Pages

Thursday, February 13, 2020

dreamcast.local II - DNS

As I stated in the first article, I have setup a dedicated domain called dreamcast.local. To do the same, you need to install bind first:

# apt install bind9
...

Then create a basic configuration file:

# vi /etc/bind/named.conf
options {
        auth-nxdomain no;
        directory "/etc/bind";
        empty-zones-enable no;
        dnssec-validation no;
        querylog yes;
        listen-on { 127.0.0.1; 192.168.3.1; };
};

// ZONES
zone "0.0.127.in-addr.arpa" {
        type master;
        file "/etc/bind/zones/0.0.127";
};

zone "dreamcast.local" {
        type master;
        notify no;
        file "/etc/bind/zones/dreamcast.local";
};

zone "3.168.192.in-addr.arpa" {
        type master;
        notify no;
        file "/etc/bind/zones/3.168.192";
};

zone "12.16.172.in-addr.arpa" {
        type master;
        notify no;
        file "/etc/bind/zones/12.16.172";
};


As you can see in the configuration file, I created four zones:

  • 0.0.127.in-addr.arpa: loopback reverse lookup
  • dreamcast.local: forward lookup local network
  • 3.168.192.in-addr.arpa: reverse lookup local network
  • 12.16.172.in-addr.arpa: reverse lookup ppp network

Before you begin creating all these zones files, create the required zone directoy first:

# mkdir /etc/bind/zones

First start with the loopback reverse lookup zone:

# vi /etc/bind/zones/0.0.127
$TTL 604800
@       IN      SOA     dcs01.dreamcast.local.  root.dreamcast.local. (

                                92         ; serial
                                604800     ; refresh (1 week)
                                86400      ; retry (1 day)
                                2419200    ; expire (4 weeks)
                                604800     ; minimum (1 week)
                                )
@       IN      NS      dcs01.dreamcast.local.
1       IN      PTR     localhost.


Then configure the forward lookup zone for the dreamcast.local network:

# vi /etc/bind/zones/dreamcast.local
$ORIGIN dreamcast.local.
$TTL 604800
@       IN      SOA     dcs01.dreamcast.local. root.dreamcast.local. (
                                92         ; serial
                                604800     ; refresh (1 week)
                                86400      ; retry (1 day)
                                2419200    ; expire (4 weeks)
                                604800     ; minimum (1 week)
                                )

dreamcast.local.        IN      NS      dcs01.dreamcast.local.
dreamcast.local.        IN      MX 10   dcs01.dreamcast.local.
dcs01                   IN      A       192.168.3.1
@                       IN      A       192.168.3.1
dc01                    IN      A       172.16.12.2

Followed by the reverse lookup zone for the dreamcast.local network:

# vi /etc/bind/zones/3.168.192
$ORIGIN 3.168.192.in-addr.arpa.
$TTL 604800
@       IN      SOA     dcs01.dreamcast.local. root.dreamcast.local. (
                                92         ; serial
                                604800     ; refresh (1 week)
                                86400      ; retry (1 day)
                                2419200    ; expire (4 weeks)
                                604800     ; minimum (1 week)
                                )
@       IN      NS      dcs01.dreamcast.local.
@       IN      MX 10   dcs01.dreamcast.local.
1       IN      PTR     dcs01.dreamcast.local.

And finally the reverse lookup zone for the ppp network:

# vi /etc/bind/zones/12.16.172
$ORIGIN 12.16.172.in-addr.arpa.
$TTL 604800
@       IN      SOA     dcs01.dreamcast.local. root.dreamcast.local. (
                                92         ; serial
                                604800     ; refresh (1 week)
                                86400      ; retry (1 day)
                                2419200    ; expire (4 weeks)
                                604800     ; minimum (1 week)
                                )
@       IN      NS      dcs01.dreamcast.local.
@       IN      MX 10   dcs01.dreamcast.local.
1       IN      PTR     dcs01.dreamcast.local.
2       IN      PTR     dc01.dreamcast.local.


