Differences between revisions 2 and 3
Revision 2 as of 2017-12-10 19:40:11
Size: 3511
Editor: Kristian Kallenberg
Comment:
Revision 3 as of 2017-12-10 19:42:17
Size: 3432
Editor: Kristian Kallenberg
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= DNS Master =
Line 7: Line 5:
Since looking up the DNS servers IP-address does not make any sense, we will give the DNS server a statc IP-address. Edit `/etc/networking/interfaces` and make the following changes. We will give the DNS master server a static IP-address. Edit `/etc/networking/interfaces` and make the following changes.

DNS Master

Network

We will give the DNS master server a static IP-address. Edit /etc/networking/interfaces and make the following changes. 

# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp

auto eth0
iface eth0 inet static
        address 192.168.1.34
        network 192.168.1.0
        netmask 255.255.255.0
        broadcast 192.168.1.255
        gateway 192.168.1.1

Install BIND

apt-get install bind9

Configure BIND

Make BIND listen

edit /etc/bind/named.conf.options and add 

listen-on { any; };

Make a DDNS update key

We are going to let the DHCP server update BIND. For this we need an update key. Create it with the following command. Remember that entrophy must be available for the key to be generated, you can check available entrophy in /proc/sys/kernel/random/entropy_avail. 

dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST ddns-update

This will create two files with filenames equivalent to Kddns-update.+157+18646.private and Kddns-update.+157+18646.key. The latter is your public key, which will be used by the DCHP server to update BIND. Create the file /etc/bind/ddns-update.dnskey and put your key inside it. 

key "ddns-update" {
        algorithm hmac-sha512;
        secret "yYFzfibvlpS33+vsngV2jF5tGkTiVSjhYoFuV0T7bnCVfFGx3Mu05SW+LakImdofkNM00LxHCLuvD1W1vSWMmA==";
};

Create a new zone

/etc/bind/named.conf.kallenberg.dk 

# Key used by DHCP servers for dynamic DNS updates
include "/etc/bind/ddns-update.dnskey";

zone "kallenberg.dk" {
        type master;
        file "/var/lib/bind/kallenberg.dk.zone";
        allow-transfer { 192.168.1.35; };
        allow-update { key "ddns-update"; };
};

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/var/lib/bind/1.168.192.zone";
        allow-transfer { 192.168.1.35; };
        allow-update { key "ddns-update"; };
};

Add the new zone file to /etc/bind/named.conf.local 

include "/etc/bind/named.conf.kallenberg.dk";

/var/lib/bind/kallenberg.dk.zone 

$ORIGIN .
$TTL 86400      ; 1 day
kallenberg.dk           IN SOA  ns01.kallenberg.dk. ns02.kallenberg.dk. (
                                20150427   ; serial
                                7200       ; refresh (2 hours)
                                300        ; retry (5 minutes)
                                604800     ; expire (1 week)
                                60         ; minimum (1 minute)
                                )
                        NS      ns01.kallenberg.dk.
                        NS      ns02.kallenberg.dk.
$ORIGIN kallenberg.dk.
$TTL 1800       ; 30 minutes

/var/lib/bind/1.168.192.zone 

$ORIGIN .
$TTL 86400      ; 1 day
1.168.192.in-addr.arpa  IN SOA  ns01.kallenberg.dk. ns02.kallenberg.dk. (
                                20150218   ; serial
                                7200       ; refresh (2 hours)
                                300        ; retry (5 minutes)
                                604800     ; expire (1 week)
                                60         ; minimum (1 minute)
                                )
                        NS      ns01.kallenberg.dk.
                        NS      ns02.kallenberg.dk.
$ORIGIN 1.168.192.in-addr.arpa.

None: DNS Master (last edited 2021-02-19 17:39:13 by Kristian Kallenberg)