1. ntp and dhcp:
Just choose three time servers from the GUI
server ntp.ubuntu.com
server ntp0.cornell.edu
server clock.psu.edu
root@mars:/etc/bind# cat /etc/default/dhcp
# Defaults for dhcp initscript
# sourced by /etc/init.d/dhcp
# installed at /etc/default/dhcp by the maintainer scripts
#
# This is a POSIX shell fragment
#
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="eth1"
root@mars:/etc/bind# cat /etc/dhcp
dhcp3/ dhcpd.conf dhcpd.conf.orig
root@mars:/etc/bind# cat /etc/dhcpd.conf
# 2002 Jan 17
# Global parameters
#option domain-name-servers ns4.srv.hcvlny.cv.net, ns5.srv.hcvlny.cv.net;
#option domain-name-servers 167.206.112.99, 167.206.7.4, 167.206.112.138;
#ignore unknown-clients;
use-host-decl-names on;
#ddns-update-style ad-hoc;
#ddns-update-style interim;
#ignore client-updates;
authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
# range 192.168.1.2 192.168.1.10; # home network
# range 192.168.1.110 192.168.1.119; # non-home network 1
# range 192.168.1.130 192.168.1.139; # non-home network 2
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
#option domain-name-servers 167.206.251.79,167.206.251.15,167.206.251.78;
option domain-name-servers 192.168.1.1;
option domain-name "example.com";
default-lease-time 60480000;
max-lease-time 60483600;
}
group {
# default-lease-time 0;
# max-lease-time 0;
option domain-name "example.com";
host moon {
hardware ethernet 00:16:D4:91:B1:D6;
fixed-address 192.168.1.10;
}
host lstm0151080 {
hardware ethernet 00:15:58:7E:2A:19;
fixed-address 192.168.1.115;
}
host vmware {
hardware ethernet 00:50:56:7d:e7:c5;
hardware ethernet 00:50:56:40:5c:c5;
hardware ethernet 00:50:56:7d:ec:45;
hardware ethernet 00:0C:29:64:13:34;
hardware ethernet 00:0C:29:DB:38:D3;
hardware ethernet 00:0C:29:1D:72:EB;
hardware ethernet 00:0C:29:f4:74:CE;
fixed-address 192.168.1.118;
}
}
2. bind9:
apt-get install bind9
vi /etc/bind/named.conf.local and named.conf.options
add /etc/bind/example.com and /etc/bind/192.168.1
root@mars:/etc/bind# cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "example.com" {
type master;
notify no;
allow-update { none; };
allow-query { 192.168.1.0/24; localhost; };
file "/etc/bind/example.com";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
notify no;
allow-update { none; };
allow-query { 192.168.1.0/24; localhost; };
file "/etc/bind/192.168.1";
} ;
root@mars:/etc/bind# cat named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
forwarders {
167.206.251.79;
167.206.251.15;
167.206.251.78;
};
auth-nxdomain no; # conform to RFC1035
// listen-on-v6 { any; };
// By default, name servers should only perform recursive domain
// lookups for their direct clients. If recursion is left open
// to the entire Internet, your name server could be used to
// perform distributed denial of service attacks against other
// innocent computers. For more information on DDoS recursion:
// http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987
allow-query { localnets; 192.168.1.0/24; };
allow-recursion { localnets; 192.168.1.0/24; };
listen-on { 192.168.1.1; };
// If you have DNS clients on other subnets outside of your
// server's "localnets", you can explicitly add their networks
// without opening up your server to the Internet at large:
// allow-recursion { localnets; 192.168.0.0/24; };
// If your name server is only listening on 127.0.0.1, consider:
// allow-recursion { 127.0.0.1; };
};
root@mars:/etc/bind# cat 192.168.1
$TTL 3D
@ IN SOA mars.example.com. lchialing.yahoo.com. (
200201181 ; Serial, todays date + todays serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D) ; Minimum TTL
NS mars.example.com.
1 IN PTR mars.example.com.
10 IN PTR moon.example.com.
115 IN PTR lstm0151080.example.com.
118 IN PTR vmware.example.com.
root@mars:/etc/bind# cat example.com
;
; Zone file for example.com
;
; The full zone file
;
$TTL 3D
@ IN SOA mars.example.com. lchialing.yahoo.com. (
200201181 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
TXT "Bogus network based on example.com"
NS mars ; Inet Address of name server
NS mars.example.com.
MX 10 mars ; Primary Mail Exchanger
;
mars A 192.168.1.1
TXT "The mars server"
kerberos CNAME mars
ldap CNAME mars
printer CNAME mars
loghost CNAME mars
moon A 192.168.1.10
TXT "The moon server"
www CNAME moon
lstm0151080 A 192.168.1.115
TXT "T60"
vmware A 192.168.1.118
TXT "The Virtuals"
add chroot directories, permission of /var/run/bind/run must be owned by bind
mknod null c 1 3
mknod random c 1 8
mknod zero c 1 4
root@mars:/var/cache/named/chroot# pwd
/var/cache/named/chroot
root@mars:/var/cache/named/chroot# ls -lasR
.:
total 0
0 drwxr-xr-x 6 root root 144 2007-10-01 22:50 .
0 drwxr-xr-x 3 root root 72 2007-10-01 22:49 ..
