Dynamic DNS configuration Guide
What is Dynamic DNS (DDNS)?
DNS stands for either Domain Name System or Domain Name Server. DNS used for name resolution between server hostname and IP Address. Many times there will be a change in system hostname or IP for some reason. During this time all DNS zone entries must be updated manually. Also accuracy of changes implemented to be considered. Think what happens if you have 500+ machines. Keeping them up-to-date by tracking manually is hectic.
What is Dynamic DNS? in short name DDNS. DDNS nothing but making our DNS server to identify the changes in client hostname and IP address then update zone file accordingly. This is automated process, no manual intervention required. It completely reduces the overhead of system admin. Chance of server corruption will be very less because less manual intervention.
This article guide you to configure DNS server and DHCP server on same machine. Post to that with help of DHCP server we update DNS forward and reverse lookup zones automatically without manual intervention. That makes our DNS (Domain Name System) to work as Dynamic DNS server.
DNS service is offered by BIND software. It is a opensource and reliable application. Can be used in any small to huge IT infrastructure.
Contents
- Scenario
- Configure DNS server
- Configure DHCP server
- Client Configuration
1. Scenario
For demonstration used Virtual machines with mentioned properties.
OS: Rhel 6.5 x86_64
Platform: VMware Virtual Machine
Lab Req: Two VM’s Loaded with RHEL 6.5
VM 1 => Server – Both DHCP and DNS – Name : rhel1.example.com – IP : 192.168.1.20/24
VM2 => Client – Name: rhel2.example.com – IP : Automatically assigned by DHCP (You can test from any number of windows and Linux clients)
DHCP IP range: 192.168.1.21 – 192.168.1.40
DNS => Named service provided using BIND 9.7 with chroot.
DHCP server is mandatory to get forward and reverse lookup zones updated automatically.
2. Configure DNS server
Do execute the steps in server (rhel1.example.com).
⇒ Install all bind and dhcp packages
#yum install bind dhcp
⇒ Enable both the service in required run levels
#chkconfig named on
#chkconfig dhcpd on
⇒ Copy the sample bind configuration file under chroot environment. It will reflected automatically under /etc.
#cp /usr/share/doc/bind-9.7.3/sample/etc/named.conf /var/named/chroot/etc/
⇒ Alter the below entries as per our requirement.
#vi /etc/named.conf
listen-on port 53 { 192.168.1.20; };
allow-query { localhost; 192.168.1.0/24; };
allow-query-cache { localhost; 192.168.1.0/24; };
⇒ Comment below to disable DNSSEC. It uses signed keys for zone update. Here we trying without this security feature.
# dnssec-enable no;
# dnssec-validation no;
# dnssec-lookaside auto;
# bindkeys-file “/etc/named.iscdlv.key”;
⇒ Configure ZONE ‘s in named.conf
/* Forward Lookup Zone */
zone “example.com” {
type master;
file “example.com.zone”;
notify no;
allow-query { any; };
allow-update { 192.168.1.20; }; /* this should be dhcp server address*/
};
/* Reverse Lookup Zone */
zone “1.168.192.in-addr.arpa” {
type master;
file “1.168.192.zone”;
notify no;
allow-query { any; };
allow-update { 192.168.1.20; };
};
Configuring rndc
“rndc” is a command line tool. It allow us to manage named service from both local and remote.
#rndc-confgen
⇒ From the above command output, copy the key and control section to /etc/named.conf file. It looks like below.
key “rndc-key” {
algorithm hmac-md5;
secret “cG+L8IDlpJkJbFCeXKKkYQ==”;
};
controls {
inet 127.0.0.1 port 953
allow { localhost; } keys { “rndc-key”; };
};
controls {
inet 192.168.1.20 port 953
allow { 192.168.1.20; } keys { “rndc-key”; };
};
⇒ Again copy the rndc configuration and key section to the /etc/rndc.conf
key “rndc-key” {
algorithm hmac-md5;
secret “2m3oMAgAfnkVth7GEneWyA==”;
};
options {
default-key “rndc-key”;
default-server 192.168.1.20;
default-port 953;
};
Creating Zone Files
Zone file are the one holds mapping between IP address and System names. The named daemon refers these two files for any query.
