PowerDNS: Instalasi Server & Recursor di satu mesin
Dalam tutorial ini akan di coba untuk mengkonfigurasi powerdns agar bisa berjalan sebagai master dan slave di satu mesin.
Disini akan digunakan
- IP address 192.168.0.100 (powerdns server)
- IP address 127.0.0.1 (recursor)
Instalasi dns recursor & konfigurasi
apt-get update apt-get install pdns-recursor
Konfigurasi /etc/powerdns/recursor.conf
vi /etc/powerdns/recursor.conf
Isi
local-address=127.0.0.1 local-port=53 quiet=yes setgid=pdns setuid=pdns
Restart
/etc/init.d/pdns-recursor restart
Cek
sudo netstat -tap | grep pdns
Keluar
tcp 0 0 localhost:domain *:* LISTEN 1362/pdns_recursor
Cek
dig www.google.com @127.0.0.1
Keluar
; <<>> DiG 9.9.5-3-Ubuntu <<>> www.google.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10684 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 300 IN A 216.58.196.68 ;; Query time: 645 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Jun 02 09:23:36 WIB 2015 ;; MSG SIZE rcvd: 48
Instalasi powerdns dan MySQL
apt-get install pdns-server pdns-backend-mysql mysql-server
Pertanyaan
- New password for the MySQL "root" user: > isi 123456
- Repeat password for the MySQL "root" user: > isi 123456
- Configure database for pdns-backend-mysql with dbconfig-common? > isi No
Edit /etc/mysql/my.cnf
sudo vi /etc/mysql/my.cnf
Pastikan
[...] #bind-address = 127.0.0.1 [...]
Konfigurasi Database
Masuk ke MySQL
sudo mysql -u root -p
untuk password root 123456 dapat menggunakan
sudo mysql -u root -p123456
Buat database ‘powerdns’. Database user 'poweruser'. Atau kita dapat membuat sendiri juga
CREATE DATABASE powerdns; GRANT ALL ON powerdns.* TO 'poweruser'@'localhost' IDENTIFIED BY 'ubuntu'; FLUSH PRIVILEGES; USE powerdns; CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT DEFAULT NULL, account VARCHAR(40) DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id INT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ); CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX recordorder ON records (domain_id, ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) NOT NULL, PRIMARY KEY (ip, nameserver) ); CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) NOT NULL, comment VARCHAR(64000) NOT NULL, PRIMARY KEY (id) ); CREATE INDEX comments_domain_id_idx ON comments (domain_id); CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ); CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ); CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ); CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); quit;
Konfigurasi powerdns
Edit /etc/powerdns/pdns.d/pdns.local.gmysql.conf
sudo rm /etc/powerdns/pdns.d/* sudo vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf
isi
# MySQL Configuration # # Launch gmysql backend launch=gmysql # gmysql parameters gmysql-host=localhost gmysql-dbname=powerdns gmysql-user=poweruser gmysql-password=ubuntu
Edit /etc/powerdns/pdns.conf
vi /etc/powerdns/pdns.conf
isi
allow-recursion=0.0.0.0/0 config-dir=/etc/powerdns daemon=yes guardian=yes include-dir=/etc/powerdns/pdns.d launch= setgid=pdns setuid=pdns version-string=powerdns local-address=192.168.0.100 local-port=53 log-dns-details=yes log-dns-queries=yes logging-facility=0 loglevel=6 recursor=127.0.0.1:53
atau (original-nya)
config-dir=/etc/powerdns daemon=yes disable-axfr=yes guardian=yes local-address=192.168.0.100 local-port=53 module-dir=/usr/lib/powerdns setgid=pdns setuid=pdns socket-dir=/var/run version-string=powerdns include-dir=/etc/powerdns/pdns.d recursor=127.0.0.1
Restart
/etc/init.d/pdns restart /etc/init.d/pdns-recursor restart
Cek
sudo netstat -tap | grep pdns
Akan keluar
tcp 0 0 refserver:domain *:* LISTEN 4851/pdns_server-in tcp 0 0 localhost:domain *:* LISTEN 4711/pdns_recursor
Cek
dig www.detik.com @192.168.0.100
Hasilnya
; <<>> DiG 9.9.5-3-Ubuntu <<>> www.detik.com @192.168.0.100 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25731 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.detik.com. IN A ;; ANSWER SECTION: www.detik.com. 86400 IN CNAME detik.com. detik.com. 300 IN A 203.190.241.43 detik.com. 300 IN A 203.190.242.69 ;; Query time: 601 msec ;; SERVER: 192.168.0.100#53(192.168.0.100) ;; WHEN: Tue Jun 02 09:53:08 WIB 2015 ;; MSG SIZE rcvd: 77
Poweradmin installation
Poweradmin will be installed on powerdns master host, so we need to install necessary packages:
apt-get install apache2-mpm-prefork php5-mysql libapache2-mod-php5 php-pear php-mdb2 php-mdb2-driver-mysql
Then download, unpack and make some preparations before installation process:
cd /var/www wget --no-check-certificate https://www.poweradmin.org/download/poweradmin-2.1.4.tgz tar zxvf poweradmin-2.1.4.tgz ln -s poweradmin-2.1.4 poweradmin chown www-data.www-data -R poweradmin-2.1.4 cp /var/www/poweradmin/inc/config-me.inc.php /var/www/poweradmin/inc/config.inc.php
With default apache2 configuration, type in web browser address http://192.168.56.3/poweradmin/install and follow steps to finish poweradmin installation
Instead of what is shown in step 6 use below listed grant for user poweradmin:
GRANT SELECT, INSERT, UPDATE, DELETE ON powerdns.* TO 'poweradmin'@'localhost'; FLUSH PRIVILEGES;
After successful installation remove install directory.
rm -rf /var/www/poweradmin/install
There is a small bug in latest stable release of poweradmin-2.1.4, which has been explained in ticket https://www.poweradmin.org/trac/ticket/346.To repair that replace line 196 with $retcount++; in inc/templates.inc.php file. Poweradmin usage
Type in your web browser http://192.168.56.3/poweradmin and login as admin with password you typed in installation (step 3)
Easiest way to manage domains is to create zone template or templeates. Got to List zone templates > Add zone template > fill Name('default' in that case)
Then edit 'default' zone template by adding new records:
#examples [ZONE] SOA ns1.example.com hostmaster.example.com [SERIAL] 10800 3600 604800 600 [ZONE] A 192.168.56.3 86400 www.[ZONE] A 192.168.56.3 86400 mail.[ZONE] A 192.168.56.3 86400 [ZONE] NS ns1.example.com 86400 [ZONE] NS ns2.example.com 86400 [ZONE] MX mail.[ZONE] 10 86400
Make some tests with adding new domain using created zone template by adding master zone (choose type: master)
Don't forget to add ns1.example.com and ns2.example.com A type records.
Finally add into slave mysql server direction where master powerdns server is located by adding proper ip and master ns domain name.
use powerdns; insert into supermasters values ('192.168.56.3', 'ns1.example.com', 'admin');
Migration from bind
Use zone2sql script to migrate domains from bind to powerdns
zone2sql --gmysql --named-conf=/etc/bind/named.conf > bind.sql
If domain type is NATIVE, change it into MASTER using example sed command
sed 's/NATIVE/MASTER/g' bind.sql > bind.master.sql
Thats all folks. If you have any questions don't hesitate to write ;-)