On Sun, 2007-10-21 at 12:16 -1000, Dave Burns wrote: > If you have 100 boxes, run DNS. Sounds like you want (?) static host > names, might as well go for static IP too. Why not just make it all > static if they know each other and make assumptions about each other. > > I just happen to know of an office with about 100 PCs in it, using NIS > and NFS means they need a static relationship between machine and IP. > (Well, again, it could be some other way but it is already complicated > enough.) They have some hosts set with static IP, others get IP from > DHCP but it is always the same (DHCP server config knows what IP > belongs to what MAC address), and a small number of laptops share a > pool of IPs and do not have predictable IP. > > Sounds to me like making everything totally dynamic is overkill in > your current situation, and would be skull-crackingly complicated with > 100 PCs that think they know a lot about each other. Maybe there is > some applicable scale in between. > > Or just don't assume that any relationship is static, then everything > can be dynamic. > > What would really make you happy? Some sort of peer-to-peer DNS > without a server? Maybe you can use MAC addresses somehow? > Dave > > > On 10/21/07, zephod@xxxxxxxxxx <zephod@xxxxxxxxxx> wrote: > > > > ---- Dave Burns <tburns@xxxxxxxxxx> wrote: > > > My lazy ignorant suggestion is to reconfigure the router so that you > > > know the IP of the two boxes will not change and then use /etc/hosts. > > > > Yes, I know I could do that. It's OK when there are only 2 boxes but what if I had a small office setup with, say, 100 PCs. It's not so practical then. I'm interested in finding out if there is another way to make this work. > > > > Steve > Hi I have found DDNS a great advantage as I am adding machines/virtual machines/Fx Test releases quite frequently - it is a joy to use. It is behind a routing firewall and is hopefully reasonably secure. I attach my hints to myself below. Please do not ask about the IP addresses used - its too long a story!!!!!!!!!! I also see that dnsmasq is suitable and is used by xen virtual machines? man dnsmasq "dnsmasq is a lightweight DNS, TFTP and DHCP server. It is intended to provide coupled DNS and DHCP service to a LAN." ..... John
http://www.redhat.com/magazine/025nov06/features/dns/?sc_cid=bcm_edmsept_007 See also http://www.brennan.id.au/08-Domain_Name_System_BIND.html The vital bits taken from above ######################################################################## "CACHING" Name Server ######################################################################## The following RPMs need to be installed on the machine acting as the nameserver (use rpm -q to determine if these packages are installed): bind (includes DNS server, named) bind-utils (utilities for querying DNS servers about host information) bind-libs (libraries used by the bind server and utils package) caching-nameserver (config files for a simple caching nameserver) A caching nameserver forwards queries to an upstream nameserver and caches the results. Open the file /var/named/chroot/etc/named.conf and add the following lines to the global options section: forwarders { 212.104.130.9; 212.104.130.65; }; #IP of upstream ISP nameserver(s) forward only; #rely completely on our upstream nameservers chmod 644 named.conf Modify the /etc/resolv.conf file to the following: nameserver 127.0.0.1 Start the nameserver as root and configure to start in runlevels 2-5: service named start chkconfig named on ######################################################################## "PROPER" Name Server ######################################################################## Open /var/named/chroot/etc/named.conf and add the following forward and reverse zone file directives: # Forward Zone for jaa.org.uk domain zone "jaa.org.uk" IN { type master; file "jaa.org.uk.zone"; }; # Reverse Zone for jaa.org.uk domain zone "29.197.148.in-addr.arpa" IN { type master; file "148.197.29.zone"; }; We need to modify the named.conf global options to allow our internal clients to query the nameserver. Modify the existing global options block to the following: acl jaa-lan { 148.197.29.0/24; 127.0/8; }; options { directory "/var/named"; allow-query { jaa-lan; }; forwarders { 212.104.130.9; 212.104.130.65; }; # ISP primary/secondary forward-only; # Rely completely on ISP for cache misses }; Zone Files We are now ready to start defining our hostname mappings in the zone files referenced in the named.conf configuration. Zone files need to be placed in the /var/named/chroot/var/named directory, have 644 permissions with an owner and group of named: cd /var/named/chroot/var/named touch jaa.org.uk.zone chown named:named jaa.org.uk.zone chmod 644 jaa.org.uk.zone ################################################################### $TTL 1D jaa.org.uk. IN SOA maui.jaa.org.uk. ja.jaa.org.uk. ( 200702260 ; serial 2H ; refresh slaves 5M ; retry 1W ; expire 1M ; Negative TTL ) @ IN NS maui.jaa.org.uk. maui IN A 148.197.29.5 ; FC5 server ;Laptop jerry IN A 148.197.29.76 ; Windows 2000 Laptop tom IN A 148.197.29.78 ; Fedora Laptop ;Shuttle 64 pared IN A 148.197.29.33 ; Main 80GB disk - FC5 icybox IN A 148.197.29.32 ; External USB/SATA disk, IcyI, FC5 lacie IN A 148.197.29.34 ; External USB/Firewire Lacie 20GB disk ;Kingston USB Stick kingston IN A 148.197.29.96 ; External Kingston USB 2GB stick ;Latest Removable SATA Disk 250 MB calma IN A 148.197.29.4 ; avon IN A 148.197.29.3 ; pagham IN A 148.197.29.2 ; ;Upright Machine Internal 250GB disk centos IN A 148.197.29.210 ; ;Virtual Machines vmaui IN A 148.197.29.10 ; win2000_ileaf_ja on maui vwskye IN A 148.197.29.10 ; win2000_ileaf_ja on maui??? ;Network devices draytek IN A 148.197.29.254 ; Draytek ADSL router usr IN A 148.197.29.55 ; Old Down stairs US Robotics WAP dlinkng2 IN A 148.197.29.56 ; Down stairs D-Link WAP dlinkng1 IN A 148.197.29.126 ; Up stairs D-Link WAP dlink IN A 148.197.29.127 ; Old Up stairs D-Link WAP netgear IN A 148.197.29.128 ; Netgear Print Server ################################################################### named-checkzone jaa.org.uk jaa.org.uk.zone ################################################################### $TTL 1D @ IN SOA maui.jaa.org.uk. ja.jaa.org.uk. ( 200701260 ; serial 2H ; refresh slaves 5M ; retry 1W ; expire 1M ; Negative TTL ) IN NS maui.jaa.org.uk. 2 IN PTR pagham.jaa.org.uk. 3 IN PTR avon.jaa.org.uk. 4 IN PTR calma.jaa.org.uk. 10 IN PTR vmaui.jaa.org.uk. 32 IN PTR icybox.jaa.org.uk. 33 IN PTR pared.jaa.org.uk. 34 IN PTR lacie.jaa.org.uk. 55 IN PTR usr.jaa.org.uk. 56 IN PTR dlinkng2.jaa.org.uk. 76 IN PTR jerry.jaa.org.uk. 78 IN PTR tom.jaa.org.uk. 96 IN PTR kingston.jaa.org.uk. 126 IN PTR dlinkng1.jaa.org.uk. 127 IN PTR dlink.jaa.org.uk. 128 IN PTR netgear.jaa.org.uk. 210 IN PTR centos.jaa.org.uk. ################################################################### named-checkzone 29.197.148.in-addr.arpa 148.197.29.zone ################################################################### service named restart ################################################################### ################################################################### ################################################################### DYNAMIC DNS/DHCP configuration ################################################################### http://voidmain.kicks-ass.net/redhat/redhat_9_dhcp_dynamic_dns.html and http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.files/doc/aixfiles/named.conf.htm Previously modified /etc/named.conf // // named.conf for Red Hat caching-nameserver // acl jaa-lan { 148.197.29.0/24; 127.0/8; }; options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; allow-query { jaa-lan; }; forwarders { 212.104.130.9; 212.104.130.65; }; #IP of upstream ISP nameserver(s) // forward only; #rely completely on our upstream nameservers ///////////////////////////////// }; // // a caching only nameserver config // controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localdomain" IN { type master; file "localdomain.zone"; allow-update { none; }; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; # Forward Zone for jaa.org.uk domain zone "jaa.org.uk" IN { type master; file "jaa.org.uk.zone"; allow-update { localhost; };//////////////////////////////////////////////////// }; # Reverse Zone for jaa.org.uk domain zone "29.197.148.in-addr.arpa" IN { type master; file "148.197.29.zone"; allow-update { localhost; };//////////////////////////////////////////////////// }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { type master; file "named.ip6.local"; allow-update { none; }; }; zone "255.in-addr.arpa" IN { type master; file "named.broadcast"; allow-update { none; }; }; zone "0.in-addr.arpa" IN { type master; file "named.zero"; allow-update { none; }; }; include "/etc/rndc.key"; ################################################################### Comment out forward only; #rely completely on our upstream nameservers Add allow-update { localhost; }; To both # Forward Zone for jaa.org.uk domain and # Reverse Zone for jaa.org.uk domain ################################################################### /etc/dhcp.conf # # Global Settings # # Turn on