Menu
▾
▴
Re: [webmin-l] DNS and DHCP questions
|
From: Jamie C. <jca...@we...> - 2011-10-01 04:14:44
|
On 30/Sep/2011 10:14 Stack KororÄ <i.a...@gm...> wrote .. > Hello, > > I have been reading documentation and struggling with a project for two days > now. I would greatly appreciate some help as I am certain someone who knows > what they are doing could do this in a matter of minutes. I do not have much > experience with BIND or DHCP (outside of having ipfire or DD-WRT do it for > me on a small home network) and the first day I got nowhere. However, I have > made decent progress with webmin and the documentation I have found through > webmin in configuring DHCP and DNS has been a huge help. I have provided > some background to help clarify what I am trying to do. > > First up, my research LAN has _no_ internet connection. I get the pleasure > of using a portable hard drive across the sneakernet. Second, I am > rebuilding everything from scratch and I am wanting to do it a little better > then the hackNpatch method that was in place before. It was a good learning > experience but I am tired of all the constant fixing of little problems > because of the hackNpatch. > > I installed Scientific Linux 6.1 as it best meets my requirements for > research. The very first box was a minimal install of SL6.1. I then > installed webmin and opened up the port for it in the firewall. I installed > a desktop on the second box. Right now, I hard coded both IP addresses. The > server is 10.1.1.1 and the desktop is 10.1.1.10. The netmask is 255.255.0.0 > and the gateway is 10.1.0.1 (the switch). I updated the DNS later on below. > > On the server I installed bind-9.7.3-2 and dhcp-4.1.1-19 (+dependencies) from > the SL6.1 DVD with “rpm –i”. From the desktop browser I logged into webmin > and made sure both modules were loaded. Since then I have read the > documentation several times as posted on the webmin wiki. > > Here is what I would prefer happen. I would like three DHCP ranges: 10.1.1.X > for the various server class systems I use, 10.1.2.X for the desktop > developer stations I use, and 10.1.3.X for the research test stations. I do > have reasons for this split which explaining may add unnecessary complexity > (though I will if it helps). > > 10.1.1.X : At first, I was not planning on having DHCP setup as I was > planning on hard setting the IP address. However, after reading lots of > documentation I am now thinking it would be best to set a static IP for the > mac address and disabling a DHCP range on this subnet. This would still > allow a hard set IP (needed for some applications I use as they don’t deal > well with FQDN’s) but I don’t have to manage each box as it would all be > handled inside the DHCP server webmin interface. > > 10.1.2.X : This would be a DHCP range. I really don’t care what IP address > these boxes have, however, it is important that their FQDN is updated so > that host1.project.local is always updated. I think I have this working, but > I have only tested it out with one box so far. I plug network cable in, and > the box gets an IP so that counts as working... > > 10.1.3.X : These boxes will be PXE booted and managed through a kickstart > file. It is important that each box gets the same name and IP every time. > Webmin has the ability to set hosts with IP and MAC so it looks like this is > easily doable. > > I would /really/ like to have 10.1.1.2 be a “failover” server for DHCP/DNS > but that is a ways down the road right now. I have not attempted this yet as > I don’t have 10.1.1.1 working. The old hackNpatch system had issues and > would constantly stop responding which messed with the whole network. A > second server would be nice to have to pick up DNS/DHCP requests when the > first wasn’t responding. I may not have that problem with this rebuild, but > I don’t want to risk it again. > > I was able to get DHCP working rather quickly with webmin. I think I have it > configured properly. I configured a shared network for my project and then > created subnets for each of the three ranges in that shared network. I have > not done extensive testing, however, I can add a host and MAC address to > each of those subnets and when I plug the corresponding computer into the > network they get proper IP addresses! Horay! > > > > The DNS webmin module I setup with the “internal non-internet use only” > option. I configured a root zone of project.local and made sure that the > 10.1.1.1 address was associated with the proper hostname as the DNS server. > I also opened up port 53 in the firewall. > > > > My Issues and questions. > > > > Webmin DHCP and DNS module Question: > > > > The DNS wiki says “This Webmin module always updates all of these files > directly, instead of by communicating with the running BIND process. This > means that if you are running some other program that dynamically updates > zones by communicating with BIND (such as a DHCP server), then this module > should not be used as it may interfere with these changes.” I do not > understand what this means. Should I run DHCP and DNS on separate boxes? Or > does it just mean I shouldn’t use webmin to manage both? No .. what this means is that if you have your DHCP server configured to automatically add and update DNS entries, you can't safely use Webmin to edit the same DNS zone. This is rarely done though, so if you haven't enabled this DHCPd option you don't need to worry. > DHCP/DNS Question: > > I updated all of the systems to point their DNS to 10.1.1.1. After reading > the wiki I figured out how to have the DNS information pushed out > automatically from DHCP. The DHCP server knows host, IP, and MAC, but I > don’t think it is updating the DNS and I am not sure how to make it do it. I > can ping the other computers by IP, but when I ping by hostname (eg host1) > it fails immediately with “unknown host”. Nothing shows up in the DNS logs. > When I ping by FQDN (eg host1.project.local) it thinks about it for a long > time before returning “unknown host” and a lot of messages show up in the > DNS log file. There are messages like “named[20213]: error (network > unreachable) resolving ‘fxfeeds.mozilla.com/A/IN’ : 2011:503:c27::2:30#53”. > I can do a dig on the FQDN and get a response back from the DNS server but > it doesn’t show the host with an IP address. > > My guess is that the DHCP server isn’t updating the records to the DNS > server. I am assuming that since the DNS server doesn’t have the updated > records, it is trying to contact some other master DNS system, which it > doesn’t have access to. > > How do I make DNS stop trying to access the outside world? Remove the 'root' zone from your DNS server configuration. THis will prevent it from looking up DNS records outside your local zones though.. > How do I force the DHCP server to update the DNS records? > > Since the DHCP server will know just about everything about the host (name, > IP, MAC) is there a way to make it act as the DNS? I don’t think so from my > understanding of how they work, but it would make it super simple for my > use-case if it did. :) This can be done, but not within Webmin .. you'd have to manually edit the DNS and DHCP server configs. Are you sure it is needed though? Most systems that get addresses dynamically assigned like laptops and windows desktops don't need a DNS entry. For other systems, you can setup your DHCP server to give them static addresses. > PXE/DHCP Question: > > I have not messed with this too much, but it looks like I can use the DHCP > server as my PXE server. However, I have not found much information and > documentation on how to do this with webmin and the information I have found > with the DHCP package is a bit over my head. Does anyone have a good source > for doing this? Or do I just need to suck it up and muddle my way through > the DHCP docs? Sorry, but I don't know anything about using DHCPd as a PXE server.. - Jamie |
