1080*80 ad
Home » Blog » Setting up PowerDNS on Ubuntu 22.04

Setting up PowerDNS on Ubuntu 22.04

Benhcmark Administrator Benhcmark Administrator
04/08/2025
0 Views 0
Setting up PowerDNS on Ubuntu 22.04

How to Install and Configure PowerDNS on Ubuntu 22.04: A Comprehensive Guide

Looking for a high-performance, flexible, and database-driven DNS server for your infrastructure? PowerDNS is an excellent choice. Unlike traditional file-based DNS servers like BIND, PowerDNS uses a database backend (like MySQL, PostgreSQL, or SQLite) to store its zone data. This makes it incredibly scalable, easier to integrate with other systems, and highly efficient for dynamic DNS environments.

This guide will walk you through the complete process of installing and configuring a PowerDNS authoritative nameserver on Ubuntu 22.04, using MariaDB as the database backend.

Prerequisites

Before we begin, ensure you have the following:

  • An Ubuntu 22.04 server.
  • A non-root user with sudo privileges.
  • A static IP address assigned to your server.
  • Basic familiarity with the Linux command line.

Step 1: Install PowerDNS and the MariaDB Backend

First, we need to update our package list and install the necessary software. We’ll install the PowerDNS server, the MySQL backend connector (which works for MariaDB), and the MariaDB server itself in one command.

Open your terminal and run:

sudo apt update
sudo apt install pdns-server pdns-backend-mysql mariadb-server

This command installs three key packages:

  • pdns-server: The core PowerDNS authoritative server.
  • pdns-backend-mysql: The module that allows PowerDNS to communicate with a MySQL or MariaDB database.
  • mariadb-server: A popular and robust open-source database server that will store our DNS records.

Step 2: Set Up the MariaDB Database

With the software installed, the next step is to create and secure a database for PowerDNS to use.

First, run the included security script to set a root password and remove insecure defaults.

sudo mysql_secure_installation

Follow the on-screen prompts. It’s highly recommended to set a strong root password and answer “Y” (yes) to all subsequent questions.

Next, log in to the MariaDB shell as the root user:

sudo mysql -u root -p

Enter the root password you just set. Now, we will create the database, a dedicated user for PowerDNS, and grant that user the necessary permissions.

Execute the following SQL commands. Remember to replace 'your_strong_password' with a secure password of your own.

CREATE DATABASE powerdns_db;
CREATE USER 'pdns_user'@'localhost' IDENTIFIED BY 'your_strong_password';
GRANT ALL PRIVILEGES ON powerdns_db.* TO 'pdns_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

This creates a database named powerdns_db and a user named pdns_user that can only access it from localhost, enhancing security.

Step 3: Connect PowerDNS to the Database

Now we need to tell PowerDNS how to connect to the new database. This is done in the main PowerDNS configuration file.

Open the configuration file with a text editor like nano:

sudo nano /etc/powerdns/pdns.conf

Scroll through the file and find the section for the database backend. You need to uncomment and edit the following lines to match the database settings you created. Most importantly, you must specify the gmysql backend for the launch directive.

# launch=
launch=gmysql

# gmysql-host=
gmysql-host=127.0.0.1

# gmysql-port=
gmysql-port=3306

# gmysql-dbname=
gmysql-dbname=powerdns_db

# gmysql-user=
gmysql-user=pdns_user

# gmysql-password=
gmysql-password=your_strong_password

Save the file and exit the editor (press CTRL+X, then Y, then Enter in nano).

With the connection configured, we must initialize the PowerDNS database schema. This command creates all the tables PowerDNS needs to store zones and records.

sudo mysql -u root -p powerdns_db < /usr/share/doc/pdns-backend-mysql/schema.mysql.sql

Enter your MariaDB root password when prompted. The command won’t produce any output if it’s successful.

Step 4: Starting and Testing Your PowerDNS Server

The configuration is complete. It’s time to start the PowerDNS service and enable it to launch automatically on boot.

sudo systemctl restart pdns
sudo systemctl enable pdns

To verify that the service is running correctly, check its status:

sudo systemctl status pdns

You should see an active (running) status in green. If there are any errors, review the configuration in /etc/powerdns/pdns.conf for typos, especially the database credentials.

Step 5: Adding Your First Domain Zone

Your server is running, but it doesn’t know about any domains yet. Let’s add one using the powerful pdnsutil command-line tool. We’ll use example.com for this demonstration.

  1. Create the Zone: This command creates the domain example.com and sets ns1.example.com as the primary nameserver.

    sudo pdnsutil create-zone example.com ns1.example.com

  2. Add Records: Now, let’s add some basic DNS records. We will add an A record for the root domain (@) and for www. We also need an A record for our nameserver ns1. Replace 192.0.2.100 with your server’s public IP address.

    sudo pdnsutil add-record example.com @ A 192.0.2.100
sudo pdnsutil add-record example.com www A 192.0.2.100
sudo pdnsutil add-record example.com ns1 A 192.0.2.100

  3. Verify the Zone: You can check that the records were added correctly by querying your local PowerDNS server using dig.

    dig @127.0.0.1 www.example.com

You should receive a successful response in the ANSWER SECTION showing the IP address you configured.

Essential Security and Best Practices

An improperly configured DNS server can be a security risk. Here are some essential tips:

  • Configure Your Firewall: Your DNS server needs to be reachable on port 53. If you are using ufw (Uncomplicated Firewall), allow traffic on this port.
    bash
    sudo ufw allow 53/udp
    sudo ufw allow 53/tcp
    sudo ufw enable
  • Disable Recursion: This setup is for an authoritative nameserver, meaning it only answers queries for zones it hosts. You should explicitly disable recursion to prevent your server from being used in DNS amplification attacks. Add or verify this line in /etc/powerdns/pdns.conf:
    ini
    recursor=no
  • Secure the API: If you enable the PowerDNS API, ensure it is protected by a strong API key and firewalled to only be accessible from trusted IP addresses.
  • Keep Your System Updated: Regularly update your server’s packages to receive the latest security patches.
    bash
    sudo apt update && sudo apt upgrade

Conclusion: Your Authoritative DNS Server is Ready

Congratulations! You have successfully installed and configured a robust, database-backed PowerDNS authoritative nameserver on Ubuntu 22.04. You can now manage your DNS records efficiently using the pdnsutil command or by integrating a web-based management tool like PowerDNS-Admin. This powerful setup provides a solid foundation for managing your domain’s DNS with professional-grade performance and scalability.

Source: https://kifarunix.com/easily-install-and-setup-powerdns-on-ubuntu-22-04/

900*80 ad

Related Articles
      1080*80 ad
      About Hosterdojo

      Hosterdojo reviews server performance, network capabilities, and other related benchmarks. If you are a provider interested in submitting your VPS products, feel free to reach out to me.

      Email: [email protected]
      Telegram Channel: https://t.me/hosterdojo

      Follow

      Useful Link

      Girl in a jacket