Dynamic DNS: ddns-update-style interim; ddns-updates on; # Don't allow clients to update DNS, make the server do it # based on the hostname passed by the DHCP client: deny client-updates; allow unknown-clients; # # 148.197.29.0/255.255.255.0 Scope Settings # subnet 148.197.29.0 netmask 255.255.255.0 { # Range of DHCP assigned addresses for this scope range 148.197.29.10 148.197.29.250 ; # 1 day default-lease-time 86400; # 2 days max-lease-time 172800; # Configure the client's default Gateway: option subnet-mask 255.255.255.0; option broadcast-address 148.197.29.255; option routers 148.197.29.254; # Configure the client's DNS settings: option domain-name "jaa.org.uk"; option domain-name-servers 148.197.29.5, 212.104.130.9; # If you want the client to be configured to also use # a WINS server: option netbios-name-servers 148.197.29.5; option netbios-node-type 8; } ################################################################### This needs tidying!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! cd /var/named/chroot/var/named cat jaa.org.uk.zone $TTL 1D jaa.org.uk. IN SOA maui.jaa.org.uk. ja.jaa.org.uk. ( 200702260 ; serial 2H ; refresh slaves 5M ; retry 1W ; expire 1M ; Negative TTL ) @ IN NS maui.jaa.org.uk. maui IN A 148.197.29.5 ; FC5 server ;Laptop jerry IN A 148.197.29.76 ; Windows 2000 Laptop tom IN A 148.197.29.78 ; Fedora Laptop ;Shuttle 64 ;pared IN A 148.197.29.33 ; Main 80GB disk - FC5 ;icybox IN A 148.197.29.32 ; External USB/SATA disk, IcyI, FC5 ;lacie IN A 148.197.29.34 ; External USB/Firewire Lacie 20GB disk ;Kingston USB Stick kingston IN A 148.197.29.96 ; External Kingston USB 2GB stick ;Latest Removable SATA Disk 250 MB ;calma IN A 148.197.29.4 ; ;avon IN A 148.197.29.3 ; ;pagham IN A 148.197.29.2 ; ;Upright Machine Internal 250GB disk ;centos IN A 148.197.29.210 ; ;Virtual Machines ;vmaui IN A 148.197.29.10 ; win2000_ileaf_ja on maui ;vwskye IN A 148.197.29.10 ; win2000_ileaf_ja on maui??? ;Network devices draytek IN A 148.197.29.254 ; Draytek ADSL router ;usr IN A 148.197.29.55 ; Old Down stairs US Robotics WAP dlinkng2 IN A 148.197.29.56 ; Down stairs D-Link WAP dlinkng1 IN A 148.197.29.126 ; Up stairs D-Link WAP ;dlink IN A 148.197.29.127 ; Old Up stairs D-Link WAP netgear IN A 148.197.29.128 ; Netgear Print Server $TTL 600 ; 10 minutes ################################################################### cat 148.197.29.zone $TTL 1D @ IN SOA maui.jaa.org.uk. ja.jaa.org.uk. ( 200701260 ; serial 2H ; refresh slaves 5M ; retry 1W ; expire 1M ; Negative TTL ) IN NS maui.jaa.org.uk. ;2 IN PTR pagham.jaa.org.uk. ;3 IN PTR avon.jaa.org.uk. ;4 IN PTR calma.jaa.org.uk. ;10 IN PTR vmaui.jaa.org.uk. ;32 IN PTR icybox.jaa.org.uk. ;33 IN PTR pared.jaa.org.uk. ;34 IN PTR lacie.jaa.org.uk. ;55 IN PTR usr.jaa.org.uk. 56 IN PTR dlinkng2.jaa.org.uk. 76 IN PTR jerry.jaa.org.uk. 78 IN PTR tom.jaa.org.uk. 96 IN PTR kingston.jaa.org.uk. 126 IN PTR dlinkng1.jaa.org.uk. 127 IN PTR dlink.jaa.org.uk. 128 IN PTR netgear.jaa.org.uk. ;210 IN PTR centos.jaa.org.uk. IN PTR avon.jaa.org.uk. $TTL 600 ; 10 minutes ################################################################### ifcfg-eth0 on client MUST not have FQDN just the macnine name respin say MUST check action using watch tail -n50 /var/log/messages This showed permission problem with /var/named/chroot/var edit /etc/sysconfig/named and uncomment ENABLE_ZONE_WRITE=yes [root@maui var]# ls -l total 24 drwxr-x--- 4 root named 4096 Jan 26 15:54 named drwxr-x--- 4 root named 4096 Jan 26 10:49 run drwxrwx--- 2 named named 4096 Mar 13 2003 tmp [root@maui var]# chmod 777 named TEMP fix !!!!!!!!!!!!!! See above for proper fix of /etc/sysconfig/named [root@maui named]# ls -l total 96 -rw-r----- 1 named named 1013 Jan 26 18:20 148.197.29.zone -rw-r--r-- 1 named named 768 Jan 26 20:42 148.197.29.zone.jnl -rw-r--r-- 1 root root 895 Jan 26 15:46 148.197.29.zone_static_master drwxrwx--- 2 named named 4096 Aug 25 2004 data -rw-r----- 1 named named 2021 Jan 26 15:56 jaa.org.uk.zone -rw-r--r-- 1 named named 785 Jan 26 20:42 jaa.org.uk.zone.jnl -rw-r--r-- 1 root root 1988 Jan 26 15:46 jaa.org.uk.zone_static_master -rw-r----- 1 root named 198 Mar 9 2006 localdomain.zone -rw-r----- 1 root named 195 Mar 9 2006 localhost.zone -rw-r----- 1 root named 427 Mar 9 2006 named.broadcast -rw-r----- 1 root named 2518 Mar 9 2006 named.ca -rw-r----- 1 root named 424 Mar 9 2006 named.ip6.local -rw-r----- 1 root named 426 Mar 9 2006 named.local -rw-r----- 1 root named 427 Mar 9 2006 named.zero drwxrwx--- 2 named named 4096 Jul 27 2004 slaves ###################################################################
