DDNS Service einrichten

DNS Service

Pakete installieren

 apt install bind9 bind9utils

/etc/bind/named.conf.options anpassen

named.conf

acl internals {
    // lo adapter 
    127.0.0.1;
    // CIDR for your local networks
    192.168.16.0/24;
};
 
options {
	directory "/var/cache/bind";
 
	forwarders {
	 	9.9.9.9;
	 	8.8.8.8;
	 };
 
	allow-query {
		internals;
	};
	allow-query-cache {
		internals;
	};
   // enables recursive queries but on from our local nets and local hosts
   // Do not allow externals to do recursive queries.
	recursion yes;
	allow-recursion {
		internals;
	};
	allow-transfer {
		internals;
	};
 
	dnssec-enable no;
	dnssec-validation auto;
 
	listen-on-v6 { any; };
};

lokale Zonen definieren

/etc/bind/named.conf.local erweitern

named.conf.local

//
// Do any local configuration here
//
include "/etc/bind/rndc.key";
 
# Forward zone definition
zone "schubert.home" {
     type master;
     file "/var/lib/bind/schubert.home.zone";
     allow-update { key rndc-key; };
};
 
# This is the zone definition for reverse DNS. replace 16.168.192 with your network
# address in reverse notation - e.g my network address is 192.168.16
 
zone "16.168.192.in-addr.arpa" {
     type master;
     file "/var/lib/bind/16.168.192.zone";
     allow-update { key rndc-key; };
};
 
 
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

forwarding Zone erstellen

/var/lib/bind/schubert.home.zone erstellen

schubert.home.zone

$ORIGIN .
$TTL 907200     ; 1 week 3 days 12 hours
schubert.home           IN SOA  aps.schubert.home. admin.schubert.home. (
                                2019092701 ; serial
                                28800      ; refresh (8 hours)
                                3600       ; retry (1 hour)
                                604800     ; expire (1 week)
                                38400      ; minimum (10 hours 40 minutes)
                                )
                        NS      aps.schubert.home.
$ORIGIN schubert.home.
gateway A       192.168.16.1
aps     A       192.168.16.2
nas-1   A       192.168.16.4
nas-2   A       192.168.16.5
prn-keller      A       192.168.16.7
server  A       192.168.16.9
fhem    A       192.186.16.11
owserver2       A       192.168.16.12
owserver1       A       192.168.16.128
HM-Lan  A       192.168.16.129
hue     A       192.168.16.130
 
icinga  CNAME server
www     CNAME server

Zonendatei für die reverse Zone erstellen

/var/lib/bind/16.168.192.zone erstellen

16.168.192.zone

$ORIGIN .
$TTL 907200     ; 1 week 3 days 12 hours
16.168.192.in-addr.arpa IN SOA  server.schubert.home. admin.schubert.home. (
                                2019024233 ; serial
                                28800      ; refresh (8 hours)
                                604800     ; retry (1 week)
                                604800     ; expire (1 week)
                                86400      ; minimum (1 day)
                                )
                        NS      server.schubet.home.
$ORIGIN 16.168.192.in-addr.arpa.
1       PTR     gateway.schubert.home.
2       PTR     aps.schubert.home.
4       PTR     nas-1.schubert.home.
5       PTR     nas-2.schubert.home.
7       PTR     prn-keller.schubert.home.
9       PTR     server.schubert.home.

DHCP Server

Pakete installieren

apt install isc-dhcp-server

DHCP Serice aktivieren

/etc/default/isc-dhcp-server

# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
 
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
 
# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
#DHCPDv4_PID=/var/run/dhcpd.pid
#DHCPDv6_PID=/var/run/dhcpd6.pid
 
# Additional options to start dhcpd with.
#       Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""
 
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
#       Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="br1"
INTERFACESv6=""

Den keyfile des DNS Servers zum DHCP Server kopieren

mkdir -p /etc/dhcp/ddns-keys
cp /etc/bind/rndc.key /etc/dhcp/ddns-keys

DHCP-Zonen erstellen und reservierungen anlegen

/etc/dhcp/dhcpd.conf

# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
 
# option definitions common to all supported networks...
option domain-name "schubert.home";
option domain-name-servers aps.schubert.home, gateway.schubert.home;
 
default-lease-time 21600;
max-lease-time 86400;
 
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-updates on;
ddns-update-style standard;
 
allow unknown-clients;
use-host-decl-names on;
 
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
 
# This option points to the copy rndc.key we created for bind9.
include "/etc/dhcp/ddns-keys/rndc.key";
 
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
 
zone schubert.home. {
   primary 192.168.16.2;
   key rndc-key;
}
 
zone 16.168.192.in-addr.arpa. {
   primary 192.168.16.2;
   key rndc-key;
}
 
subnet 192.168.16.0 netmask 255.255.255.0 {
    range 192.168.16.150 192.168.16.230;
    option domain-name-servers 192.168.16.2;
    option domain-name "schubert.home";
    option domain-search "schubert.home";
    option netbios-name-servers 192.168.16.2;
    option routers 192.168.16.1;
    option ntp-servers 192.168.16.2;
    option broadcast-address 192.168.16.255;
    option subnet-mask 255.255.255.0;
    ddns-domainname "schubert.home.";
    ddns-rev-domainname "in-addr.arpa.";
 
  host fb-lisa {
    hardware ethernet e8:df:70:f2:a1:ee;
    fixed-address 192.168.16.3;
    option host-name "fb-lisa";
  }
 
  host nas-1 {
    hardware ethernet 00:16:01:A5:19:3A;
    fixed-address 192.168.16.4;
    option host-name "nas-1";
  }
 
....
 
