Open5gs: Setup DNS untuk IMS dan EPC

From OnnoWiki
Revision as of 06:32, 10 August 2023 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search


Install BIND,

apt install -y bind9

Gunakan contoh di bawah untuk DNS Zone file termasuk edit

/etc/bind/named.conf.local
/etc/bind/named.conf.options

Lakukan,

cd /etc/bind

Dalam contoh ini Kamailio IMS & DNS server jalan di 10.45.0.1/192.168.0.5 (Floating IP) dan PCRF pada 10.45.0.1/192.168.0.5 (Floating IP)

cd /etc/bind
vi ims.mnc070.mcc999.3gppnetwork.org

$ORIGIN ims.mnc070.mcc999.3gppnetwork.org.
$TTL 1W
@                       1D IN SOA       localhost. root.localhost. (
                                        1               ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum 

                        1D IN NS        ns
ns                      1D IN A         10.45.0.1 

pcscf                   1D IN A         10.45.0.1
_sip._udp.pcscf         1D SRV 0 0 5060 pcscf
_sip._tcp.pcscf         1D SRV 0 0 5060 pcscf 

icscf                   1D IN A         10.45.0.1
_sip._udp               1D SRV 0 0 4060 icscf
_sip._tcp               1D SRV 0 0 4060 icscf

scscf                   1D IN A         10.45.0.1
_sip._udp.scscf         1D SRV 0 0 6060 scscf
_sip._tcp.scscf         1D SRV 0 0 6060 scscf

hss                     1D IN A         10.45.0.1

Buat DNS zone untuk pcrf domain

cd /etc/bind
vi epc.mnc070.mcc999.3gppnetwork.org
 
$ORIGIN epc.mnc070.mcc999.3gppnetwork.org.
$TTL 1W
@                       1D IN SOA       localhost. root.localhost. (
                                        1               ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum   

                        1D IN NS        epcns
epcns                   1D IN A         10.45.0.1

pcrf                    1D IN A         127.0.0.5

Edit

vi /etc/bind/named.conf.local

sebagai berikut,

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "ims.mnc070.mcc999.3gppnetwork.org" {
        type master;
        file "/etc/bind/ims.mnc070.mcc999.3gppnetwork.org";
};

zone "epc.mnc070.mcc999.3gppnetwork.org" {
        type master;
        file "/etc/bind/epc.mnc070.mcc999.3gppnetwork.org";
};

Edit

vi /etc/bind/named.conf.options

sebagai berikut,

options {
        directory "/var/cache/bind"; 

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        //forwarders {
        // Put here the IP address of other DNS server which could be used if name cannot be resolved with DNS server running in this machine (Optional)
        //192.168.0.222;
        //};

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation no;
        allow-query { any; };

        auth-nxdomain no;    # conform to RFC1035
        //listen-on-v6 { any; };
};

Restart BIND

systemctl restart bind9
systemctl status bind9

Tambahkan di

/etc/resolv.conf
search ims.mnc070.mcc999.3gppnetwork.org
nameserver 10.45.0.1

Coba, ping

$ ping pcscf
PING pcscf.ims.mnc001.mcc001.3gppnetwork.org (10.45.0.1) 56(84) bytes of data.
64 bytes from localhost (10.45.0.1): icmp_seq=1 ttl=64 time=0.017 ms
64 bytes from localhost (10.45.0.1): icmp_seq=2 ttl=64 time=0.041 ms

To make changes in /etc/resolv.conf be persistent across reboot edit the /etc/netplan/50-cloud-init.yaml file as follows:

# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        enp0s3:
            dhcp4: true
            match:
                macaddress: fa:16:3e:99:f5:67
            set-name: enp0s3
            nameservers:
                search: [ims.mnc070.mcc999.3gppnetwork.org,epc.mnc070.mcc999.3gppnetwork.org]
                addresses:
                      - 10.45.0.1
    version: 2

Restart,

netplan apply
ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
systemctl restart systemd-resolved.service