PowerDNS: Instalasi Server & Recursor di satu mesin

From OnnoWiki
Revision as of 10:00, 2 June 2015 by Onnowpurbo (talk | contribs) (→‎Konfigurasi Database)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Dalam tutorial ini akan di coba untuk mengkonfigurasi powerdns agar bisa berjalan sebagai master dan slave di satu mesin.

Disini akan digunakan

  • IP address 192.168.0.100 (powerdns server)
  • IP address 127.0.0.1 (recursor)


Instalasi dns recursor & konfigurasi

apt-get update
apt-get install pdns-recursor

Konfigurasi /etc/powerdns/recursor.conf 

vi /etc/powerdns/recursor.conf

Isi 

local-address=127.0.0.1
local-port=53
quiet=yes
setgid=pdns
setuid=pdns

Restart 

/etc/init.d/pdns-recursor restart

Cek 

sudo netstat -tap | grep pdns

Keluar 

tcp        0      0 localhost:domain        *:*                     LISTEN      1362/pdns_recursor

Cek 

dig www.google.com @127.0.0.1

Keluar 

; <<>> DiG 9.9.5-3-Ubuntu <<>> www.google.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10684
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com.			IN	A

;; ANSWER SECTION:
www.google.com.		300	IN	A	216.58.196.68

;; Query time: 645 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 02 09:23:36 WIB 2015
;; MSG SIZE  rcvd: 48

Instalasi powerdns dan MySQL

apt-get install pdns-server pdns-backend-mysql mysql-server

Pertanyaan

  • New password for the MySQL "root" user: > isi 123456
  • Repeat password for the MySQL "root" user: > isi 123456
  • Configure database for pdns-backend-mysql with dbconfig-common? > isi No


Edit /etc/mysql/my.cnf 

sudo vi /etc/mysql/my.cnf

Pastikan 

[...]
#bind-address           = 127.0.0.1
[...]

Konfigurasi Database

Masuk ke MySQL 

sudo mysql -u root -p

untuk password root 123456 dapat menggunakan 

sudo mysql -u root -p123456

Buat database ‘powerdns’. Database user 'poweruser'. Atau kita dapat membuat sendiri juga 

CREATE DATABASE powerdns;
GRANT ALL ON powerdns.* TO 'poweruser'@'localhost' IDENTIFIED BY 'ubuntu';
FLUSH PRIVILEGES;
USE powerdns;

CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT DEFAULT NULL,
  account               VARCHAR(40) DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE UNIQUE INDEX name_index ON domains(name);


CREATE TABLE records (
  id                    INT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  change_date           INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id)
);

CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX recordorder ON records (domain_id, ordername); 


CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) NOT NULL,
  PRIMARY KEY (ip, nameserver)
);


CREATE TABLE comments (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  name                  VARCHAR(255) NOT NULL,
  type                  VARCHAR(10) NOT NULL,
  modified_at           INT NOT NULL,
  account               VARCHAR(40) NOT NULL,
  comment               VARCHAR(64000) NOT NULL,
  PRIMARY KEY (id)
);

CREATE INDEX comments_domain_id_idx ON comments (domain_id);
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
 

CREATE TABLE domainmetadata (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  kind                  VARCHAR(32),
  content               TEXT,
  PRIMARY KEY (id)
);

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
 

CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  content               TEXT,
  PRIMARY KEY(id)
);

CREATE INDEX domainidindex ON cryptokeys(domain_id);
 

CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
);

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

quit;

Konfigurasi powerdns

Edit /etc/powerdns/pdns.d/pdns.local.gmysql.conf 

sudo rm /etc/powerdns/pdns.d/*
sudo vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf

isi 

# MySQL Configuration
#
# Launch gmysql backend
launch=gmysql

# gmysql parameters
gmysql-host=localhost
gmysql-dbname=powerdns
gmysql-user=poweruser
gmysql-password=ubuntu

Edit /etc/powerdns/pdns.conf 

vi /etc/powerdns/pdns.conf

isi 

allow-recursion=0.0.0.0/0
config-dir=/etc/powerdns
daemon=yes
guardian=yes
include-dir=/etc/powerdns/pdns.d
launch=
setgid=pdns
setuid=pdns
version-string=powerdns
local-address=192.168.0.100
local-port=53

log-dns-details=yes
log-dns-queries=yes
logging-facility=0
loglevel=6

recursor=127.0.0.1:53


atau (original-nya) 

config-dir=/etc/powerdns
daemon=yes
disable-axfr=yes
guardian=yes
local-address=192.168.0.100
local-port=53
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
include-dir=/etc/powerdns/pdns.d
recursor=127.0.0.1

