be different to those shown here.
192.168.1.0  change to suit your network IP range.

rndc.key


This can be done by opening "rndc.key" with notepad and copying from that file and pasting in named.conf.
Save As c:\windows\system32\dns\etc\named.conf

root.hints
;                                                          npr.me.uk

;; QUESTION SECTION:
;.                IN    NS

;; ANSWER SECTION:
.            518400    IN    NS    A.ROOT-SERVERS.NET.
.            518400    IN    NS    I.ROOT-SERVERS.NET.
.            518400    IN    NS    C.ROOT-SERVERS.NET.
.            518400    IN    NS    H.ROOT-SERVERS.NET.
.            518400    IN    NS    M.ROOT-SERVERS.NET.
.            518400    IN    NS    E.ROOT-SERVERS.NET.
.            518400    IN    NS    K.ROOT-SERVERS.NET.
.            518400    IN    NS    L.ROOT-SERVERS.NET.
.            518400    IN    NS    B.ROOT-SERVERS.NET.
.            518400    IN    NS    J.ROOT-SERVERS.NET.
.            518400    IN    NS    D.ROOT-SERVERS.NET.
.            518400    IN    NS    G.ROOT-SERVERS.NET.
.            518400    IN    NS    F.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.    3600000    IN    A    198.41.0.4
B.ROOT-SERVERS.NET.    3600000    IN    A    192.228.79.201
C.ROOT-SERVERS.NET.    3600000    IN    A    192.33.4.12
D.ROOT-SERVERS.NET.    3600000    IN    A    128.8.10.90
E.ROOT-SERVERS.NET.    3600000    IN    A    192.203.230.10
F.ROOT-SERVERS.NET.    3600000    IN    A    192.5.5.241
G.ROOT-SERVERS.NET.    3600000    IN    A    192.112.36.4
H.ROOT-SERVERS.NET.    3600000    IN    A    128.63.2.53
I.ROOT-SERVERS.NET.    3600000    IN    A    192.36.148.17
J.ROOT-SERVERS.NET.    3600000    IN    A    192.58.128.30
K.ROOT-SERVERS.NET.    3600000    IN    A    193.0.14.129
L.ROOT-SERVERS.NET.    3600000    IN    A    199.7.83.42
M.ROOT-SERVERS.NET.    3600000    IN    A    202.12.27.33
Save As c:\windows\system32\dns\etc\root.hints

zone.localhost
;
; loopback/localhost zone file
;
$TTL 1D
$ORIGIN localhost.
@              IN  SOA   @  root (
                         1   ; Serial
                         8H  ; Refresh
                         15M ; Retry
                         1W  ; Expire
                         1D) ; Minimum TTL
               IN   NS   @
               IN   A    127.0.0.1
Copy and past to notepad. Save As c:\windows\system32\dns\etc\zone.localhost

revp.127.0.0
;
; reverse pointers for localhost
;
$TTL 1D
$ORIGIN 0.0.127.in-addr.arpa.
@    IN   SOA  localhost. root.localhost. (
               1    ; serial
               8H   ; refresh
               15M  ; retry
               1W   ; expire
               1D ) ; minimum
     IN   NS   localhost.
1    IN   PTR  localhost.
Copy and past to notepad. Save As c:\windows\system32\dns\etc\revp.127.0.0

filter.conf
Yes, it's an empty file. Needed if Bind9 is to be used to block adverts.
Open notepad. Save As c:\windows\system32\dns\etc\filter.conf

5) Start the service "ISC BIND"
Go to "administrative tools" > "services"

Right click on "ISC Bind" and select "Start".
Note: this is set to start automatic on windows boot.

After upgrading to Bind9.8.0 I get the following error when trying to start this service.


To correct this error: right click on  "ISC BIND" select "properties" then the "Log On" tab.

Select "Local System account" then "Apply"
Try again to start the ISC BIND service.

6) The final step is to tell windows to use Bind9 as the DNS resolver.
Go to control panel > Network and Sharing Centre > Manage network connections

Right click on whichever connection you use and select properties.


Highlight "Internet Protocol Version 4 (TCP/IPv4)" and select properties.


Enter the "Preferred DNS server" 127.0.0.1 and click OK.
  • If using a software firewall, then the following program needs to be given permission to access the internet.
  • c:\windows\system32\dns\bin\named.exe   --- see my firewall rules.
    • That's it, if the internet works then you're now using Bind9 for DNS lookups.

    If the internet doesn't work then go back to TCP/IPv4 properties and click "Obtain DNS server address automatically",
    this will go back to using the DNS server set by the router.


    Change DNS Settings for Windows
    Manually change DNS settings
    Use a batch file to switch DNS settings in seconds.
    List of freely available DNS servers and batch file downloads.

    Install a personal DNS caching resolver
    DNS resolvers available for windows and where to download.

    Install Unbound for Windows
    Install Unbound as a local caching DNS resolver.

    DNS extras
    Create your own root.hints file.
    How to block adverts using Bind9.
    DNS benchmark.

    Home Page

    footer
    Copyright© NPR 2010 - 2012       Disclaimer