Hi,
ich versuch seit heute nachmittag, einen dhcp und dns server auf zu setzen.
namensaufloesung geht, bei den servern, die ich in die zonefiles eingetragen habe ... dhcp ipvergabe geht auch ... nur dynamic update, also ddns geht nicht.
eventuell hab ich ja was uebersehen ...
quellen: http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html
http://www.ibiblio.org/pub/Linux/docs/HOWTO/DNS-HOWTO
http://www.ibiblio.org/pub/Linux/docs/HOWTO/mini/DHCP
kernellog
named.confCode:Jun 1 22:05:02 [named] starting BIND 9.2.2 -u named -n 1 Jun 1 22:05:02 [named] using 1 CPU Jun 1 22:05:02 [named] loading configuration from '/etc/bind/named.conf' Jun 1 22:05:02 [named] listening on IPv4 interface lo, 127.0.0.1#53 Jun 1 22:05:02 [named] command channel listening on 127.0.0.1#953 Jun 1 22:05:02 [named] zone 127.in-addr.arpa/IN: loaded serial 2002081601 Jun 1 22:05:02 [named] zone 30.172.in-addr.arpa/IN: loaded serial 2003060101 Jun 1 22:05:02 [named] zone l-c-f.lan/IN: loaded serial 2003060101 Jun 1 22:05:02 [named] zone localhost/IN: loaded serial 2002081601 Jun 1 22:05:02 [named] running Jun 1 22:05:04 [dhcpd] Internet Software Consortium DHCP Server V3.0pl2 Jun 1 22:05:04 [dhcpd] Copyright 1995-2003 Internet Software Consortium. Jun 1 22:05:04 [dhcpd] All rights reserved. Jun 1 22:05:04 [dhcpd] For info, please visit http://www.isc.org/products/DHCP Jun 1 22:05:04 [dhcpd] Internet Software Consortium DHCP Server V3.0pl2 Jun 1 22:05:04 [dhcpd] Copyright 1995-2003 Internet Software Consortium. Jun 1 22:05:04 [dhcpd] All rights reserved. Jun 1 22:05:04 [dhcpd] For info, please visit http://www.isc.org/products/DHCP Jun 1 22:05:04 [dhcpd] Wrote 1 leases to leases file. Jun 1 22:05:04 [dhcpd] Listening on LPF/eth0/00:0a:e6:45:8d:f8/172.30 Jun 1 22:05:04 [dhcpd] Sending on LPF/eth0/00:0a:e6:45:8d:f8/172.30 Jun 1 22:05:04 [dhcpd] Sending on Socket/fallback/fallback-net
zones/l-c-f.lanCode:options { directory "/etc/bind/"; listen-on-v6 { none; }; listen-on { any; }; # auth-nxdomain no; forwarders { 172.30.0.1; 194.25.2.129; }; pid-file "/var/run/named/named.pid"; }; key l-c-f.lan { algorithm HMAC-MD5; secret "xxx"; }; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/zones/root.hints"; }; zone "localhost" IN { type master; file "pri/localhost"; allow-update { none; }; notify no; }; zone "127.in-addr.arpa" IN { type master; file "pri/127"; allow-update { none; }; notify no; }; zone "l-c-f.lan" IN { type master; file "/etc/bind/zones/l-c-f.lan"; allow-update { key l-c-f.lan; }; notify no; }; zone "30.172.in-addr.arpa" IN { type master; file "/etc/bind/zones/172.30"; allow-update { key l-c-f.lan; }; notify no; }; logging { category dnssec { security_log; }; category update { security_log; }; category security { security_log; }; channel security_log { file "dns-security.log" versions 5 size 20m; // every time the log grows over 20 Mbyte, it will // backup and rollover. Maximum 5 backups will be kept. print-time yes; print-category yes; print-severity yes; severity info; }; };
zones/172.30Code:$TTL 1W @ IN SOA ns.localhost. root.localhost. ( 2003060101 ; Serial 28800 ; Refresh 14400 ; Retry 604800 ; Expire - 1 week 86400 ) ; Minimum IN NS ns1.l-c-f.lan. IN NS ns2.l-c-f.lan. ; Servers localhost IN A 127.0.0.1 www IN A 172.30.0.1 gateway IN A 172.30.0.1 TXT "highway to hell" ns1 IN A 172.30.0.1 ns2 IN A 172.30.1.2 smtp IN A 172.30.1.2 imap IN A 172.30.1.2 ftp IN A 172.30.1.3 teamspeak IN A 172.30.1.3 ; Workstations
dhcpd.confCode:$ORIGIN 30.172.in-addr.arpa. $TTL 1W @ 1D IN SOA l-c-f.lan. root.l-c-f.lan. ( 2003060101 ; serial 3H ; refresh 15M ; retry 2W ; expiry 1D ) ; minimum IN NS ns1.l-c-f.lan. IN NS ns2.l-c-f.lan. ; Servers 1.0 PTR gateway.l-c-f.lan. 1.0 PTR ns1.l-c-f.lan. 2.1 PTR ns2.l-c-f.lan. 2.1 PTR ldap.l-c-f.lan. 2.1 PTR imap.l-c-f.lan. 2.1 PTR smtp.l-c-f.lan. 3.1 PTR www.l-c-f.lan. 3.1 PTR ftp.l-c-f.lan. 3.1 PTR teamspeak.l-c-f.lan. ; Workstations
versionen:Code:# # Sample configuration file for ISC dhcpd for Debian # # $Id: dhcpd.conf,v 1.4 2002/05/05 21:28:06 peloy Exp $ # key l-c-f.lan { algorithm HMAC-MD5; secret "xxx"; } zone 30.172.in-addr.arpa { key l-c-f.lan; } # The ddns-updates-style parameter controls whether or not the server will # attempt to do a DNS update when a lease is confirmed. We default to the # behavior of the version 2 packages ('none', since DHCP v2 didn't # have support for DDNS.) ddns-update-style interim; allow-client-updates; ddns-domainname "l-c-f.lan"; ddns-rev-domainname "l-c-f.lan"; # option definitions common to all supported networks... option domain-name "l-c-f.lan"; option domain-name-servers ns1.l-c-f.lan, ns2.l-c-f.lan; option subnet-mask 255.255.0.0; option routers gateway.l-c-f.lan; option netbios-name-servers ns2.l-c-f.lan; default-lease-time 3600; max-lease-time 7200; # If this DHCP server is the official DHCP server for the local # network, the authoritative directive should be uncommented. authoritative; # Use this to send dhcp log messages to a different log file (you also # have to hack syslog.conf to complete the redirection). log-facility local7; # No service will be given on this subnet, but declaring it helps the # DHCP server to understand the network topology. # This declaration allows BOOTP clients to get dynamic addresses, # which we don't really recommend. shared-network 172.30 { option broadcast-address 172.30.255.255; option subnet-mask 255.255.0.0; subnet 172.30.0.0 netmask 255.255.0.0 { range dynamic-bootp 172.30.5.1 172.30.5.220; default-lease-time 3600; max-lease-time 7200 } }
bind-9.2.2
dhcp-3.0_p2
bind-tools-9.2.2;
danke schonmal.
Lesezeichen