Wednesday, 14 December 2011

Installing DNS Master and Slave Servers

Install bind:
apt-get install bind9
Configure The Master

First we need to stop bind9:
/etc/init.d/bind9 stop
edit the /etc/bind/named.conf.options file so it looks something like this (use the forwarders of your liking):
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
dnssec-enable yes;
query-source address * port 53;
allow-query { any; };
forwarders {
8.8.8.8;
208.67.222.222;
208.67.220.220;
};
auth-nxdomain no; # conform to RFC1035
//listen-on-v6 { any; };
};
Add the ip of this newly installed DNS server (the localhost) to your /etc/resolv.conf to use it:
echo "search linux.lan" > /etc/resolv.conf
echo "nameserver 127.0.0.1" >> /etc/resolv.conf
Now restart bind9:
/etc/init.d/bind9 start
And test !
ping www.google.com
If you get a reply, then your DNS master server is working and ready to use. We will now fill and use the linux.lan domain with our new master server.

Setting up the linux.lan domain

The master DNS server is currently just forwarding requests to the server(s) you have configured in the options file. So, we will now install and configure our own domain and let our new server handle all request regarding that domain.
Lets start with creating the directory where we will store the zone file. This file contains all info about the domain.
mkdir /etc/bind/zones/
Next we will create the zones file, /etc/bind/zones/master_linux.lan, something like this:
$TTL 3D
@ IN SOA ns1.linux.lan. hostmaster.linux.lan. (
199802151 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
TXT "Linux.LAN, serving YOUR domain :)"
NS ns1 ; Inet Address of name server
NS ns2
MX 10 mail ; Primary Mail Exchanger
localhost A 127.0.0.1
ns1 A 192.168.254.1
ns2 A 192.168.254.2
www CNAME ns1
Here we have created a simple zone file with both nameservers and a www alias for ns1. Just in case we have a running apache on ns1 ;)

Now edit /etc/bind/named.conf.local and add:
zone "linux.lan" {
type master;
file "/etc/bind/zones/master_linux.lan";
};
This is it, we can now restart bind and check if it works:
/etc/init.d/bind9 restart
And test if it's working:
ping ns1.linux.lan
At this stage you should have a working and usable DNS server.
If it says it cannot find the domain, maybe dhclient has changed your nameserver entry... You should check that.

Installing The Slave
Basically, the slave uses the same basic system as we constructed in the first part (just before we added the zone file). We will add some little changes to both master and slave to make them work together. The zones file will be transfered over the net using encryption.
Unless else stated, these commands are for the slave ONLY.

Create the zones dir:
mkdir /etc/bind/zones
For both master AND slave edit /etc/bind/named.conf.options and make sure you have:
dnssec-enable yes;
Now we need a secure key. This will generate a .private and a .key file. The 'key=' line in the .private file represents the hashkey:
dnssec-keygen -a hmac-md5 -b 128 -n host linux.lan
Add this in your /etc/bind/named.conf on master AND slave:
key "TRANSFER" {
algorithm hmac-md5;
secret "---HASHKEY---";
};
On the master add the slave ip to /etc/bind/named.conf:
server 192.168.254.2 {
keys {
TRANSFER;
};
};
And on the slave we add the master ip to /etc/bind/named.conf:
server 192.168.254.1 {
keys {
TRANSFER;
};
};
Add to /etc/bind/named.conf.local:
zone "linux.lan" {
type slave;
file "/etc/bind/zones/slave_linux.lan";
masters { 192.168.254.1; };
allow-notify { 192.168.254.1; };
};
Finally we need to, on BOTH hosts, add this to /etc/bind/named.conf:
include "/etc/bind/rndc.key";
In order to have a succesfull zone transfer both systems need to have a synchronised clock, so:
apt-get -y install ntpdate

Restart bind on both machines and notice the new zone file on the slave.
If you're wondering why _updates_ to the zonefile on your master seem to fail, check the expire etc. settings inside the zonefile.

NOTE: if you get an error on syslog saying "bind dumping master file (...) permission denied ubuntu" check the /etc/apparmor.d/usr.sbin.named file and change the line:
/etc/bind/** r,
into:
/etc/bind/** rw,


Posted by Unknown at 12/14/2011 0 comments
Labels: ,

Possibly Related Posts

Friday, 18 November 2011

Create symbolic links for multiple files simutaneously

As simple as:
for file in $(ls <path>|grep <something>); do ln -s <path>$file <new_path>$file; done

Posted by Unknown at 11/18/2011 0 comments
Labels: ,

Possibly Related Posts

Monday, 17 October 2011

Drop all tables in a MySQL database

If you whant to drop all tables from one MySQL DB without droping the DB, you can use this command:
mysqldump -u[USERNAME] -p[PASSWORD] --add-drop-table --no-data [DATABASE] | grep ^DROP | mysql -u[USERNAME] -p[PASSWORD] [DATABASE]

Posted by Unknown at 10/17/2011 0 comments
Labels: ,

Possibly Related Posts

Saturday, 8 October 2011

VDI is not Available - Xenserver error

In order to recover the VM you have to:

1. Run XE VDI-LIST and determine the UUID of the VM giving you the problem, like this:

xe vdi-list | grep -i <VM-NAME> -B2 -A2
2. Once you have the UUID run:

xe vdi-forget uuid=<VDI-UUID>
3. Rescan the SR with:
xe sr-scan uuid=<SR-UUID>
4. Now, in XenCenter, go to the VM and click on the Storage tab. You should see it empty. Then click on attach and first entry on the list should be NO NAME. Attach it to the VM, wait about 30 seconds, then power it up!

5. In most cases it should be up and running. If you are still getting errors then wait a minute and try it again. If still not working repeat the previous steps.
Posted by Unknown at 10/08/2011 2 comments
Labels: ,

Possibly Related Posts

Friday, 7 October 2011

Some VM's are missing after Xenserver failure

Without enabled HA feature there is no mechanism enabled which checks if the host which went down had any VMs running at the time of the failure. There is no mechanism which updates the database with the informatio​n that the VMs which were running on the failing host should be marked as halted after the crash.

So, when you do not have the possibilit​y to enable HA you can do the following to make the VMs available in XenCenter again:

1. Locate the VMs which were running on the failed host with the following command:
xe vm-list resident-o​n=<UUID of the XenServer host> --multiple
You can determine the UUID of the host which failed by running the `xe host-list`​ command.

2. reset the power status of the VMs to halted using the following command:
xe vm-reset-p​owerstate vm=<Nam​e of VM received from the command in step 1> force=true​

(repeat this step for all VMs which were running on the failed host)

Once you reset the powerstate​ of the VM using the above command, the VM should appear in XenCenter again and can be started on another XenServer host.

NOTE: make sure that the VM you reset to halted using the vm-reset-p​owerstate command is actually powered off (e.g. because it was running on a XenServer which really failed) and not running on any other XenServer.​ Do NOT use this command while simulating​ the failure of a XenServer by stopping only the network of the host.
Posted by Unknown at 10/07/2011 0 comments
Labels: ,

Possibly Related Posts

XenServer Pool, Master host failure

Every member of a resource pool contains all the information necessary to take over the role of master if required. When a master node fails, the following sequence of events occurs:

1. The members realize that communication has been lost and each tries to reconnect for sixty seconds.

2. Each member then puts itself into emergency mode, whereby the member XenServer hosts will only accept the pool-emergency commands:
xe pool-emergency-reset-master
and
xe pool-emergency-transition-to-master
If the master comes back up at this point, it re-establishes communication with its members, the members leave emergency mode, and operation returns to normal.
However if the master is really dead, choose one of the remaining members and run the command:
xe pool-emergency-transition-to-master
on it. Once it has become the master, issue the command:
xe pool-recover-slaves
and the members will now point to the new master.
If you repair or replace the server that was the original master, you can simply bring it up, install the XenServer host software, and add it to the pool.
Posted by Unknown at 10/07/2011 0 comments
Labels: ,

Possibly Related Posts

Tuesday, 4 October 2011

How to install Android SDK without internet connection

The magic URL is:
http://dl-ssl.google.com/android/repository/repository.xml
That is the XML file from which the URL for downloading the SDK packages are obtained.

For e.g. if you want to download Mac version of Android SDK for version 2.0, you could look up that XML file. You will find a block under tag SDK 2.0 like this:
<sdk:archive arch="any" os="macosx"><sdk:size>74956356</sdk:size>
<sdk:checksum type="sha1">2a866d0870dbba18e0503cd41e5fae988a21b314</sdk:checksum>
<sdk:url>android-2.0_r01-macosx.zip</sdk:url></sdk:archive>
So the URL would be:
http://dl-ssl.google.com/android/repository/android-2.0_r01-macosx.zip

Posted by Unknown at 10/04/2011 0 comments
Labels:

Possibly Related Posts

Subscribe to: Posts (Atom)