DDNS dynamic update method in RHEL4 system

Article title: DDNS dynamic update method in RHEL4 system. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

System: Red Hat Enterprise Linux 4 AS 4.0 implementation: DHCP + DNS

1. Generate KEY

# Dnssec-keygen-a HMAC-MD5-B 128-n USER DHCP_UPDATER

Kdhcp_updater. + xxx + xxxxx. key and are generated in the current directory. Private files

# Cat Kdhcp_updater. + xxx + xxxxx. key

DHCP_UPDATER. in key 0 2 157 qSSpjerAuaPE/X3JJyxSww =

QSSpjerAuaPE/X3JJyxSww =

2. DHCP

Add

# -- DDNS --

Key DHCP_UPDATER {

Algorithm HMAC-MD5;

Secret "qSSpjerAuaPE/X3JJyxSww = ";

}

Zone scott. home .{

Primary 127.0.0.1;

Key DHCP_UPDATER;

}

Ps: In PXE installation, "#" before option domain-name and option domain-name-servers can also be removed, because we will set DNS

3. DNS

# Rpm-qa | gerp bind

Check whether there are bind-xx and bind-chroot-xx. In theory, chroot can improve security, but the setting is cumbersome.

# Rpm-qa | gerp caching-name

Check whether the caching-nameserver has been installed. if this is not installed, you need to write several files, such as named. ca.

# Add vi/etc/named. conf at the end

Key DHCP_UPDATER {

Algorithm HMAC-MD5;

Secret "qSSpjerAuaPE/X3JJyxSww = ";

};

Zone "scott. home" IN {

Type master;

File "scott. home. zone ";

Allow-update {key DHCP_UPDATER ;};

};

# Cd/var/named/chroot/var/named

# Cp localdomain. zone scott. home. zone

# Chown named: named scott. home. zone

# Cd/var/named/chroot/var

# Chown named: named/

# Cd/var/named

# Ln-s/var/named/chroot/var/named/scott. home. zone

# Vi scott. home. zone (modify it to your own DNS settings, do not copy me)

$ TTL 86400

@ In soa scott. home. root. scott. home .(

42; serial (d. adams)

3 H; refresh

15 M; retry

1 W; expiry

1D); minimum

@ In ns scott. home.

@ In a 192.168.1.100

4. firewall iptables

# Iptables-F

# Iptables-P INPUT DROP

# Iptables-a input-I lo-j ACCEPT

# Iptables-a input-m state -- state RELATED, ESTABLISHED-j ACCEPT

# Iptables-a input-s 192.168.1.0/24-p tcp-m multiport -- dports 53,953-j ACCEPT

# Iptables-a input-s 192.168.1.0/24-p udp-m multiport -- dports 53,953-j ACCEPT

#/Etc/init. d/iptables save disable iptables: service iptables stop in the actual experiment

5. start the service

#/Etc/init. d/dhcpd restart

# Chkconfig dhcpd on

#/Etc/init. d/named restart

# Chkconfig named on

6. test (mainly about LINUX. during the experiment, we found that windows is not working as a client)

Add a file/etc/dhclient. conf to the client as follows:

Send fqdn. fqdn "test"; // test is the hostname of the local machine.

Send fqdn. encoded on;

Send fqdn. server-update off;

Run dhclient or restart

If the DNS server host is normal,/var/named/chroot/var/named will have an additional one ending with jnl

For example, scott. home. zone. jnl. ping test. scott. home to check whether the PING is successful.

All tests passed.