Wednesday, March 31, 2010

Make your DHCP server dynamically update your DNS records

Hi friends,

Here is the very useful blog for linux guys. We all know how to configure the DNS (bind9) server and due to name servers only we are able to resolve IPs to human readable host-names and viz. but it works in between internet and LAN network. What about LAN IPs and hosts, still we need to access them by using IP address of client machines. So here is the solution for LANs IP to hostname resolution.

Friends steps in this blog shows how to configure the DHCP server to automatically update the DNS records when giving out a new lease to a client computer. I am assuming that you already have a working copy of dhcp3-server and bind9 installed. If you don’t have that I suggest that you first read my two other blogs on how to install and configure them.

Configuration Steps :


Step 1

Apparently the Ubuntu server is installed with an AppArmor profile that prevents bind to write to the /etc/bind directory. The default profile suggests that these files should be put in /var/lib/bind. We will start by copying our zone files so we have a backup remaining if anything goes wrong:

 sudo cp /etc/bind/zones/*  /var/lib/bind/

Now change the owner and group of the files to bind, so that bind will have file permissions that allows it to write to the files:


sudo chown bind:bind /var/lib/bind/*

Step 2

We don’t want anybody to be able to update our DNS, so we need to create a secret, a key, that the DCHP server must know in order to be able to update the DNS:

sudo dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER

You can observe the generated key by:

sudo cat Kdhcp_updater.*.private | grep Key

Your key should be looking somewhat like the following key (without quotes):

"HgtB4WACBDEFGijkMZqwe=="

Now copy the key to the clipboard so that you can paste it into the configuration file later on.

Step 3

We now need to add the key to the bind configuration and tell it what zones that we want it to allow updates on. I’ve included the contents of configuration file here and marked the changes that I’ve made in bold.

Edit your /etc/bind/named.conf.local:

sudo vim /etc/bind/named.conf.local

Changes are marked with bold and red color:

#The secret key used for DHCP updates. 
key DHCP_UPDATER {
    algorithm HMAC-MD5.SIG-ALG.REG.INT;

    # Important: Replace this key with your generated key.
    # Also note that the key should be surrounded by quotes.
    secret "HgtB4WACBDEFGijkMZqwe==";
}; 
 
zone "local.domain" {
    type master;

    # Change the path of the database file to the writable 
copy in /var/lib/bind
    file "/var/lib/bind/local.domain.db";

    # Tell this zone that we will allow it to be updated 
#from anyone that knows the secret specified in the
#DHCP_UPDATER key.
    allow-update { key DHCP_UPDATER; };
};

zone "1.168.192.in-addr.arpa"  {
    type master;

    # Change the path of the database file to the
#writable copy in /var/lib/bind
    file "/var/lib/bind/rev.1.168.192.in-addr.arpa";

    # Tell this zone that we will allow it to be updated
#from anyone that knows the secret specified in the
#DHCP_UPDATER key.
    allow-update { key DHCP_UPDATER; };
};










Step 4





Now edit the your dhcps.conf so that the DHCP server can send updates to the DNS



sudo vim /etc/dhcp3/dhcpd.conf



Changes are marked with bold and red: 




 
#
# Make sure to change the ddns update style to interim:
ddns-update-style interim;
ignore client-updates;      # Overwrite client configured FQHNs
ddns-domainname "local.domain.";
ddns-rev-domainname "1.168.192.in-addr.arpa.";

# option definitions common to all supported networks...
option domain-name "local.domain";
option domain-name-servers ubuntu.local.domain;

default-lease-time 600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file
#(you also have to hack syslog.conf to complete the redirection).
log-facility local7;

key DHCP_UPDATER {
    algorithm HMAC-MD5.SIG-ALG.REG.INT;

    # Important: Replace this key with your generated key.
    # Also note that the key should be surrounded by quotes.
    secret "HgtB4WACBDEFGijkMZqwe==";
};

zone local.domain. {
  primary 127.0.0.1;
  key DHCP_UPDATER;
}

zone 1.168.192.in-addr.arpa. {
  primary 127.0.0.1;
  key DHCP_UPDATER;
}

# This is a very basic subnet declaration.
subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.30 192.168.1.200;
  option routers router.local.domain;
}






