Tag Archives: dns

Configure the DHCP server dynamically update the DNS records on Ubuntu 12.04LTS

 This tutorial is based on Ubuntu 12.04 LTS, in which I will try to show you that how to configure the DHCP server automatically update the DNS records, when it assigns a new lease to a client on local network. We will use the below network diagram as a base for this tutorial:

Before Starting this tutorial:

Before starting this tutorial, you can check my other tutorials to learn that, how i configure DHCP server and Gateway:

Ubuntu as a firewall/gateway router

How to Install the DHCP Server on Ubuntu 12.04LTS

Network Configuration for the Ubuntu Gateway:

Configure the DNS:

Install the DNS (bind9) using this command:

sudo apt-get install bind9 dnsutils

Also edit the hosts settings so that the server will be able to accepts the DNS requests. Here is an example of my server’s host file:

cat /etc/hosts

Move to the bind directory:

cd /etc/bind/

Next, we need to configure the forwards for bind, I am using Google’s DNS servers as an example:

sudo nano named.conf.options

forwarders {;;

Now we create a secret key that will be shared between the DHCP server and the DNS:

sudo dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER

Show the generated key:

sudo cat Kdhcp_updater.*.private|grep Key

Edit the named.conf.local file in /etc/bind/ directory:

sudo nano named.conf.local

Define the locations of the forward and reverse zone files as well as the secret shared key here:

Move to the /var/lib/bind/ directory:

cd /var/lib/bind/

Create the forward zone file for your doamin:

sudo nano tendo.local.db

Replace the tendo.local with your domain name. Here’s an example of my forward zone file:

$TTL 907200 ; 1 week 3 days 12 hours
tendo.local IN SOA dnssrv.tendo.local. arbab.tendo.local. (
                   2012071707 ; serial
                   10800 ; refresh (3 hours)
                   3600 ; retry (1 hour)
                   604800 ; expire (1 week)
                   38400 ; minimum (10 hours 40 minutes)
                   NS dnssrv.tendo.local.
$ORIGIN tendo.local.
dhcpsrv            A
dnssrv             A
gateway            A

Every time you make the changes to the zone file, you need to change the serial before reloading the bind.

Next, create the reverse zone file for your doamin:

sudo nano 10.16.172.rev

Here is my reverse zone file, replace the hosts and domain name with your own that match with the forward zone file just created above:

$TTL 907200 ; 1 week 3 days 12 hours
10.16.172.in-addr.arpa IN SOA dnssrv.tendo.local. arbab.tendo.local. (
                       2012071706 ; serial
                       10800 ; refresh (3 hours)
                       3600 ; retry (1 hour)
                       604800 ; expire (1 week)
                       38400 ; minimum (10 hours 40 minutes)
                       NS dnssrv.tendo.local.
$ORIGIN 10.16.172.in-addr.arpa.
1                      PTR dnssrv.tendo.local.
2                      PTR dhcpsrv.tendo.local.
254                    PTR gateway.tendo.local.

Restart the bind service:

sudo /etc/init.d/bind9 restart

Configure the DHCP server to send updates to the DNS:
sudo nano /etc/dhcp/dhcpd.conf

Add the secret key that we created on our dns server in the dhcpd.conf file and other option, some of the main configurations are mentioned below:

For given subnet, we need to define the zones and within the zones, we need to tell the DHCP server which key to use to update the DNS server:

Here is a DHCP scope that will be used to assign the IP configuration to the clients:

Restart the dhcp service:

sudo /etc/init.d/isc-dhcp-server restart

Once again, restart the bind service on DNS server:

sudo /etc/init.d/bind9 restart

Check the log messages on both dns and dhcp servers:
sudo tail -f /var/log/syslog

DHCP server successfully add the client to the forward and reverse zone.

DNS server accept the secret key and update it’s forward and reverse zone.

