domain: metal.fr server: immortal (192.168.0.2)
Dans /etc/bind/named.conf.local :
zone "metal.fr" { type master; file "/etc/bind/db.metal"; }; zone "0.168.192.in-addr.arpa" { type master; file "/etc/bind/db.0.168.192"; };
Dans /etc/bind/db.metal :
; $ORIGIN metal.fr $TTL 86400 @ IN SOA dns1.metal.fr. mailer.metal.fr. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 86400 ) ; Negative Cache TTL ; @ IN NS immortal @ IN MX 10 nile immortal IN A 192.168.0.2 syl IN A 192.168.0.1 nile IN A 192.168.0.3 ; alias mailer IN CNAME nile dns1 IN CNAME immortal
Nota Bene : NS = DNS Server, IN = Internet (optionel), mailer.metal.fr ⇒ mailer@metal.fr (@email du DNS admin)
Dans /etc/bind/db.0.168.192 (reverse) :
; $ORIGIN 0.168.192.in-addr.arpa $TTL 86400 @ IN SOA dns1.metal.fr. mailer.metal.fr. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 86400 ) ; Negative Cache TTL ; @ IN NS dns1.metal.fr. ; reverse 2 IN PTR immortal.metal.fr. 1 IN PTR syl.metal.fr. 3 IN PTR nile.metal.fr.
Vérif Config Serveur :
$ named-checkzone 0.168.192.in-addr.arpa db.0.168.192 $ named-checkzone metal.fr db.metal $ named-checkconf -z
Démarrage du serveur :
$ /etc/init.d/bind9 restart
Les logs :
$ tail /var/log/syslog
Dans /etc/resolv.conf :
search metal.fr nameserver 192.168.0.2
Dans /etc/nsswitch.conf :
... hosts: files dns ...
Ne pas oublier de redémarrer le daemon nscd.
Test Client, sur syl par exemple :
$ nslookup nile Server: 192.168.0.2 Address: 192.168.0.2#53 Name: nile.metal.fr Address: 192.168.0.3 $ ping nile PING nile.metal.fr (192.168.0.3) 56(84) bytes of data. 64 bytes from nile.metal.fr (192.168.0.3): icmp_seq=1 ttl=64 time=12.8 ms
Serveur DHCP su syl.
Configuration sans DNS
Dans /etc/dhcp/dhcpd.conf:
default-lease-time 600; max-lease-time 7200; subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.10 192.168.0.20; option broadcast-address 192.168.0.255; }
On démarre le serveur DHCP :
$/etc/init.d/isc-dhcp-server start
Configuration avec DNS
On suppose le serveur DNS bien configuré sur immortal…
Dans /etc/dhcp/dhcpd.conf (syl), ajouter à la fin :
subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.10 192.168.0.30; # Range of IP addresses to be issued to DHCP clients option domain-name "metal.fr"; # Domain name option domain-name-servers 192.168.0.2; # Default DNS to be used by DHCP clients # option routers 192.168.0.254; # Default gateway to be used by DHCP clients option subnet-mask 255.255.255.0; # Default subnet mask to be used by DHCP clients option broadcast-address 192.168.0.255; # Default broadcast address to be used by DHCP clients host nile { hardware ethernet A2:00:00:00:03:00; fixed-address 192.168.0.9; } }
On redémarre le serveur DHCP.
Dans /etc/network/interfaces (nile) :
auto eth0 iface eth0 inet dhcp
Puis on démarre le client…
$/etc/init.d/networking restart
Ou encore :
root@nile:~ #dhclient -v Listening on LPF/eth0/a2:00:00:00:03:00 Sending on LPF/eth0/a2:00:00:00:03:00 Sending on Socket/fallback DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4 DHCPOFFER from 192.168.0.1 DHCPREQUEST on eth0 to 255.255.255.255 port 67 DHCPACK from 192.168.0.1 bound to 192.168.0.10 -- renewal in 265 seconds.
On peut vérifier les entrées ajoutées dynamiquement sur le serveur DHCP dans le fichier /var/lib/dhcp/dhcpd.leases
On souhaite maintenant faire en sorte que le serveur DHCP collabore avec le serveur DNS pour mettre à jour automatiquement la liste desnouvelles machines reconnues par DNS.
On utilise le secret définie dans /etc/bind/rndc.key
On modifie la config DHCP du serveur dans /etc/dhcp/dhcpd.conf :
ddns-update-style interim; ddns-updates on; deny client-updates; ddns-domainname "metal.fr."; ddns-rev-domainname "0.168.192.in-addr.arpa."; authoritative; key "rndc-key" { algorithm hmac-md5; secret "nnuTF/RJEhvmKhttRzIv8w=="; } zone metal.fr. { primary 192.168.0.2; key rndc-key; } zone 0.168.192.in-addr.arpa. { primary 192.168.0.2; key rndc-key; } subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.10 192.168.0.30; # Range of IP addresses to be issued to DHCP clients option domain-name "metal.fr"; # Domain name option domain-name-servers 192.168.0.2; # Default DNS to be used by DHCP clients option subnet-mask 255.255.255.0; # Default subnet mask to be used by DHCP clients option broadcast-address 192.168.0.255; # Default broadcast address to be used by DHCP clients }
Puis on modifie la config su serveur DNS dans /etc/bind/named.conf.local :
key "rndc-key" { algorithm hmac-md5; secret "nnuTF/RJEhvmKhttRzIv8w=="; }; zone "metal.fr" { type master; file "/etc/bind/db.metal"; allow-update {key "rndc-key"; }; }; zone "0.168.192.in-addr.arpa" { type master; file "/etc/bind/db.0.168.192"; allow-update {key "rndc-key"; }; };
Ne pas oublier chmod g+wx /etc/bind (pour le group “bind”).
Finalement, côté client DHCP (nile), dans /etc/dhcp/dhclient.conf :
send host-name "ninile";
Puis :
$ dhclient -v