}

DNS und DHCP Services neustarten und kontrollieren

DNS Service

systemctl restart bind9.service; tail -f /var/log/syslog
Sep 29 08:04:39 aps named[6783]: zone 0.in-addr.arpa/IN: loaded serial 1
Sep 29 08:04:39 aps named[6783]: zone 255.in-addr.arpa/IN: loaded serial 1
Sep 29 08:04:39 aps named[6783]: zone 127.in-addr.arpa/IN: loaded serial 1
Sep 29 08:04:39 aps named[6783]: zone 16.168.192.in-addr.arpa/IN: loaded serial 2019024233
Sep 29 08:04:39 aps named[6783]: zone schubert.home/IN: loaded serial 2019092701
Sep 29 08:04:39 aps named[6783]: zone localhost/IN: loaded serial 2
Sep 29 08:04:39 aps named[6783]: all zones loaded
Sep 29 08:04:39 aps named[6783]: running
Sep 29 08:04:39 aps named[6783]: zone 16.168.192.in-addr.arpa/IN: sending notifies (serial 2019024233)
Sep 29 08:04:39 aps systemd[1]: Started BIND Domain Name Server.
Sep 29 08:04:39 aps named[6783]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
Sep 29 08:04:39 aps named[6783]: resolver priming query complete
^C

DHCP Service

service isc-dhcp-server start ; tail -f /var/log/syslog
Sep 29 08:13:01 aps dhcpd[7341]: Internet Systems Consortium DHCP Server 4.4.1
Sep 29 08:13:01 aps dhcpd[7341]: Copyright 2004-2018 Internet Systems Consortium.
Sep 29 08:13:01 aps dhcpd[7341]: All rights reserved.
Sep 29 08:13:01 aps dhcpd[7341]: For info, please visit https://www.isc.org/software/dhcp/
Sep 29 08:13:01 aps dhcpd[7341]: Wrote 0 deleted host decls to leases file.
Sep 29 08:13:01 aps dhcpd[7341]: Wrote 0 new dynamic host decls to leases file.
Sep 29 08:13:01 aps dhcpd[7341]: Wrote 0 leases to leases file.
Sep 29 08:13:01 aps dhcpd[7341]: Server starting service.
Sep 29 08:13:03 aps isc-dhcp-server[7329]: Starting ISC DHCPv4 server: dhcpd.
Sep 29 08:13:03 aps systemd[1]: Started LSB: DHCP server.
Sep 29 08:14:01 aps dhcpd[7341]: DHCPREQUEST for 192.168.16.152 from 6c:19:c0:33:79:7c via br1
Sep 29 08:14:01 aps dhcpd[7341]: DHCPACK on 192.168.16.152 to 6c:19:c0:33:79:7c (iPad-von-Markus) via br1
Sep 29 08:14:01 aps named[6783]: client @0x7f6b781da760 192.168.16.2#45737/key rndc-key: signer "rndc-key" approved
Sep 29 08:14:01 aps named[6783]: client @0x7f6b781da760 192.168.16.2#45737/key rndc-key: updating zone 'schubert.home/IN': adding an RR at 'iPad-von-Markus.schubert.home' A 192.168.16.152
Sep 29 08:14:01 aps named[6783]: client @0x7f6b781da760 192.168.16.2#45737/key rndc-key: updating zone 'schubert.home/IN': adding an RR at 'iPad-von-Markus.schubert.home' DHCID AAEBaxeQMwrAU7AH1/44hEOxUm9ujWlSCcpqnJcY47SB+7E=
Sep 29 08:14:01 aps dhcpd[7341]: Added new forward map from iPad-von-Markus.schubert.home. to 192.168.16.152
Sep 29 08:14:01 aps named[6783]: client @0x7f6b5c00b8b0 192.168.16.2#41191/key rndc-key: signer "rndc-key" approved
Sep 29 08:14:01 aps named[6783]: client @0x7f6b5c00b8b0 192.168.16.2#41191/key rndc-key: updating zone '16.168.192.in-addr.arpa/IN': deleting rrset at '152.16.168.192.in-addr.arpa' PTR
Sep 29 08:14:01 aps named[6783]: client @0x7f6b5c00b8b0 192.168.16.2#41191/key rndc-key: updating zone '16.168.192.in-addr.arpa/IN': adding an RR at '152.16.168.192.in-addr.arpa' PTR iPad-von-Markus.schubert.home.
Sep 29 08:14:01 aps named[6783]: zone 16.168.192.in-addr.arpa/IN: sending notifies (serial 2019024234)
Sep 29 08:14:01 aps dhcpd[7341]: Added reverse map from 152.16.168.192.in-addr.arpa. to iPad-von-Markus.schubert.home.
Sep 29 08:14:04 aps named[6783]: resolver priming query complete
Sep 29 08:14:05 aps named[6783]: resolver priming query complete

Test der Services

Kontrolle von einem laufenden System aus

root@Vaio-MS:~# nslookup 192.168.16.152 192.168.16.2 Server: 192.168.16.2 Address: 192.168.16.2#53

152.16.168.192.in-addr.arpa name = iPad-von-Markus.schubert.home.

root@Vaio-MS:~# nslookup iPad-von-Markus.schubert.home 192.168.16.2 Server: 192.168.16.2 Address: 192.168.16.2#53

Name: iPad-von-Markus.schubert.home Address: 192.168.16.152

root@Vaio-MS:~#