I just wanted to add a quick note that slaves must be set to point to /var/cache/bin in /etc/bind/named.conf.local or else apparmor will break the updating.
I just wanted to add a quick note that slaves must be set to point to /var/cache/bin in /etc/bind/named.conf.local or else apparmor will break the updating.
Hello all.
I'm hoping that the expertise on this thread will be able to answer my question.
Where I work we use a lot of fixed IP addresses - for local file shares on various pc's etc.
In fact every new team member (with a new pc) has to set their pc to use a fixed IP.
We also get regular visitor, and when they log onto our server sometimes they will "steal" one of the IP's that has been used by a regular team member. When that team member gets back from lunch (or that important meeting ) They can find that our visitor has "stolen" their normal IP address, and they can't get logged on!
Also the fixed IP thing seems to occasionally fail - for no known reason, creating a similar situation to that above.
I have suggested that the IP addressing should somehow be controled by the server, to resolve these issues.
But I would like to say that the server could "give out" IP on a fixed basis, so my terminal (host name "Dartagnon") will always get the same IP when I hook into the local network.
Am I correct that using DHCP / DNS / BIND / LDAP I should be able to set something up that meets these requirements?
Will it also be able to reserve a pool for the "fixed" ip addresses, and a pool for "guests"?
Can anyone give me a idea of where I should look to set this up. I've read a number of tutorials on DHCP / DNS /BIND / LDAP and I get the impression that this solution should be possible, but I have not seen anything specific for fixing host names to IP's (or alternatively MAC addresses - if that is easier).
Also I know that looking at my various wireless routers at home I can use MAC address filtering, and fix an IP from the router. So I guess I can do something similar with a DHCP server?
I'm quite happy to play around with setting this up at home in the first instance, but I would like to know that the support for this set up is available before I make a mess of everything
Thanks in advance
David
_______ edit 1 ________
Ok I've found this page whic certainly seems to suggest I can set the IP relating to the host name, and MAC address.
but how can I add in a "check" to ensure that if the host name isn't in the dhcpd.conf file it gets a specified IP address??
I guess it should be a simple bit of shell loop programming, but I'm not sure I know how to do this.... although as I say I'm happy to try!
______ edit 2 ________
I've just had an even better thought / question.
If I use LDAP / DNS / DHCP does the server automatically store the host names of the computers?
If so I guess it stores the hostname and IP address in a table / file somewhere. I get the impression this is partly the purpose of LDAP - or am I not understanding it properly?
If it doesn't can I configure it to do so??
david
Last edited by theDaveTheRave; June 19th, 2009 at 10:41 AM. Reason: found how to do it with DHCP, another idea
Hi all,
I am trying to configure a dns/webserver (still he he) anyways I got my router problem worked out and started trying to get the DNS configured. I registered a domain (globalcapeesh.com) and gave my information. My whois all looks right. I am having trouble setting the alias in my dns. In otherwords, you can visit my skelatal website by visiting ns1.globalcapeesh.com but not by visiting www.globalcapeesh.com. I was wondering if anyone has any experience with this type of problem. Thank you.
Here is my zones file:
; Use semicolons to add comments.
; Host-to-IP Address DNS Pointers for globalcapeesh.com
; Note: The extra "." at the end of addresses are important.
; The following parameters set when DNS records will expire, etc.
; Importantly, the serial number must always be iterated upward to prevent
; undesirable consequences. A good format to use is YYYYMMDDI where
; the I index is in case you make more that one change in the same day.
globalcapeesh.com. IN SOA ns1.globalcapeesh.com. hostmaster.globalcapeesh.com. (
200709131 ; serial
8H ; refresh
4H ; retry
4W ; expire
1D ; minimum
)
; NS indicates that ns1 is the name server on globalcapeesh.com
; MX indicates that ns1 is (also) the mail server on globalcapeesh.com
globalcapeesh.com. IN NS ns1.globalcapeesh.com.
globalcapeesh.com. IN NS ns2.globalcapeesh.com.
globalcapeesh.com. IN MX 10 ns1.globalcapeesh.com.
; Set an alias (canonical name) for ns1
www IN CNAME ns1
; Set the address for localhost.globalcapeesh.com
localhost IN A 127.0.0.1
; Set the hostnames in alphabetical order
ns1 IN A 10.0.1.2
ns2 IN A 10.0.1.3
hi, i already followed all your steps, but the dig result not showing example.com point to my ip.
ming@ming-laptop:~$ dig example.com
; <<>> DiG 9.5.0-P2 <<>> example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56470
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 78269 IN A 208.77.188.166
;; Query time: 13 msec
;; SERVER: 10.0.0.1#53(10.0.0.1)
;; WHEN: Tue Jun 30 19:08:54 2009
;; MSG SIZE rcvd: 45
or is this correct already?
xaiomahe,
I don't see the authority section in your output. Check to make sure that the zones are properly set up; you need have the start of authority (SOA) to connect them up right.
Hey, thanks for the tuts man, its working great... well kind of.
The DNS its self IS working... but i want something like this to work, http://intranet/ ... ranther than http://xxx.intranet/ .
I have tried changing example.com to intranet, but that doesnt quite work. I now have to do this: http://intranet./ for the PC to register http://intranet/ as a valid DNS destination.
Anyone got this to work with a single domain entry ?
EDIT:
Huh, its amazing what a night can do. I guess the dns timed out, and required an update, because i tried my intranet url again this morning, and it now works! Thanks again for the tuts guys
EDIT:
Maybe not... spoke too soon...
doesn't seem to like single domains, without extentions.
Last edited by meeces2911; July 14th, 2009 at 10:49 AM. Reason: -snip-
This tutorial definitely helped me a lot.. Thanks a lot all of you
I had the same error, as did several other folk earlier in this thread, but nobody ever seemed to answer. I did some digging through MAN pages and discovered that BIND9 needs an additional configuration file, rndc.conf, in the same directory as named.conf. This file seems to be part of the security features, but it's not created by the setup process. You apparently have to do it by hand, although there's a program called rndcconf located in /sbin that will create a key and show you a sample.
EDIT: I created the two rndc.* files required, made the modification to /etc/bind/named.conf.local as indicated by the sample rndc.conf file, and now have a new error:
Here's what /var/log/daemon.log shows:Code:jim@Mehitabel:~$ sudo /etc/init.d/bind9 restart * Stopping domain name service... bind [OK] rndc: connection to remote host closed This may indicate that * the remote server is using an older version of the command protocol, * this host is not authorized to connect, * the clocks are not syncronized, or * the key is invalid. [fail] * Starting domain name service... bind [ OK ] jim@Mehitabel:~$
So the questions now are why did the connection close, and what does "bad auth" mean???Code:Sep 27 10:06:09 Mehitabel named[6024]: invalid command from 127.0.0.1#47130: bad auth
Last edited by JKyleOKC; September 27th, 2009 at 04:21 PM. Reason: added information
--
Jim Kyle in Oklahoma, USA
Linux Counter #259718
Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads
"bad auth" simply means the authentication has failed.
The key lines are in red above. Either the clocks are out of synch (the server and terminal must be within 5 minutes for bind to start). Or your rndc keys are invalid or incorrectly generated/installed.
The output suggests your restarting this on the local host so the timing shouldn't be an issue. Maybe you could try regenerating the keys.
Bookmarks