Raspberry Pi Authoritative DNS Server: Difference between revisions
Jump to navigation
Jump to search
(→Zones) |
(→Client) |
||
| (52 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
'''Domain Information''' | |||
<source lang="bash"> | |||
Domain : shahed.biz | |||
Name Server : ns8533.hostgator.com | |||
Name Server : ns8534.hostgator.com | |||
Subdomain : dev.shahed.biz (public) | |||
CNAME of dev : cki00.ddns.net (noip.com) | |||
</source> | |||
'''Netowrk Information''' | |||
<source lang="bash"> | |||
GTW : 10.19.83.1 (Gateway/Router) | |||
DMZ : 10.19.83.5 (dev.shahed.biz & Name server) | |||
LAN : 10.19.83.0/24 (Private network & range 0~255) | |||
</source> | |||
==Install== | ==Install== | ||
<source lang="bash"> | <source lang="bash"> | ||
sudo su | sudo su | ||
apt update | apt update && apt upgrade | ||
apt upgrade | |||
apt install bind9 bind9utils bind9-doc dnsutils | apt install bind9 bind9utils bind9-doc dnsutils | ||
#apt purge bind9 bind9utils bind9-doc dnsutils | |||
#sudo apt autoremove | |||
</source> | </source> | ||
<code>nano /etc/default/bind9</code> | |||
<source lang="ini"> | <source lang="ini"> | ||
# run resolvconf? | # run resolvconf? | ||
| Line 19: | Line 36: | ||
<code>nano /etc/bind/named.conf.options</code> | <code>nano /etc/bind/named.conf.options</code> | ||
<source lang="ini"> | <source lang="ini"> | ||
acl | acl internals { | ||
127.0.0.0/ | 127.0.0.0/24; # 0-255 | ||
10.19.83.0/24; | 10.19.83.0/24; # 0-255 | ||
}; | |||
acl externals { | |||
10.19.83.0/29; # 0-7 | |||
!10.19.83.0/24; # 0-255 | |||
}; | }; | ||
options { | options { | ||
directory "/var/cache/bind"; | directory "/var/cache/bind"; | ||
auth-nxdomain no; | |||
forwarders { | forwarders { | ||
8.8.8.8; # Google DNS | 8.8.8.8; # Google DNS | ||
| Line 31: | Line 54: | ||
10.19.83.1; # Router DNS | 10.19.83.1; # Router DNS | ||
}; | }; | ||
dnssec-validation auto; | dnssec-validation auto; | ||
listen-on-v6 { none; }; | listen-on-v6 { none; }; | ||
listen-on port 53 { | listen-on port 53 { | ||
127.0.0.1; | 127.0.0.1; | ||
10.19.83. | 10.19.83.5; | ||
}; | }; | ||
allow-transfer { none; }; | allow-transfer { none; }; | ||
allow-query { | allow-query { internals; }; | ||
allow-recursion { | allow-recursion { internals; }; | ||
}; | }; | ||
</source> | </source> | ||
| Line 46: | Line 68: | ||
==Keygen== | ==Keygen== | ||
<source lang="bash"> | <source lang="bash"> | ||
dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER | dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER ddn.dev.shahed.biz | ||
</source> | </source> | ||
| Line 67: | Line 87: | ||
}; | }; | ||
zone " | zone "ddn.dev.shahed.biz" { | ||
type master; | type master; | ||
file "/etc/bind/zones/db. | file "/etc/bind/zones/db.ddn.dev.shahed.biz"; | ||
notify yes; | notify yes; | ||
allow-update { key | allow-update { key ddn.dev.shahed.biz.; }; | ||
allow-query { any; }; | allow-query { any; }; | ||
}; | }; | ||
key | key ddn.dev.shahed.biz. { | ||
algorithm HMAC-MD5; | algorithm HMAC-MD5; | ||
secret " | secret "BOpzhxmLpMwUIJR9Z3mMvQ=="; | ||
}; | }; | ||
