User Tools
Writing /app/www/public/data/meta/toolsandtechnologies/raspberrypidnsslave.meta failed
toolsandtechnologies:raspberrypidnsslave
Setup Raspberry Pi (Raspbian) as DNS Slave
— Colm Carew 2017/08/11 08:30 Ensure the pi has a scotty user who has sudoer access This tutorial assumes you 10.91.100.71 is the master DNS and that 10.5.5.15 is the IP of the slave
SSH to the pi as scotty
- sudo apt-get update
- sudo apt-get install bind9 bind9utils
- sudo mv /etc/bind/named.conf /etc/bind/named.conf.bk
- sudo nano /etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; include "/etc/bind/named.conf.errigal-zones";
- sudo nano /etc/bind/named.conf.options
options { listen-on port 53 { 127.0.0.1; 10.5.5.15; }; listen-on-v6 port 53 { ::1; }; directory "/var/cache/bind"; allow-query { localhost; 10.5.5.0/24; 192.168.123.0/24; }; recursion yes; dnssec-enable yes; dnssec-validation no; dnssec-lookaside auto; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 8.8.8.8; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== auth-nxdomain no; # conform to RFC1035 }; - # Note please replace 10.5.5.15 in the above file with whatever IP you want as the DNS Slave
- sudo nano /etc/bind/named.conf.errigal-zones
// be authoritative slave for the Errigal forward and reverse zones zone "err" IN { type slave; file "/var/cache/bind/forward.errigal"; masters { 10.91.100.71; }; }; zone "100.91.10.in-addr.arpa" IN { type slave; file "/var/cache/bind/reverse.errigal"; masters { 10.91.100.71; }; }; zone "crc" IN { type slave; file "/var/cache/bind/forward.crown"; masters { 10.91.100.71; }; }; zone"30.10.in-addr.arpa" IN { type slave; file "/var/cache/bind/reverse.crown"; masters { 10.91.100.71; }; }; zone "ext" IN { type slave; file "/var/cache/bind/forward.extenet"; masters { 10.91.100.71; }; }; zone"104.214.10.in-addr.arpa" IN { type slave; file "/var/cache/bind/reverse.extenet"; masters { 10.91.100.71; }; }; zone "atc" IN { type slave; file "/var/cache/bind/forward.atc"; masters { 10.91.100.71; }; }; zone "atc-rev" IN { type slave; file "/var/cache/bind/reverse.atc"; masters { 10.91.100.71; }; }; - ssh to the master dns (qadb2) and
- sudo nano /var/named/chroot/etc/named.conf
- # Ensure that
allow-transfer { localhost; 10.5.5.50; 10.5.5.15; 192.168.123.211; }; # Slave DNS Servers IPhas your slave ip
- # If not add it and save and
- sudo service named restart
- # ssh back to the pi
- sudo reboot
- ls -l /var/cache/bind/
- # Ensure froward and reverse for crown, errigal and extenet are present
- # if encountering any issues please run
- sudo tail -f /var/log/syslog
- # On the pi to see if there are any issues transferring down the files
- # If no issues then thats it you should now be able to set this pi as a DNS
toolsandtechnologies/raspberrypidnsslave.txt · Last modified: 2021/06/25 10:09 by 127.0.0.1
