Multi-homed firewall/router with DHCP, DDNS, YAST

70tas · May 18, 2015, 6:08pm

Hello!

I am trying to setup the following scenario on my network:

OSS 13.2
Firewall2/Router/DHCP on two subnets/DNS with Dynamic Updates

The system is running under VMware Workstation with three NICs:

Bridged to a host USB NIC connected to Comcast bridge/DHCP
Bridged NIC to my standard subnet 192.168.2.0
Bridged NIC to a VMonly subnet, 192.168.9.0

I have been successful in getting DHCP to supply addresses on each of the subnets by configuring via YAST-DHCP module.
I am having a problem with dynamic DNS updates to BIND; forwarding works okay, but new DHCP leases are not registered in DNS.

Is there a guide somewhere I am missing?
What would be the best resource to check?

Thanks
Tas

tsu2 · May 18, 2015, 6:22pm

So, what kind of “dynamic DNS updates to BIND” issues are you having? Unfortunately DDNS today is a term used by different technologies… eg updating a public DNS pointer using a service like no-ip, and DDNS also the name of DNS integrated into LDAP/AD.

At least for the above definitions, there is usually a setup guide for the former and various guides for the latter (and IIRC the YAST DNS applet also sets up Domain integration).

TSU

70tas · May 18, 2015, 6:23pm

Sorry, got a call and had to cut it short. So here is the rest of it:

Nic on 192.168.2.0 is mydomain.com
Nic on 192.168.9.0 is vhi.mydomain.com

VMs will use vhi.mydomain.com for IP and DNS assignment, while the non-VMs will use the mydomain.com.

I noticed the keys, and created a couple of keys with files, but I wasn’t following a guide, so I’m not sure if that was correct. (BTW, the box is only running text mode, so there is no YAST module help)

I think that is it.

70tas · May 18, 2015, 6:25pm

Yes I know. I haven’t tackled DynDNS.org updates yet.

I just want the DHCP assignment to be put in the proper DNS zone, so when I try to access a particular box, DNS resolves it.

glistwan · May 19, 2015, 1:47pm

If that helps YAST is also available with ncurses interface that runs completely in text mode.
https://doc.opensuse.org/documentation/html/openSUSE_114/opensuse-reference/cha.yast.text.html

tsu2 · May 19, 2015, 8:27pm

I haven’t done this for quite awhile, but based on a simple Google search…

You need to configure a DnyDNS client to set/update based on your current address. Of course, the public facing interface on your openSUSE has to be as a DHCP client (this is the whole reason why DynDNS is desirable).
There seems to be at least 2 official DynDNS clients, install one. If it doesn’t run automatically without problems, post either here or to the Networking forum for assistance (and post exactly what you did, what you’re seeing and what you expected).
https://help.dyn.com/ddclient/
https://help.dyn.com/inadyn/
You’ll need to configure an exception in susefirewall for the DynDNS protocol, use the YAST FW applet.

If you’re asking about connecting to a remote address on the Internet, there is nothing unusual in the setup.

In YAST > Network Devices > Network Settings
You can then configure DNS servers in the “Hostname/DNS” tab if not provided by or you want to over-ride what DHCP may offer.

HTH,
TSU