0 drwxr-xr-x 2 root root 120 2007-10-01 23:01 dev
0 drwxr-xr-x 3 root root 72 2007-10-01 22:51 etc
0 drwxr-xr-x 2 root root 48 2007-10-01 22:50 proc
0 drwxr-xr-x 5 root root 120 2007-10-01 22:52 var
./dev:
total 0
0 drwxr-xr-x 2 root root 120 2007-10-01 23:01 .
0 drwxr-xr-x 6 root root 144 2007-10-01 22:50 ..
0 crw-r--r-- 1 root root 1, 3 2007-10-01 22:58 null
0 crw-r--r-- 1 root root 1, 8 2007-10-01 22:59 random
0 crw-r--r-- 1 root root 1, 4 2007-10-01 23:01 zero
./etc:
total 0
0 drwxr-xr-x 3 root root 72 2007-10-01 22:51 .
0 drwxr-xr-x 6 root root 144 2007-10-01 22:50 ..
0 drwxr-sr-x 2 root bind 416 2007-10-01 23:38 bind
./etc/bind:
total 52
0 drwxr-sr-x 2 root bind 416 2007-10-01 23:38 .
0 drwxr-xr-x 3 root root 72 2007-10-01 22:51 ..
4 -rw-r--r-- 1 root bind 537 2007-10-01 23:33 192.168.1
4 -rw-r--r-- 1 root root 237 2007-07-24 20:01 db.0
4 -rw-r--r-- 1 root root 271 2007-07-24 20:01 db.127
4 -rw-r--r-- 1 root root 237 2007-07-24 20:01 db.255
4 -rw-r--r-- 1 root root 353 2007-07-24 20:01 db.empty
4 -rw-r--r-- 1 root root 256 2007-07-24 20:01 db.local
4 -rw-r--r-- 1 root root 1507 2007-07-24 20:01 db.root
4 -rw-r--r-- 1 root bind 1252 2007-10-01 23:33 example.com
4 -rw-r--r-- 1 root bind 1611 2007-07-24 20:01 named.conf
4 -rw-r--r-- 1 root bind 554 2007-10-01 23:38 named.conf.local
4 -rw-r--r-- 1 root bind 1641 2007-10-01 23:03 named.conf.options
4 -rw-r--r-- 1 bind bind 77 2007-10-01 21:19 rndc.key
4 -rw-r--r-- 1 root root 1317 2007-07-24 20:01 zones.rfc1918
./proc:
total 0
0 drwxr-xr-x 2 root root 48 2007-10-01 22:50 .
0 drwxr-xr-x 6 root root 144 2007-10-01 22:50 ..
./var:
total 0
0 drwxr-xr-x 5 root root 120 2007-10-01 22:52 .
0 drwxr-xr-x 6 root root 144 2007-10-01 22:50 ..
0 drwxr-xr-x 3 root root 72 2007-10-01 22:56 cache
0 drwxr-xr-x 3 root root 72 2007-10-01 23:02 run
0 drwxr-xr-x 2 root root 48 2007-10-01 22:52 tmp
./var/cache:
total 0
0 drwxr-xr-x 3 root root 72 2007-10-01 22:56 .
0 drwxr-xr-x 5 root root 120 2007-10-01 22:52 ..
0 drwxr-xr-x 2 root root 48 2007-10-01 22:56 bind
./var/cache/bind:
total 0
0 drwxr-xr-x 2 root root 48 2007-10-01 22:56 .
0 drwxr-xr-x 3 root root 72 2007-10-01 22:56 ..
./var/run:
total 0
0 drwxr-xr-x 3 root root 72 2007-10-01 23:02 .
0 drwxr-xr-x 5 root root 120 2007-10-01 22:52 ..
0 drwxr-xr-x 3 root root 72 2007-10-01 23:02 bind
./var/run/bind:
total 0
0 drwxr-xr-x 3 root root 72 2007-10-01 23:02 .
0 drwxr-xr-x 3 root root 72 2007-10-01 23:02 ..
0 drwxr-xr-x 2 bind bind 80 2007-10-02 00:20 run
./var/run/bind/run:
total 4
0 drwxr-xr-x 2 bind bind 80 2007-10-02 00:20 .
0 drwxr-xr-x 3 root root 72 2007-10-01 23:02 ..
4 -rw-r--r-- 1 bind bind 5 2007-10-02 00:20 named.pid
./var/tmp:
total 0
0 drwxr-xr-x 2 root root 48 2007-10-01 22:52 .
0 drwxr-xr-x 5 root root 120 2007-10-01 22:52 ..
--- useful tool: tail -f /var/log/messages /var/log/dmesg /var/log/syslog
--- and rsync -av /etc/bind/ .
3. apt-get install resolv.conf
vi /etc/resolvconf/resolv.conf.d/base
root@mars:/etc/resolvconf/resolv.conf.d# cat base
search example.com
nameserver 192.168.1.1
--- this is better than adding /etc/dhcp3/dhclient-exit-hooks.d/add_bind9:
--- reason: NetworkManager sets resolv.conf and it didn't look there.
cat /home/cllee/mars.rsync/add_bind9
echo Before excecuting ...
cat /etc/resolv.conf
echo Excecuting ...
awk 'BEGIN { print "search example.com;" ; print "nameserver 192.168.1.1" ; } ' /etc/resolv.conf > /tmp/resolv.conf
mv /tmp/resolv.conf /etc/resolv.conf
echo After excecuting ...
cat /etc/resolv.conf