I actually wrotealong these lines a few moments back about setting up a cache-only DNS server for a local network (to resolve DNS locally if possible, instead of query out to public DNS servers).
Fortunately, there’s not a huge difference between this and setting up a public DNS server (more on that below) except you’ll want to have the following instead of what’s listed in the blog post linked above:
// to allow recursive lookup from root name servers if necessary
// allow any hosts to query BIND; having ‚internal;‘ maps to the acl listed at the top, you can use similar to restrict to certain external IPs if you desire
Now, as others have mentioned, there are reasons you’d likely not want to host a public facing (and fully open) DNS server.
- Reliability – If you want a large adoption, you’ll want the DNS server to be reliable. This involves having more than a single host, ideally spread across the globe and having multiple systems in place at each location for any issues that may arise.
- Ill Intent of Others – You’ll likely see things like (or other spoof attacks), DDoS attacks (or amplification attack, read briefly about them), or .
It would still be a good exercise to go about setting one up, should you be interested.
Best of luck!