我的主机为我的SOHO局域网提供服务,该主机充当路由器,防火墙,网关,DNS,DHCP服务器和备份服务器。
我已经设置bind9和isc-dhcp-server为局域网客户端进行DDNS,而pppoe则设置了通往网络的网关。
备份服务器需要通过主机名识别局域网客户端,因此我需要它在本地DNS上查找其当前IP。
我正在使用Ubuntu 16.04.4
I got quite far (see Dynamic DNS only serving DHCP clients, but new names not resolving on DNS server itself for the bind9 - dhcpd - ddns
setup I did) but I still haven't managed to configure local DNS look-ups on the server.
The server's /etc/resolv.conf
looks like this:
adam@gondor:~$ cat /etc/resolv.conf
nameserver 81.139.56.100
nameserver 81.139.57.100
domain localdomain
search localdomain
This is I assume being written at boot by pppoe
which configures the gateway. There's a /etc/ppp/resolv.conf
that is the same, but I'm not sure what role it plays.
My question is how I should configure linux so that backuppc
will do DNS on the localhost for domain names on the lan, and yet browsing the net in firefox on the same machine will also work.
A colleague advised me to put 127.0.0.1
in /etc/resolvconf/resolv.conf.d/head
but that doesn't seem to be a good idea:
adam@gondor:~$ cat /etc/resolvconf/resolv.conf.d/head
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
I'm also not using network-manager
to control pppoe
which seems to be a popular choice.
[UPDATE After 1st comment] I looked more into the resolvconf
package and discovered that it was out-of-date. I've updated it but I'm now pretty sure that the warning in head
above is warning me not to edit resolv.conf
manually, rather than /etc/resolvconf/resolv.conf.d/head
.
It also didn't help that http://manpages.ubuntu.com/manpages/xenial/man8/resolvconf.8.html talks about files that resolvconf
isn't giving me, like resolvconf.conf
.
I have also decided that pppd
can't be using resolvconf
, so I have disabled it from updating /etc/resolv.conf
by commenting out the updatedns
option in /etc/ppp/peers/dsl-provider
. I don't want the British Telecom DNS servers anyway, I'm going to configure resolvconf
to use 127.0.0.1
, and I'll tell bind9
to forward to the OpenDNS servers instead.
pppd
was controlling/etc/resolv.conf
so the first thing I had to do was take out the ppp option which told it to pass through the British Telecom DNS servers. That was inusepeerdns
in/etc/ppp/peers/dsl-provider
.Then I purged and re-installed the
resolvconf
package out of frustration, and re-installing it actually set it up as it is documented (almost) at http://manpages.ubuntu.com/manpages/xenial/man8/resolvconf.8.htmlI put
nameserver 127.0.0.1
in/etc/resolvconf/resolv.conf.d/head
so now it appears in the/etc/resolv.conf
or better said in the/run/resolvconf/resolv.conf
file linked to.I tweaked my
/etc/bind/named.conf.options
:One article I was following told me to put
192.168.0.0/24
in myacl goodclients
block, and also to usednssec-validation auto;
but they caused a whole raft of errors to be logged insyslog
so I took them out again.It would also work without the
forwarders
block where I put the OpenDNS DNS servers, but without them, lots of IPv6 network unreachable errors.