// consider adding the 1918 zones here | // consider adding the 1918 zones here | ||
//include "/etc/bind/zones.rfc1918"; | // include "/etc/bind/zones.rfc1918"; | ||
</source> | </source> | ||
== Forward Lookup Zone== | ===Forward Lookup Zone=== | ||
<source lang="bash"> | <source lang="bash"> | ||
mkdir /etc/bind/zones | mkdir /etc/bind/zones | ||
| Line 91: | Line 111: | ||
<source lang="ini"> | <source lang="ini"> | ||
; | ; | ||
; BIND data file | ; BIND forward data file | ||
$TTL 600 ; | ; | ||
$TTL 600 ; 10M | |||
$ORIGIN dev.shahed.biz. | $ORIGIN dev.shahed.biz. | ||
@ IN SOA | @ IN SOA ns0.dev.shahed.biz. root.dev.shahed.biz. ( | ||
201908121 ; Serial YYYYmmddI | |||
3600 ; Refresh 01H | 3600 ; Refresh 01H | ||
600 ; Retry 10M | 600 ; Retry 10M | ||
86400 ; Expire 01D | 86400 ; Expire 01D | ||
600 ) ; Negative Cache TTL | 600 ) ; Negative Cache TTL 10M | ||
; NS Records | ; NS Records | ||
@ IN NS | @ IN NS ns0.dev.shahed.biz. | ||
@ IN A 10.19.83. | @ IN NS ns8533.hostgator.com. | ||
@ IN NS ns8534.hostgator.com. | |||
@ IN NS dev.shahed.biz. | |||
@ IN A 10.19.83.5 | |||
; A Records | ; A Records | ||
apn A 10.19.83.2 | apn A 10.19.83.2 | ||
av5 A 10.19.83.9 | |||
gtw A 10.19.83.1 | gtw A 10.19.83.1 | ||
mac A 10.19.83.10 | |||
ns0 A 10.19.83.5 | |||
one A 10.19.83.8 | |||
pi3 A 10.19.83.3 | |||
pih A 10.19.83.4 | |||
piw A 10.19.83.5 | |||
ras A 10.19.83.12 | |||
sha A 10.19.83.11 | |||
; CNAME | |||
ftp CNAME ns0 | |||
dmz CNAME ns0 | |||
</source> | </source> | ||
==Reverse Lookup Zone== | ===Reverse Lookup Zone=== | ||
<source lang="bash"> | <source lang="bash"> | ||
cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10 | cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10 | ||
nano /etc/bind/zones/db. | nano /etc/bind/zones/db.83.19.10 | ||
</source> | </source> | ||
<source lang="ini"> | <source lang="ini"> | ||
; | ; | ||
; BIND reverse data file | ; BIND reverse data file | ||
; | ; | ||
$TTL 600 ; | $TTL 600 ; 10M | ||
$ORIGIN 83.19.10.in-addr.arpa. | $ORIGIN 83.19.10.in-addr.arpa. | ||
@ IN SOA | @ IN SOA ns0.dev.shahed.biz. root.dev.shahed.biz. ( | ||
201908121 ; Serial YYYYmmddI | |||
3600 ; Refresh 01H | 3600 ; Refresh 01H | ||
600 ; Retry 10M | 600 ; Retry 10M | ||
86400 ; Expire 01D | 86400 ; Expire 01D | ||
600 ) ; Negative Cache TTL | 600 ) ; Negative Cache TTL 10M | ||
; NS Records | ; NS Records | ||
@ IN NS | @ IN NS ns0.dev.shahed.biz. | ||
@ IN NS dev.shahed.biz. | |||
; PTR Records | ; PTR Records | ||
1 | 1 IN PTR gtw.dev.shahed.biz. | ||
2 | 2 IN PTR apn.dev.shahed.biz. | ||
3. | 3 IN PTR pi3.dev.shahed.biz. | ||
4 IN PTR pih.dev.shahed.biz. | |||
5 IN PTR dev.shahed.biz. | |||
5 IN PTR dmz.dev.shahed.biz. | |||
5 IN PTR ftp.dev.shahed.biz. | |||
5 IN PTR ns0.dev.shahed.biz. | |||
5 IN PTR piw.dev.shahed.biz. | |||
8 IN PTR one.dev.shahed.biz. | |||
9 IN PTR av5.dev.shahed.biz. | |||
10 IN PTR mac.dev.shahed.biz. | |||
11 IN PTR sha.dev.shahed.biz. | |||
12 IN PTR ras.dev.shahed.biz. | |||
</source> | </source> | ||
==DDNS Forward | ===DDNS Forward Zone=== | ||
<source lang="bash"> | <source lang="bash"> | ||
