Results 1 to 3 of 3

Thread: Configuring DNS in an openVPN based routing VPN setup

  1. #1
    Join Date
    Aug 2009
    Location
    Mountain View, CA
    Posts
    204

    Default Configuring DNS in an openVPN based routing VPN setup

    Hi all

    I have an openVPN server which is configured for routing based VPN. Multiple clients connect to this VPN server.

    The network address range for the VPN is 10.111.10.0/24
    The server's VPN IP address is 10.111.10.1
    The server is also connected directly on the internet with a static IP address on eth0 - some p.q.r.s

    Right now I end up addressing all the clients and the server using IP addresses. But I intend to set up different services on the server like a mailhost, git, apache, etc. and I plan to use different hostnames for all of these services but all running on the same server. I'm planning to use a private domain example.site for all the hosts in the VPN.

    Could someone guide me through the setup for this ?

    I've already installed the bind package and went through pages about BIND and named.conf, the zones and such. But it is still kind of confusing how do I put all these together.
    Also, what DNS options should I be pushing to the openVPN clients so that their resolv.conf can use the DNS server on the VPN for querying only the hostnames for the example.site domain. All other queries should go through the client's default nameserver already in the resolv.conf.

    Thanks.
    Haswell i7 4700 | 16GB DDR2400 | ASUS Z87-Pro | 3TB + 3x4TB mdadm5 + 3x1.5TB mdadm5
    Tumbleweed x86_64
    13.1 x86_64

  2. #2
    Join Date
    Aug 2009
    Location
    Mountain View, CA
    Posts
    204

    Default Re: Configuring DNS in an openVPN based routing VPN setup

    UPDATE:

    I was able to set up the name server for my VPN and it seems to be working. I'm also able to push the DOMAIN and DNS server options from my openvpn server.conf. And all the clients are able to resolve the hostname using either just hostnames or hostname.example.site. Now I'd like to enable dynamic DNS updates for enabling the clients to register themselves with the name server server on the VPN so that multiple clients can also address each other using hostnames. Could some one help me with that ?

    These are my config files.

    /etc/named.conf
    Code:
    options {
        directory "/var/lib/named";
        managed-keys-directory "/var/lib/named/dyn/";
        dump-file "/var/log/named_dump.db";
        statistics-file "/var/log/named.stats";
        listen-on-v6 { none; };
        notify no;
        disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
        include "/etc/named.d/forwarders.conf";
         allow-query { 127.0.0.1; 10.111.10/24; };
         listen-on port 53 { 127.0.0.1; 10.111.10.1; };
    };
    
    zone "." in {
        type hint;
        file "root.hint";
    };
    
    zone "localhost" in {
        type master;
        file "localhost.zone";
    };
    
    zone "0.0.127.in-addr.arpa" in {
        type master;
        file "127.0.0.zone";
    };
    
    zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" in {
        type master;
        file "127.0.0.zone";
    };
    
    include "/etc/named.conf.include";
    logging {
        category default { log_syslog; };
        channel log_syslog { syslog; };
    };
     zone "example.site" in {
         file "master/example.site";
        type master;
        allow-transfer { any; };
    };
     zone "10.111.10.in-addr.arpa" in {
         file "master/10.111.10.in-addr.arpa";
        type master;
         allow-transfer { any; };
      };
    /var/lib/named/master/example.site
    Code:
    $TTL 2d
     @        IN SOA        ns1.example.site.    root.example.site. (
                    2012052901    ; serial
                    3h        ; refresh
                    1h        ; retry
                    1w        ; expiry
                    1d )        ; minimum
    
     example.site.    IN MX        0 mothership.example.site.
     example.site.    IN NS        mothership.example.site.
     mothership    IN A        10.111.10.1
    ns1        IN CNAME    mothership
    mail        IN CNAME    mothership
    /var/lib/named/master/10.111.10.in-addr.arpa
    Code:
    $TTL 2d
     @        IN SOA        ns1.example.site.    root.example.site. (
                    2012053000    ; serial
                    3h        ; refresh
                    1h        ; retry
                    1w        ; expiry
                    1d )        ; minimum
    
     10.111.10.in-addr.arpa.    IN NS        ns1.example.site.
     1.10.111.10.in-addr.arpa.    IN PTR        mothership.example.site.
    Haswell i7 4700 | 16GB DDR2400 | ASUS Z87-Pro | 3TB + 3x4TB mdadm5 + 3x1.5TB mdadm5
    Tumbleweed x86_64
    13.1 x86_64

  3. #3

    Default Re: Configuring DNS in an openVPN based routing VPN setup

    Hi Ash,
    Did you get anywhere with your setup? I am attempting the same thing.

    Thanks
    Brad

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •