Raspberry Pi DNS Server

I’ve recently bought a Raspberry Pi to run a few small services I wanted to keep running on my home network.

One of those services I wanted was a very lightweight DNS server. I run a number of virtual machines for testing and development and it was becoming a bit of a pain to constantly maintain the /etc/hosts files across all these machines. So I decided to set up a simple DNS server on my 512MB Raspberry Pi.

This blog also mentions the entries I need for Oracle Grid Infrastructure and RAC development environments.

For those that don’t know, the Raspberry Pi is a credit card sized computer made in the UK and available for about £30. The current version has 512MB of RAM and is perfect for what I want – it doesn’t use much power and I can just leave it running and connected to the internet.

The OS I’m running on it is Raspbian – a lightweight version of Debian designed for the device. It usually comes pre-installed if you buy a package that includes a memory card.

Now I don’t know the first thing about running a DNS server, so I got to the final solution by reading a couple of guides elsewhere –

http://www.ducky-pond.com/posts/2013/Oct/how-to-setup-a-dns-server-with-powerdns-on-raspberry-pi/
http://www.philchen.com/2007/04/04/configuring-reverse-dns

Here are the steps I compiled from those guides.

1. Install required software

The device is connected to the internet so I’m going to use the default package repository to install a couple of packages.

sudo apt-get install pdns-server
sudo apt-get install dnsutils

We’re installing Power DNS as our DNS server, and then we’re installing the utilities so that we can do some testing on the server itself.

2. DNS Server configuration

There are a couple of server settings that we need to change in /etc/pdns/pdns.conf. Search for these entries with your editor of choice (I used vi) and set them accordingly.

allow-recursion=127.0.0.1,192.168.0.0/24
recursor=194.168.4.100

The first setting adds my local LAN IP range to the list of clients allowed access to the server. My LAN IP addresses are of the range 192.168.0.XXX – you may need to change this setting if your LAN configuration differs.

The second setting contains the IP address of my ISP DNS server, so that names out on the internet which can’t be resolved by my DNS server get forwarded up the chain.

3. Zone configuration (1)

Now in /etc/powerdns/bindbackend.conf we create the following lines –

zone "local" {
  type master;
  file "/etc/powerdns/bind/local.zone";
  allow-update { none; };
};

I’ve chosen to use the “local” domain name. I think there is question about whether or not this is good practice or not, I’m not sure. But from what I gather, this is a reserved domain name and never routeable on the internet which seems perfect for my LAN environment. If you want, you can replace “local” with “home.lan” or whatever you want.

You’ll see that this entry makes reference to another file. We’ll create that next.

4. Zone configuration (2)

Now we create our local.zone file in /etc/powerdns/bind. If you used another domain name, you can change some of these file names if you wish to reflect your chosen configuration.

$ORIGIN local
$TTL 1h
@             IN    SOA ns.local hostmaster.local (
                    1; serial
                    1d; refresh
                    2h; retry
                    4w; expire
                    1h; minimum time-to-live
              )
              IN    NS     ns
              IN    A      192.168.0.115
raspberrypi   IN    CNAME  ns
oel59         IN    A      192.168.0.101
oem12c        IN    A      192.168.0.103
rac1          IN    A      192.168.0.104
rac2          IN    A      192.168.0.105
rac-scan      IN    A      192.168.0.106
              IN    A      192.168.0.107
              IN    A      192.168.0.108
matthew-pc    IN    A      192.168.0.110
rac1-vip      IN    A      192.168.0.111
rac2-vip      IN    A      192.168.0.112
pc            IN    CNAME  matthew-pc
ns            IN    A      192.168.0.115

My Raspberry Pi is set up with a static IP address of 192.168.0.115 so you’ll probably change that based on your environment. I’ve set it to have the names of ns and raspberrypi on the LAN.

You can also see some of the other VM servers I’ve set up. An A record is the normal name>IP record, and a CNAME record allows me to create an alias which points at another name. This is apparently better practice than using multiple A records for the same IP address.

You’ll also notice that I have a RAC scan address configured in my case with three IP addresses. They should resolve in a round robin fashion. The VIP’s are also there.

5. Setup /etc/resolve.conf

Now we can change the DNS client settings on our Linux virtual machines. It should look like this –

search local
nameserver 192.168.0.115

This configuration allows me to avoid using a FQDN which is how I like my LAN and test environment but generally considered bad practice in a production environment.

You can also make this change on the Raspberry Pi to make testing easier.

6. Setup Windows DNS settings

I also want to change my Windows PC so that it uses my DNS server too. This is great, because now when I fire up new virtual machines I can connect to them via the name rather than IP address.

Open the network settings (control panel > network and internet > network and sharing centre > change adapter settings > local area connection) and edit the properties for the IPv4 item. If you do it via the “advanced” button then you can set the default domain to local again to save using FQDN.

7. Setup reverse lookup

The basics are done. Setting up reverse lookup is optional, but I wanted to do it so that everything is configured correctly for my Grid Infrastructure and RAC virtual environments. In order to do this, we add another entry to our bindbackend.conf file. The full file contents now look like this –

zone "local" {
  type master;
  file "/etc/powerdns/bind/local.zone";
  allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
  type master;
  file "/etc/powerdns/bind/0.168.192.in-addr.arpa";
  allow-update { none; };
};

As you can see, there is another zone which is in the format of my LAN IP range backwards. Its using another file so lets create that.

$TTL 1h
@             IN    SOA ns.local hostmaster.local (
                    1; serial
                    1d; refresh
                    2h; retry
                    4w; expire
                    1h; minimum time-to-live
              )
              IN    NS     ns
              IN    A      192.168.0.115
104           IN    PTR    rac1.
105           IN    PTR    rac2.
106           IN    PTR    rac-scan.
107           IN    PTR    rac-scan.
108           IN    PTR    rac-scan.
111           IN    PTR    rac1-vip.
112           IN    PTR    rac2-vip.

It is important to note that the host name ends with a “.”. Also I’ve chosen to not include the FQDN, but again I believe this is considered bad practice in a production environment.

You’ll also see that we have a new record type for the reverse lookup – PTR.

8. Restart DNS Server

Whenever we make a change to the configuration we have to start the DNS server –

service pdns restart

9. Testing

That’s it. We can test it by just pinging any of our servers by name, or on Linux we can use dig.

dig rac1 +search
dig rac1.local
dig -x 192.168.0.104

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: