我的主机为我的SOHO局域网提供服务,该主机充当路由器,防火墙,网关,DNS,DHCP服务器和备份服务器。
我已经设置bind9和isc-dhcp-server为局域网客户端进行DDNS,而pppoe则设置了通往网络的网关。
备份服务器需要通过主机名识别局域网客户端,因此我需要它在本地DNS上查找其当前IP。
我正在使用Ubuntu 16.04.4
I got quite far (see Dynamic DNS only serving DHCP clients, but new names not resolving on DNS server itself for the bind9 - dhcpd - ddns setup I did) but I still haven't managed to configure local DNS look-ups on the server.
The server's /etc/resolv.conf looks like this:
adam@gondor:~$ cat /etc/resolv.conf
nameserver 81.139.56.100
nameserver 81.139.57.100
domain localdomain
search localdomain
This is I assume being written at boot by pppoe which configures the gateway. There's a /etc/ppp/resolv.conf that is the same, but I'm not sure what role it plays.
My question is how I should configure linux so that backuppc will do DNS on the localhost for domain names on the lan, and yet browsing the net in firefox on the same machine will also work.
A colleague advised me to put 127.0.0.1 in /etc/resolvconf/resolv.conf.d/head but that doesn't seem to be a good idea:
adam@gondor:~$ cat /etc/resolvconf/resolv.conf.d/head
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
I'm also not using network-manager to control pppoe which seems to be a popular choice.
[UPDATE After 1st comment] I looked more into the resolvconf package and discovered that it was out-of-date. I've updated it but I'm now pretty sure that the warning in head above is warning me not to edit resolv.conf manually, rather than /etc/resolvconf/resolv.conf.d/head.
It also didn't help that http://manpages.ubuntu.com/manpages/xenial/man8/resolvconf.8.html talks about files that resolvconf isn't giving me, like resolvconf.conf.
I have also decided that pppd can't be using resolvconf, so I have disabled it from updating /etc/resolv.conf by commenting out the updatedns option in /etc/ppp/peers/dsl-provider. I don't want the British Telecom DNS servers anyway, I'm going to configure resolvconf to use 127.0.0.1, and I'll tell bind9 to forward to the OpenDNS servers instead.
pppdwas controlling/etc/resolv.confso the first thing I had to do was take out the ppp option which told it to pass through the British Telecom DNS servers. That was inusepeerdnsin/etc/ppp/peers/dsl-provider.Then I purged and re-installed the
resolvconfpackage out of frustration, and re-installing it actually set it up as it is documented (almost) at http://manpages.ubuntu.com/manpages/xenial/man8/resolvconf.8.htmlI put
nameserver 127.0.0.1in/etc/resolvconf/resolv.conf.d/headso now it appears in the/etc/resolv.confor better said in the/run/resolvconf/resolv.conffile linked to.I tweaked my
/etc/bind/named.conf.options:One article I was following told me to put
192.168.0.0/24in myacl goodclientsblock, and also to usednssec-validation auto;but they caused a whole raft of errors to be logged insyslogso I took them out again.It would also work without the
forwardersblock where I put the OpenDNS DNS servers, but without them, lots of IPv6 network unreachable errors.