Configuring an Ubuntu (Debian) Server for DNS, DHCP, and WINS


DNS Server

The DNS server is the the service that basically resolves names to IP addresses.

Install Necessary Software

root@ubuntu0001:~# apt-get install bind9 dnsutils

Caching Nameserver

The caching feature of the DNS server is the feature that caches DNS entries so lookups remain on the network instead of having to travel to an external source. This configuration is made in the/etc/bind/named.conf.options file. The configuration below has both OpenDNS and GoogleDNS saved, but only the OpenDNS servers active. To switch, the desired servers should be uncommented and the service restarted.
root@ubuntu0001:~# cat /etc/bind/named.conf.options
options {
        directory "/var/cache/bind";

        forwarders {
                // Google Public DNS
                //8.8.8.8;
                //8.8.4.4;

                // OpenDNS
                208.67.222.222;
                208.67.220.220;
        };

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};


Primary Master

The primary master makes the DNS server the authoritative source for its zones. This configuration is made in the /etc/bind/named.conf.local file.

include

The include configuration makes the DNS server aware of the key. This key was generated and provided by the Ubuntu install.

controls

The controls directive tells the DNS server that it can be controlled by other services on the loopback interface that are aware of the key. This will be the DHCP server.

zones

The purpose of the zone definitions should be somewhat self-explanatory. The file tells the server where to find the definition, and the allow-update allows the zone to be updated by any service with the key in accordance with the controls configuration.
root@ubuntu0001:~# cat /etc/bind/named.conf.local


include "/etc/bind/rndc.key";

controls {
        inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};

zone "home.lan" {
        type master;
        file "/var/lib/bind/db.home.lan";
        allow-update { key "rndc-key"; };
};

zone "5.168.192.in-addr.arpa" {
        type master;
        file "/var/lib/bind/db.5.168.192";
        allow-update { key "rndc-key"; };
};


Zones

The actual zones themselves must be defined after the configurations have been made. Make sure these files are owned by bind:bind.
root@ubuntu0001:~# cat /var/lib/bind/db.home.lan


$ORIGIN .
$TTL 604800 ; 1 week
home.lan  IN SOA ubuntu0001.home.lan. root.home.lan. (
    205        ; serial
    604800     ; refresh (1 week)
    86400      ; retry (1 day)
    2419200    ; expire (4 weeks)
    604800     ; minimum (1 week)
    )
   NS ubuntu0001.home.lan.
   A 192.168.5.100
$ORIGIN home.lan.
modem   A 192.168.5.1
router   A 192.168.5.50
ubuntu0001  A 192.168.5.100

root@ubuntu0001:~# cat /var/lib/bind/db.5.168.192


$ORIGIN .
$TTL 604800 ; 1 week
5.168.192.in-addr.arpa IN SOA ubuntu0001.home.lan.5.168.192.in-addr.arpa. root.home.lan.5.168.192.in-addr.arpa. (
    150        ; serial
    604800     ; refresh (1 week)
    86400      ; retry (1 day)
    2419200    ; expire (4 weeks)
    604800     ; minimum (1 week)
    )
   NS ubuntu0001.
1   PTR modem.home.lan.
100   PTR ubuntu0001.home.lan.
50   PTR router.home.lan.


Restart

After all the configurations have been made, the DNS server should be restarted.
root@ubuntu0001:~# service bind9 restart


Test

The dig command can be used to test the DNS server. The output should display the source of the DNS lookups.
root@ubuntu0001:~# dig google.com


DHCP Server

The DHCP service is the service that distributes IPs and other information to hosts on the network.

Install Necessary Software

root@ubuntu0001:~# apt-get install isc-dhcp-server


Listening Interface

The initial startup should fail. This is because the listening interface has not been configured. This is done in the /etc/default/isc-dhcp-server file.
root@ubuntu0001:~# cat /etc/default/isc-dhcp-server 

INTERFACES="eth0"


Configuration

The remaining configuration is done in the /etc/dhcp/dhcpd.conf file. Some of the main configurations are mentioned below.

ddns

These configuration options determine how the DHCP server updates the DNS server.

include

This configuration makes the DHCP server aware of the key. This is the same key that the DNS server was made aware of.

option

These are optional parameters that are sent to DHCP clients.

subnet and zone

The zones are defined for a given subnet. Within the zones, the key configuration tells the DHCP server which key to use when updating the DNS server.
root@server:~# cat /etc/dhcp/dhcpd.conf

ddns-update-style interim;
include "/etc/bind/rndc.key";
zone home.lan {
 primary 192.168.5.100;
 key "rndc-key";
}
ddns-domainname "home.lan";
ddns-rev-domainname "in-addr.arpa.";
option domain-name "home.lan";
option domain-name-servers 192.168.5.100;
option routers 192.168.5.1;
option broadcast-address 192.168.5.255;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
subnet 192.168.5.0 netmask 255.255.255.0 {
 range 192.168.5.101 192.168.5.200;
 zone 5.168.192.in-addr.arpa. {
  primary 192.168.5.100;
  key "rndc-key";
 }
 zone home.lan. {
  primary 192.168.5.100;
  key "rndc-key";
 }
}


Restart

root@server:~# service isc-dhcp-server restart


Sambs Server

The Samba DHCP service is the service that communicates with Windows networks.