Next reconfigure the default options file for bind and add "-4 -c /etc/bind/named.conf":

# cat /etc/default/bind9
#
# run resolvconf?
RESOLVCONF=no

# startup options for the server
OPTIONS="-u bind -4 -c /etc/bind/named.conf"


Now it is time to enable and start bind:

# systemctl enable bind9
# systemctl start bind9

Check that bind is running with your configured options:

# pgrep -afl named
6337 /usr/sbin/named -u bind -4 -c /etc/bind/named.conf


And edit your local resolv.conf file and enter your newly configured DNS server:

# vi /etc/resolv.conf
domain dreamcast.local
search dreamcast.local
nameserver 192.168.3.1


Your Dreamcast server will now listen on the name dcs01 and your Dreamcast will listen on the name dc01. DNS queries with dig should look like:

Dreamcast:

# dig +short dc01.dreamcast.local
172.16.12.2
# dig +short -x 172.16.12.2 
dc01.dreamcast.local.

Dreamcast server:

# dig +short dcs01.dreamcast.local
192.168.3.1
# dig +short -x 192.168.3.1
dcs01.dreamcast.local.

Domain dreamcast.local:

# dig +short dreamcast.local
192.168.3.1

When you check your syslog file now, you will notice message like this:

# tail -f /var/log/syslog | grep named
...
Feb 13 17:10:24 localhost named[6337]: client @0xb167cd38 192.168.3.1#49535 (2.12.16.172.in-addr.arpa): query: 2.12.16.172.in-addr.arpa IN PTR +E(0)K (192.168.3.1)
Feb 13 17:10:47 localhost named[6337]: client @0xb1684bb0 192.168.3.1#46559 (dcs01.dreamcast.local): query: dcs01.dreamcast.local IN A +E(0)K (192.168.3.1)
Feb 13 17:10:56 localhost named[6337]: client @0xb1642e48 192.168.3.1#57280 (1.3.168.192.in-addr.arpa): query: 1.3.168.192.in-addr.arpa IN PTR +E(0)K (192.168.3.1)
Feb 13 17:11:08 localhost named[6337]: client @0xb1642e48 192.168.3.1#38070 (dreamcast.local): query: dreamcast.local IN A +E(0)K (192.168.3.1)
...


When you are dialing in to your Dreamcast server with your Dreamcast and Dream Key 3.0, then you will see the following log messages:

# tail -f /var/log/syslog | grep named
...

Feb 13 17:17:58 localhost named[6337]: client @0xb1684bb0 192.168.3.1#55830 (ppp0.dreamcast.local): query: ppp0.dreamcast.local IN A + (192.168.3.1)
Feb 13 17:17:58 localhost named[6337]: client @0xb1684bb0 192.168.3.1#50623 (ppp0): query: ppp0 IN A + (192.168.3.1)
Feb 13 17:17:58 localhost named[6337]: resolver priming query complete
Feb 13 17:17:58 localhost named[6337]: client @0xb0d025d8 192.168.3.1#48299 (ppp0.dreamcast.local): query: ppp0.dreamcast.local IN A + (192.168.3.1)
Feb 13 17:17:58 localhost named[6337]: client @0xb1642e48 192.168.3.1#40156 (ppp0): query: ppp0 IN A + (192.168.3.1)
Feb 13 17:18:00 localhost named[6337]: client @0xb1642e48 192.168.3.1#45987 (ppp0.dreamcast.local): query: ppp0.dreamcast.local IN A + (192.168.3.1)
Feb 13 17:18:00 localhost named[6337]: client @0xb1642e48 192.168.3.1#60880 (ppp0): query: ppp0 IN A + (192.168.3.1)
Feb 13 17:18:02 localhost named[6337]: client @0xb1642e48 172.16.12.2#1825 (www.sega-europe.com): query: www.sega-europe.com IN A + (192.168.3.1)
Feb 13 17:18:02 localhost named[6337]: client @0xb1642e48 172.16.12.2#1825 (www.sega-europe.com): query (cache) 'www.sega-europe.com/A/IN' denied
Feb 13 17:18:02 localhost named[6337]: client @0xb1642e48 172.16.12.2#1825 (www.sega-europe.com): query failed (REFUSED) for www.sega-europe.com/IN/A at ../../../bin/named/query.c:7144

...

This is because Dream Key 3.0 treis to connect to www.sega-europe.com first, when a connection was established.

That's it for the second part!

No comments:

Post a Comment