How-To: Set up a LAN gateway with DHCP, Dynamic DNS and iptables on Debian Etch — page 2 — DNS server

2 minute read

1. DNS server

As a DNS server we are going to use bind9, it will be configured to resolve the names of the host for our network lan.debuntu.local.

The DNS server will also accept dynamic DNS update from the local DHCP server.

In this tutorial, I will be using the Dynamic DNS feature of bind.

1.1. Installing the DNS server

Make sure you are installing bind9 as older version of bind do not not support dynamic dns updates.

# apt-get install bind9

1.2. Configuring the DNS server

In order to keep the default install files clean, we are going to only edit /etc/bind/named.conf.local . In this file we are going to allow dns updates from local host using “rndc-key” (which is installed by default with bind9 package)

We are also going to define 2 zones:

  • lan.debuntu.local : our local domain name
  • 2.168.192.in-addr.arpa : our local network ip zone, this will allow us to reverse lookup names.

So let’s go and edit /etc/bind/named.conf.local and add:

#allow dns updates from localhost with key "rndc-key"
include "/etc/bind/rndc.key";
controls {
  inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};

#defines lan.debuntu.local
zone "lan.debuntu.local" {
  type master;
    file "db.lan.debuntu.local";
    allow-update { key "rndc-key"; };
};

#defines our local subnet 192.168.2.0/24
zone "2.168.192.in-addr.arpa" {
  type master;
  notify no;
  file "db.2.168.192";
  allow-update { key "rndc-key"; };
};

Then, we need to create those 2 files : /var/cache/bind/db.lan.debuntu.local and /var/cache/bind/db.2.168.192 .

The first one will be used to resolve names, while the second one to reverse name lookup.

/var/cache/bind/db.lan.debuntu.local will look like:

;
; Zone file for lan.debuntu.local
;
; The full zone file
;
$TTL 3D
@       IN      SOA     ns.lan.debuntu.local. postmaster.lan.debuntu.local. (
    200806281; serial, todays date + todays serial #
    8H              ; refresh, seconds
    2H              ; retry, seconds
    4W              ; expire, seconds
    1D )            ; minimum, seconds
;
    NS      ns              ; Inet Address of name server
    MX      10 mail         ; Primary Mail Exchanger
;
    A 192.168.2.1  ; IP address
;
ns     A   192.168.2.1
router CNAME ns
dhcp  CNAME ns.lan.debuntu.local.
*     A       192.168.2.1

While /var/cache/bind/db.2.168.192 will look like:

$TTL 3D
@       IN      SOA     lan.debuntu.local. postmaster.lan.debuntu.local. (
  200806281 ; serial, todays date + todays serial #
  8H              ; refresh, seconds
  2H              ; retry, seconds
  4W              ; expire, seconds
  1D )            ; minimum, seconds
;
@       IN      NS      ns.lan.debuntu.local.
@ IN  PTR lan.debuntu.local.

1 IN PTR  router.lan.debuntu.local

In zone lan.debuntu.local, we define the standard bind headers and finally, some static hosts in our network: router, ns, dhcp and any other host to point to 192.168.2.1.

In zone 2.168.192.in-addr.arpa, we define our reverse lookup name for IP 192.168.2.1.

You need to make sure that the directory holding those db files is writable as bind will need to create journal files to get DDNS to work.

Finally, we just have to restart bind. If there is anything wrong, /var/log/syslog is your best friend, along with goolge :).

/etc/init.d/bind9 restart

now that our DNS server is up and running, we need to handle DHCP request.