Archive for November, 2009

BIND — Gentoo Install and Configure

Posted in HowTo on 09/11/2009 by Undersys

I’ve got a lot of hosts on my network, and sometimes I get the IP address wrong.
So I want to set up BIND to manage my DNS queries.
There a lot of DNS servers you can use under Linux but I want to use bind for two main reasons:-
* its  pretty much industry standard
* it supports a lot of extra features and record types that some of the others do not.

Commands to be typed on console are in Italics.

Installing bind under Gentoo is  very simple. Consists of two steps :-
1) Set up your use flags.  ( I don’t need to set any additional USE flags for my needs)
2) type:-
# emerge bind
3) emerge in the tools for later on testing
# emerge  bind-tools

After the install we need to configure bind. First thing I like to do is set up logging so its easier to find out when when things break.

Create a new file under /etc/bind , called log.conf

  1. # nano /etc/bind/log.conf
    The following lines set up logging for each part of bind and sets up log file size.
    add the following to the file :-

    logging {

    channel default_file { file “/var/log/bind/default.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel general_file { file “/var/log/bind/general.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel database_file { file “/var/log/bind/database.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel security_file { file “/var/log/bind/security.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel config_file { file “/var/log/bind/config.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel resolver_file { file “/var/log/bind/resolver.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel xfer-in_file { file “/var/log/bind/xfer-in.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel xfer-out_file { file “/var/log/bind/xfer-out.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel notify_file { file “/var/log/bind/notify.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel client_file { file “/var/log/bind/client.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel unmatched_file { file “/var/log/bind/unmatched.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel queries_file { file “/var/log/bind/queries.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel network_file { file “/var/log/bind/network.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel update_file { file “/var/log/bind/update.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel dispatch_file { file “/var/log/bind/dispatch.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel dnssec_file { file “/var/log/bind/dnssec.log” versions 3 size 2m; severity dynamic; print-time yes; };
    channel lame-servers_file { file “/var/log/bind/lame-servers.log” versions 3 size 2m; severity dynamic; print-time yes; };category default { default_file; };
    category general { general_file; };
    category database { database_file; };
    category security { security_file; };
    category config { config_file; };
    category resolver { resolver_file; };
    category xfer-in { xfer-in_file; };
    category xfer-out { xfer-out_file; };
    category notify { notify_file; };
    category client { client_file; };
    category unmatched { unmatched_file; };
    category queries { queries_file; };
    category network { network_file; };
    category update { update_file; };
    category dispatch { dispatch_file; };
    category dnssec { dnssec_file; };
    category lame-servers { lame-servers_file; };};
  2. Create the following directory :-
    # mkdir /var/log/bind
    Set premissions/owner:-
    # chmod g+w /var/log/bind; chgrp named /var/log/bind
  3. edit /etc/bind/named.conf
    I want this DNS server forward first, then ask local so un-comment the following:-
    forward first;
    forwarders {
    192.168.x.x; # Change to your upstream DNS resolver
    };

    Update the “listen-on” section to listen on local and internal network:-
    listen-on { 127.0.0.1; 192.168.x.x; }
    I want anyone of my local client to allow query’s
    allow-query { any; }
    I also want to collect stats:-
    zone-statistics yes;
    statistics-file “var/log/named.stats”;
    Set up the internal zone:-
    zone “undersys.net” {
    type master;
    allow-update { any; };
    file “internal/undersys.net.fw”;
    };
    zone “0.168.192.in-addr.arpa” {
    type master;
    allow-update { any; };
    file “internal/undersys.net.rev”;
    };
    
    I know its not the most secure setup, but I am not after that I want something that will bend and flex to my odd requirements when needed.
  4. Now we need to create the zone directory and files.
    Create the zone directly and symlink
    # mkdir /var/bind/internal
    # ln -s /var/bind/internal /etc/bind/internal
    # touch /var/bind/internal/undersys.net.fw
    # touch /var/bind/internal/undersys.net.rev
  5. Create the forward lookup file entry’s
    # nano /var/bind/internal/undersys.net.fw
    Mine has the following:-
    $ORIGIN undersys.net.
    $TTL 1200

    @    IN    SOA    ns1.undersys.net.  undersys.undersys.net. (
    20091109    ; serial (YYYYMMDDrr)
    1800        ; refresh (30 minutes)
    900        ; retry (15 minutes)
    1209600        ; expire (2 weeks)
    1200        ; minimum TTL (20 minutes)
    )

    NS    ns1.undersys.net.
    NS    ns2.undersys.net.
    A    192.168.0.117
    MX    10  mail.undersys.net.
    mail    A    192.168.x.xxx
    ns1    A    192.168.0.xxx
    ns2    A    192.168.0.xxx

    deploy    A    192.168.0.xxx
  6. Create the reverse lookup file entry’s
    # nano /var/bind/internal/undersys.net.rev
    Mine has the following:-
    $TTL 7200
    0.168.192.in-addr.arpa.    IN SOA 0.168.192.in-addr.arpa. root.undersys.net. (
    20091109    ; serial
    7200        ; refresh (2 hours)
    1800        ; retry (30 minutes)
    604800        ; expire (1 week)
    7200        ; minimum (2 hours)
    )

    NS ns1.undersys.net.
    NS ns2.undersys.net.
    xxx    PTR    ns1.
    xxx    PTR    ns2.
    xxx    PTR    deploy.
  7. Start the named service
    # /etc/init.d/named start

    Check the following log file for errors:-
    /var/log/bind/general.log
  8. Check to ensure its working
    # dig @ns1.undersys.net undersys.net
    # dig http://www.google.com undersys.net
    # dig localmachine undersys.net
    This should return results for each host.
  9. If that’s all good add it to start on boot :-
    # rc-update add named default

Sun Netra X1 5v Fan Mod

Posted in HowTo, Projects on 05/11/2009 by Undersys

I will soon be replacing my aging ssh gateway, while the age is not an issue, the noise level is. Its also 2RU. I can achieve all the functions in a much smaller 1RU system this will also save me power and generate less heat.. In this case I will be using my Sun Netra X1, its quite small and I can make it silent.

My Netra is  the 400mhz version, I am sure this would also be fine with the 500mhz version.
The CPU fan on the Netra is extremely noisy.  Do remember this is “telco grade” stuff so its made not to fail. The fan will start and run and cool the CPU quite fine at 5v with an ambient room temp of 28 to 32 digressed celsius.

The one or two case fans (depending on model) are just normal 40mm fans. Delta.. so there ridiculously noisy.
I will replace them withe two Scythe Mini Kaze Ultra 40mm fans, they can run at the full 12v and still are very very quiet no need for 5v on them.

The Netra’s LOM will halt boot if it can not find working fans or fans with there RPM to slow.
So we need to achieve two things for this mod.
1) We need a 5v source for the CPU fan
2) we need RPM feedback to the two monitored fan headers (CPU and Chassis) note there are two chassis fan headers but only one is monitored.

So what we need to find is a 5v source and a ground source. Pretty easy given the motherboard has a standard 4 pin hdd molex plug on it.

All I did was solder 5v and ground from the back of the board. 1x 5v goes to the CPU fan, 3x ground go to the following:- cpu fan and the two ground feedback for the 2 monitored rpm headers on the motherboard.

I then just split the RPM feedback wire into two parts so that each header has a RPM feed going back to it.

You can see from the following images :-
RED = 5v
BLACK = ground
BLUE = RPM sensor

cpu-fan-cable
I have the full set of images on this mod. You can find them on my flicker