We collect and configure the BUNDY DNS server (BIND10). Part 1

As it went unnoticed hands all the same touch BIND10. First, a little story about this product. The first release of BIND10 was presented by the ISC consortium in February 2013. On April 17, 2014, the ISC consortium released the latest release of BIND10 1.2.0, after which it transferred all the achievements to the independent developers community. This decision was made due to the fact that the consortium does not have the resources to develop two alternative projects. Therefore, they will develop only BIND9, and BIND10 completely goes into the hands of the community. To reduce confusion with BIND9, a new project was created on GitHub in which all the developments of the BIND10 consortium were transferred and this project was named Bundy.

Well, I think you can start the experiment.

Create a new container and connect to it:

$ docker run --name bundy --hostname=bundy -d -i -t sovicua:jessie $ docker attach bundy 

As usual, we update and install the necessary packages for the assembly.

 # apt-get update # apt-get upgrade # apt-get install git-core g++ make pkg-config python3-dev sqlite3 libsqlite3-dev libbotan1.10-dev liblog4cplus-dev libboost-dev python3-setproctitle dnsutils net-tools autoconf autoconf-archive automake libtool 

')
We get the source code of the project and perform the assembly:

 # git clone https://github.com/bundy-dns/bundy.git # cd bundy # autoreconf --install --warnings=none # ./configure --prefix=/usr --sysconfdir=/etc --without-werror --enable-experimental-resolver # make 

And we get an error when building a resolver ...
The error is due to the fact that the master branch is missing some files, in particular, in the src / lib / xfr folder that is needed to build the resolver. If you collect without this option, then everything is going and working. But since I wanted to try everything, I had to download the source codes from another branch and collect everything again.
Additionally, we enable storage of the database in MySQL for the DHCP server. During the installation we will be asked a few questions that I think will not be difficult to answer.

 # wget http://dev.mysql.com/get/mysql-apt-config_0.3.6-1debian8_all.deb # dpkg -i mysql-apt-config_0.3.6-1debian8_all.deb 

Select the latest version (DRM - Developer milestone releases)

 Configuring mysql-apt-config ---------------------------- MySQL APT Repo features MySQL Server along with a variety of MySQL components. You may select the appropriate product to choose the version that you wish to receive. Once you are satisfied with the configuration then select last option 'Apply' to save the configuration. Advanced users can always change the configurations later, depending on their own needs. 1. Server 2. Connector-Python 3. Utilities 4. Apply Which MySQL product do you wish to configure? 1 This configuration program will detect the current state of your system, check for any installed MySQL Server packages, and try to select the most appropriate version of MySQL Server to be installed. If you are not sure which version to choose for yourself, do not change the auto-selected version. Advanced users can always change the version later, depending on their own needs. 1. mysql-5.6 2. mysql-5.7-dmr 3. none Which server version do you wish to receive? 2 MySQL APT Repo features MySQL Server along with a variety of MySQL components. You may select the appropriate product to choose the version that you wish to receive. Once you are satisfied with the configuration then select last option 'Apply' to save the configuration. Advanced users can always change the configurations later, depending on their own needs. 1. Server 2. Connector-Python 3. Utilities 4. Apply Which MySQL product do you wish to configure? 4 

If you decide to use the stable version, then you need to run the command:

 # dpkg-reconfigure mysql-apt-config 

... and choose the version of software you want to use.
After that, we update the repository data and install the MySQL server.

 # apt-get update # apt-get install mysql-server libmysqlclient-dev libz-dev 

We start the MySQL server

 # service mysql start .. [info] MySQL Community Server 5.7.7-rc is started. # service mysql status [info] MySQL Community Server 5.7.7-rc is running. 

Now we are ready to re-build, before that we delete the directory with the old sources.

