Mailinglist Archive: opensuse (5100 mails)
| < Previous | Next > |
RE: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not quite - DDNS
- From: "Richard Mixon (qwest)" <rnmixon@xxxxxxxxx>
- Date: Fri, 18 Jun 2004 21:38:03 -0700
- Message-id: <DKELJBPNDHJEECCAEPGOMEJPGFAA.rnmixon@xxxxxxxxx>
Joaquin,
Thanks - the permissions ended up fixing much of my problems. Now, finally, with your help, Peters and Davids I have DHCP, DNS and
DDNS working.
I will try and post the complete configuration, with permissions and instructions when I am sure it all works.
Thanks again - Richard
> -----Original Message-----
> From: Joaquin Villanueva [mailto:joaquin@xxxxxxxxxxx]
> Sent: Friday, June 18, 2004 1:30 AM
> To: suse-linux-e@xxxxxxxx
> Subject: Re: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not quite -
> DDNS
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> El Jueves, 17 de Junio de 2004 10:03, Richard Mixon (qwest) escribió:
> > I am very close, but still need a little help :)
> >
> > DNS is working and DHCP is working, named does not seem to be able to find
> > my zone files. I have them pretty much as the DHCP README.SuSE other bind9
> > documents indicate. I have the following errors in /var/log/messages:
> >
> > Jun 17 00:41:46 packrat named[22835]: starting BIND 9.2.3 -t /var/lib/named
> > -u named Jun 17 00:41:46 packrat named[22835]: using 1 CPU
> > Jun 17 00:41:46 packrat named[22835]: loading configuration from
> > '/etc/named.conf' Jun 17 00:41:46 packrat named[22835]: listening on IPv6
> > interfaces, port 53 Jun 17 00:41:46 packrat named[22835]: listening on IPv4
> > interface lo, 127.0.0.1#53 Jun 17 00:41:46 packrat named[22835]: binding
> > TCP socket: address in use Jun 17 00:41:46 packrat named[22835]: listening
> > on IPv4 interface eth0, 192.168.1.253#53 Jun 17 00:41:46 packrat
> > named[22835]: binding TCP socket: address in use Jun 17 00:41:46 packrat
> > named[22835]: command channel listening on 127.0.0.1#953 Jun 17 00:41:46
> > packrat named[22835]: command channel listening on ::1#953 Jun 17 00:41:46
> > packrat named[22835]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42 Jun 17
> > 00:41:46 packrat named[22835]: zone 1.168.192.in-addr.arpa/IN: loading
> > master file dyn/1.168.192.zone: file not found Jun 17 00:41:46 packrat
> > named[22835]: zone localhost/IN: loaded serial 42 Jun 17 00:41:46 packrat
> > named[22835]: zone mixonhome/IN: loading master file dyn/mixonhome.zone:
> > file not found Jun 17 00:41:46 packrat named[22835]: running
> >
> > My /etc/named.conf.local file contents are:
> > ----------------------------
> > zone "mixonhome" in {
> > type master;
> > file "dyn/mixonhome.zone";
> > allow-update { key DHCP_UPDATER; };
> > };
> > zone "1.168.192.in-addr.arpa" in {
> > type master;
> > file "dyn/1.168.192.zone";
> > allow-update { key DHCP_UPDATER; };
> > };
> > -----------------------------
> >
> > Here is "ls-lR" listing of the named related files under /etc:
> > -----------------------------
> > packrat:/etc # ls -lR name*
> > -rw-r----- 1 root named 3881 Jun 16 16:27 named.conf
> > -rw-r----- 1 root named 501 Jun 10 23:21 named.conf.include
> > -rw-r----- 1 root named 221 Jun 13 19:59 named.conf.local
> > -rw-r----- 1 root named 3848 Jun 10 16:17 named.conf.original
> > -rw-r----- 1 root named 211 Jun 10 16:26 named.keys
> >
> > named.d:
> > total 10
> > drw-r----- 3 root named 104 Jun 16 20:13 .
