bind + dhcpd 实现 动态 ddns

目标:

当客户获取 DHCP IP 地址后, 把当前使用中的主机名向 BIND 服务器自动注册, 实现自动域名解析功能

 

原理:

bind 用于域名解析,  为避免所有用户都能够用于更新 dns 服务器, 利用密钥进行数据更新验证

dhcpd 在分配 IP 地址同时, 把 DNS 更新密钥同时发送给客户, 客户自动向 BIND 服务器进行注册

 

dns 服务器端软件安装

[root@station149 /]# yum install -y bind*

Installed:
  bind.x86_64 32:9.8.2-0.17.rc1.el6_4.6                         bind-chroot.x86_64 32:9.8.2-0.17.rc1.el6_4.6
  bind-devel.x86_64 32:9.8.2-0.17.rc1.el6_4.6                   bind-dyndb-ldap.x86_64 0:2.3-5.el6
  bind-sdb.x86_64 32:9.8.2-0.17.rc1.el6_4.6

Complete!


创建密钥

[root@station149 /]# rndc-confgen -r /dev/urandom -a
wrote key file "/etc/rndc.key"
[root@station149 /]# chown named:named /etc/rndc.key
[root@station149 /]# chown 644 /etc/rndc.key

 

当前密钥文件内容

key "rndckey" {
        algorithm hmac-md5;
        secret "qUGWW02EZVKUNMK/iorkgg==";
};

把密钥内容复制至 bind, dhcp 配置或可选使用 include 进行文件导入方法载入密钥


bind 配置文件定义

vi /var/named/chroot/etc/named.conf

options {
        directory "/var/named";
        forwarders { 8.8.8.8; };
};

key "rndckey" {
        algorithm hmac-md5;
        secret "qUGWW02EZVKUNMK/iorkgg==";
};
#下面 定义只能够通过本机 DHCP 进行 DNS 更新
controls {
        inet 127.0.0.1 allow { 127.0.0.1; } keys { rndckey; };
};

zone "cloud.com." IN {
        type master;
        file "cloud.com.master.zone";
        allow-update { key rndckey; };
};

zone "48.168.192.in-addr.arpa." IN {
        type master;
        file "48.168.192.in-addr.arpa.master.zone";
        allow-update { key rndckey; };
};



正向 zone 配置文件
vi /var/named/chroot/var/named/cloud.com.master.zone

$TTL 86400
@ IN SOA station149.cloud.com. root.station149.cloud.com. (
        2014011510
        1400
        2300
        25000
        86400 )

@       IN              NS      station149.cloud.com.

station149              IN      A       192.168.48.149

 

反向 zone 配置文件

vi /var/named/chroot/var/named/48.168.192.in-addr.arpa.master.zone
$TTL 86400
@ IN SOA station149.cloud.com. root.station149.cloud.com. (
        2014010810
        1400
        2300
        25000
        86400 )

@       IN              NS      station149.cloud.com.

149             IN      PTR     station149.cloud.com.

 

注: 当前只配置正向, 反向配置文件, 其他主机利用 DDNS 方法自动进行注册

 

启动 bind 并验证

[root@station149 /]# chown named:named /var/named/chroot/var/named/*.zone
[root@station149 /]# service named restart
停止 named:                                               [确定]
启动 named:                                               [确定]


 dns 客户端配置

[root@station149 ~]# vi /etc/resolv.conf
search clound.com
nameserver 192.168.48.149


测试

[root@station149 ~]# host station149.cloud.com
station149.cloud.com has address 192.168.48.149
[root@station149 ~]# host 192.168.48.149
149.48.168.192.in-addr.arpa domain name pointer station149.cloud.com.
[root@station149 ~]# host www.google.com.hk
www.google.com.hk is an alias for www-wide.l.google.com.
www-wide.l.google.com has address 74.125.128.199
www-wide.l.google.com has IPv6 address 2404:6800:4005:c00::c7


DHCP 服务器配置

软件安装

[root@station149 ~]# yum install -y dhcp

Installed:
  dhcp.x86_64 12:4.1.1-38.P1.el6.centos

Complete!


