The Great Homelab Migration – Part 4 – letitroll

Time to get a new DNS server up and running. I didn’t have as much luck with finding a really good name for the primary DNS servers I’ll be adding to the network, but I do have two really similar names that should work well for the eventually dual-DNS setup I plan to have. The first DNS server I have to add in will be called letitroll, named after the beer from Indeed.

Installation

The proxmox install for the letitroll VM was perfectly smooth, and after installing CentOS 7.3 and getting it up to date on patches, it’s time to get bind set up and running. It’s been a very long time since I touched bind, so I’ll be using a guide from Linux Pit Stop to keep me on track.

Packages

I’ll need three packages to get things up and running.

Config Files

/etc/named.conf

First up, I always like to keep the default config as a reference, and it’s always a good idea to backup a config before making changes.

Now let’s dive in and take a look at the default config, and start making changes.

From the file we can see by default bind will only be listening on localhost, and allow queries from localhost. This should be changed to allow the service to listen on any interface, and allow queries from my local network.

Next up, time to add our forward and reverse zones.

/var/named/fwd.home.derekwinters.com.db

/var/named/0.16.172.db

Firewall

Service

Notes

Make sure there is a . at the end of all the domain names in the config files. I also found that the Serial for the config files can’t be as long as I originally wanted. I was hoping to have the full year, month, day, as well as the hour, minute, and an additional integer because I tend to make a lot of typos, so minute wasn’t enough for me. For now, I’m going to use two-digit year, month, day, and hour, minute, although I might change the minute to a increasing integer instead. However you decide to make your serial number doesn’t matter as long as it continues to increase. I just like date (and from what I remember from years ago it’s a common method for obvious reasons) so that is what I use.

Testing

Now that the service is up and running, it’s time to make sure it’s working. On my desktop I changed my DNS (currently from DHCP) to the new server, and ran a lookup on a system I know is in the new server.

Looks good! Since I have a few systems still joined to my existing domain, I’m not going to change DNS everywhere so they don’t drop off the domain and lose authentication. I also tested to make sure the recursion setting was working properly. Right now my DNS server is actually using titan for DNS still, so my last step will be removing the dependency on titan for my DNS.

Conclusion

I’m one step closer to retiring the old domain controller and moving over to a full Linux homelab. Next up I think I’ll get DHCP up and running on another Linux VM, and hopefully get secure DNS updates working so I can keep from needing to update DHCP and DNS config files any time I make a new server. Hopefully once I get Foreman running, I can also avoid having to edit DHCP as well, and have Foreman managing everything.