Both sides previous revision Previous revision Next revision | Previous revision |
linux_router:dns_dhcp [2023-04-30 Sun wk17 17:43] – external edit 127.0.0.1 | linux_router:dns_dhcp [2023-07-08 Sat wk27 10:56] (current) – [Bind9 Control Nomenclature] baumkp |
---|
{{tag>linux router dns dhcp bind ip ipv6 radvd host dig nslookup}} | {{tag>linux router dns dhcp bind ip ipv6 radvd host dig nslookup}} |
======DHCP / DNS Setup====== | ======DHCP / DNS Setup====== |
| |
| =====Outdated===== |
| |
| I have moved my DNS and DHCP servers to Docker, [[https://wiki.kptree.net/doku.php?id=docker_notes:docker-dns#docker_-_dns_server|Docker-DNS Server]]. I am still using ISC_Bind9, but am now using ISC_Kea for DHCP as ISC_Bind is no longer supported as of 2022. |
| |
| Further to this I am no looking at backups for both these services on my local area network. Whilst these services worked reliably well, when ever I shutdown the the router with DNS/DHCP servers my LAN would stop working. Hence the need for back-up DNS. |
| |
| These notes still have some utility. I will presumably archive (tl;dr; roll-up) eventually. |
| |
| Actually my router that I was running these services was totally lost when upgrading from Debian 11 to Debian 12, circa June 2023. So I had to rebuild from scratch using these various notes. |
| |
This setup was primarily written in 2017 and is based upon ISC Bind9 and ISC DHCP, which are the main internet backbone software used for DNS and DHCP. | This setup was primarily written in 2017 and is based upon ISC Bind9 and ISC DHCP, which are the main internet backbone software used for DNS and DHCP. |
| |
| |
===Main references used (2017)=== | ===Main references used (2017)=== |
A couple of interesting resources are BigDinosaur Blog [[https://blog.bigdinosaur.org/running-bind9-and-isc-dhcp/|Running BIND9 and ISC-DHCP]] and Kill-9 Ubuntu 16.04 based Router [[https://killtacknine.com/building-an-ubuntu-16-04-router-part-2-dhcp/|Part 2 - DHCP]] and [[https://killtacknine.com/building-an-ubuntu-16-04-router-part-5-dns/|Part 5 - DNS]]. Another reference is Lani's Weblog - Make your [[https://lani78.com/2012/07/23/make-your-dhcp-server-dynamically-update-your-dns-records-on-ubuntu-12-04-precise-pangolin/|DHCP server dynamically update your DNS records]] on Ubuntu 12.04 (Precise Pangolin). Also dragon.org.uk [[https://blogging.dragon.org.uk/dns-bind9-dhcp-ubuntu-16-04-2/|DNS with bind9 and DHCP on Ubuntu 16.04]] and DigitalOcean [[https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-16-04|How To Configure BIND as a Private Network DNS Server on Ubuntu 16.04]].\\ | An interesting older resource is BigDinosaur Blog [[https://blog.bigdinosaur.org/running-bind9-and-isc-dhcp/|Running BIND9 and ISC-DHCP]]. ++Unfortunately, no longer readily available, Kill-9 Ubuntu 16.04 based Router, Part 2 - DHCP| does not seem to be saved on [[https://web.archive.org/|Wayback Machine Internet Archive]], but [[https://web.archive.org/web/20190410000003/https://killtacknine.com/building-an-ubuntu-16-04-router-part-5-dns/|Part 5 - DNS]] is. (As are [[https://web.archive.org/web/20190410005152/https://killtacknine.com/building-an-ubuntu-16-04-router-part-6-remote-access/|Building an Ubuntu 16.04 Router Part 6: Remote Access]], [[https://web.archive.org/web/20190410001839/https://killtacknine.com/building-an-ubuntu-16-04-router-part-7-proxies-and-caching//|Building an Ubuntu 16.04 Router Part 7: Proxies and Caching]] & [[https://web.archive.org/web/20190410000841/https://killtacknine.com/building-an-ubuntu-16-04-router-part-8-monitoring/|Building an Ubuntu 16.04 Router Part 8: Monitoring]]. It looks like parts 2 and 3 are missing only.)++ |
[[https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-debian-9|How To Configure BIND as a Private Network DNS Server on Debian 9]]\\ | |
