Thanks to Raspbian (Minimal Install) I downloaded the image raspbian_wheezy_20130923.img.7z
After unzipping with 7z

7z x raspbian_wheezy_20130923.img.7z

Then copy directly on my SD card (64GB)

dd if=raspbian_wheezy_20130923.img of=/dev/mmcblk0 bs=1M

I used gparted to resize the partitions:

• / is now 55GB wide
• swap 4GB

Installation done

As mentionned on the site:

dpkg-reconfigure tzdata

Switched to Europe/Paris

dpkg-reconfigure console-data

Switched to us-intl

dpkg-reconfigure locales

Enabled en_US.iso/UTF-8

vi /etc/network/interfaces 

Then I switched from dhcp to static

# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
 
allow-hotplug eth0
#iface eth0 inet dhcp
iface eth0 inet static
  address 192.168.1.10
  netmask 255.255.255.0
  gateway 192.168.1.1
  dns-search test.local
  dns-nameservers 192.168.1.1 192.168.1.2

apt-get update
apt-get upgrade

I installed some third party tools I use a lot:

apt-get install lftp rsync curl bc lsof strace vim screen htop

Let's go and install Bind

apt-get install bind9 dnsutils

vi /etc/bind/named.conf.default-zones

zone "test.local" IN {
        type master;
        file "/etc/bind/db.test.local";
};
 
zone "1.168.192.in-addr.arpa" IN {
        type master;
        file "/etc/bind/rev.db.test.local";
};

Then create this two files

vi /etc/bind/db.test.local 

$TTL   3h
@ IN SOA dns1.test.local. root.test.local. (
    2013110601 ; serial
    3h         ; refresh after 3 hours
    1h         ; retry after 1 hour
    1w         ; expire after 1 week
    1h )       ; negative caching TTL of 1 hour
 
        IN NS dns1.test.local.
 
;network devices and Services [1-30]
router  IN A 192.168.1.1
dns     IN A 192.168.1.2
wifi    IN A 192.168.1.3
sip1    IN A 192.168.1.4

vi /etc/bind/rev.db.test.local

$TTL   3h
@ IN SOA dns1.test.local. root.test.local. (
    2013110601 ; serial
    3h         ; refresh after 3 hours
    1h         ; retry after 1 hour
    1w         ; expire after 1 week
    1h )       ; negative caching TTL of 1 hour
 
        IN NS dns1.test.local.
 
;network devices and Services [1-30]
1       IN PTR  router.test.local.
2       IN PTR  dns.test.local.
3       IN PTR  wifi.test.local.
4       IN PTR  sip1.test.local.

Enable logging

vi /etc/bind/named.conf.local

With

// Manage the file logs
 
include “/etc/bind/named.conf.log”;

And create /etc/bind/named.conf.log

vi /etc/bind/named.conf.log

with

logging {
 
channel update_debug {
file “/var/log/update_debug.log” versions 3 size 100k;
severity debug;
print-severity yes;
print-time      yes;
};
 
channel security_info {
file “/var/log/security_info.log” versions 1 size 100k;
severity info;
print-severity yes;
print-time      yes;
};
 
channel bind_log {
file “/var/log/bind.log” versions 3 size 1m;
severity info;
print-category  yes;
print-severity  yes;
print-time      yes;
};
 
category default { bind_log; };
category lame-servers { null; };
category update { update_debug; };
category update-security { update_debug; };
category security { security_info; };
};

for i in {1..30}; do echo google.com; done | xargs -I^ -P10 dig ^ | grep time | awk /time/'{sum+=$4} END { print "Average query = ",sum/NR,"ms"}'
Average query =  3.2 ms

This is OK, I got :
Average query = 0.0666667 ms on the OpenBSD VM

vi /etc/bind/blockeddomain.hosts

This file contains:

$TTL   3h
@ IN SOA dns1.test.local. root.test.local. (
    2013071502 ; serial
    3h         ; refresh after 3 hours
    1h         ; retry after 1 hour
    1w         ; expire after 1 week
    1h )       ; negative caching TTL of 1 hour
 
        IN NS dns1.test.local
 
              IN      NS      dns1.test.local.
              A       127.0.0.1
*             IN      A       127.0.0.1
*             IN      AAAA    ::1

Add this in /etc/bind/named.conf.default-zones

vi /etc/bind/named.conf.default-zones

include "blockeddomains.zones";

Now let's generate this blockeddomains.zones
First we need some tools:

apt-get install dos2unix p7zip

Then this script:

#! /bin/sh
# Script that generate a blockeddomains.zones according to a nice hosts file on the internet
 
# First rm previous version of downloaded and generated files
rm blockeddomains.zones hosts.txt
# Get the hosts file
wget http://winhelp2002.mvps.org/hosts.txt
# Convert to Unix
dos2unix hosts.txt
# For each line in the file that starts with 127, doesn't contain localhost we take the 3rd field (domain)
for line in `cat hosts.txt | grep ^127 | grep -v localhost | cut -d " " -f 3`
do   
     # Create an entry in  blockeddomain.zones with the correct syntax pretending we own this domain :P
     printf "zone \"$line\"  {type master; file \"/etc/bind/blockeddomain.hosts\";};\n" >> blockeddomains.zones
done

Reload bind

/etc/init.d/bind reload

• http://vuongxibul.wordpress.com/2011/09/16/configure-bind9-on-debian-squeeze/
• http://www.linuxsystems.it/raspbian-wheezy-armhf-raspberry-pi-minimal-image/
• DNS - OpenBSD