Restart

/etc/init.d/pdns restart
/etc/init.d/pdns-recursor restart


Cek

sudo netstat -tap | grep pdns

Akan keluar 

tcp        0      0 refserver:domain        *:*                     LISTEN      4851/pdns_server-in
tcp        0      0 localhost:domain        *:*                     LISTEN      4711/pdns_recursor


Cek 

dig www.detik.com @192.168.0.100

Hasilnya 

; <<>> DiG 9.9.5-3-Ubuntu <<>> www.detik.com @192.168.0.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25731
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.detik.com.			IN	A

;; ANSWER SECTION:
www.detik.com.		86400	IN	CNAME	detik.com.
detik.com.		300	IN	A	203.190.241.43
detik.com.		300	IN	A	203.190.242.69

;; Query time: 601 msec
;; SERVER: 192.168.0.100#53(192.168.0.100)
;; WHEN: Tue Jun 02 09:53:08 WIB 2015
;; MSG SIZE  rcvd: 77





Poweradmin installation

Poweradmin will be installed on powerdns master host, so we need to install necessary packages:

apt-get install apache2-mpm-prefork php5-mysql libapache2-mod-php5 php-pear php-mdb2 php-mdb2-driver-mysql

Then download, unpack and make some preparations before installation process: 

cd /var/www
wget --no-check-certificate https://www.poweradmin.org/download/poweradmin-2.1.4.tgz
tar zxvf poweradmin-2.1.4.tgz 
ln -s poweradmin-2.1.4 poweradmin
chown www-data.www-data -R poweradmin-2.1.4
cp /var/www/poweradmin/inc/config-me.inc.php /var/www/poweradmin/inc/config.inc.php

With default apache2 configuration, type in web browser address http://192.168.56.3/poweradmin/install and follow steps to finish poweradmin installation

Instead of what is shown in step 6 use below listed grant for user poweradmin:

GRANT SELECT, INSERT, UPDATE, DELETE ON powerdns.* TO 'poweradmin'@'localhost'; FLUSH PRIVILEGES;

After successful installation remove install directory. 

rm -rf /var/www/poweradmin/install

There is a small bug in latest stable release of poweradmin-2.1.4, which has been explained in ticket https://www.poweradmin.org/trac/ticket/346.To repair that replace line 196 with $retcount++; in inc/templates.inc.php file. Poweradmin usage

Type in your web browser http://192.168.56.3/poweradmin and login as admin with password you typed in installation (step 3)

Easiest way to manage domains is to create zone template or templeates. Got to List zone templates > Add zone template > fill Name('default' in that case)

Then edit 'default' zone template by adding new records: 

#examples
[ZONE] SOA ns1.example.com hostmaster.example.com [SERIAL] 10800 3600 604800 600
[ZONE] A   192.168.56.3 86400
www.[ZONE] A   192.168.56.3 86400
mail.[ZONE] A   192.168.56.3 86400
[ZONE] NS  ns1.example.com 86400
[ZONE] NS  ns2.example.com 86400
[ZONE] MX  mail.[ZONE] 10 86400

Make some tests with adding new domain using created zone template by adding master zone (choose type: master)

Don't forget to add ns1.example.com and ns2.example.com A type records.

Finally add into slave mysql server direction where master powerdns server is located by adding proper ip and master ns domain name.

use powerdns; insert into supermasters values ('192.168.56.3', 'ns1.example.com', 'admin');

Migration from bind

Use zone2sql script to migrate domains from bind to powerdns 

zone2sql  --gmysql --named-conf=/etc/bind/named.conf > bind.sql

If domain type is NATIVE, change it into MASTER using example sed command

sed 's/NATIVE/MASTER/g' bind.sql > bind.master.sql

Thats all folks. If you have any questions don't hesitate to write ;-)

Referensi

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=PowerDNS:_Instalasi_Server_%26_Recursor_di_satu_mesin&oldid=43243"