vi /etc/dhcp/dhcpd.conf

key "rndckey" {
        algorithm hmac-md5;
        secret "qUGWW02EZVKUNMK/iorkgg==";
};

ddns-domainname "cloud.com.";
ddns-update-style interim;
ddns-rev-domainname "in-addr.arpa.";
ddns-updates on;

authoritative;
#master server for this domain

# Allow only the DHCP server to update DNS
ignore client-updates;
allow unknown-clients;

host pdc {
   hardware ethernet 00:0B:2B:17:2F:00;
   fixed-address 192.168.48.2;
}

zone  48.168.192.in-addr.arpa {
        primary 127.0.0.1;
        key rndckey;
}

zone cloud.com {
        primary 127.0.0.1;
        key rndckey;
}

subnet 192.168.48.0 netmask 255.255.255.0 {
        range                        192.168.48.20 192.168.48.126;
        default-lease-time              86400;
        max-lease-time                172800;
        option subnet-mask             255.255.255.0;
        option broadcast-address        192.168.48.255;
        option routers                 192.168.48.1;
        option domain-name            "cloud.com.";
        option domain-name-servers     192.168.48.149;
}


启动 dhcpd

service dhcpd start


 

需要注意的问题:

观察 dhcp 服务器

[root@station149 etc]# cat /var/lib/dhcpd/dhcpd.leases

# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.1.1-P1

server-duid "\000\001\000\001\032i\023^\000PV\201\350\247";

lease 192.168.48.60 {
  starts 3 2014/01/15 09:38:11;
  ends 4 2014/01/16 09:38:11;
  cltt 3 2014/01/15 09:38:11;
  binding state active;
  next binding state free;
  hardware ethernet 00:50:56:81:72:9d;
  client-hostname "terry";
}


假如无法发现  client-hostname "terry";  信息
则需要配置客户端, 添加 DHCP_HOSTNAME 配置

 

参考客户端配置信息

[root@terry sysconfig]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=terry
DHCP_HOSTNAME=terry

 

参考更新 bind 服务器的日志

Jan 15 17:40:42 station149 named-sdb[5646]: client 127.0.0.1#46556: signer "rndckey" approved
Jan 15 17:40:42 station149 named-sdb[5646]: client 127.0.0.1#46556: updating zone ‘cloud.com/IN‘: adding an RR at ‘terry.cloud.com‘ A
Jan 15 17:40:42 station149 named-sdb[5646]: client 127.0.0.1#46556: updating zone ‘cloud.com/IN‘: adding an RR at ‘terry.cloud.com‘ TXT
Jan 15 17:40:42 station149 named-sdb[5646]: cloud.com.master.zone.jnl: create: permission denied
Jan 15 17:40:42 station149 named-sdb[5646]: client 127.0.0.1#46556: updating zone ‘cloud.com/IN‘: error: journal open failed: unexpected error
Jan 15 17:40:42 station149 dhcpd: Unable to add forward map from terry.cloud.com. to 192.168.48.60: timed out
Jan 15 17:40:42 station149 dhcpd: DHCPREQUEST for 192.168.48.60 from 00:50:56:81:72:9d (terry) via eth0
Jan 15 17:40:42 station149 dhcpd: DHCPACK on 192.168.48.60 to 00:50:56:81:72:9d (terry) via eth0

 

注意 /var/name/chroot/var/named 目录是否可以被用户  named 读写

 

假设一切正常,  /var/named/chroot/var/named 目录下将会自动产生  jnl 后缀文件

[root@station149 named]# cd /var/named/chroot/var/named/
[root@station149 named]# ls *.jnl
48.168.192.in-addr.arpa.master.zone.jnl  cloud.com.master.zone.jnl

 

最后, 电脑会自动在 DNS 中注册 terry.cloud.com 及对应 IP 地址, 验证:

[root@station149 named]# host terry.cloud.com
terry.cloud.com has address 192.168.48.60
[root@station149 named]# host 192.168.48.60
60.48.168.192.in-addr.arpa domain name pointer terry.cloud.com.



 

 



 



 

bind + dhcpd 实现 动态 ddns

上一篇:centos 6.4 QT5 的安装,找不到GLIBCXX_3.4.15的解决办法


下一篇:RDLC系列之六 打印纸张的大小(未解决)