Open5gs: Setup DNS untuk IMS dan EPC

From OnnoWiki
Revision as of 08:49, 11 August 2023 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search


Install BIND, 

apt install -y bind9

Gunakan contoh di bawah untuk DNS Zone file termasuk edit 

/etc/bind/named.conf.local
/etc/bind/named.conf.options

Lakukan, 

cd /etc/bind

Dalam contoh ini Kamailio IMS & DNS server jalan di 10.45.0.1/192.168.0.5 (Floating IP) dan PCRF pada 10.45.0.1/192.168.0.5 (Floating IP) 

cd /etc/bind
vi ims.mnc070.mcc999.3gppnetwork.org

$ORIGIN ims.mnc070.mcc999.3gppnetwork.org.
$TTL 1W
@                       1D IN SOA       localhost. root.localhost. (
                                        1               ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum 

                        1D IN NS        ns
ns                      1D IN A         10.45.0.1 

pcscf                   1D IN A         10.45.0.1
_sip._udp.pcscf         1D SRV 0 0 5060 pcscf
_sip._tcp.pcscf         1D SRV 0 0 5060 pcscf 

icscf                   1D IN A         10.45.0.1
_sip._udp               1D SRV 0 0 4060 icscf
_sip._tcp               1D SRV 0 0 4060 icscf

scscf                   1D IN A         10.45.0.1
_sip._udp.scscf         1D SRV 0 0 6060 scscf
_sip._tcp.scscf         1D SRV 0 0 6060 scscf

hss                     1D IN A         10.45.0.1

Buat DNS zone untuk pcrf domain 

cd /etc/bind
vi epc.mnc070.mcc999.3gppnetwork.org
 
$ORIGIN epc.mnc070.mcc999.3gppnetwork.org.
$TTL 1W
@                       1D IN SOA       localhost. root.localhost. (
                                        1               ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum   

                        1D IN NS        epcns
epcns                   1D IN A         10.45.0.1

pcrf                    1D IN A         127.0.0.5

Edit 

vi /etc/bind/named.conf.local

sebagai berikut, 

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "ims.mnc070.mcc999.3gppnetwork.org" {
        type master;
        file "/etc/bind/ims.mnc070.mcc999.3gppnetwork.org";
};

zone "epc.mnc070.mcc999.3gppnetwork.org" {
        type master;
        file "/etc/bind/epc.mnc070.mcc999.3gppnetwork.org";
};

Edit 

vi /etc/bind/named.conf.options

sebagai berikut, 

options {
        directory "/var/cache/bind"; 

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        //forwarders {
        // Put here the IP address of other DNS server which could be used if name cannot be resolved with DNS server running in this machine (Optional)
        //192.168.0.222;
        //};

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation no;
        allow-query { any; };

        auth-nxdomain no;    # conform to RFC1035
        //listen-on-v6 { any; };
};

Restart BIND 

systemctl restart bind9
systemctl status bind9

Tambahkan di 

/etc/resolv.conf

search ims.mnc070.mcc999.3gppnetwork.org
nameserver 10.45.0.1

Coba, ping 

ping pcscf

PING pcscf.ims.mnc070.mcc999.3gppnetwork.org (10.45.0.1) 56(84) bytes of data.
64 bytes from 10.45.0.1 (10.45.0.1): icmp_seq=1 ttl=64 time=0.088 ms
64 bytes from 10.45.0.1 (10.45.0.1): icmp_seq=2 ttl=64 time=0.110 ms
64 bytes from 10.45.0.1 (10.45.0.1): icmp_seq=3 ttl=64 time=0.126 ms

--- pcscf.ims.mnc070.mcc999.3gppnetwork.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 0.088/0.108/0.126/0.015 ms

Agar /etc/resolv.conf persistent saat booting, kita perlu tambahkan di /etc/netplan/00* sebagai berikut, 

# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        enp0s3:
            dhcp4: true
            match:
                macaddress: fa:16:3e:99:f5:67
            set-name: enp0s3
            nameservers:
                search: [ims.mnc070.mcc999.3gppnetwork.org,epc.mnc070.mcc999.3gppnetwork.org]
                addresses:
                      - 10.45.0.1
    version: 2


Atau, 

# This is the network config written by 'subiquity'
network:
  ethernets:
    enp0s3:
      dhcp4: true
      nameservers:
          search: 
[ims.mnc070.mcc999.3gppnetwork.org,epc.mnc070.mcc999.3gppnetwork.org]
          addresses:
                - 10.45.0.1
  version: 2

Restart, 

netplan apply
ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
systemctl restart systemd-resolved.service


Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Open5gs:_Setup_DNS_untuk_IMS_dan_EPC&oldid=69562"