> > drwxr-xr-x 62 root root 6456 Jun 16 20:33 ..
> > drw-rw---- 2 named root 112 Jun 16 20:35 dyn
> > -rw-r----- 1 root named 626 Apr 5 19:06 rndc-access.conf
> >
> > named.d/dyn:
> > total 8
> > drw-rw---- 2 named root 112 Jun 16 20:35 .
> > drw-r----- 3 root named 104 Jun 16 20:13 ..
> > -rw-rw---- 1 named root 272 Jun 16 20:19 1.168.192.zone
> > -rw-rw---- 1 named root 284 Jun 16 20:21 mixonhome.zone
>
> Here is the problem. Bind runs in chroot as named:named so you need access
> rights to at least named group or user. Look at the access rights of the dyn
> dir: it needs +x to the named user.
>
>
> > packrat:/etc #
> > -----------------------------
> >
> > And, here is a similar listing under /var/lib/named/etc.
> > -----------------------------
> > packrat:/var/lib/named/etc # ls -lR
> > .:
> > total 24
> > drwxr-xr-x 3 root root 264 Jun 16 20:39 .
> > drwxr-xr-x 8 root root 288 Jun 17 00:39 ..
> > -rw-r--r-- 1 root root 130 Apr 5 17:09 localtime
> > -rw-r----- 1 root named 3881 Jun 16 16:27 named.conf
> > -rw-r----- 1 root named 501 Jun 10 23:21 named.conf.include
> > -rw-r----- 1 root named 221 Jun 13 19:59 named.conf.local
> > drwxr-xr-x 3 root root 72 Jun 16 16:23 named.d
> > -rw-r----- 1 root named 211 Jun 10 16:26 named.keys
> > -rw-r----- 1 root named 141 May 22 22:55 rndc.key
> >
> > ./named.d:
> > total 0
> > drwxr-xr-x 3 root root 72 Jun 16 16:23 .
> > drwxr-xr-x 3 root root 264 Jun 16 20:39 ..
> > drw-rw---- 2 660 root 112 Jun 17 00:41 dyn
> >
> > ./named.d/dyn:
> > total 8
> > drw-rw---- 2 660 root 112 Jun 17 00:41 .
> > drwxr-xr-x 3 root root 72 Jun 16 16:23 ..
> > -rw-rw---- 1 named root 272 Jun 16 20:19 1.168.192.zone
> > -rw-rw---- 1 named root 284 Jun 16 20:21 mixonhome.zone
> > packrat:/var/lib/named/etc #
> > -----------------------------
> >
> > What else could be wrong? Thank you all.
> >
> > - Richard
> >
> > > -----Original Message-----
> > > From: Richard Mixon (qwest) [mailto:rnmixon@xxxxxxxxx]
> > > Sent: Friday, June 11, 2004 8:54 PM
> > > To: poeml@xxxxxxxxxxx
> > > Subject: RE: RE: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not
> > > quite - DDNS
> > >
> > >
> > > Peter,
> > >
> > > Thanks for the additional explanation (and also to David Rankin for more
> > > explanation). After doing a litter further reading, it is becoming clear.
> > > The SuSE YAST interface for both DHCP server and DNS server has
> > > provisions for enabling DDNS between the two, whereas DHCP will pass
> > > updates to DNS appropriately. There is a wizard to generate the required
> > > key .
> > >
> > > I have it partially working now. Hopefully a little more tweaking and it
> > > is done. Really a very nice, low maintenance solution - even for a small
> > > home LAN.
