DNS-DHCP configuration

From Playing with linux...
Revision as of 16:34, 28 February 2012 by 2001:610:300:64::e (talk)
Jump to navigation Jump to search

Configuration file for "dhcpd -4 -cf dhcpd.conf.ipv4 eth0"

# dhcpd.conf.ipv4

##############################
# default options:
authoritative;
log-facility local7;

ddns-update-style interim;
option domain-name "local.lan";

lease-file-name "/var/run/dhcpd/dhcpd.leases.ipv4";
default-lease-time 7200;
max-lease-time 28800;

update-conflict-detection false;

##############################
# dynamic dns updates

include "/etc/dhcp-dns.key";
 
zone local.lan. {
        primary 127.0.0.1;
        key updatekey;
}
 
zone 0.0.10.in-addr.arpa. {
        primary 127.0.0.1;
        key updatekey;
}

##############################
# subnet and host definitions

subnet 10.0.0.0 netmask 255.255.255.0 {
  range 10.0.0.128 10.0.0.191;
  option routers 10.0.0.1;
  option domain-name-servers 10.0.0.1;
  option ntp-servers 10.0.0.1;
  option broadcast-address 10.0.0.255;
}

group {
  host printer {
    hardware ethernet 00:de:ad:be:ef:01;
    fixed-address 10.0.0.10;
  }

  host fridge {
    hardware ethernet 00:de:ad:be:ef:02;
    fixed-address 10.0.0.11;
  }
update-static-leases on;
}

And the dhcp-dns.conf file is generated by the following command:

dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER

It creates a file called Kdhcp_updater.+???+?????.key Get your hash from the key file and paste it in dhcp-dns-conf, which should look like this:

key updatekey {
  algorithm hmac-md5;
  secret "abcdefghijklmnopqrstuv==";
};

Then all we need is named.conf:

options {
        pid-file "/var/run/named/named.pid";
        directory "/var/named";
        listen-on port 53 {127.0.0.1;10.0.0.1;};
        allow-query {127.0.0.0/8;10.0.0.0/24;};
};

////////////////////////////////////////////
// include key to receive updates from dhcpd
include "/etc/dhcp-dns.key";


zone "." IN {
        type hint;
        file "named.root";
};

zone "local.lan" IN {
        type master;
        file "local.lan.zone";
        allow-update { key updatekey; };
};

zone "0.0.10.in-addr.arpa" IN {
        type master;
        file "0.0.10.in-addr.arpa.rev";
        allow-update { key updatekey; };
};