Centos6.5-Win2012R2 – Setup Windows as your Master DNS and Bind as your Slave DNS.

This tutorial show how to setup Windows 2012-R2 as a Master DNS and how to set up Centos 6 as a slave DNS.

PRIMARY DNS NAME AND IP: AD1.SFENTONA.LOL  / 10.0.0.6
SLAVE   DNS NAME AND IP: DNS1.SFENTONA.LOL /10.0.0.10

Centos DNS CONFIG STEPS

———————————————————————————————————-
The following config files have been used in order to get DNS services up and running in Centos 6.

vi /etc/resolv.conf
nameserver 127.0.0.1
search sfentona.lol
vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=dns1.sfentona.lol
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:CA:90:ED
TYPE=Ethernet
UUID=49076518-17fb-4416-be14-de64aa36843a
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=10.0.0.10
NETMASK=255.255.255.192
GATEWAY=10.0.0.1
DNS1=127.0.0.1
DOMAIN="sfentona.lol"
vi /etc/named.conf

Under Options you will have to specify the IP address of your Centos DNS server and from which network you will accept queries.

listen-on port 53 { 127.0.0.1; 10.0.0.10; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 10.0.0.10/26; };
//allow-transfer { 10.0.0.0/26; };
recursion yes;

Under Zones you will have to create your forward lookup and reverse lookup zones. Between the sections LOGGING and ZONE include the following lines. We are essentially telling to our Centos DNS service that it is of type slave and the IP of the master DNS. We are also telling where the location of the zone files will be located

/var/named/slaves

sfentona.lol.zone

zone "sfentona.lol" IN {
type slave;
masters { 10.0.0.6; };
allow-query { any; };
file "slaves/sfentona.lol.zone";
};

sfentona.lol.rr.zone

zone "0.0.10.in-addr.arpa" IN {
type slave;
masters { 10.0.0.6; };
allow-query { any; };
file "slaves/sfentona.lol.rr.zone";
};

 

 

Windows DNS CONFIG STEPS

———————————————————————————————————-

  • On your maind DNS properties settings tree check “Enable Bind Secondaries”
  • You will have enter as Name Server your Linux Server for both your Forward and Reverse Lookup zones.
  • On your DNS Zone (in this case sfentona.lol) under properties settings enable “Zone Transfer”. Specify your slave DNS or you can opt to update all available DNS servers. Make to do this for both your Forward and Reverse lookup zones for your Domain.
Share Button

DNS – An example of a query by examining wireshark.

The following is an example of a DNS query done by a workstation in a LAN. The query is directed to the DNS of that LAN and the DNS if it cannot find a record for a specific query will go and reach DNS on the Internet in order to fetch this information. In this example the setup is as follows:

– Workstation with IP 10.0.0.2

– DNS with IP 10.0.0.6

 

A DNS query from the Desktop is made.
The workstation is using as a DNS server the local DNS with IP 10.0.0.6

Capture

 

Capture

 

 

 

 

Continue reading

Share Button

Create a Windows 2012 Cluster.

Assumptions:

A) You already have a SAN or iSCSI. Please note that my hardware is not supported and such this particular Cluster could not find a storage device that meets the requirements for a cluster. However I was able to create a Windows Cluster made out of two virtual nodes. The only issue is that there is no storage device available in my environment  that my Windows servers will accept 🙁

B) The servers that will be used as a cluster are part of a Windows Domain. See here  how to create  an Active Directory and how to join a machine to a Windows Domain 

Continue reading

Share Button

Part 8 – Join the ESXi server to your Domain.

In this step we will add our ESXi server to our Windows Domain. Reason being is because this will create a distributed account environment where all the accounts are handled at the Domain Controller level. This allow for an easier administration of the ESXi server it self.

Continue reading

Share Button

Part 7 – Enter DNS entries for all servers and setup replication of DNS entries to secondary Domain Controller

In this step we will add DNS records to the Primary Domain Controller and also setup replication of those entries to the secondary Domain Controller. Propagation of that data will be done automatically and only the Primary Server will be allowed to update records. The secondary Domain Controller will not have the ability to update DNS records on the Primary Domain Controller.  We will also add aliases for our servers.

Continue reading

Share Button

Part 6 – Add another Domain Controller to your existing Domain for redundancy

In this step for reasons of redundancy we will add another Domain Controller to the ActDir.lol domain.  Essentially this is done in case the primary Domain Controller goes down, the next available Domain Controller will take over. The standby Domain Controller mirrors the data in the primary Domain Controller.

Continue reading

Share Button

Part 5 – Windows2012 – Install Active Directory and DNS server – Poweshell Option Install of ActiveDirectory

In this part we will set up Active Directory Services and DNS servers. Reasons as to why Active Directory will be installed:

1) Integrate the ESXi Server accounts with Active Directory for easier management of the ESXi environment.

2) DNS will be installed with Active Directory and for now it will handle all DNS requests from both Windows and Linux servers. Later on a Linux based DNS server will be deployed.

3) Active Directory will be needed for our Windows SQL failover cluster fail over.

Continue reading

Share Button

Objective – Create a multi platform environment utilizating physical and virtual servers.

Objective:
Create a multi platform environment (Linux – BSD – VMwareESXi – Windows) utilizating physical and virtual servers. The environment will use a broad spectrum of technologies  such as NAS,  DNS, NFS, FailOver Clustering, Active Directory, VLANs, iptables, rSync,  Samba,Puppuet,  Oracle, SQL, SSH. This online document will show from start all the steps needed to setup this environment, from installing the Operating Systems to configuration that is needed to setup all these technologies.

Summare of Tasks: The tasks below follow a logical progression. There is a purpose to the order they are executed which aims to provide a transparent use of different technologies.

  • Install Fedora17 (will be referring to as Host) to host VMware Workstation 9 and within Workstation 9 to host the ESXi server. Reason for this setup is because there was a need for this machine (imposed by technical and budget reasons) to serve dual roles versus only being a VMware ESXi server exclusively.
  • Install two virtual Domain Controllers and integrate the VMware ESXi servers to the Active Directory. Enter DNS records as needed.
  • Install a virtual BSD FreeNAS and create iSCSI storage volumes.
  • Create a virtual Failover Cluster for SQL 2012 by using the iSCSI storage volume created with FreeNAS.
  •  Use the Host Fedora17 to create a NFS drive that will be used by all virtual Linux CentOS .
  • Use a second physical server to install DNS running on CentosOS.
  • The same second physical server will be also used as an rSync server for incremental net-backups of the Host Fedora17 server purposes.
  • The same second physical server will also be used a script server, as a Puppet server and as a SAMBA server.
  • Create a Linux FailOver Cluster for two Oracle database nodes.
  • Create a Linux FailOver Cluster for two  Apache nodes.
  • Create scripts that will maintain the environment.
  • Use a third physical server to run ClearOS which will be used as a router for our LAN for all physical and virtual servers.
  • ……….whatever else comes to mind 🙂

Why use Linux and Windows?

In almost all organizations both co-exist to fill in different needs created by business demands. What differs is the degree to which are used. This project tries to emulate a mixed environment; and even though this specific setup is anything but optimal in a production environment, it servers as a very good learning ground in a plethora of technologies. In addition, the concepts of Fail Over Clustering, SQL, Networking, DNS and so on are similar regardless the platform. What changes is the execution. Most importantly is….why not ? 🙂

Operating Systems used:

  • Physical Servers: Linux Fedora17, Linux CentOS 6.3, Linux ClearOS.
  • On Virtual Servers: VMwareESXi, BSD-FreeNAS, Linux CentosOS 6.3, Windows2012.

Technologies used:

  • NAS – iSCSI, FailOver Clustering, NFS, Active Directory, VMwareESXi, VLANs, iptables, rSync,  Samba,Puppuet,  Oracle, SQL, SSH, packet sniffing.

Layout of Servers:

  • BSD FreeNAS (Network Attached Storage) – This is a virtual server that is used to to create Network storage volumes such iSCSI and NFS to support FailOver Clustering.
  • VMware ESXi, is a virtual server that will host all of the servers covered.
  • Linux CentOS, will be all virtual servers. Each will be built accordingly to serve as NFS server, or Puppet server, or Oracle Failover Clusters and so on.
  • Windows 2012 will be used to in order to deploy Active directory in order to integrate the ESXi server to it and to also create a SQL fail over cluster.

Technologies used to support the environment as a whole and in a transperant way.
LVM – NFS – DNS – SSH – Samba – Windows Failover Clustering forSQL – Active Directory – FTP – Puppet – SMTP, Oracle, MS-SQL, VCenter, VMware Converter, Custom made Bash scripts to monitor all servers (Linux – VMware – Windows).

Part 1: Setup Fedora17 in order to install VMware Workstation 9.

Part 2 – VMware Workstation 9 – Setup VMware Workstation 9 for the ESXi5 install

Part 3 – Install VMware ESXi 5 within VMware Workstation 9

Part 4 – Install Linux and Windows Virtual guests within ESXi and create OVF templates to reduce deployment time

Part 5 – Windows2012 – Install Active Directory and DNS server – Poweshell Option Install of ActiveDirectory

Part 6 – Add another Domain Controller to your existing Domain for redundancy

Part 7 – Enter DNS entries for all servers and setup replication of DNS entries to secondary Domain Controller

Part 8 – Join the ESXi server to your Domain.

Part 9 – BSD FreeNAS: Create a Shared Storage Device for your fail over cluster SQL Nodes.

Part 10 – Create a Windows 2012 Fail Over Cluster

Continue reading

Share Button

Windows 2008-R2: “This rule has been applied by the system administrator and cannot be modified”

Issue: Cannot delete a Domain firewall rule.

Setup: One Domain Controller to which a Firewall Rule has been put in place. However when going to Firewall Advanced settings you do not have permissions to delete the rule even though you have full rights.

Continue reading

Share Button

VMware ESXi: Select Authentication Services type.

You can enable Active Directory Authentication Services in VShphere by following the instructions below.  This will allow you to setup VShphere to use Active Directory accounts. Note however that in order to actually use your Active Directory account you will have to specify it in the in the “Permissions” tab.  Instructions to do so are located http://www.sfentona.net/?p=811.

Continue reading

Share Button