ubuntu 12.04 - local dns dynamic updates

1. SETUP DNS SERVER
2.  
3. install dns service:
4. sudo apt-get install bind9
5.  
6. set public dns server for forwarding:
7. sudo nano /etc/bind/named.conf.options
8. -------------------------------------------------------------
9. forwarders {
10. 8.8.8.8;
11. 8.8.4.4;
12. };
13. -------------------------------------------------------------
14.  
15. edit /etc/dhcp/dhclient.conf:
16. sudo nano /etc/dhcp/dhclient.conf
17.  
18. uncomment:
19. supersede domain-name "mydomain.lan";
20. prepend domain-name-servers 127.0.0.1;
21.  
22.  
23. set lan interface ip:
24. sudo nano /etc/network/interfaces
25. --------------------------------------------------------------
26. # The primary network interface
27. auto eth0
28. iface eth0 inet static
29. address 192.168.0.2
30. netmask 255.255.255.0
31. gateway 192.168.0.1
32. network 192.168.0.0
33. broadcast 192.168.0.255
34. dns-nameservers 127.0.0.1
35. dns-search mydomain.lan
36. dns-domain mydomain.lan
37. --------------------------------------------------------------
38.  
39. edit /etc/bind/named.conf.local:
40. sudo nano /etc/bind/named.conf.local
41. --------------------------------------------------------------
42. zone "mydoamin.lan" IN {
43. type master;
44. file "/etc/bind/zones/mydomain.lan.db";
45. };
46.  
47. zone "0.168.192.in-addr.arpa" {
48. type master;
49. file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
50. };
51. --------------------------------------------------------------
52.  
53. create zones folder:
54. sudo mkdir /etc/bind/zones
55.  
56. create mydomain.lan zone file:
57. sudo nano /etc/bind/zones/mydomain.lan.db
58. --------------------------------------------------------------
59. $ORIGIN .
60. $TTL 86400 ; 1 day
61. mydomain.lan. IN SOA ubuntu.mydomain.lan. hostmaster.mydoamin.lan. (
62. 2014012001 ; serial
63. 8H ; refresh
64. 4H ; retry
65. 4W ; expire
66. 1D ; minimum
67. )
68.  
69. mydomain.lan. IN NS ubuntu.mydomain.lan.
70. mydoamin.lan. IN MX 10 ubuntu.mydomain.lan.
71.  
72. $ORIGIN mydomain.lan.
73.  
74. printer IN A 192.168.0.9
75. router IN A 192.168.0.1
76. server IN A 192.168.0.5
77. ubuntu IN A 192.168.0.2
78. ---------------------------------------------------------------
79.  
80. create reverse lookup zone:
81. sudo nano /etc/bind/zones/rev.0.168.192.in-addr.arpa
82. ---------------------------------------------------------------
83. @ IN SOA ubuntu.mydomain.lan. hostmaster.mydomain.lan. (
84. 2014012001 ; serial
85. 8H ; refresh
86. 4H ; retry
87. 4W ; expire
88. 1D ; minimum
89. )
90.  
91. IN NS ubuntu.home.lan.
92.  
93. 1 IN PTR router.mydomain.lan.
94. 2 IN PTR ubuntu.mydomain.lan.
95. 5 IN PTR server.mydomain.lan.
96. 9 IN PTR printer.mydomain.lan.
97. ---------------------------------------------------------------
98.  
99. restart dns server:
100. sudo service bind9 restart
101.  
102. restart network interface:
103. sudo nohup sh -c "ifdown eth0 && ifup eth0"
104.  
105. =====================================================================================
106. SETUP DHCP SERVER
107.  
108. install dhcp service:
109. sudo apt-get install isc-dhcp-server
110.  
111. set the interface using the dhcp service:
112. sudo nano /etc/default/isc-dhcp-server
113. ---------------------------------------------------------------
114. INTERFACES="eth0"
115. ---------------------------------------------------------------
116.  
117. edit dhcp config /etc/dhcp/dhcpd.conf:
118. sudo nano /etc/dhcp/dhcpd.conf
119. ---------------------------------------------------------------
120. ddns-update-style none;
121.  
122. option domain-name "mydomain.lan";
123. option domain-name-servers ubuntu.mydomain.lan;
124.  