[[https://computingforgeeks.com/configure-slave-bind-dns-server-on-debian/|Configure BIND Slave DNS Server on Debian 11]] | Another reference is Lani's Weblog - Make your [[https://lani78.com/2012/07/23/make-your-dhcp-server-dynamically-update-your-dns-records-on-ubuntu-12-04-precise-pangolin/|DHCP server dynamically update your DNS records]] on Ubuntu 12.04 (Precise Pangolin). Also dragon.org.uk [[https://blogging.dragon.org.uk/dns-bind9-dhcp-ubuntu-16-04-2/|DNS with bind9 and DHCP on Ubuntu 16.04]].\\ |
[[https://www.lisenet.com/2018/configure-dhcp-failover-with-dynamic-dns-on-centos-7/|Configure DHCP Failover with Dynamic DNS on CentOS 7]] | *[[https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-debian-9|How To Configure BIND as a Private Network DNS Server on Debian 9]]\\ |
[[https://mindref.blogspot.com/2010/12/debian-dhcp-failover.html|Debian DHCP server failover]] | *[[https://computingforgeeks.com/configure-slave-bind-dns-server-on-debian/|Configure BIND Slave DNS Server on Debian 11]] |
[[https://computingforgeeks.com/configure-slave-bind-dns-server-on-debian/|Configure BIND Slave DNS Server on Debian 11 | Debian 10]] | *[[https://www.lisenet.com/2018/configure-dhcp-failover-with-dynamic-dns-on-centos-7/|Configure DHCP Failover with Dynamic DNS on CentOS 7]] |
| *[[https://mindref.blogspot.com/2010/12/debian-dhcp-failover.html|Debian DHCP server failover]] |
| *[[https://computingforgeeks.com/configure-slave-bind-dns-server-on-debian/|Configure BIND Slave DNS Server on Debian 11 | Debian 10]] |
| *[[https://www.zytrax.com/books/dns/|DNS for Rocket Scientists]] - <fc #9400d3>This is a good general description</fc> |
=====DNS Setup===== | =====DNS Setup===== |
| |
*''sudo cp /etc/bind/named.conf.default-zones /etc/bind/default.named.conf.default-zones'' | *''sudo cp /etc/bind/named.conf.default-zones /etc/bind/default.named.conf.default-zones'' |
| |
| ====Bind9 Control Nomenclature==== |
| There are a number of "names" that are used with bind9 dns. |
| * "bind9" is the DNS software is known as isc_bind9, and systemctl in some Linux refers to the service as bind9.service. |
| * "named" is the normal name of the isc-bind9 code that is call to start the application |
| * "rndc" is an application used to control a running bind9 instance, e.g. ''rndc reload'' to reload the configuration |
====Setting Bind9 to IPv4 Mode==== | ====Setting Bind9 to IPv4 Mode==== |
''sudo vim /etc/default/bind9'' or ''sudo vim /etc/default/named'', set following parameter: ''OPTIONS="-u bind -4"'' | ''sudo vim /etc/default/bind9'' or ''sudo vim /etc/default/named'', set following parameter: ''OPTIONS="-u bind -4"'' |
* [[https://www.cyberciti.biz/faq/linux-unix-bind9-named-configure-views/|BIND 9 Configure Views To Partition External and Internal DNS Information]] | * [[https://www.cyberciti.biz/faq/linux-unix-bind9-named-configure-views/|BIND 9 Configure Views To Partition External and Internal DNS Information]] |
* [[https://serverfault.com/questions/381635/dynamic-dns-with-split-horizon-dns-or-hairpin-nat|Dynamic DNS with split horizon DNS or hairpin NAT]] | * [[https://serverfault.com/questions/381635/dynamic-dns-with-split-horizon-dns-or-hairpin-nat|Dynamic DNS with split horizon DNS or hairpin NAT]] |
* [[https://serverfault.com/questions/508605/why-dont-more-organizations-use-inside-to-inside-nat-or-similar-solutions-to-al|Why don't more organizations use inside-to-inside NAT or similar solutions to allow NAT hairpins?]]// - This also notes the possibility that a lot of the pro split DNS and anti Hairpin NAT may come from corporate trained bias.// | * [[https://serverfault.com/questions/508605/why-dont-more-organizations-use-inside-to-inside-nat-or-similar-solutions-to-al|Why don't more organizations use inside-to-inside NAT or similar solutions to allow NAT hairpins?]] |
* [[https://www.rfc-editor.org/rfc/rfc1918|rfc1918 - Address Allocation for Private Internets]] | * [[https://www.rfc-editor.org/rfc/rfc1918|rfc1918 - Address Allocation for Private Internets]] |
====Other Bind9 Stuff==== | ====Other Bind9 Stuff==== |