> > >
> > > Thanks - Richard
> > >
> > > > -----Original Message-----
> > > > From: poeml@xxxxxxxx [mailto:poeml@xxxxxxxx]On Behalf Of
> > > > poeml@xxxxxxxxxxx
> > > > Sent: Friday, June 11, 2004 1:30 PM
> > > > To: suse-linux-e@xxxxxxxx
> > > > Subject: Re: RE: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not
> > > > quite
> > > >
> > > > On Wed, Jun 09, 2004 at 06:55:45PM -0700, Richard Mixon (qwest) wrote:
> > > > > OK, I've done my research on DDSN. But everything I read about DDNS
> > > > > indicates its only purpose it to let folks on the
> > > >
> > > > internet get
> > > >
> > > > > to your home website (or other IP server) using a hostname, even if
> > > > > your IP address is assigned and renewed using DHCP
> > > >
> > > > (i.e. you do
> > > >
> > > > > not have a static IP address).
> > > >
> > > > You are referring to what is well-known as DynDNS. It is a publicly
> > > > available DDNS server for your home machine, and the update is
> > > > initiated with a custom application using a custom protocol (not TSIG
> > > > based to my knowledge).
> > > >
> > > > > I thought maybe DDNS is also a more generic feature of DNS servers. I
> > > > > looked through the BIND9 README and FAQ. I do see
> > > >
> > > > the mention
> > > >
> > > > > of dynamic updates, an "allow-updates" parm and something called
> > > > > TSIG. Is that the feature I want?
> > > >
> > > > Exactly. Unfortunately I cannot point to much more information either.
> > > > But it's not so complicated. The needed information to set up the TSIG
> > > > key and server configuration is in the man pages, and it should be easy
> > > > going with the HOWTO I mentioned before.
> > > >
> > > > The best resource about DHCP in general (and probably also about
> > > > dynamical DNS) is the DHCP book from Ted Lemon and Ralph Droms.
> > > >
> > > > Peter
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFA0qgFSpJ/cZmKQqcRAtx9AJ9On47LJrOYYW/rwETtO2NtEjZ/lACgsLo2
> V6DeohLd5j4GbWN4hxWrm20=
> =jR6O
> -----END PGP SIGNATURE-----
>
> --
> Check the headers for your unsubscription address
> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> Also check the archives at http://lists.suse.com
> Please read the FAQs: suse-linux-e-faq@xxxxxxxx
>
>
>
>
Thanks - the permissions ended up fixing much of my problems. Now, finally, with your help, Peters and Davids I have DHCP, DNS and
DDNS working.
I will try and post the complete configuration, with permissions and instructions when I am sure it all works.
Thanks again - Richard
> -----Original Message-----
> From: Joaquin Villanueva [mailto:joaquin@xxxxxxxxxxx]
> Sent: Friday, June 18, 2004 1:30 AM
> To: suse-linux-e@xxxxxxxx
> Subject: Re: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not quite -
> DDNS
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> El Jueves, 17 de Junio de 2004 10:03, Richard Mixon (qwest) escribió:
> > I am very close, but still need a little help :)
> >
> > DNS is working and DHCP is working, named does not seem to be able to find
> > my zone files. I have them pretty much as the DHCP README.SuSE other bind9
> > documents indicate. I have the following errors in /var/log/messages:
> >
> > Jun 17 00:41:46 packrat named[22835]: starting BIND 9.2.3 -t /var/lib/named
> > -u named Jun 17 00:41:46 packrat named[22835]: using 1 CPU
> > Jun 17 00:41:46 packrat named[22835]: loading configuration from
> > '/etc/named.conf' Jun 17 00:41:46 packrat named[22835]: listening on IPv6
> > interfaces, port 53 Jun 17 00:41:46 packrat named[22835]: listening on IPv4
> > interface lo, 127.0.0.1#53 Jun 17 00:41:46 packrat named[22835]: binding
> > TCP socket: address in use Jun 17 00:41:46 packrat named[22835]: listening
> > on IPv4 interface eth0, 192.168.1.253#53 Jun 17 00:41:46 packrat
> > named[22835]: binding TCP socket: address in use Jun 17 00:41:46 packrat
> > named[22835]: command channel listening on 127.0.0.1#953 Jun 17 00:41:46
> > packrat named[22835]: command channel listening on ::1#953 Jun 17 00:41:46
> > packrat named[22835]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42 Jun 17
> > 00:41:46 packrat named[22835]: zone 1.168.192.in-addr.arpa/IN: loading
> > master file dyn/1.168.192.zone: file not found Jun 17 00:41:46 packrat
> > named[22835]: zone localhost/IN: loaded serial 42 Jun 17 00:41:46 packrat
> > named[22835]: zone mixonhome/IN: loading master file dyn/mixonhome.zone:
> > file not found Jun 17 00:41:46 packrat named[22835]: running
> >
> > My /etc/named.conf.local file contents are:
> > ----------------------------
> > zone "mixonhome" in {
> > type master;
> > file "dyn/mixonhome.zone";
> > allow-update { key DHCP_UPDATER; };
> > };
> > zone "1.168.192.in-addr.arpa" in {
> > type master;
> > file "dyn/1.168.192.zone";
> > allow-update { key DHCP_UPDATER; };
> > };
> > -----------------------------
> >
> > Here is "ls-lR" listing of the named related files under /etc:
> > -----------------------------
> > packrat:/etc # ls -lR name*
> > -rw-r----- 1 root named 3881 Jun 16 16:27 named.conf
> > -rw-r----- 1 root named 501 Jun 10 23:21 named.conf.include
> > -rw-r----- 1 root named 221 Jun 13 19:59 named.conf.local
> > -rw-r----- 1 root named 3848 Jun 10 16:17 named.conf.original
> > -rw-r----- 1 root named 211 Jun 10 16:26 named.keys
> >
> > named.d:
> > total 10
> > drw-r----- 3 root named 104 Jun 16 20:13 .
> > drwxr-xr-x 62 root root 6456 Jun 16 20:33 ..
> > drw-rw---- 2 named root 112 Jun 16 20:35 dyn
> > -rw-r----- 1 root named 626 Apr 5 19:06 rndc-access.conf
> >
> > named.d/dyn:
> > total 8
> > drw-rw---- 2 named root 112 Jun 16 20:35 .
> > drw-r----- 3 root named 104 Jun 16 20:13 ..
> > -rw-rw---- 1 named root 272 Jun 16 20:19 1.168.192.zone
> > -rw-rw---- 1 named root 284 Jun 16 20:21 mixonhome.zone
>
> Here is the problem. Bind runs in chroot as named:named so you need access
> rights to at least named group or user. Look at the access rights of the dyn
> dir: it needs +x to the named user.
>
>
> > packrat:/etc #
> > -----------------------------
> >
> > And, here is a similar listing under /var/lib/named/etc.
> > -----------------------------
> > packrat:/var/lib/named/etc # ls -lR
> > .:
> > total 24
> > drwxr-xr-x 3 root root 264 Jun 16 20:39 .
> > drwxr-xr-x 8 root root 288 Jun 17 00:39 ..
> > -rw-r--r-- 1 root root 130 Apr 5 17:09 localtime
> > -rw-r----- 1 root named 3881 Jun 16 16:27 named.conf
> > -rw-r----- 1 root named 501 Jun 10 23:21 named.conf.include
> > -rw-r----- 1 root named 221 Jun 13 19:59 named.conf.local
> > drwxr-xr-x 3 root root 72 Jun 16 16:23 named.d
> > -rw-r----- 1 root named 211 Jun 10 16:26 named.keys
> > -rw-r----- 1 root named 141 May 22 22:55 rndc.key
> >
> > ./named.d:
> > total 0
> > drwxr-xr-x 3 root root 72 Jun 16 16:23 .
> > drwxr-xr-x 3 root root 264 Jun 16 20:39 ..
> > drw-rw---- 2 660 root 112 Jun 17 00:41 dyn
> >
> > ./named.d/dyn:
> > total 8
> > drw-rw---- 2 660 root 112 Jun 17 00:41 .
> > drwxr-xr-x 3 root root 72 Jun 16 16:23 ..
> > -rw-rw---- 1 named root 272 Jun 16 20:19 1.168.192.zone
> > -rw-rw---- 1 named root 284 Jun 16 20:21 mixonhome.zone
> > packrat:/var/lib/named/etc #
> > -----------------------------
> >
> > What else could be wrong? Thank you all.
> >
> > - Richard
> >
> > > -----Original Message-----
> > > From: Richard Mixon (qwest) [mailto:rnmixon@xxxxxxxxx]
> > > Sent: Friday, June 11, 2004 8:54 PM
> > > To: poeml@xxxxxxxxxxx
> > > Subject: RE: RE: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not
> > > quite - DDNS
> > >
> > >
> > > Peter,
> > >
> > > Thanks for the additional explanation (and also to David Rankin for more
> > > explanation). After doing a litter further reading, it is becoming clear.
> > > The SuSE YAST interface for both DHCP server and DNS server has
> > > provisions for enabling DDNS between the two, whereas DHCP will pass
> > > updates to DNS appropriately. There is a wizard to generate the required
> > > key .
> > >
> > > I have it partially working now. Hopefully a little more tweaking and it
> > > is done. Really a very nice, low maintenance solution - even for a small
> > > home LAN.
> > >
> > > Thanks - Richard
> > >
> > > > -----Original Message-----
> > > > From: poeml@xxxxxxxx [mailto:poeml@xxxxxxxx]On Behalf Of
> > > > poeml@xxxxxxxxxxx
> > > > Sent: Friday, June 11, 2004 1:30 PM
> > > > To: suse-linux-e@xxxxxxxx
> > > > Subject: Re: RE: [SLE] SuSE Pro 9.1 - DNS and DHCP interaction - not
> > > > quite
> > > >
> > > > On Wed, Jun 09, 2004 at 06:55:45PM -0700, Richard Mixon (qwest) wrote:
> > > > > OK, I've done my research on DDSN. But everything I read about DDNS
> > > > > indicates its only purpose it to let folks on the
> > > >
> > > > internet get
> > > >
> > > > > to your home website (or other IP server) using a hostname, even if
> > > > > your IP address is assigned and renewed using DHCP
> > > >
> > > > (i.e. you do
> > > >
> > > > > not have a static IP address).
> > > >
> > > > You are referring to what is well-known as DynDNS. It is a publicly
> > > > available DDNS server for your home machine, and the update is
> > > > initiated with a custom application using a custom protocol (not TSIG
> > > > based to my knowledge).
> > > >
> > > > > I thought maybe DDNS is also a more generic feature of DNS servers. I
> > > > > looked through the BIND9 README and FAQ. I do see
> > > >
> > > > the mention
> > > >
> > > > > of dynamic updates, an "allow-updates" parm and something called
> > > > > TSIG. Is that the feature I want?
> > > >
> > > > Exactly. Unfortunately I cannot point to much more information either.
> > > > But it's not so complicated. The needed information to set up the TSIG
> > > > key and server configuration is in the man pages, and it should be easy
> > > > going with the HOWTO I mentioned before.
> > > >
> > > > The best resource about DHCP in general (and probably also about
> > > > dynamical DNS) is the DHCP book from Ted Lemon and Ralph Droms.
> > > >
> > > > Peter
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFA0qgFSpJ/cZmKQqcRAtx9AJ9On47LJrOYYW/rwETtO2NtEjZ/lACgsLo2
> V6DeohLd5j4GbWN4hxWrm20=
> =jR6O
> -----END PGP SIGNATURE-----
>
> --
> Check the headers for your unsubscription address
> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> Also check the archives at http://lists.suse.com
> Please read the FAQs: suse-linux-e-faq@xxxxxxxx
>
>
>
>
| < Previous | Next > |