125. default-lease-time 600;
126. max-lease-time 7200;
127.  
128. authoritative;
129.  
130. subnet 192.168.0.0 netmask 255.255.255.0 {
131. range 192.168.0.100 192.168.0.200;
132. option routers router.mydomain.lan;
133. }
134. ---------------------------------------------------------------
135.  
136. restart dhcp service:
137. sudo service isc-dhcp-server restart
138.  
139.  
140. =====================================================================================
141. SETUP DNS AND DHCP FOR DYNAMIC UPDATES
142.  
143. copy your forward lookup and reverse lookup zone files to /var/lib/bind/ folder:
144. sudo cp /etc/bind/zones/* /var/lib/bind/
145.  
146. change the /var/lib/bind/ folder owner:
147. sudo chown bind:bind /var/lib/bind/*
148.  
149. Create a secret shared between the DHCP server and the DNS(Generate a new key):
150. sudo dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER
151.  
152. Show the generated key:
153. sudo cat Kdhcp_updater.*.private|grep Key
154.  
155. edit /etc/bind/named.conf.local to include the secret key:
156. sudo nano /etc/bind/named.conf.local
157. ---------------------------------------------------------------
158. key DHCP_UPDATER {
159. algorithm HMAC-MD5.SIG-ALG.REG.INT;
160.  
161. # Important: Replace this key with your generated key.
162. # Also note that the key should be surrounded by quotes.
163. secret "--PUT YOUR GENERATED KEY HERE--";
164. };
165.  
166. zone "mydomain.lan" {
167. type master;
168.  
169. # Change the path of the database file to the writable copy in /var/lib/bind
170. file "/var/lib/bind/mydomain.lan.db";
171.  
172. # Tell this zone that we will allow it to be updated from anyone
173. # that knows the secret specified in the DHCP_UPDATER key.
174. allow-update { key DHCP_UPDATER; };
175. };
176.  
177. zone "0.168.192.in-addr.arpa" {
178. type master;
179.  
180. # Change the path of the database file to the writable copy in /var/lib/bind
181. file "/var/lib/bind/rev.0.162.198.in-addr.arpa";
182.  
183. # Tell this zone that we will allow it to be updated from anyone
184. # that knows the secret specified in the DHCP_UPDATER key.
185. allow-update { key DHCP_UPDATER; };
186. };
187. ---------------------------------------------------------------
188.  
189. edit /etc/dhcp/dhcpd.conf to include the secret key:
190. sudo nano /etc/dhcp/dhcpd.conf
191. ---------------------------------------------------------------
192. ddns-update-style interim;
193. ignore client-updates; # Overwrite client configured FQHNs
194. ddns-domainname "mydomain.lan.";
195. ddns-rev-domainname "in-addr.arpa.";
196.  
197. option domain-name "mydomain.lan";
198. option domain-name-servers ubuntu.mydomain.lan;
199.  
200. default-lease-time 600;
201. max-lease-time 7200;
202.  
203. authoritative;
204.  
205. log-facility local7;
206.  
207. key DHCP_UPDATER {
208. algorithm HMAC-MD5.SIG-ALG.REG.INT;
209.  
210. # Important: Replace this key with your generated key.
211. # Also note that the key should be surrounded by quotes.
212. secret "--PUT YOUR GENERATED KEY HERE--";
213. };
214.  
215. zone mydomain.lan. {
216. primary 127.0.0.1;
217. key DHCP_UPDATER;
218. }
219.  
220. zone 0.168.192.in-addr.arpa. {
221. primary 127.0.0.1;
222. key DHCP_UPDATER;
223. }
224.  
225. subnet 192.168.0.0 netmask 255.255.255.0 {
226. range 192.168.0.100 192.168.0.200;
227. option routers router.mydomain.lan;
228. }
229. ---------------------------------------------------------------
230.  
231. change permission:
232. sudo chmod o-r /etc/bind/named.conf.local
233. sudo chmod o-r /etc/dhcp/dhcpd.conf
234.  
235. change ownership:
236. sudo chown dhcpd:dhcpd /etc/dhcp/dhcpd.conf
237.  
238. restart dns server:
239. sudo service bind9 restart
240.  
241. restart dhcp server:
242. sudo service isc-dhcp-server restart