My Own DNS Server at Home – Part 1: IPv4

Summary

“It’s always DNS” is a famous meme among network people. Name resolution is technically quite simple. It’s “just” translating a hostname like jan.wildeboer.net to an IP address. What could possibly go wrong? I am a radical optimist and detail-obsessed knowledge collector, so I decided to find out. As part of my goal to make my home network a little island of Digital Sovereignty, meaning that everything at home should JustWork™, even with no working internet connection, a DNS server is needed. Based on and extended from my gist Bind on Fedora 42 as DNS server. I admit, I have a lot of experience with DNS and BIND. But I still consider myself to be merely on the GoodEnough™ side of things. I know how to get DNS configured for my domains. And I want you to feel fearless too. The best place to fail with DNS is the network at home. It limits the impact :) So read this blog post either as report or as a HOWTO. Both ways can be fun! In my homelab I have a Raspberry Pi 4 that runs infrastructure services. DNS is one of them, my private CA (Certificate Authority) another. The CA runs as a container on Podman. For DNS I use Bind. It thus has to serve 3 networks: 192.168.1.0/24 My home IPv4 network 172.16.0.0/16 IPv4 Network on the second ethernet ports of my homelab servers 10.88.0.0/16 The (virtual) podman network It uses my Fritz box (7490) as forwarder, so I can resolve all hosts, including the DHCP entries that the Fritz Box hands out under its default local domain name fritz.box. For my homelab however, I use the homelab.jhw domain name. That’s what the Bind DNS server has to take care of. WARNING I really should use the official .internal TLD (Top Level Domain) for my homelab network, but I decided against it. This introduces the risk of name resolution problems, should someone offer a public .jhw TLD in future. It’s a risk I am willing to accept in exchange for using a 3 letter TLD at home. Don’t be like me! Use .internal instead. With that out of the way, let’s contin...