IPv6: Instalasi PowerDNS dengan Percona Database di Ubuntu

From OnnoWiki
Jump to navigation Jump to search

Install PowerDNS di Ubuntu 18.04

/etc/apt/source.list /etc/hosts IPv6 interface

Edit /etc/apt/sources.list pastikan ada category universe dan multiverse

deb http://archive.ubuntu.com/ubuntu bionic main universe multiverse
deb http://archive.ubuntu.com/ubuntu bionic-security main universe multiverse
deb http://archive.ubuntu.com/ubuntu bionic-updates main universe multiverse

Edit /etc/hosts pastikan

::1     localhost.localdomain   localhost
::1     localhost6.localdomain6 localhost6

Set IPv6 di interface, misalnya,

ip addr add <ipv6addr>/<ipv6prefix> dev enp3s0
ip route add ::/0 via <ipv6gayeway> dev enp2s0
ip addr add 2345::3/64 dev enp3s0

Instalasi

sudo su
cd /usr/local/src
wget https://repo.percona.com/apt/percona-release_latest.$(lsb_release -sc)_all.deb
dpkg -i percona-release_latest.$(lsb_release -sc)_all.deb
apt update
apt install percona-server-server-5.7


jika dibutuhkan untuk mencari versi percona terbaru bisa menggunakan perintah

sudo apt-cache search percona

Install PowerDNS

Instalasi

sudo apt-get install pdns-server pdns-backend-mysql

Lakukan:

  • Tekan 'Yes' untuk Configure database for pdns-backend-mysql with dbconfig-common?
  • Masukan password root MySQL (dalam contoh ini 123456).
  • Masukan password untuk pdns-backend-mysql untuk register ke database server. Untuk memudahkan gunakan password 123456
  • Ulangi masukan password untuk pdns-backend-mysql untuk register ke database server.

Sekarang PowerDNS sudah di instalasi.


Create PowerDNS Database dan User di MySQL

Masuk ke MySQL

sudo mysql -u root -h ::1 -p123456

Akan keluar

mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.7.25-28 Percona Server (GPL), Release '28', Revision 'c335905'

Copyright (c) 2009-2019 Percona LLC and/or its affiliates
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> 


Buat database ‘powerdns’. Database user 'poweruser'. Atau kita dapat membuat sendiri juga

CREATE DATABASE powerdns;
GRANT ALL ON powerdns.* TO 'poweruser'@'localhost' IDENTIFIED BY 'ubuntu';
GRANT ALL ON powerdns.* TO 'poweruser'@'::1' IDENTIFIED BY 'ubuntu';

FLUSH PRIVILEGES;

USE powerdns;

CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT UNSIGNED DEFAULT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE UNIQUE INDEX name_index ON domains(name);
 

CREATE TABLE records (
  id                    BIGINT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  change_date           INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);
 

CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (ip, nameserver)
) Engine=InnoDB CHARACTER SET 'latin1';
 

CREATE TABLE comments (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  name                  VARCHAR(255) NOT NULL,
  type                  VARCHAR(10) NOT NULL,
  modified_at           INT NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  comment               TEXT CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);

CREATE TABLE domainmetadata (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  kind                  VARCHAR(32),
  content               TEXT,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
 

CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  content               TEXT,
  PRIMARY KEY(id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX domainidindex ON cryptokeys(domain_id);
 

CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

quit;

Konfigurasi PowerDNS

Konfigurasi PowerDNS untuk menggunakan MySQL sebagai backend untuk menyimpan file Zone dan records.

Buang file konfigurasi PowerDNS yang ada.

sudo rm /etc/powerdns/pdns.d/*.*

Buat file /etc/powerdns/pdns.d/pdns.local.gmysql.conf ;

sudo vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf

Tambahkan kalimat berikut, yang sesuai dengan konfigurasi yang kita lakukan sebelumnya:

# MySQL Configuration
#
# Launch gmysql backend
launch=gmysql

# gmysql parameters
gmysql-host=localhost
gmysql-dbname=powerdns
gmysql-user=poweruser
gmysql-password=ubuntu


Konfigurasi PowerDNS agar dapat menangani IPv6. Edit /etc/powerdns/pdns.conf

vi /etc/powerdns/pdns.conf 

Pastikan:

do-ipv6-additional-processing=yes
local-address=0.0.0.0
local-ipv6=::