Install Necessary Software

root@ubuntu0001:~# apt-get install samba

Configuration

Configuring the WINS server is fairly simple. Without going through the other configuration options (configuring shares, security, etc.), this only involves three changes.
root@ubuntu0001:~# cat /etc/samba/smb.conf

[global]
   workgroup = WORKGROUP
   server string = %h server (Samba, Ubuntu)
 wins support = yes 
 dns proxy = yes
 name resolve order = lmhosts host wins bcast
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   encrypt passwords = true
   passdb backend = tdbsam
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
   map to guest = bad user
   usershare allow guests = yes
[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   printable = yes
   guest ok = no
   read only = yes
   create mask = 0700
[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no


Restart


root@ubuntu0001:/etc/samba# service smbd restart
root@ubuntu0001:/etc/samba# service nmbd restart

Comentarios

Publicar un comentario

Dime si la información de este blog te sirvio.

Entradas populares de este blog

Guía de herramientas básicas para estudiantes: 31 apps y webs imprescindibles para ayudarte con los estudios

Imagen
  Te traemos una guía con   31 aplicaciones y herramientas web para ayudarte como estudiante , una colección muy variada para sacar provecho en diferentes ámbitos en los que puedas necesitarlo. Nos hemos dejado fuera el ámbito educativo para los más jóvenes, recursos que tenemos en   esta otra guía , y nos hemos centrado en estudiantes más adultos. Hemos decidido centrarnos en herramientas prácticas, dejando fuera las plataformas para cursos online, tanto  las más conocidas  como  otras menos conocidas . Lo que hemos preferido buscar son recursos que puedas usar en tu día a día, como gestores de fuentes y citaciones, herramientas para diagramas, para intercambiar apuntes o para crear diferentes contenidos. Y lo que decimos siempre en Xataka Basics hoy cobra más sentido que nunca. Nosotros te traemos 31 herramientas, pero te invitamos a  compartir tus propuestas en la sección de comentarios  para que el resto de usuarios también pueda beneficiarse de los conocimientos de nuestros xatake
Leer más

Comando FOR para archivos BAT

Gracias a: http://profesoremiliobarco.blogspot.com/ El comando FOR sirve para ejecutar bucles de instrucciones, y es una instrucción que se encuentra disponible en todos los lenguajes de programación. Un bucle son varias repeticiones de algunas instrucciones. Este comando suele ser el más complicado de entender para las personas que empiezan a escribir archivos BAT complejos. Aqui intentaré explicar todas las opciones y usos del comando FOR, así como intentar resolver las dudas que los usuarios de Internet me puedan plantear. La sintaxis normal del comando FOR es: FOR %var IN (lista) DO (      comando     comando      ... )  Pero si lo vamos a usar dentro de un archivo BAT será así: FOR %%var IN (lista) DO (      comando     comando      ... ) Observa que la variable "var" ahora va precedida por dos simbolos de "%". Además, si este for está dentro de un archivo BAT, el nombre de la variable debe ser UNA SOLA LETRA (p.ej: %%n, %%i,  %%j , etc
Leer más

How to Fix Failed to Connect a Hyper-V Standalone to Veeam Backup

Imagen
 Thank to: https://bonguides.com/ Invalid Credentials Error Adding a Hyper-V Host When attempting to add a Hyper-V host to  Veeam Backup & Replication  using a local (non-domain) user account, the following error occurs: Failed to connect to host Access denied or timeout expired . Check if you have local administrator privileges on computer Possible reasons: 1 . Invalid credentials . 2 . Specified host is not a Hyper - V server . Solutions 1. Login into the Hyper-V host then open  Registry Editor . 2. Navigate to the following location then create a new  DWORD  value. Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System 3. Enter the name  LocalAccountTokenFilterPolicy  then double click on it and set the value data is  1. Or you can create a DWORD value using PowerShell, let run below command in PowerShell Admin. reg add HKLM\Software\Microsoft\Windows\CurrentVersion\policies\system / v LocalAccountTokenFilterPolicy / t Reg_DWORD / d 1 Fin
Leer más