39.2 Example Configuration | The Official Samba-3 HOWTO and Reference Guide, 2nd Edition

The domain name system is to the Internet what water is to life. By it nearly all information resources (host names ) are resolved to their Internet protocol (IP) address. Windows networking tried hard to avoid the complexities of DNS, but alas, DNS won. The alternative to DNS, the Windows Internet Name Service (WINS) an artifact of NetBIOS networking over the TCP/IP protocols, has demonstrated scalability problems as well as a flat non-hierachical name space that became unmanagable as the size and complexity of information technology networks grew.

WINS is a Microsoft implementation of the RFC1001/1002 NetBIOS Name Service (NBNS). It allows NetBIOS clients (like Microsoft Windows Machines) to register an arbitrary machine name that the administrator or user has chosen together with the IP address that the machine has been given. Through the use of WINS, network client machines could resolve machine names to their IP address.

The demand for an alternative to the limitations of NetBIOS networking finally drove Microsoft to use DNS and Active Directory. Microsoft's new implementation attempts to use DNS in a manner similar to the way that WINS is used for NetBIOS networking. Both WINS and Microsoft DNS rely on dynamic name registration.

Microsoft Windows clients can perform dynamic name registration to the DNS server on start-up. Alternately, where DHCP is used to assign workstation IP addresses, it is possible to register host names and their IP address by the DHCP server as soon as a client acknowledges an IP address lease. Lastly, Microsoft DNS can resolve hostnames via Microsoft WINS.

The following configurations demonstrate a simple insecure Dynamic DNS server and a simple DHCP server that matches the DNS configuration.

39.2.1 Dynamic DNS

The example DNS configuration is for a private network in the IP address space for network 192.168.1.0/24. The private class network address space is set forth in RFC1918.

It is assumed that this network will be situated behind a secure firewall. The files that follow work with ISC BIND version 9. BIND is the Berkely Internet Name Daemon. The following configuration files are offered :

The master configuration file for /etc/named.conf determines the location of all further configuration files used. The location and name of this file is specified in the start-up script that is part of the operating system.

 # Quenya.Org configuration file acl mynet { 192.168.1.0/24; 127.0.0.1; }; options { directory "/var/named"; listen-on-v6 { any; }; notify no; forward first; forwarders { 192.168.1.1; }; auth-nxdomain yes; multiple-cnames yes; listen-on { mynet; }; }; # The following three zone definitions do not need any modification. # The first one defines localhost while the second defines the # reverse lookup for localhost. The last zone "." is the # definition of the root name servers. zone "localhost" in { type master; file "localhost.zone"; }; zone "0.0.127.in-addr.arpa" in { type master; file "127.0.0.zone"; }; zone "." in { type hint; file "root.hint"; }; # You can insert further zone records for your own domains below. zone "quenya.org" { type master; file "/var/named/quenya.org. hosts "; allow-query { mynet; }; allow-transfer { mynet; }; allow-update { mynet; }; }; zone "1.168.192.in-addr.arpa" { type master; file "/var/named/192.168.1.0.rev"; allow-query { mynet; }; allow-transfer { mynet; }; allow-update { mynet; }; };

The following files are all located in the directory /var/named . This is the /var/named/localhost.zone file:

 $TTL 1W @ IN SOA @ root ( 42 ; serial (d. adams) 2D ; refresh 4H ; retry 6W ; expiry 1W ) ; minimum IN NS @ IN A 127.0.0.1

The /var/named/127.0.0.zone file:

 $TTL 1W @ IN SOA localhost. root.localhost. ( 42 ; serial (d. adams) 2D ; refresh 4H ; retry 6W ; expiry 1W ) ; minimum IN NS localhost. 1 IN PTR localhost.

The /var/named/quenya.org.host file:

 $ORIGIN . $TTL 38400 ; 10 hours 40 minutes quenya.org IN SOA marvel.quenya.org. root.quenya.org. ( 2003021832 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour ) 604800 ; expire (1 week) 38400 ; minimum (10 hours 40 minutes) ) NS marvel.quenya.org. MX 10 mail.quenya.org. $ORIGIN quenya.org. frodo A 192.168.1.1 marvel A 192.168.1.2 ; mail CNAME marvel www CNAME marvel

The /var/named/192.168.1.0.rev file:

 $ORIGIN . $TTL 38400 ; 10 hours 40 minutes 1.168.192.in-addr.arpa IN SOA marvel.quenya.org. root.quenya.org. ( 2003021824 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) 38400 ; minimum (10 hours 40 minutes) ) NS marvel.quenya.org. $ORIGIN 1.168.192.in-addr.arpa. 1 PTR frodo.quenya.org. 2 PTR marvel.quenya.org.

The above were copied from a fully working system. All dynamically registered entries have been removed. In addition to these files, BIND version 9 will create for each of the dynamic registration files a file that has a .jnl extension. Do not edit or tamper with the configuration files or with the .jnl files that are created.

39.2.2 DHCP Server

The following file is used with the ISC DHCP Server version 3. The file is located in /etc/dhcpd.conf:

 ddns-updates on; ddns-domainname "quenya.org"; option ntp-servers 192.168.1.2; ddns-update-style ad-hoc; allow unknown-clients; default-lease-time 86400; max-lease-time 172800; option domain-name "quenya.org"; option domain-name-servers 192.168.1.2; option netbios-name-servers 192.168.1.2; option netbios-dd-server 192.168.1.2; option netbios-node-type 8; subnet 192.168.1.0 netmask 255.255.255.0 { range dynamic-bootp 192.168.1.60 192.168.1.254; option subnet-mask 255.255.255.0; option routers 192.168.1.2; allow unknown-clients; }

In the above example, IP addresses between 192.168.1.1 and 192.168.1.59 are reserved for fixed address (commonly called hard-wired ) IP addresses. The addresses between 192.168.1.60 and 192.168.1.254 are allocated for dynamic use.