Agar semua mesin di Internet bisa me-recurse (HATI-HATI akan membuat mesin anda lemot), dapat di tambahkan:

allow-recursion=0.0.0.0/0,::/0

Restart powerdns service.

sudo service pdns restart


HACK Konfigurasi

systemctl edit --full pdns

Edit

[Service]
Type=notify
ExecStart=/usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no

Pastikan daemon=no menjadi daemon=yes

[Service]
Type=notify
ExecStart=/usr/sbin/pdns_server --guardian=no --daemon=yes --disable-syslog --log-timestamp=no --write-pid=no


Disable the stock Ubuntu 18.04 systemd resolved service:

$ sudo systemctl disable systemd-resolved
$ sudo systemctl stop systemd-resolved

Remove the old packages:

$ sudo apt-get purge pdns-recursor pdns-server pdns-backend-mysql
$ sudo apt-get autoremove
$ cd /etc/powerdns/
$ sudo rm *.*
$ cd pdns.d
$ sudo rm *.*

Add the PowerDNS repo back into sources:

$ sudo vi /etc/apt/sources.list.d/pdns.list

(add the following line)

deb [arch=amd64] http://repo.powerdns.com/ubuntu bionic-auth-41 main

<esc>:wq

$ sudo curl https://repo.powerdns.com/FD380FBB-pub.asc | sudo apt-key add -

Reinstall:

$ sudo apt-get update
$ sudo apt-get install pdns-server pdns-backend-mysql

Test PowerDNS

Edit file /ect/resolv.conf ,

sudo vi /etc/resolv.conf

isi

nameserver 192.168.0.100

sesuai dengan IP address server

Set the name server IP address:

auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.223
dns-nameservers 192.168.0.223
dns-search home
iface eth0 inet6 static
address 2001:470:36:ab6::100
netmask 64
gateway 2001:470:36:ab6::1
dns-nameservers 2001:470:36:ab6::100


Kita selesai dengan semua bagian instalasi dan konfigurasi. Selanjutnya, kita perlu cek apakah PowerDNS dapat berjalan dengan baik atau tidak.

Pertama-tama, cek apakah PowerDNS mendengarkan:

sudo netstat -tap | grep pdns

contoh output (harus ada tcp6 untuk memastikan DNS IPv6 bekerja dengan baik):

tcp        0      0 *:domain                *:*                     LISTEN      5388/pdns_server-in
tcp6       0      0 [::]:domain             [::]:*                  LISTEN      5388/pdns_server-in

Sekarang, masukan perintah berikut, untuk mencek apakah PowerDNS berjalan dengan baik:

sudo dig @127.0.0.1

atau,

sudo dig @localhost

Contoh output:

; <<>> DiG 9.9.5-3-Ubuntu <<>> @127.0.0.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16025
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available 

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;.				IN	NS

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jun 01 09:00:26 WIB 2015
;; MSG SIZE  rcvd: 29

Or,

sudo dig @192.168.0.100

Dimana, 192.168.0.100 adalah IP address dari PowerDNS server

Contoh output:

; <<>> DiG 9.9.5-3-Ubuntu <<>> @192.168.0.100
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7241
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;.				IN	NS

;; Query time: 4 msec
;; SERVER: 192.168.0.100#53(192.168.0.100)
;; WHEN: Mon Jun 01 09:01:43 WIB 2015
;; MSG SIZE  rcvd: 29


Cek menggunakan

dig @::1

Pastikan keluar misalnya

; <<>> DiG 9.9.5-3-Ubuntu <<>> @::1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33955
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available 

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;.				IN	NS

;; Query time: 1 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Jun 30 09:40:36 WIB 2015
;; MSG SIZE  rcvd: 29

Juga dengan (asumsi IPv6 server adalah 2001:470:36:ab6::100)

dig @2001:470:36:ab6::100

Keluar kira-kira:

; <<>> DiG 9.9.5-3-Ubuntu <<>> @2001:470:36:ab6::100
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60637
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;.				IN	NS

;; Query time: 0 msec
;; SERVER: 2001:470:36:ab6::100#53(2001:470:36:ab6::100)
;; WHEN: Tue Jun 30 09:41:27 WIB 2015
;; MSG SIZE  rcvd: 29


Selesai sudah. PowerDNS siap digunakan.

Referensi


Paranala Menarik