⇒ Forward lookup zone
#touch /var/named/example.com.zone
/* modify the below content as per requirement */
#vi /var/named/example.com.zone
$ORIGIN .
$TTL 86400 ; 1 day
example.com IN SOA rhel1.example.com. root.example.com. (
12 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS rhel1.example.com.
A 192.168.1.20
rhel1 A 192.1681.20 /* Don’t give FQDN here */
/* If there is any alias name it should be added here */
⇒ Reverse Lookup Zone
#vi 1.168.192.zone
$ORIGIN .
$TTL 86400 ; 1 day
1.168.192.in-addr.arpa IN SOA 1.168.192.in-addr.arpa. rhel1.example.com. (
2 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS rhel1.example.com.
A 192.168.1.20
PTR rhel1.example.com. /* Don’t forgot to put dot at end */
Verify configured files
#named-checkconf /etc/named.conf
#named-checkconf –t /var/named/chroot /etc/named.conf
#named-checkzone example.com /var/named/example.com.zone
#named-checkzone 1.168.192.in-addr.arpa /var/named/1.168.192.in-addr.arpa.zone
#service named restart
⇒ Check named server status
#rndc status
3. Configure DHCP server
Do execute below steps in server. For demonstration purpose DHCP configured on same server which is rhel1.example.com. If you want can configured in two different servers.
⇒ copy sample dhcp configuration file and do below changes.
#cp /usr/share/doc/dhcp*/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
#vi /etc/dhcp/dhcpd.conf
option domain-name “example.com”;
option domain-name-servers rhel1.example.com;
ddns-update-style interim;
ddns-updates on;
ignore client-updates;
update-static-leases on;
ddns-domainname “example.com”;
server-identifier rhel1.example.com;
/* Zone Declaration for Dynamic Update */
zone example.com. {
primary 192.168.1.20;
}
zone 1.168.192.in-addr.arpa. {
primary 192.168.1.20;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
/* Specify start and end IP range which going to be assigned to clients */
range 192.168.1.21 192.168.1.40;
option domain-name-servers 192.168.1.20;
option domain-name “example.com”;
option routers 192.168.1.1;
option broadcast-address 10.5.5.31;
default-lease-time 600;
max-lease-time 7200;
}
#service dhcpd start
4. Client Configuration
⇒ On DNS server, ensure below
#vi /etc/resolv.conf
nameserver 192.168.1.20
DOMAIN=example.com
#vi /etc/hosts
/* make sure proper host entry entered*/
⇒ On all other client machines (rhel2.example.com) remove static IP if there is any, configure boot protocol as DHCP and restart network service.
#vi /etc/sysconfig/network-scripts/ifcfg-etho
BOOTPROTO=dhcp
⇒ That’s all we did it. Check the working status.
#nslookup rhel2.example.com
#nslookup 192.168.1.22
Keep configure any type of TCP device such as Linux, Windows, Network devices or Mobile as DHCP clients. You could see their hostname and IP address been learned by our DNS and it resolving names for us. Very interesting is not it?
Hi,
Thanks for the write up.I have a question,.I have tried static DNS where I configure the ip address and the corresponding hostnames in zone files and revision files.
In the post , I have trouble understanding how do we map the rhel2 to one of 192.168.1.20 to 192.168.1.40 ?
How do i assume my client has a hostname rhel2.example.com ?
Can you please explain.
Its Dynamic DNS, which means no need to manually map Hostname and IP. Instead DHCP server can do this for us. For instance as per our demo configuration,
1. Every client will receive the IP from DHCP server
2. Following configuration enables DHCP server to update DNS zones with “A” and “PTR” records
ddns-update-style interim;
ddns-updates on;
Additional Information:
As per RFC 2136 standard, with “interim” update style clients can update their own “A” records in DNS. But here in demo configuration this feature has been blocked by config “ignore client-updates”.
Hope it helps, for more detailed information about DHCP concepts refer to this manual