cp /etc/bind/db.local /etc/bind/zones/db. | cp /etc/bind/db.local /etc/bind/zones/db.ddn.dev.shahed.biz | ||
nano /etc/bind/zones/db. | nano /etc/bind/zones/db.ddn.dev.shahed.biz | ||
</source> | </source> | ||
<source lang="ini"> | <source lang="ini"> | ||
; | ; | ||
; BIND data file for | ; BIND forward data file for ddn.dev.shahed.biz | ||
; | ; | ||
$ORIGIN . | $ORIGIN . | ||
$TTL | $TTL 600 ; 10M | ||
ddn.dev.shahed.biz IN SOA ns0.dev.shahed.biz. root.ddn.dev.shahed.biz. ( | |||
201908121 ; serial YYYYmmddI | |||
600 ; refresh 10M | |||
7200 ; retry 02H | 7200 ; retry 02H | ||
604800 ; expire 01W | 604800 ; expire 01W | ||
600 ) ; Negative Cache TTL 10M | |||
NS | NS ns0.dev.shahed.biz. | ||
A 10.19.83. | A 10.19.83.5 | ||
</source> | </source> | ||
| Line 171: | Line 211: | ||
<source lang="bash"> | <source lang="bash"> | ||
named-checkconf -z | named-checkconf -z | ||
named-checkzone ddn.dev.shahed.biz /etc/bind/zones/db.ddn.dev.shahed.biz | |||
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz | named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz | ||
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10 | named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10 | ||
| Line 179: | Line 220: | ||
/etc/init.d/bind9 restart | /etc/init.d/bind9 restart | ||
service bind9 restart | service bind9 restart | ||
netstat -tulpn | |||
netstat -tap | |||
reboot | reboot | ||
</source> | |||
<source lang="bash"> | |||
rndc dumpdb -cache | |||
rndc flush | |||
rndc reload | |||
</source> | </source> | ||
==Client== | ==Client== | ||
<code>nano /etc/ | <code>sudo nano /etc/dhcpcd.conf</code> | ||
<source lang="ini"> | <source lang="ini"> | ||
# Chorke Academia, Inc. | |||
#static domain_name_servers=10.19.83.5 10.19.83.1 | |||
static domain_search=dev.shahed.biz | |||
#static host_name=pih | |||
</source> | |||
<source lang="bash" highlight="5,6"> | |||
sudo systemctl restart dhcpcd | |||
sudo systemctl daemon-reload | |||
sudo apt install resolvconf | |||
sudo apt install openresolv | |||
sudo resolvconf -u | |||
</source> | |||
===DDNS Client=== | |||
<code>$HOME/ddnsclient</code> | |||
<source lang="bash"> | |||
#!/bin/bash | |||
: ' | |||
@author "Chorke Academia, Inc."<[email protected]> | |||
@vendor Chorke Academia, Inc. | |||
@web http://chorke.org | |||
@version 1.0.00.GA | |||
@since 1.0.00.GA | |||
' | |||
# http://zteo.com/posts/your-own-dynamic-dns-in-3-steps | |||
# http://dynupdate.no-ip.com/ip.php | |||
# http://www.antedes.com/getip.php | |||
# http://checkip.dyndns.org | |||
IPS='http://dynupdate.no-ip.com/ip.php' | |||
DNSP='/etc/bind/ddnskeys' | |||
while true; do | |||
# first, retrieve ipaddress | |||
CURIP=`curl -s $IPS | awk '{ print $1 }'` | |||
OLDIP=`cat $DNSP/oldip` | |||
# compare to previously saved ip | |||
[ "$CURIP" == "$OLDIP" ] && continue | |||
echo $CURIP > $DNSP/oldip | |||
# if different, tell dns | |||
echo "server dev.shahed.biz" > $DNSP/zone | |||
echo "zone ddn.dev.shahed.biz" >> $DNSP/zone | |||
echo "update delete ddn.dev.shahed.biz. A" >> $DNSP/zone | |||
echo "update add ddn.dev.shahed.biz. 86400 A $CURIP" >> $DNSP/zone | |||
echo "show" >> $DNSP/zone | |||
echo "send" >> $DNSP/zone | |||
/usr/bin/nsupdate -k $DNSP/Kddn.dev.shahed.biz.+157+55098.private $DNSP/zone | |||
sleep 300 # (5M, 30M) = (300, 1800) | |||
done | |||
</source> | </source> | ||
<source lang="bash"> | |||
<source lang=" | chmod 755 "$HOME/ddnsclient" | ||
# nohup "$HOME/ddnsclient" & | |||
nohup "$HOME/ddnsclient" 2>> /dev/null >> /dev/null & | |||
</source> | </source> | ||
==Debug== | ==Debug== | ||
<source lang="bat"> | <source lang="bat"> | ||
@rem clear | @rem clear windows dns cache | ||
ipconfig /flushdns | ipconfig /flushdns | ||
ipconfig /displaydns | ipconfig /displaydns | ||
| Line 203: | Line 304: | ||
<source lang="bash"> | <source lang="bash"> | ||
scutil --dns | |||
scutil -r hostname | |||
# clear macos dns cache | # clear macos dns cache | ||
sudo dscacheutil -flushcache | |||
sudo killall -HUP mDNSResponder | sudo killall -HUP mDNSResponder | ||
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist | |||
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist | |||
</source> | |||
<source lang="bash"> | |||
# clear ubuntu dns cache | |||
sudo systemd-resolve --flush-caches | |||
sudo systemd-resolve --statistics | |||
#sudo /etc/init.d/dns-clean start | |||
</source> | |||
<source lang="bash"> | |||
#from local area network | |||
dig @10.19.83.5 shahed.biz | |||
dig @10.19.83.5 dev.shahed.biz | |||
dig @10.19.83.5 apn.dev.shahed.biz | |||
dig @10.19.83.5 ddn.dev.shahed.biz | |||
dig @10.19.83.5 gtw.dev.shahed.biz | |||
</source> | </source> | ||
<source lang="bash"> | <source lang="bash"> | ||
dig @ | #from horizon/world wide | ||
dig @10.19.83. | dig @dev.shahed.biz shahed.biz | ||
dig @ | dig @dev.shahed.biz -x 10.19.83.1 | ||
dig @ | dig @dev.shahed.biz dev.shahed.biz | ||
dig @ | dig @dev.shahed.biz apn.dev.shahed.biz | ||
dig @dev.shahed.biz ddn.dev.shahed.biz | |||
dig @dev.shahed.biz gtw.dev.shahed.biz | |||
</source> | </source> | ||
<source lang="bash"> | <source lang="bash"> | ||
#from lan only | |||
nslookup shahed.biz | nslookup shahed.biz | ||
nslookup dev.shahed.biz | nslookup dev.shahed.biz | ||
nslookup apn.dev.shahed.biz | nslookup apn.dev.shahed.biz | ||
nslookup | nslookup ddn.dev.shahed.biz | ||
nslookup gtw.dev.shahed.biz | nslookup gtw.dev.shahed.biz | ||
</source> | </source> | ||
| Line 229: | Line 354: | ||
* [https://www.linuxbabe.com/ubuntu/set-up-authoritative-dns-server-ubuntu-18-04-bind9 Set Up Authoritative DNS Server on Ubuntu 18.04, 16.04 with BIND9] | * [https://www.linuxbabe.com/ubuntu/set-up-authoritative-dns-server-ubuntu-18-04-bind9 Set Up Authoritative DNS Server on Ubuntu 18.04, 16.04 with BIND9] | ||
* [https://buildthings.wordpress.com/raspberry-pi-bind9-dns-ddns-dynamic-dns-dnssec-keygen-nsupdate-ddnsclient-on-off-switch-ham-radio-arduino-attiny-remote-base/ Raspberry Pi Bind9 DNS/DDNS (Dynamic DNS) Server] | * [https://buildthings.wordpress.com/raspberry-pi-bind9-dns-ddns-dynamic-dns-dnssec-keygen-nsupdate-ddnsclient-on-off-switch-ham-radio-arduino-attiny-remote-base/ Raspberry Pi Bind9 DNS/DDNS (Dynamic DNS) Server] | ||
