How to install dhcp, dns, pxe on debian squeeze

Introduction

This document describes how to install DHCP, DNS and PXE network services on a debian squeeze.

For this tutorial I use a machine that has two network interfaces:
eth0: 10.34.132.149/255.255.254.0 (WAN interface)
eth1: 172.20.30.1/255.255.255.0 (LAN interface)

To install a PXE server, you will need the following components:
DHCP Server
TFTP Server
NFS/FTP/HTTPD server (to store installing files)

Note: DHCP Server will listen only on eth1.
         In this tutorial I will use apache2 server.

Install required packages

apt-get install tftpd-hpa syslinux dhcp3-server bind9 dnsutils

Configure DHCP Server

vim /etc/dhcp/dhcpd.conf

ddns-update-style ad-hoc;
log-facility syslog;

option domain-name "test.org";
option domain-name-servers 172.20.30.1;
option subnet-mask 255.255.255.0;
subnet 172.20.30.0 netmask 255.255.255.0 {
    authoritative;
    range 172.20.30.10 172.20.30.90; # ip range
    option routers 172.20.30.1; # gateway for clients
    ######
    # in case want to deny clients that are not configured in dhcpd uncomment the following line
    ######
    #deny unknown-clients;
    allow booting;
    allow bootp;
    next-server 172.20.30.1; # tftpd server's IP
    filename "pxelinux.0";

    ######
    # sample of a client that has mac address reserved on dhcp
    ######
    #host guest1 {
    #    hardware ethernet 00:0C:29:14:DA:AD;
    #    fixed-address 172.20.30.15;
    #}
    ######
}

Force DHCP Server to listen only on eth1

vim /etc/default/isc-dhcp-server
:%s/INTERFACES=""/INTERFACES="eth1"/g
:wq

Configure TFTP Server. Change the root directory on startup from /srv/tftp to /tftpboot

vim /etc/default/tftpd-hpa
:%s/\/srv\/tftp/\/tftpboot/g
:wq

Setup TFTP Server network boot files

mkdir -p /tftpboot
chmod 777 /tftpboot
 
cp -v /usr/lib/syslinux/pxelinux.0 /tftpboot
cp -v /usr/lib/syslinux/menu.c32 /tftpboot
cp -v /usr/lib/syslinux/memdisk /tftpboot
cp -v /usr/lib/syslinux/mboot.c32 /tftpboot
cp -v /usr/lib/syslinux/chain.c32 /tftpboot
 
mkdir /tftpboot/pxelinux.cfg

Create PXE menu file

vim /tftpboot/pxelinux.cfg/default

default menu.c32
prompt 0
timeout 300
MENU TITLE test.org PXE Menu

LABEL centos6.3_i386
    MENU LABEL CentOS 6.3 i386
    KERNEL /netboot/centos/6.3/i386/vmlinuz
    APPEND console=tty0 console=ttyS0,9600N1 initrd=/netboot/centos/6.3/i386/initrd.img ks=http://172.20.30.1/netboot/centos/6.3/i386/centos6.3-ks.cfg  ksdevice=link

Share the internet connection with clients

vim /etc/sysctl.conf
:%s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1
:wq

Apply the settings:

sysctl -p

Share internet connection using iptables:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Configure bind9

echo "include \"/etc/bind/bind.keys\"; ">> /etc/bind/named.conf
 
vim /etc/bind/named.conf.options

options {
        directory "/var/cache/bind";
        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { none; };
        forwarders { 8.8.8.8; 8.8.4.4; };
        listen-on port 53 { any; };
        allow-query { any; };
        allow-query-cache { any; };
};

Add the following lines at the end of the named.conf.default-zones

vim /etc/bind/named.conf.default-zones

zone "test.org" {
        type master;
        file "/etc/bind/test.org";
};

zone "30.20.172.in-addr.arpa" {
        type master;
        file "/etc/bind/30.20.172.in-addr.arpa";
};

vim /etc/bind/test.org

$ORIGIN test.org.

$TTL 1H

test.org.          IN SOA ns.test.org. root.test.org. (
                                2012062600      ; serial
                                12H             ; refresh
                                2H              ; retry
                                1W              ; expiry
                                2D )            ; minimum

test.org.      IN    NS   ns.test.org.

ns.test.org.   IN    A    172.20.30.1

www10          IN    A    172.20.30.10
www11          IN    A    172.20.30.11
www12          IN    A    172.20.30.12
www13          IN    A    172.20.30.13
www14          IN    A    172.20.30.14
www15          IN    A    172.20.30.15

vim /etc/bind/30.20.172.in-addr.arpa

$ORIGIN 30.20.172.in-addr.arpa.

$TTL 2D

@          IN SOA ns.test.org. root.test.org. (
                                2012062600      ; serial
                                12H             ; refresh
                                2H              ; retry
                                1W              ; expiry
                                2D )            ; minimum

@     IN    NS     ns.test.org.

1     IN    PTR    ns.test.org.

10    IN    PTR    www10.test.org.
11    IN    PTR    www11.test.org.
12    IN    PTR    www12.test.org.
13    IN    PTR    www13.test.org.
14    IN    PTR    www14.test.org.
15    IN    PTR    www15.test.org.

Let's use our DNS server

echo "search test.org" > /etc/resolv.conf
echo "nameserver 127.0.0.1" >> /etc/resolv.conf

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.