Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
linux_router:dns_dhcp [2024-06-23 Sun wk25 09:39] – [secure DNS] baumkp | linux_router:dns_dhcp [2024-07-21 Sun wk29 08:58] (current) – [isc-dhcp-server log file comments] baumkp | ||
---|---|---|---|
Line 6: | Line 6: | ||
I have moved my DNS and DHCP servers to Docker, [[https:// | I have moved my DNS and DHCP servers to Docker, [[https:// | ||
- | Further to this I am no looking at backups for both these services on my local area network. | + | ++++tl; |
+ | Further to this I am no looking at backups for both these services on my local area network. | ||
These notes still have some utility. | These notes still have some utility. | ||
- | Actually my router that I was running these services was totally lost when upgrading from Debian 11 to Debian 12, circa June 2023. So I had to rebuild from scratch using these various notes. | + | Actually my router that I was running these services was totally lost when upgrading from Debian 11 to Debian 12, circa June 2023. So I had to rebuild from scratch using these various notes. This went reasonably well as the notes seemed suitable for purpose. |
- | This setup was primarily written in 2017 and is based upon ISC Bind9 and ISC DHCP, which are the main internet backbone software used for DNS and DHCP. | + | This setup was primarily written in 2017 and is based upon ISC Bind9 and ISC DHCP, which are the main internet backbone software used for DNS and DHCP. I no longer use ISC DHCP as this has been formally replaced by ISC Kea. |
(2022) ISC has a newer DHCP software called Kea that is designed to replace ISC DHCP. Kea was primarily developed around 2014-2020. They also are currently developing a monitor for Kea and Bind9 called Stork. | (2022) ISC has a newer DHCP software called Kea that is designed to replace ISC DHCP. Kea was primarily developed around 2014-2020. They also are currently developing a monitor for Kea and Bind9 called Stork. | ||
+ | ++++ | ||
===Main references used (2017)=== | ===Main references used (2017)=== | ||
An interesting older resource is BigDinosaur Blog [[https:// | An interesting older resource is BigDinosaur Blog [[https:// | ||
Line 268: | Line 269: | ||
* [[https:// | * [[https:// | ||
=====DHCP Setup===== | =====DHCP Setup===== | ||
+ | This section is outdated, ISC DHCP was replaced by ISC Kea, and ISC DHCP is no longer formally supported as of 2022. | ||
+ | ++++Outdated tl;dr;| | ||
First install or ensure already installed the ISC DHCP server software: '' | First install or ensure already installed the ISC DHCP server software: '' | ||
- | Next edit the dhcp configuration file: '' | + | Next edit the dhcp configuration file: '' |
++++dhcp.conf| | ++++dhcp.conf| | ||
< | < | ||
Line 482: | Line 486: | ||
ISC has stopped supporting ISC-DHCP client and relay versions as of 2022 and indicated that they plan to eventually stop support of server version. | ISC has stopped supporting ISC-DHCP client and relay versions as of 2022 and indicated that they plan to eventually stop support of server version. | ||
+ | |||
+ | |||
====isc-dhcp-server defaults file==== | ====isc-dhcp-server defaults file==== | ||
The default isc-dhcp-server configuration files is: '' | The default isc-dhcp-server configuration files is: '' | ||
Line 495: | Line 501: | ||
in your dhcpd.conf file for the network segment | in your dhcpd.conf file for the network segment | ||
to which interface eno4 is attached. ** | to which interface eno4 is attached. ** | ||
- | </ | + | </ |
+ | ++++ | ||
======ipv6====== | ======ipv6====== | ||
=====radvd===== | =====radvd===== | ||
Line 587: | Line 593: | ||
====secure DNS==== | ====secure DNS==== | ||
+ | *'' | ||
+ | *This also seems to work for other DNS resolvers, 1.1.1.1 (Cloudflare), | ||
- | + | *Stackexchange.com: | |
- | *[[https:// | + | *[[https:// |
- | *[[https:// | + | *[[https:// |
+ | *[[https:// | ||
+ | *[[https:// | ||
*[[https:// | *[[https:// | ||
*[[https:// | *[[https:// | ||
+ | *[[https:// | ||
+ | *[[https:// | ||
+ | *[[https:// | ||
+ | *[[https:// | ||
+ | *Some online DNSSEC analysers: | ||
+ | *[[https:// | ||
+ | *[[https:// | ||
+ | *Bind9 read the docs: | ||
+ | *[[https:// | ||
+ | *[[https:// | ||
+ | *[[https:// | ||
=====ipv6 links===== | =====ipv6 links===== | ||
*[[https:// | *[[https:// |