Enabling DNS Server on Opmantek NMIS8 VM
- ROBIN TWIGGS (Unlicensed)
- Jonathan O'Brien (Unlicensed)
Purpose
Opmantek software works much better if hostnames can be resolved; however some customer environments do not have DNS servers. Opmantek software can function without DNS, but it functions much better with it. With this in mind we'd like to suggest running BIND (Berkly Internet Name Domain) on the NMIS Primary server if local DNS servers are not available. This Primary server can then be the DNS server for all other NMIS servers in the customer environment.
Assumptions
This article will assume the NMIS server OS is CentOS 6 as this is the most widely deployed OS for our customer base.
Decisions & Actions Prior to Installation
- Static IP address on the server
- This example: 192.168.10.68
- Choose and configure the server hostname
- This example: opmantek
- Choose domain name
- This example: nmis.local
Installation & Configuration
Update /etc/hosts
/etc/hosts should reflect the proper IP address and hostname of the server. For example:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 127.0.1.1 opmantek 192.168.10.68 opmantek.nmis.local
Install Bind
Using YUM install bind.
[root@opmantek ~]# yum install bind
Configure /etc/named.conf
There are three things we should evaluate in /etc/named.conf
- Listen on the static IP address
- If IPv6 is not used, disable it.
- Define 'allow-query' subnets, or disable. These are addresses that are allowed to query this server for name resolution.
The syntax is very critical here.
options {
// Add the static IP address below.
listen-on port 53 { 127.0.0.1; 192.168.10.68; };
//If IPv6 is not used comment out below.
//listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
//You may define authorized subnets below; or allow all by commenting it out.
//allow-query { localhost; 192.168.10.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
Create Zonefile
The script below will automatically create the zone file based on input from the operator (IP address, hostname & domain name). It will create a DNS entry for every node provisioned in NMIS. If a node is added to NMIS simply re-run the script and restart the named service.
Example:
[root@opmantek ~]# bash createZoneFile.sh Please enter the IP address of this server: 192.168.10.68 Please enter the hostname of this server: opmantek Plase enter the domain name for this environment: nmis.local Zone file created. Please review /var/named/nmis.local.zone [root@opmantek ~]#
Update /etc/named.conf To Use New Zone File
We need to update /etc/named.conf to use the newly created zone file. Add an entry referencing it such as this:
zone "nmis.local" IN {
type Primary;
file "nmis.local.zone";
};
Enable and Start named
[root@opmantek ~]# chkconfig --add named [root@opmantek ~]# service named start
Update /etc/resolv.conf
/etc/reslov.conf should only contain the following.
- search <domain name>
- nameserver <IP Address>
example:
search nmis.local nameserver 192.168.10.68
Verification
Now we should be able to ping any NMIS node like so:
[root@opmantek ~]# ping -c 3 r1 PING r1.nmis.local (10.10.1.1) 56(84) bytes of data. 64 bytes from 10.10.1.1: icmp_seq=1 ttl=255 time=10.1 ms 64 bytes from 10.10.1.1: icmp_seq=2 ttl=255 time=9.83 ms 64 bytes from 10.10.1.1: icmp_seq=3 ttl=255 time=8.61 ms --- r1.nmis.local ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2012ms rtt min/avg/max/mdev = 8.614/9.526/10.127/0.665 ms [root@opmantek ~]#