 # git clone --branch bundyfork --single-branch https://github.com/bundy-dns/bundy.git # cd bundy # autoreconf --install --warnings=none # ./configure --prefix=/usr --sysconfdir=/etc --without-werror --with-dhcp-mysql --enable-experimental-resolver # make 

So, we continue our experiments.
After the build is completed, we perform the installation:

 # make install 

Preparing for the first launch.
By default, DNS and DHCP services do not start, they need to be separately activated using the bundyctl utility. Before this, we need to add a user from whom we will manage the service.

 # bundy-cmdctl-usermgr add root 

It is also worth preparing a database for a DHCP server.

 # mysql -u root -p mysql> CREATE DATABASE bundy; mysql> CONNECT bundy; mysql> SOURCE /usr/share/bundy/dhcpdb_create.mysql mysql> CREATE USER 'bundy'@'localhost' IDENTIFIED BY 'bundy'; mysql> GRANT ALL ON bundy.* TO 'bundy'@'localhost'; mysql> quit 

Well, that’s all we’re ready to launch and see what kind of a beast this is this BUNDY

Go...
From the parent system, execute the start command, for the first run you can even add the key --verbose

 $ docker exec -i -t bundy /usr/sbin/bundy --verbose 

In the container, we connect to the service using the bundyctl utility which allows us to manage and configure all bundy services.

 # bundyctl Username: root Password: ["login success"] > help usage: <module name> <command name> [param1 = value1 [, param2 = value2]] Type Tab character to get the hint of module/command/parameters. Type "help(? h)" for help on bundyctl. Type "<module_name> help" for help on the specific module. Type "<module_name> <command_name> help" for help on the specific command. Available module names: help Get help for bundyctl. config Configuration commands. execute Execute a given set of commands Stats Stats daemon tsig_keys The TSIG keyring is stored here Init Init process Logging Logging options data_sources The sources of authoritative DNS data Cmdctl Interface for command and control Msgq The message queue > 

As I said above, by default the DNS and DHCP services (and others) are not running, for their initialization there is a ready-made script that initializes the authorized DNS server. So, for a start, let's see what processes we are running before initialization starts.

 > Init show_processes [ [ 18493, "Socket creator", null ], [ 18494, "msgq", null ], [ 18496, "cfgmgr", "ConfigManager" ], [ 18498, "bundy-stats", "Stats" ], [ 18499, "bundy-cmdctl", "Cmdctl" ] ] 

We execute the initialization script and again we see what we have now with the processes:

 > execute init_authoritative_server adding Authoritative server component adding Xfrin component adding Xfrout component adding Zone Manager component Components added. Please enter "config commit" to finalize initial setup and run the components. > config commit 

 > Init show_processes [ [ 18493, "Socket creator", null ], [ 18494, "msgq", null ], [ 18496, "cfgmgr", "ConfigManager" ], [ 18498, "bundy-stats", "Stats" ], [ 18499, "bundy-cmdctl", "Cmdctl" ], [ 18559, "bundy-xfrout", "Xfrout" ], [ 18560, "bundy-xfrin", "Xfrin" ], [ 18561, "bundy-zonemgr", "Zonemgr" ], [ 18562, "bundy-auth", "Auth" ] ] 

I think that the difference is noticeable :) We have 4 new processes:
- bundy-xfrout
- bundy-xfrin
- bundy-zonemgr
- bundy-auth

Check the operation of the DNS server by requesting its version.

 # dig @127.0.0.1 -c CH -t TXT version.bind ; <<>> DiG 9.9.5-9-Debian <<>> @127.0.0.1 -c CH -t TXT version.bind ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27337 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;version.bind. CH TXT ;; ANSWER SECTION: version.bind. 0 CH TXT "bundy 1.2.0" ;; AUTHORITY SECTION: bind. 0 CH NS bind. ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jul 03 07:39:41 UTC 2015 ;; MSG SIZE rcvd: 79 

Well, we can be congratulated - in spite of any obstacles in the compilation, we were able to start and initialize the authorized DNS server BUNDY | BIND10. I think that today is enough little letters.

In the next part we will deal a little with the modules that are included in the bundy and who is responsible for what, as well as continue the configuration of DHCP and other modules.