Skip to content

Instantly share code, notes, and snippets.

@gilangvperdana
Last active March 5, 2023 07:34
Show Gist options
  • Save gilangvperdana/a3a7327c0019441fde3bdfa24aa9f7ea to your computer and use it in GitHub Desktop.
Save gilangvperdana/a3a7327c0019441fde3bdfa24aa9f7ea to your computer and use it in GitHub Desktop.
Create BIND9 on Docker Container

General

I once had a case of bypassing the default DNS from the institution, because there were lots of important website blocks. But we are also not allowed to use a public DNS resolver like 1.1.1.1 etc., if we use a public DNS our internet will be immediately disconnected. Therefore, here I will create a bastion container that uses the default gateway to a VPS and installs BIND9 as the DNS Forwarder.

Prerequisites

  • Docker
  • OVPN or any VPN client profile
  • 1 Interface for Bridge to Router

Assume

  • VM with Ubuntu Server for Host Container
  • VM with 2 Interface, ens3 for default link & ens12 for bridge BIND9 link
  • Default gateway on 172.20.0.1
  • DNS IP will be 172.20.1.25 who will forward to 1.1.1.1 & 8.8.4.4
  • Please adjust for your needs.

Create Dockerfile

FROM ubuntu:20.04
RUN apt update && \
apt install openvpn curl -y
COPY client.ovpn /etc/openvvpn
ENTRYPOINT [ "openvpn", "--config", "/etc/openvpn/client.ovpn" ]
docker build -t bind9 .

Install Package Inside Container

docker build -t bind9 .
docker network create -d ipvlan \
--subnet 172.20.0.0/16 \
--gateway 172.20.0.1 \
-o parent=ens12 \
forBind9
docker run -d --restart always --network forBind9 --ip 172.20.1.25 --name bind9 --cap-add NET_ADMIN --device=/dev/net/tun bind9
apt-get update
apt-get install bind9 bind9utils bind9-doc

Verify

nc -vz 172.20.1.25 53
nc -vzu 172.20.1.25 53

Try on your linux or anything :
nano /etc/resolv.conf
---
nameserver 172.20.1.25
---

Enjoy~

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment