How can configure dns cache name server with slave domain??

Gran_Maestre · 07-05-2010, 01:57 PM

I don't know how configure or how explain what i want to do .... i have one server with dhcpd and dns name cache (also squid as a transparent proxy and iptables), this works fine but logs show this

Code:

Jul  5 14:45:23 proxy dhcpd: Unable to add forward map from tecnicos.xxxxxxxxx.cl to 192.168.3.60: timed out
Jul  5 14:45:23 proxy dhcpd: DHCPREQUEST for 192.168.3.60 from 00:60:6e:00:02:f4 (tecnicos) via eth0
Jul  5 14:45:23 proxy dhcpd: DHCPACK on 192.168.3.60 to 00:60:6e:00:02:f4 (tecnicos) via eth0

the server is only dns cache server, domain and web is on hosting, how can configure dhcpd and named to update correctly DNS for all the host whos connect with dhcpd??

named.conf

Code:

options {
        listen-on port 53 { 127.0.0.1; 192.168.3.1; };
        //listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 192.168.3.0/24; 127.0.0.1; };
        recursion yes;
        dnssec-enable yes;
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

include "/etc/named.rfc1912.zones";

dhcpd.conf

Code:

log-facility local0;
authoritative;
ddns-updates on;
ddns-update-style interim;
allow client-updates;
option routers                  192.168.3.1;
option subnet-mask              255.255.255.0;
option nis-domain               "xxxxxxxx.cl";
option domain-name              "xxxxxxxx.cl";
option domain-name-servers      192.168.3.1, 200.54.144.227;
option time-offset              -18000; # Eastern Standard Time
one-lease-per-client            on;
ddns-rev-domainname             "in-addr.arpa";

shared-network LAN {
        authoritative;
        ddns-updates on;
        max-lease-time 180;
        default-lease-time 60;
        subnet 192.168.3.0 netmask 255.255.255.0 {
                authoritative;
                max-lease-time 180;
                default-lease-time 60;
                ddns-updates on;
                range 192.168.3.50 192.168.3.60;
                }
        host tecnicos {
                max-lease-time 1800;
                default-lease-time 600;
                allow client-updates;
                ddns-updates on;
                hardware ethernet 00:xx:xx:xx:xx:xx;
                fixed-address 192.168.3.19;
                option routers 192.168.3.1;
                }
        }

Si alguien me puede ayudar en español se lo agradeceré ya que mi ingles no es muy bueno.

Noway2 · 07-06-2010, 06:18 AM

If I understand your question correctly, in your DNS configuration, you need to add a block for allowing updates between the DHCP and DNS. To do this add a block like this:

Code:

key DHCP_UPDATER {
    algorithm HMAC-MD5.SIG-ALG.REG.INT;

    # Important: Replace this key with your generated key.
    # Also note that the key should be surrounded by quotes.
     secret "your-key-goes-here";
};

This same block with go in your dhcp configuration too. You will need to generate a key for your DHCP and DNS. You can do this with the following command:

Code:

dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER

Then get the key with this:

Code:

cat Kdhcp_updater.*.private|grep Key

Then in the zones add allow-update { key DHCP_UPDATER; };