* [http://www.zytrax.com/books/dns/ch4/#stealth Stealth (DMZ/Hidden Master) Name Server] | |||
* [https://domoticproject.com/configuring-dns-server-raspberry-pi/ Configuring a DNS Server in Raspberry Pi] | * [https://domoticproject.com/configuring-dns-server-raspberry-pi/ Configuring a DNS Server in Raspberry Pi] | ||
* [http://bikramdhoju.com.np/network&system/DNS-Series-2/ Setting up Private DNS Server with BIND9] | * [http://bikramdhoju.com.np/network&system/DNS-Series-2/ Setting up Private DNS Server with BIND9] | ||
* [http://www.zytrax.com/books/dns/ch6/mydomain.html DNS Sample External Domain Zone file] | |||
* [http://www.zytrax.com/books/dns/ch7/address_match_list.html BIND Definition of Address List Match] | |||
* [http://www.zytrax.com/books/dns/ch6/#stealth Stealth (Split/DMZ) DNS Server] | |||
* [http://www.zytrax.com/books/dns/ch7/statements.html List of Statements] | |||
Latest revision as of 17:56, 31 August 2020
Domain Information
Domain : shahed.biz
Name Server : ns8533.hostgator.com
Name Server : ns8534.hostgator.com
Subdomain : dev.shahed.biz (public)
CNAME of dev : cki00.ddns.net (noip.com)
Netowrk Information
GTW : 10.19.83.1 (Gateway/Router)
DMZ : 10.19.83.5 (dev.shahed.biz & Name server)
LAN : 10.19.83.0/24 (Private network & range 0~255)
Install
sudo su
apt update && apt upgrade
apt install bind9 bind9utils bind9-doc dnsutils
#apt purge bind9 bind9utils bind9-doc dnsutils
#sudo apt autoremove
nano /etc/default/bind9
# run resolvconf?
RESOLVCONF=no
# startup options for the server
OPTIONS="-u bind -4"
Options
nano /etc/bind/named.conf.options
acl internals {
127.0.0.0/24; # 0-255
10.19.83.0/24; # 0-255
};
acl externals {
10.19.83.0/29; # 0-7
!10.19.83.0/24; # 0-255
};
options {
directory "/var/cache/bind";
auth-nxdomain no;
forwarders {
8.8.8.8; # Google DNS
8.8.4.4; # Google DNS
10.19.83.1; # Router DNS
};
dnssec-validation auto;
listen-on-v6 { none; };
listen-on port 53 {
127.0.0.1;
10.19.83.5;
};
allow-transfer { none; };
allow-query { internals; };
allow-recursion { internals; };
};
Keygen
dnssec-keygen -K /etc/bind/ddnskeys -C -a HMAC-MD5 -b 128 -n USER ddn.dev.shahed.biz
Zones
nano /etc/bind/named.conf.local
include "/etc/bind/rndc.key";
zone "dev.shahed.biz" {
type master;
file "/etc/bind/zones/db.dev.shahed.biz"; # zone file path
allow-update { key rndc-key; };
};
zone "83.19.10.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.83.19.10"; # 10.19.83.0/24 subnet
allow-update { key rndc-key; };
};
zone "ddn.dev.shahed.biz" {
type master;
file "/etc/bind/zones/db.ddn.dev.shahed.biz";
notify yes;
allow-update { key ddn.dev.shahed.biz.; };
allow-query { any; };
};
key ddn.dev.shahed.biz. {
algorithm HMAC-MD5;
secret "BOpzhxmLpMwUIJR9Z3mMvQ==";
};
// consider adding the 1918 zones here
// include "/etc/bind/zones.rfc1918";
Forward Lookup Zone
mkdir /etc/bind/zones
cp /etc/bind/db.local /etc/bind/zones/db.dev.shahed.biz
nano /etc/bind/zones/db.dev.shahed.biz
;
; BIND forward data file
;
$TTL 600 ; 10M
$ORIGIN dev.shahed.biz.