Verification on dhcp client:

Enjoy 🙂


I found some really nice troubleshooting steps regarding dhcp and dns server here (Thanks to original author):

  • error: zone [zone-name]/IN: NS ‘[dns-server-hostname]‘ has no address records (A or AAAA)
    You’ll probably encounter this if you forget to provide records for your DNS server in your zone files; e.g. [dns-server-name] IN A [dns-server-ip-address]
  • error: [some-zone-file]: create: permission denied
    Check to make sure that permissions on the given file are correct. Configuration files must be readable by the bind user, and zone/journal files must be writable by the bind user.
  • updating zone ‘[zone-name]/IN’: error: journal open failed: unexpected error
    It is possible that Ubuntu’s AppArmor is getting in the way of the zone updates. Make sure you check /var/log/syslog for related messages. Also check the AppArmor configuration at /etc/apparmor.d/usr.sbin.named.
  • error: zone [zone-name]/IN: [some-hostname]/A: bad owner name (check-names)
    The hostname that a client is requesting is invalid for use in a FQDN. Change the client’s hostname.
  • error: zone [zone-name]/IN: journal rollforward failed: journal out of sync with zone
    The zone journal file has gotten out of sync with the zone file (usually occurs with forced restarts, or modifying the zone file while BIND9 is running). Delete the .jnl file (in/var/lib/bind), and restart BIND9.

Hope this will help you!

Please Remember me in your prayers!

Mikrotik as Gateway

Note: This is not the best tutorial on Mikrotik, but it is one of easiest tutorial to configure Mikrotik as gateway 🙂


In this scenario, Mikrotik will work as dhcp, dns, and default gateway for local network.

Local Network :

Public: (In this scenario)

I assume that you already install the fresh copy of mikrotik  on any low end (P III, P IV or whatever) machine. Default username is “admin” and there is no password , by default.

Login to the Mikrotik router:

After login, you will see the screen something like this:

After login, first thing we need to do is to change password:


Check the interface(s) Setting by using this command:

interface print

Change the interface(s )name by using these commands:

interface set 0 name=WAN
interface set 1 name=LAN

Now, check the interface(s) again:

interface print

Assign the ip address to LAN interface:

ip address add address= interface=LAN

Assign the ip address to WAN interface:

ip address add address= interface=WAN

Now, check the ip address setting:

ip address print

Add the default route using this command:

ip route add gateway=

Check the routing table:

ip route print

DNS setup on Mikrotik:

ip dns set primary-dns= secondary-dns=
ip dns set allow-remote-requests=yes 

DNS settings check:

ip dns print

DHCP Configuration:

ip dhcp-server setup

Configuration of NAT on Mikrotik:

ip firewall nat add chain=srcnat action=masquerade out-interface=WAN

Testing from one of the Local Network’s Client:

Hope this will help you!

Please Remember me in your prayers!

How to Configure Cisco Router with DSL (PTCL)!

In this tutorial, we will configure the cisco(3640) router as a gateway for our LAN. It takes IP setting from DSL (PTCL) Modem through dhcp, in order to access the Internet. This router also act as the DHCP and DNS Server for LAN!

In first step, we will configure fa0/0 interface to take the ip address from DSL Modem:

interface fa0/0
ip address dhcp
no shut

Next, we configure the ip address on fa1/0 interface:

interface fa1/0
ip address
no shut

Verify the ip address and interface(s) status:

show ip int brief

Now, we will configure this router as dhcp server in order to serve ip address settings to our LAN, we will use the network, in which will be the default gateway and dns:

service dhcp
ip dhcp excluded-address
ip dhcp pool LAN-Pool
 domain-name home.lan
 import all

Verify that our dhcp server, serves the ip address to LAN:

show ip dhcp binding

Now, we will configure the DNS setting on our router in order to provide DNS services to our network, and make all clients use it as a DNS server:

ip dns server
ip name-server
ip domain-lookup

Next step is to configure the NAT on our router, for this, we need to define  the inside and outside interfaces, fa0/0 is connected to the Internet, so it is outside while fa1/0 is connected to the internal network, so it is  inside!

interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside

Now,we need to create an ACL that will include local network(!

Next, we need to enable NAT overload and bind it to the outside interface:

Test from one of the LAN’s client:

Verify the NAT status on our cisco router:
show ip nat translations 

Hope this will help you!

Please Remember me in your prayers!

%d bloggers like this: