Distro: CentOS 5.5 64bit
Domain: systeminteg.com
Hostname: pdc-srv.systeminteg.com
IP Address: 192.168.1.1/24
Installation packages:
yum install bind bind-chroot bind-libs bind-utils caching-nameserver dhcpd ntp –y
Generate a key for rndc.key
cd /var/named/chroot/etc
rndc-confgen > rndc.key
chown root:named rndc.key
Configuration:
- DHCP:
First backup the curent config file
cp /etc/dhcpd.conf /etc/dhcpd.conf.ori
Edit /etc/dhcpd.conf as:
authoritative;
option domain-name "systeminteg.com";
option domain-name-servers 192.168.1.1;
option netbios-name-servers 192.168.1.1;
# Allow booting and booting from network
allow booting;
allow bootp;
#Below is TFTP server and kernel for network booting Ex: File server etc…
next-server 192.168.1.5;
filename "pxelinux.0";
ddns-update-style interim;
ddns-updates on;
ddns-domainname "systeminteg.com";
include "/etc/dhcpd.global";
Edit /etc/dhcpd.global as:include "/etc/rndc.key";
zone systeminteg.com {
primary 127.0.0.1;
key rndckey;
}
zone 1.168.192.in-addr.arpa {
primary 127.0.0.1;
key rndckey;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
pool {
deny dynamic bootp clients;
option routers 192.168.1.254;
range 192.168.1.25 192.168.1.50;
}
pool {
option routers 192.168.1.254;
range 192.168.1.51 192.168.1.55;
}
allow unknown-clients;
ignore client-updates;
}Example /etc/rndc.key file
# Start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "v03a9FPqIihkB/Hdg5ke1Q==";
};
#options {
# default-key "rndckey";
# default-server 127.0.0.1;
# default-port 953;
#};
# End of rndc.conf - DNS:
Edit /var/named/chroot/etc/named.conf - NTP:
Create /etc/cron.hourly/timesync.sh#!/bin/bash
ntpdate –s 0.rhel.pool.ntp.orgchmod +x /etc/cron.houtly/timesync.sh
/etc/cron.hourly/timesync.sh
include "/etc/rndc.key";
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndckey"; };
inet 192.168.100.1 allow { 192.168.1.0/24; } keys { "rndckey"; };
};
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
recursion yes;
allow-recursion {
127.0.0.1;
192.168.1.0/24;
};
forwarders {
208.67.222.222;
208.67.220.220;
};
listen-on {
127.0.0.1;
192.168.1.1;
};
query-source address * port 53;
version "REFUSED";
allow-query {
127.0.0.1;
192.168.1.0/24;
};
};
server 192.168.1.1 {
keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "systeminteg.com" IN {
type master;
file "data/systeminteg.com.zone";
allow-update { key "rndckey"; };
allow-query { any; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "data/1.168.192.zone";
allow-update { key "rndckey"; };
allow-query { any;} ;
};
chown root:named /var/named/chroot/etc/named.conf
Create zone files
Create /var/named/chroot/var/named/data/systeminteg.com.zone
$TTL 38400
@ IN SOA pdc-srv.systeminteg.com. admin.systeminteg.com. (
20110201 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS pdc-srv.systeminteg.com.
pdc-srv A 192.168.1.1
dns A 192.168.1.1
ns A 192.168.1.1
Create /var/named/chroot/var/named/data/1.168.192.zone
$TTL 38400
@ IN SOA pdc-srv.systeminteg.com. admin.systeminteg.com. (
20110201 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS pdc-srv.systeminteg.com.
1 PTR pdc-srv.systeminteg.com.
chown named:named /var/named/chroot/var/named/data/*