@ IN SOA ns0.dev.shahed.biz. root.dev.shahed.biz. (
201908121 ; Serial YYYYmmddI
3600 ; Refresh 01H
600 ; Retry 10M
86400 ; Expire 01D
600 ) ; Negative Cache TTL 10M
; NS Records
@ IN NS ns0.dev.shahed.biz.
@ IN NS ns8533.hostgator.com.
@ IN NS ns8534.hostgator.com.
@ IN NS dev.shahed.biz.
@ IN A 10.19.83.5
; A Records
apn A 10.19.83.2
av5 A 10.19.83.9
gtw A 10.19.83.1
mac A 10.19.83.10
ns0 A 10.19.83.5
one A 10.19.83.8
pi3 A 10.19.83.3
pih A 10.19.83.4
piw A 10.19.83.5
ras A 10.19.83.12
sha A 10.19.83.11
; CNAME
ftp CNAME ns0
dmz CNAME ns0
Reverse Lookup Zone
cp /etc/bind/db.127 /etc/bind/zones/db.83.19.10
nano /etc/bind/zones/db.83.19.10
;
; BIND reverse data file
;
$TTL 600 ; 10M
$ORIGIN 83.19.10.in-addr.arpa.
@ IN SOA ns0.dev.shahed.biz. root.dev.shahed.biz. (
201908121 ; Serial YYYYmmddI
3600 ; Refresh 01H
600 ; Retry 10M
86400 ; Expire 01D
600 ) ; Negative Cache TTL 10M
; NS Records
@ IN NS ns0.dev.shahed.biz.
@ IN NS dev.shahed.biz.
; PTR Records
1 IN PTR gtw.dev.shahed.biz.
2 IN PTR apn.dev.shahed.biz.
3 IN PTR pi3.dev.shahed.biz.
4 IN PTR pih.dev.shahed.biz.
5 IN PTR dev.shahed.biz.
5 IN PTR dmz.dev.shahed.biz.
5 IN PTR ftp.dev.shahed.biz.
5 IN PTR ns0.dev.shahed.biz.
5 IN PTR piw.dev.shahed.biz.
8 IN PTR one.dev.shahed.biz.
9 IN PTR av5.dev.shahed.biz.
10 IN PTR mac.dev.shahed.biz.
11 IN PTR sha.dev.shahed.biz.
12 IN PTR ras.dev.shahed.biz.
DDNS Forward Zone
cp /etc/bind/db.local /etc/bind/zones/db.ddn.dev.shahed.biz
nano /etc/bind/zones/db.ddn.dev.shahed.biz
;
; BIND forward data file for ddn.dev.shahed.biz
;
$ORIGIN .
$TTL 600 ; 10M
ddn.dev.shahed.biz IN SOA ns0.dev.shahed.biz. root.ddn.dev.shahed.biz. (
201908121 ; serial YYYYmmddI
600 ; refresh 10M
7200 ; retry 02H
604800 ; expire 01W
600 ) ; Negative Cache TTL 10M
NS ns0.dev.shahed.biz.
