Howto setup dynamic DNS PDF Print E-mail
Sunday, 11 February 2007 02:58

Setup the config files for dhcp and Named. Clients (pc's, laptops) will get an ip address from a range you specified. You can also reserve specific ip address for static devices like serves or printers. The dhcp server daemon registers them to the Named server.

I used Fedore 6, dhcpd and Named running in chroot mode.

Sometimes you get stuck because of problems with rights on the file system or a configuration error in one of your config files. Don't let this bring you down. Stand up straight, keep you head up and hold on till you got what you wanted ;) 

Software Packages 

Install the following packages (or update them):

  • dhcp.i386
  • bind-libs.i386
  • bind-utils.i386
  • bind-chroot.i386
  • caching-nameserver.i386
  • bind.i386

Configure DHCP

Extract from vi /etc/dhcpd.conf

## dhcp.conf RRD 11-02-2007

## Server configuration:

authoritative;
include "/etc/rndc.key";

server-identifier       server;
ddns-domainname         "r71.nl.";
ddns-rev-domainname     "in-addr.arpa.";
ddns-update-style       interim;
ddns-updates            on;
ignore                  client-updates;

# If you have fixed-address entries you want to use dynamic dns
update-static-leases on;

# Wins server setting, not used at this time cause I have none
#option netbios-name-servers 10.0.2.11;
#option netbios-dd-server 10.0.2.11;
#option netbios-node-type 8;

# This is the communication zone

zone r71.nl. {
    primary 127.0.0.1; # force dhcpd to send the update to this server
    key rndckey;
}

zone  10.in-addr.arpa. {
    primary 127.0.0.1; # force dhcpd to send the update to this server
    key rndckey;
}


## Client configuration:

subnet 10.0.0.0 netmask 255.0.0.0 {

    option routers                  10.0.1.254;
    option subnet-mask              255.0.0.0;
    option domain-name              "r71.nl";
    option domain-name-servers      10.0.2.11, 10.0.2.10;


    range dynamic-bootp 10.0.5.1 10.0.5.9;
    default-lease-time 21600;
    max-lease-time 43200;

}


# ip address reservations:
# they who have ddns-hostname set will
# register themselves to named

group {

    ddns-domainname "r71.nl.";


    host ns {
         hardware ethernet 00:0C:29:B8:4F:68;
         fixed-address 10.0.2.11;
    }

    host rainier {
         # rainier.r71.nl 2nd lan adapter
         hardware ethernet 00:0C:29:4D:26:0C;
         fixed-address 10.0.2.21;
         ddns-hostname = host-decl-name;
         #ddns-hostname rainier;
         #ddns-domainname "r71.nl.";
    }

    host laptop_lan {
         ddns-hostname laptop_lan;
         hardware ethernet 00:14:22:D7:7C:41;
         fixed-address 10.0.4.1;
    }

    host laptop_wan {
         ddns-hostname laptop_wan;
         hardware ethernet 00:16:6F:5D:76:24;
         fixed-address 10.0.4.2;
    }
}

If you want to automaticaly register the reservated addresses in DNS (named) then you must specify ddns-hostname and ddns-domainame. The dhcpd will not "figure it out" if you just specify host-name and domain-name.

# service dhcpd start (or reload)

Try a dhcp request from a computersystem. If you use VMware you can easily add a virtual NIC to a VM and use this for testing.

Watch the logfile:
# tail -f /var/log/messages 

Configure Named 

Named master server:

Extract from /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//

include "/etc/rndc.key";

acl internal { 10.0.0.0/8; };
#acl slaves { 10.0.2.10; 10.0.2.5; 10.0.2.6; };
acl slaves { 10.0.2.10; };

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

//      allow-query { internal; };

        forwarders {
                10.0.1.254;
        };
};

zone "r71.nl" {
        type master;
        file "r71.nl.zone";
        allow-update { key "rndckey"; };
        allow-transfer { slaves; };
        notify yes ;
};

zone "10.in-addr.arpa" {
        type master;
        file "r71.nl.rev";
        allow-update { key "rndckey"; };
        allow-transfer { slaves; };
        notify yes ;
};

Set the rights to the files and directories

# chown named:named /var/named/chroot
# chown named:named /var/named/chroot/var
# chown named:named /var/named/chroot/var/named
# chmod 770 /var/named/chroot
# chmod 770 /var/named/chroot/var
# chmod 770 /var/named/chroot/var/named

# chown named:named /var/named/chroot/var/named/r71.nl.zone
# chown named:named /var/named/chroot/var/named/r71.nl.rev
# chmod 666 /var/named/chroot/var/named/slaves/r71.nl.zone
# chmod 666 /var/named/chroot/var/named/r71.nl.rev

# cd /var/named
# ln -s /var/named/chroot/var/named/slaves/r71.nl.zone
# ln -s /var/named/chroot/var/named/slaves/r71.nl.rev

# service named start

Watch the logfile:
# tail -f /var/log/messages

Named slave server:

Extract from /etc/named.conf

//
// named.conf for Red Hat caching-nameserver
// named configured as slave server (RRD 26-01-2006)
//

include "/etc/rndc.key";

// acl internal { 10.0.0.0/8; };
// acl slaves { 10.0.2.5; 10.0.2.6; };

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";

//      allow-query { internal; };

        forwarders {
                10.0.1.254;
        };
};


zone "r71.nl" {
        type slave;
        file "r71.nl.zone";
        masters { 10.0.2.11; };
};

zone "10.in-addr.arpa" {
        type slave;
        file "r71.nl.rev";
        masters { 10.0.2.11; };
};


Set the rights to the files and directories

# chown named:named /var/named/chroot
# chown named:named /var/named/chroot/var
# chown named:named /var/named/chroot/var/named
# chmod 770 /var/named/chroot
# chmod 770 /var/named/chroot/var
# chmod 770 /var/named/chroot/var/named
# chmod 770 /var/named/chroot/var/named/slaves

# chown named:named /var/named/chroot/var/named/slaves/r71.nl.zone
# chown named:named /var/named/chroot/var/named/slaves/r71.nl.rev
# chmod 666 /var/named/chroot/var/named/slaves/r71.nl.zone
# chmod 666 /var/named/chroot/var/named/r71.nl.rev

# cd /var/named
# ln -s /var/named/chroot/var/named/slaves/r71.nl.zone
# ln -s /var/named/chroot/var/named/slaves/r71.nl.rev

# service named start

Watch the logfile:
# tail -f /var/log/messages

Configure iptables

Add these rules to the database:
# iptables -A INPUT -p tcp --sport 53 -j ACCEPT
# iptables -A INPUT -p udp --sport 53 -j ACCEPT
# iptables -A INPUT -p tcp --sport 953 -j ACCEPT

Or do this:
# system-config-securitylevel-tui
Add these three entries seperated by spaces to the free editable space: domain:tcp domain:udp rndc:tcp

Result: cat /ets/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 953 -j ACCEPT

< Prev   Next >
 

Add comment


Security code
Refresh

More KB Articles