www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

[Janus / twin Alix2] #4 Twin DNS & DHCP servers

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
PatrickB



Joined: 03 Nov 2012
Posts: 50

PostPosted: Sun Jul 12, 2015 9:29 am    Post subject: [Janus / twin Alix2] #4 Twin DNS & DHCP servers Reply with quote

Hello.

Today I give you my solution for having a backup DNS & DHCP server on my LAN, in the context of twin LAN Masters.

The goal is to have a valid solution , handy to maintain, to keep the services up in case the prime would be off for a long time (hardware issue...).

Solution for the DHCP server

It is trivial, the prime and backup servers have the same settings excepted the IP ranges that must not conflict, of course...

We cannot choose which DHCP will handle a given client, but it does not matter: there is one and they serve the same information.

If I needed a large IP range, the servers would share it then only one should be active at once:
- need to switch the backup DHCP on/off though a script,
- potential conflicts when leases are renewed on the other server with its list reset...

Solution with a slave DNS server

This is easy to setup, but the slave DNS server is a read-only copy of the prime. The ZS GUI does not enable to edit it.

In case the prime server would be off for a long time, and some change would be needed in the zone, how to do that ?

For this reason I prefer to have 2 clone prime DNS servers, with a solution to avoid conflicts and easily replicate the settings of the zone.

Solution with 2 clone DNS servers

In the next post I will show how I easily replicate the whole DNS zone.

The active LAN Master is the gateway and traditionally uses the IP .1, then the twin servers both have a different administrative IP address that is always up:
- prime, named Janus1, uses .11,
- backup, named Janus2, uses .12.

Idea Then both have .1 preset but only the active one has it up,

...and finally the zone is actually controlled by "Janus", the one using .1, as defined below (this is LDIF extraction, see the next post):

Code:

# @, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=@,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: @
zoneName: mydomain.lan
mXRecord: 10 mail.mydomain.lan.
nSRecord: janus.mydomain.lan.
sOARecord: janus.mydomain.lan. reports.mail.mydomain.lan. 2014040102 86400 7200 3600000 172800

# janus, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=janus,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: janus
zoneName: mydomain.lan
aRecord: 192.168.xxx.1
pTRRecord: janus.mydomain.lan.
tXTRecord: "Either Janus1 or Janus2"

# janus1, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=janus1,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: janus1
zoneName: mydomain.lan
aRecord: 192.168.xxx.11
pTRRecord: janus1.mydomain.lan.
tXTRecord: "MyDomain's LAN Master (prime)"
hInfoRecord: "Alix 2D13" "Zeroshell"

# janus2, mydomain, lan, DNS, mydomain.lan
dn: relativeDomainName=janus2,dc=mydomain,dc=lan,ou=DNS,dc=mydomain,dc=lan
objectClass: top
objectClass: dNSZone
relativeDomainName: janus2
zoneName: mydomain.lan
aRecord: 192.168.xxx.12
pTRRecord: janus2.mydomain.lan.
tXTRecord: "MyDomain's LAN Master (backup)"
hInfoRecord: "Alix 2D13" "Zeroshell"


This makes the zone generic, and once the prime server has been disconnected, just switching the IP .1 up on the backup server makes it become the LAN Master.

Then in a next post it will be done automatically, of course, using: ifconfig BRIDGE01:00 up or down

Hmmm... Confused I found a little issue, due to the switch connected to the twin servers:
When I unplug the prime then switch the IP .1 up on the backup server, the switch does not understand the change immediately, then the .1 no longer pings from the LAN Evil or Very Mad
Just un/replugging the backup server suffices to reroute the .1 but I hope I will find a better solution than switching the whole NIC off/on to force it...

Now the essential continuation of this is the next post: how to easily backup, restore and replicate parts of the LDAP database.

Hope it can help someone.

Ideas for improvements are welcome.

Best regards.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group