Differences between revisions 12 and 17 (spanning 5 versions)
Revision 12 as of 2017-12-08 22:56:37
Size: 1041
Comment:
Revision 17 as of 2017-12-09 08:53:45
Size: 1750
Comment:
Deletions are marked like this. Additions are marked like this.
Line 33: Line 33:
== Configure BIND ==

=== Make a DDNS update key ===

We are going to let the DHCP server update BIND. For this we need an update key. Create it with the following command.

{{{#!highlight bash
#!/bin/sh
# entrophy must be available for the key to be generated
# check available entrophy
# /proc/sys/kernel/random/entropy_avail
dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST ddns-update
}}}

=== Make BIND listen ===

edit `/etc/bind/named.conf.options` and add

{{{
listen-on { any; };
}}}

=== Create a new zone ===

`/etc/bind/named.conf.kallenberg.dk`
{{{
}}}

Add the new zone file to `/etc/bind/named.conf.local`

{{{
include "/etc/bind/named.conf.kallenberg.dk";
}}}

DNS

The Domain Name System is really a must for any TCIP/IP network. It is a key component of the network. That is why it is the first service we will configure.

Here we will be using Bind, ISC's DNS server. Bind has a master/slave configuration, where the master gets the DNS changes and then updates the slave. It cannot run truly redundant, in the sense that only the master is allowed to get DNS changes, if the master is down, the slave cannot be updated.

DNS Master

Network

Since looking up the DNS servers IP-address does not make any sense, we will give the DNS server a statc IP-address. Edit /etc/networking/interfaces and make the following changes.

# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp

auto eth0
iface eth0 inet static
        address 192.168.1.34
        netmask 255.255.255.0
        gateway 192.168.1.1
        network 192.168.1.0
        gateway 192.168.1.1

Install BIND

apt-get install bind9

Configure BIND

Make a DDNS update key

We are going to let the DHCP server update BIND. For this we need an update key. Create it with the following command.

   1 #!/bin/sh
   2 # entrophy must be available for the key to be generated
   3 # check available entrophy
   4 # /proc/sys/kernel/random/entropy_avail
   5 dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST ddns-update

Make BIND listen

edit /etc/bind/named.conf.options and add

listen-on { any; };

Create a new zone

/etc/bind/named.conf.kallenberg.dk

Add the new zone file to /etc/bind/named.conf.local

include "/etc/bind/named.conf.kallenberg.dk";

DNS Slave

None: DNS (last edited 2021-01-17 20:10:16 by Kristian Kallenberg)