A 10.19.83.5
Server
named-checkconf -z
named-checkzone ddn.dev.shahed.biz /etc/bind/zones/db.ddn.dev.shahed.biz
named-checkzone dev.shahed.biz /etc/bind/zones/db.dev.shahed.biz
named-checkzone 83.19.10.in-addr.arpa /etc/bind/zones/db.83.19.10
update-rc.d bind9 enable
/etc/init.d/bind9 restart
service bind9 restart
netstat -tulpn
netstat -tap
reboot
rndc dumpdb -cache
rndc flush
rndc reload
Client
sudo nano /etc/dhcpcd.conf
# Chorke Academia, Inc.
#static domain_name_servers=10.19.83.5 10.19.83.1
static domain_search=dev.shahed.biz
#static host_name=pih
sudo systemctl restart dhcpcd
sudo systemctl daemon-reload
sudo apt install resolvconf
sudo apt install openresolv
sudo resolvconf -u
DDNS Client
$HOME/ddnsclient
#!/bin/bash
: '
@author "Chorke Academia, Inc."<[email protected]>
@vendor Chorke Academia, Inc.
@web http://chorke.org
@version 1.0.00.GA
@since 1.0.00.GA
'
# http://zteo.com/posts/your-own-dynamic-dns-in-3-steps
# http://dynupdate.no-ip.com/ip.php
# http://www.antedes.com/getip.php
# http://checkip.dyndns.org
IPS='http://dynupdate.no-ip.com/ip.php'
DNSP='/etc/bind/ddnskeys'
while true; do
# first, retrieve ipaddress
CURIP=`curl -s $IPS | awk '{ print $1 }'`
OLDIP=`cat $DNSP/oldip`
# compare to previously saved ip
[ "$CURIP" == "$OLDIP" ] && continue
echo $CURIP > $DNSP/oldip
# if different, tell dns
echo "server dev.shahed.biz" > $DNSP/zone
echo "zone ddn.dev.shahed.biz" >> $DNSP/zone
echo "update delete ddn.dev.shahed.biz. A" >> $DNSP/zone
echo "update add ddn.dev.shahed.biz. 86400 A $CURIP" >> $DNSP/zone
echo "show" >> $DNSP/zone
echo "send" >> $DNSP/zone
/usr/bin/nsupdate -k $DNSP/Kddn.dev.shahed.biz.+157+55098.private $DNSP/zone
sleep 300 # (5M, 30M) = (300, 1800)
done
chmod 755 "$HOME/ddnsclient"
# nohup "$HOME/ddnsclient" &
nohup "$HOME/ddnsclient" 2>> /dev/null >> /dev/null &
Debug
@rem clear windows dns cache
ipconfig /flushdns
ipconfig /displaydns
scutil --dns
scutil -r hostname
# clear macos dns cache
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
# clear ubuntu dns cache
sudo systemd-resolve --flush-caches
sudo systemd-resolve --statistics
#sudo /etc/init.d/dns-clean start
#from local area network
dig @10.19.83.5 shahed.biz
dig @10.19.83.5 dev.shahed.biz
dig @10.19.83.5 apn.dev.shahed.biz
dig @10.19.83.5 ddn.dev.shahed.biz
dig @10.19.83.5 gtw.dev.shahed.biz
#from horizon/world wide
dig @dev.shahed.biz shahed.biz
dig @dev.shahed.biz -x 10.19.83.1
dig @dev.shahed.biz dev.shahed.biz
dig @dev.shahed.biz apn.dev.shahed.biz
dig @dev.shahed.biz ddn.dev.shahed.biz
dig @dev.shahed.biz gtw.dev.shahed.biz
#from lan only
nslookup shahed.biz
nslookup dev.shahed.biz
nslookup apn.dev.shahed.biz
nslookup ddn.dev.shahed.biz
nslookup gtw.dev.shahed.biz
References
- How To Configure Bind as an Authoritative-Only DNS Server on Ubuntu 14.04
- How To Configure BIND as a Private Network DNS Server on Ubuntu 16.04
- How To Configure BIND as a Private Network DNS Server on Ubuntu 18.04
- Set Up Authoritative DNS Server on Ubuntu 18.04, 16.04 with BIND9
- Raspberry Pi Bind9 DNS/DDNS (Dynamic DNS) Server
- Stealth (DMZ/Hidden Master) Name Server
- Configuring a DNS Server in Raspberry Pi
- Setting up Private DNS Server with BIND9
- DNS Sample External Domain Zone file
- BIND Definition of Address List Match
- Stealth (Split/DMZ) DNS Server
- List of Statements