Setting up DHCP and DNS services on your own network

  By ,

In most home networks the role of DHCP and DNS server is performed by the router supplied by your ISP. This is fine until you want more complex things as PXE boot or an internal DNS view. To use these functions you need to run a server in your network. This can be an old PC or – if you are environmentally conscious – a device with a low energy consumption. I prefer an old – atom based – thin client.

The operating system

I use open-source software where I can so I am running this on Debian Wheezy. You can download the iso images from the debian site. Burn it to a cd and install a basic system with openssh-server. You can even convert an iso to a bootable USB stick.

Your favourite editor

Log in as root and install your favorite text editor. Nano is the default editor, I prefer vim.

apt-get install vim

A fixed ip-address

Edit the network settings for this server so it as an fixed ip-address.
`/etc/network/interfaces`:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
        address 172.30.1.2
        netmask 255.255.255.0
        network 172.30.1.0
        broadcast 172.30.1.255
        gateway 172.30.1.1

Reboot your server and check if your changes have worked.

ifconfig

You should see that `eth0` has the correct ip-address.

Install BIND and DHCP

Next install bind9 and isc-dhcp-server.

apt-get install bind9 isc-dhcp-server

Setting up DHCP

As domain i’m using “home” for internal use.
Edit `/etc/dhcp/dhcpd.conf` to contain something like this:

# I don't want dhcp to update my dns records.
ddns-update-style none;

# option definitions common to all supported networks...
# Enter your internal domain-name here
.
option domain-name "home";
# Enter the fixed ip address of this server here 
option domain-name-servers 172.30.1.2;

# How long should a lease be valid  
default-lease-time 600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file 
# (you also have to hack syslog.conf to complete the redirection).
log-facility local7;

# Use the name used for the host declaration as 
# hostname for the machine.
use-host-decl-names on;

# Define which subnet you are going to use.
# In this case 172.30.1.0/24.
subnet 172.30.1.0 netmask 255.255.255.0 {
   # define the range the server can use to
   # allocate dynamic ip addresses from.
   range 172.30.1.60 172.30.1.250;
   # enter the adress of your ISP router here.
   option routers 172.30.1.1;
   # The folowing is used for PXE enter the ip address of this server.
   next-server 172.30.1.2;
   # This is the file the PXE-client is going te load.
   filename "pxelinux.0";
}
# This is a host definition. 
# With this you can assign a fixed ip-address to a machine. 
# This ip-address cannot be part of the dynamic range.
host mymachine {
  # Enter the mac address for this machine
  hardware ethernet aa:aa:aa:aa:aa:aa;
  # Enter a fixed ip-address.
  fixed-address 172.30.1.50;
}

Restart dhcp.

service isc-dhcp-server restart

Setting up DNS

Next the DNS part. Create the following files.
`/etc/bind/db.home`:

$TTL    86400
@       IN      SOA     ns.home. hostmaster.home. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
@       IN      NS      ns.home.
@       IN      NS      ns2.home.

gateway         A       172.30.1.1
ns2             A       172.30.1.1

dhcp            A       172.30.1.2
ns              A       172.30.1.2

mymachine       A       172.30.1.50

`/etc/bind/db.30.172`:

; BIND reverse data file     
;
$TTL    604800
@       IN      SOA     ns.home. hostmaster.home. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
@       IN      NS      ns.home.

1.1     IN      PTR     gateway.home.
1.1     IN      PTR     ns2.home.

2.1     IN      PTR     dhcp.home.
2.1     IN      PTR     ns.home.

50.1    IN      PTR     mymachine.home.

Edit `/etc/bind/named.conf.local` and add these lines to the end:

zone "home" { type master; file "/etc/bind/db.home"; };
zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.30.172"; };

Restart dhcp.

service bind9 restart

The only thin left is to tell this server that it is now part of the `home` domain.
To do this edit `/etc/resolv.conf`:

domain home
search home
nameserver 172.30.1.2
nameserver 172.30.1.1

Finally

Don’t forget to disable the local dhcp server in your ISP router.
You can now test your internal dns:

ping dhcp.home
ping gateway.home
Tagged  , , , , .
Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *