TP8 (DNS & DHCP)
Config Serveur DNS
domain: metal.fr server: immortal (192.168.0.2)
Dans /etc/bind/named.conf.local :
zone "metal.fr" {
type master;
file "/etc/bind/db.metal";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.0.168.192";
};
Dans /etc/bind/db.metal :
; $ORIGIN metal.fr $TTL 86400 @ IN SOA dns1.metal.fr. mailer.metal.fr. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 86400 ) ; Negative Cache TTL ; @ IN NS immortal @ IN MX 10 nile immortal IN A 192.168.0.2 syl IN A 192.168.0.1 nile IN A 192.168.0.3 ; alias mailer IN CNAME nile dns1 IN CNAME immortal
Nota Bene : NS = DNS Server, IN = Internet (optionel), mailer.metal.fr ⇒ mailer@metal.fr (@email du DNS admin)
Dans /etc/bind/db.0.168.192 (reverse) :
; $ORIGIN 0.168.192.in-addr.arpa $TTL 86400 @ IN SOA dns1.metal.fr. mailer.metal.fr. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 86400 ) ; Negative Cache TTL ; @ IN NS dns1.metal.fr. ; reverse 2 IN PTR immortal.metal.fr. 1 IN PTR syl.metal.fr. 3 IN PTR nile.metal.fr.
Vérif Config Serveur :
$ named-checkzone 0.168.192.in-addr.arpa db.0.168.192 $ named-checkzone metal.fr db.metal $ named-checkconf -z
Démarrage du serveur :
$ /etc/init.d/bind9 restart
Les logs :
$ tail /var/log/syslog
Config Client DNS
Dans /etc/resolv.conf :
search metal.fr nameserver 192.168.0.2
Dans /etc/nsswitch.conf :
... hosts: files dns ...
Ne pas oublier de redémarrer le daemon nscd.
Test Client, sur syl par exemple :
$ nslookup nile Server: 192.168.0.2 Address: 192.168.0.2#53 Name: nile.metal.fr Address: 192.168.0.3 $ ping nile PING nile.metal.fr (192.168.0.3) 56(84) bytes of data. 64 bytes from nile.metal.fr (192.168.0.3): icmp_seq=1 ttl=64 time=12.8 ms
Config du serveur DHCP
Serveur DHCP su syl.
Configuration sans DNS
Dans /etc/dhcp/dhcpd.conf:
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.20;
option broadcast-address 192.168.0.255;
}
On démarre le serveur DHCP :
$/etc/init.d/isc-dhcp-server start
Configuration avec DNS
On suppose le serveur DNS bien configuré sur immortal…
Dans /etc/dhcp/dhcpd.conf (syl), ajouter à la fin :
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.30; # Range of IP addresses to be issued to DHCP clients
option domain-name "metal.fr"; # Domain name
option domain-name-servers 192.168.0.2; # Default DNS to be used by DHCP clients
# option routers 192.168.0.254; # Default gateway to be used by DHCP clients
option subnet-mask 255.255.255.0; # Default subnet mask to be used by DHCP clients
option broadcast-address 192.168.0.255; # Default broadcast address to be used by DHCP clients
host nile {
hardware ethernet A2:00:00:00:03:00;
fixed-address 192.168.0.9;
}
}
On redémarre le serveur DHCP.
Configuration du Client DHCP
Dans /etc/network/interfaces (nile) :
auto eth0 iface eth0 inet dhcp
Puis on démarre le client…
$/etc/init.d/networking restart
Ou encore :
root@nile:~ #dhclient -v Listening on LPF/eth0/a2:00:00:00:03:00 Sending on LPF/eth0/a2:00:00:00:03:00 Sending on Socket/fallback DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4 DHCPOFFER from 192.168.0.1 DHCPREQUEST on eth0 to 255.255.255.255 port 67 DHCPACK from 192.168.0.1 bound to 192.168.0.10 -- renewal in 265 seconds.
On peut vérifier les entrées ajoutées dynamiquement sur le serveur DHCP dans le fichier /var/lib/dhcp/dhcpd.leases
Configuration avançée du serveur DHCP
On souhaite maintenant faire en sorte que le serveur DHCP collabore avec le serveur DNS pour mettre à jour automatiquement la liste desnouvelles machines reconnues par DNS.
On utilise le secret définie dans /etc/bind/rndc.key
On modifie la config DHCP du serveur dans /etc/dhcp/dhcpd.conf :
ddns-update-style interim;
ddns-updates on;
deny client-updates;
ddns-domainname "metal.fr.";
ddns-rev-domainname "0.168.192.in-addr.arpa.";
authoritative;
key "rndc-key" {
algorithm hmac-md5;
secret "nnuTF/RJEhvmKhttRzIv8w==";
}
zone metal.fr. {
primary 192.168.0.2;
key rndc-key;
}
zone 0.168.192.in-addr.arpa. {
primary 192.168.0.2;
key rndc-key;
}
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.30; # Range of IP addresses to be issued to DHCP clients
option domain-name "metal.fr"; # Domain name
option domain-name-servers 192.168.0.2; # Default DNS to be used by DHCP clients
option subnet-mask 255.255.255.0; # Default subnet mask to be used by DHCP clients
option broadcast-address 192.168.0.255; # Default broadcast address to be used by DHCP clients
}
Puis on modifie la config su serveur DNS dans /etc/bind/named.conf.local :
key "rndc-key" {
algorithm hmac-md5;
secret "nnuTF/RJEhvmKhttRzIv8w==";
};
zone "metal.fr" {
type master;
file "/etc/bind/db.metal";
allow-update {key "rndc-key"; };
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.0.168.192";
allow-update {key "rndc-key"; };
};
Ne pas oublier chmod g+wx /etc/bind (pour le group “bind”).
Finalement, côté client DHCP (nile), dans /etc/dhcp/dhclient.conf :
send host-name "ninile";
Puis :
$ dhclient -v