Step 5



The configuration files now contains our secret key. We should not let just anyone can read our secret key, so we are removing the general read rights from them:



sudo chmod o-r /etc/bind/named.conf.local

sudo chmod o-r /etc/dhcp3/dhcpd.conf



We should now have a fully working dynamic dns system for our local network, lets hold the thumbs and restart the services.



sudo /etc/init.d/bind9 restart

sudo /etc/init.d/dhcp3-server restart



Step 6



Testing :



If you have an Ubuntu client that uses DHCP you can restart its network to make the DHCP-client request a new ip-address from the server:



sudo /etc/init.d/networking restart



You should now be able to lookup your client computer in your DNS:



host lappy-ubuntu



Result:

lappy-ubuntu.local.domain has address192.168.1.30



And the reverse should now also work for your client computer address:



host192.168.1.30



Result:

30.1.168.192.in-addr.arpa domain name pointer lappy-ubuntu.local.domain.



And its done... :) now you can access any client machine by hostname only.. so there is no need to check ip address and then entering the IPs.



Hope this post will save lots of time of yourz...
























Posted by



at





No comments:
  







































          

        

          

        

Sunday, March 28, 2010


          

        










Upgrading Ubuntu versions











Hi Friends, back with a new blog for newbies...
If its a linux system then its really not a magic that you can upgrade your OS version easily to newer one, all you need is a smooth internet connection. You can do this either using command-line (which I prefer, as now 'm not much interested in watching nice graphics while installing OS) or by Update-manager.
Ok here is the procedure-






Terminal: 
1. Install update-manager-core if it is not already installed:
sudo apt-get install update-manager-core
2. Launch the upgrade tool:
sudo do-release-upgrade
  3. Follow the on-screen instructions.



and the version will be upgraded :)

 








Update Manager: 



1.  Start System/Administration/Update Manager



2. Click the Check button to check for new updates.



3. If there are any updates to install, use the Install Updates  button to install them, and press Check again after that is complete.



4. A message will appear informing you of the availability of the new  release.



um1



5. Click Upgrade.



6. Follow the on-screen instructions.



um5


And here is your new version upgraded.. :)
















Posted by



at





No comments:
  
















































Local DNS cache for faster browsing by using dnsmasq















A DNS server resolves domain names into IP addresses. So when you request  “google.com” for example, the DNS server finds out the address for the  domain, and sends your request the right way. 
You can run a DNS cache on your computer and can speed up the process of looking up domain names when browsing.



Install dnsmasq in Ubuntu
Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP  server. It is designed to provide DNS and optionally, DHCP, to a small  network. It can serve the names of local machines which are not in the  global DNS. The DHCP server integrates with the DNS server and allows  machines with DHCP-allocated addresses to appear in the DNS with names  configured either in each host or in a central configuration file.  Dnsmasq supports static and dynamic DHCP leases and BOOTP for network  booting of diskless machines.
First you need to make sure that Universe repository is enabled in  your sources.list file
Install dnsmasq Using the following command



sudo apt-get install dnsmasq



uncomment the following line (remove “#” in the beginning) in the  file /etc/dnsmasq.conf



listen-address=127.0.0.1



Now edit /etc/dhcp3/dhclient.conf and make sure the section below exactly like this, especially the  line that says "prepend domain-name-servers 127.0.0.1;" as -



#supersede domain-name fugue.com home.vix.com;

prepend domain-name-servers 127.0.0.1;

request subnet-mask, broadcast-address, time-offset, routers,

domain-name, domain-name-servers, host-name,

netbios-name-servers, netbios-scope;



Now open the file /etc/resolv.conf in your text editor and add "nameserver 127.0.0.1" above the all of the nameserver entries (indicated with bold)



search domainname.com

nameserver 127.0.0.1 
nameserver 217.54.170.023

nameserver 217.54.170.024

nameserver 217.54.170.026



Now you need to restart the dnsmasq using the following command



sudo /etc/init.d/dnsmasq restart



Now you are running a local DNS cache.



Testing Your Local DNS Cache
If you want to measure your speed improvement, type the command
dig gmail.com



You will see something like 



;; Query time: 38 msec



Now type the command again, and you should see something like:



;;  Query time: 2 msec



and its working fine :) . Hope this post will help you for faster browsing... 










Posted by



at





No comments:
  

































        

      









Subscribe to:
Posts (Atom)