DNS Configuration (Internal and External)

The following package must be installed :

  • bind-9.8.2-0.17.rc1.el6_4.6.i686.rpm
  • bind-chroot-9.8.2-0.17.rc1.el6_4.6.i686.rpm
  • bind-utils-9.8.2-0.17.rc1.el6_4.6.i686.rpm
  • bind-libs-9.8.2-0.17.rc1.el6_4.6.i686.rpm

Install  DNS:
    Install bind and bind-chroot package using bellow command

  • rpm -ivh bind-9.8.2-0.17.rc1.el6_4.6.i686.rpm
  • rpm -ivh bind-chroot-9.8.2-0.17.rc1.el6_4.6.i686.rpm
  • rpm -ivh bind-utils-9.8.2-0.17.rc1.el6_4.6.i686.rpm
  • rpm -ivh bind-libs-9.8.2-0.17.rc1.el6_4.6.i686.rpm

Create DNS key using below format:

  • % dnssec-keygen -a hmac-md5 -b 128 -n USER dhcpupdate
  • Kdhcpupdate.+157+14638
  • This will create a 128bit HMAC-MD5 keyfile called dhcpupdate.
  • If you do ls Kdhcpupdate* you will see two files
  • open  Kdhcpupdate.+157+14638.private
  • and copy key  in that file and paste it in a notepad with the name dnskey.txt

vi  Kdhcpupdate.+157+14638.private

  • Private-key-format: v1.3
  • Algorithm: 157 (HMAC_MD5)
  • Key: 7dAul+qVM+S6G+EPeAy+Vg==
  • Bits: AAA=
  • Created: 20140106133919
  • Publish: 20140106133919
  • Activate: 20140106133919

Configure DNS:

Open named.conf file in /etc folder using the command vi /etc/named.conf

#add or edit the line in named.conf like below
options

{
directory "/var/named";                   // "Working" directory
dump-file         "data/cache_dump.db";
statistics-file  "data/named_stats.txt";
memstatistics-file         "data/named_mem_stats.txt";
listen-on port 53         { 127.0.0.1;172.23.10.1;192.168.1.2;};
listen-on-v6 port 53 { ::1; };
allow-query { localhost;any; };
allow-query-cache       { localhost;any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

};
key dhcpupdate
{
algorithm hmac-md5;
secret "7dAul+qVM+S6G+EPeAy+Vg==";
#change key You created earlier in this document which is stored in dnskey.txt
};
logging
{
channel default_debug {
file "data/named.run";
severity dynamic;
};        
};
view "localhost_resolver"
{
match-clients { localhost; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
include "/etc/named.rfc1912.zones";
zone "yourdomain.com" IN {
type master;
file "yourdomain.com.zone";
allow-update { key dhcpupdate; };
};
zone "10.23.172.in-addr.arpa" IN {
type master;
file "yourdomain.com.rr.zone";
allow-update { key dhcpupdate; };
};

};

view "internal"
{
match-clients { 172.23.10.0/16;192.168.1.0/24; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};

include "/etc/named.rfc1912.zones";
zone "yourdomain.com" IN {
type master;
file "yourdomain.com.zone";
allow-update { key dhcpupdate; };
};
zone "10.23.172.in-addr.arpa" IN {
type master;
file "yourdomain.com.rr.zone";
allow-update { key dhcpupdate; };
};
};
view "external"
{
match-clients { any; };
zone "." IN {
type hint;
file "/var/named/named.ca";
};
recursion no;
zone "nagasoft.in" {
type master;
file "nagasoft.in.zone";
};
};

save the file using :wq!

Now go to var/named/chroot/var/named and create zone files  like bellow

cd /var/named/chroot/var/named

create forward zone file gateway.yourdomain.com.zone

vi   gateway.yourdomain.com.zone

ORIGIN .
$TTL 86400      ; 1 day
yourdomain.com         IN SOA  gateway.yourdomain.com. root.yourdomain.com. (
55637      ; serial
10800      ; refresh (3 hours)
900        ; retry (15 minutes)
604800     ; expire (1 week)
86400      ; minimum (1 day)
)

NS      gateway.yourdomain.com.

$ORIGIN yourdomain.com.
gateway                 A       172.23.10.1

save the file :wq!

set permission for the file

chown named:named  gateway.yourdomain.com.zone

create reverse zone file gateway.yourdomain.com.rr.zone

vi  gateway.yourdomain.com.rr.zone

ORIGIN .

$TTL 86400      ; 1 day
10.23.172.in-addr.arpa  IN SOA  gateway.yourdomain.com. root.yourdomain.com. (
55620      ; serial
10800      ; refresh (3 hours)
900        ; retry (15 minutes)
604800     ; expire (1 week)
86400      ; minimum (1 day)
)

                    NS      gateway.yourdomain.com.
$ORIGIN 10.23.172.in-addr.arpa.
1                       PTR     gateway.yourdomain.com

save the file using :wq!

set permission for the file

  • chown named:named  gateway.yourdomain.com.rr.zone
  • create two dummy files like below
  • touch  gateway.yourdomain.com.zone.jnl
  • touch  gateway.yourdomain.com.rr.zone.jnl

set permission for the file

  • chown named:named  gateway.yourdomain.com..zone.jnl
  • chown named:named  gateway.yourdomain.com.rr.zone.jnl
  • chmod 644  gateway.yourdomain.com.rr.zone.jnl
  • chmod 644  gateway.yourdomain.com..zone.jnl
  • exit from the directory using cd command
  • start the service using service named start command
  • For Auto start the service when booting the machine type the command chkconfig named on
  • check the name resolving using nslookup 172.23.10.1 command 

DHCP Configuration (Dynamic DNS)                  

The following package must be installed :

dhcp-4.1.1-12.P1.el6.i686.rpm

Configure Dhcp

  • Install dhcp using below command
  • rpm -ivh dhcp-4.1.1-12.P1.el6.i686.rpm
  • copy /usr/share/doc/dhcp-xxxx/dhcpd.conf.sample to /etc/dhcp/dhcpd.conf
  • cp -r /usr/share/doc/dhcp-xxxx/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

vi dhcpd.conf

#Edit or Add below lines in dhcpd.conf

option domain-name "gateway.yourdomain.com";
option domain-name-servers 172.23.10.1;
default-lease-time 600;
max-lease-time 7200;
allow bootp;
allow booting;
allow client-updates;
#ignore client-updates;
update-static-leases on;
ddns-domainname "yourdomain.com";
ddns-rev-domainname "in-addr.arpa";
ddns-update-style interim;
ddns-updates on;
use-host-decl-names on;
authoritative;
key dhcpupdate {
algorithm hmac-md5;
secret "7dAul+qVM+S6G+EPeAy+Vg==";
};
zone yourdomain.com. {
primary 172.23.10.1;
key dhcpupdate;
}
zone 10.23.172.in-addr.arpa. {
primary 172.23.10.1;
key dhcpupdate;
}
allow unknown-clients;
log-facility local7;
subnet 172.23.0.0 netmask 255.255.0.0 {
server-name "gateway.yourdomain.com";
option subnet-mask 255.255.0.0;
option routers 172.23.10.1;
option broadcast-address 172.23.255.255;
option time-offset      -18000;
range 172.23.10.50 172.23.10.250;
next-server 172.23.10.1;
filename "pxelinux.0";
}

#Save file using :wq!

  • Start the service using service dhcpd start command
  • For Auto start the service when booting the machine type the command chkconfig  dhcpd on