Simple DNS solutions for a test or development network

Use Cisco IOS DNS server or Ubuntu DNS server:

I recently had to setup a test DNS server for a lab environment. This only had to work for about 20 hostnames.

A few options came to mind:

  • Setup a basic DNS server on Cisco IOS in GNS3
  • Setup a basic DNS server on Ubuntu
  • Setup DNS on Windows

I prefer using Ubuntu to Windows because of licensing issues and resource utilisation. It is much simpler to just run a free version of Ubuntu and not have to worry about license costs. I can also run multiple lightweight Linux installations rather than fewer resource intensive Windows installations.

If you already have Cisco routers in your lab environment means that is an easy option. When using GNS3 test environments, this would be my first choice as the DNS functionality is already in the IOS used by GNS3.

Cisco IOS DNS server:

The first option works well for my lab demonstrations of Cisco routers using two way NAT for example. Whenever using GNS3 routers in a lab or demo, this would be my first choice as the routers support DNS as part of the Cisco IOS since 12.2(4)T.

This is also very easy to setup. You just need two commands on the Cisco IOS:

ip dns server
ip hostname  

In this example, R1 is acting as the DNS server and R2 is acting as a host. IP addresses are already configured.

Network Diagram:

network diagram

Cisco IOS DNS Server configuration:

R1#conf t
R1(config)#ip domain lookup
R1(config)#ip dns server
R1(config)#ip host pc.com 192.168.56.10
R1(config)#ip host facebook.com 192.168.56.11
R1(config)#ip host hp.com 192.168.56.12
R1(config)#ip host badsite.com 192.168.56.13
R1(config)#ip host cisco.com 192.168.56.14
R1(config)#^Z
R1#ping pc.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.56.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/26/44 ms
R1#

R2 now needs to configured to use the DNS server:

R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#ip domain lookup
R2(config)#ip name-server 192.168.56.50
R2(config)#^Z
R2#ping pc.com

Translating "pc.com"...domain server (192.168.56.50) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.56.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/38/40 ms
R2#

Here is a debug on the DNS server showing the DNS query and response:

R1#debug ip udp
UDP packet debugging is on
R1#
*Mar  1 00:14:16.807: UDP: rcvd src=192.168.56.10(52961), dst=192.168.56.50(53), length=32
*Mar  1 00:14:16.811: UDP: sent src=192.168.56.50(53), dst=192.168.56.10(52961), length=48
R1#

As you can see the DNS server is working correctly. Very simple to setup and use when running GNS3 in a lab.

Ubuntu DNS server:

I could use BIND, but that is overly complex for a very simple lab setup and I like to keep things simple. I thus use dnsmasq. This is a very simple DNS server that meets the requirements for a small network DNS server.

To install dnsmasq, simply install from the Ubuntu cloud:

sudo apt-get install dnsmasq

Here is an example of the install:

sdn@UbuntuBasic:~$ sudo apt-get install dnsmasq
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  dnsmasq-base libnetfilter-conntrack3
The following NEW packages will be installed:
  dnsmasq dnsmasq-base libnetfilter-conntrack3
0 upgraded, 3 newly installed, 0 to remove and 117 not upgraded.
Need to get 263 kB of archives.
After this operation, 753 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://us.archive.ubuntu.com/ubuntu/ precise/main libnetfilter-conntrack3 amd64 0.9.1-1ubuntu1 [34.4 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main dnsmasq-base amd64 2.59-4ubuntu0.1 [213 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu/ precise-updates/universe dnsmasq all 2.59-4ubuntu0.1 [15.1 kB]
Fetched 263 kB in 0s (263 kB/s)
Selecting previously unselected package libnetfilter-conntrack3.
(Reading database ... 52802 files and directories currently installed.)
Unpacking libnetfilter-conntrack3 (from .../libnetfilter-conntrack3_0.9.1-1ubuntu1_amd64.deb) ...
Selecting previously unselected package dnsmasq-base.
Unpacking dnsmasq-base (from .../dnsmasq-base_2.59-4ubuntu0.1_amd64.deb) ...
Selecting previously unselected package dnsmasq.
Unpacking dnsmasq (from .../dnsmasq_2.59-4ubuntu0.1_all.deb) ...
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Setting up libnetfilter-conntrack3 (0.9.1-1ubuntu1) ...
Setting up dnsmasq-base (2.59-4ubuntu0.1) ...
Setting up dnsmasq (2.59-4ubuntu0.1) ...
 * Starting DNS forwarder and DHCP server dnsmasq                        [ OK ] 
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place

DNS server is now installed.

Dnsmasq is configured by editing the following file:

/etc/dnsmasq.conf

It’s a good idea to keep a backup of this file before making changes:

sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.backup

You can now edit the file as follows for example:

sudo nano /etc/dnsmasq.conf

There are many options available and I won’t discuss them here. The only setting I am changing is to set my DNS server to not read the /etc/resolv.conf file or any other files (remove # in front of no-resolv). I then added entries to the file such as the following used in my lab:

# If you don't want dnsmasq to read /etc/resolv.conf or any other
# file, getting its servers from this file instead (see below), then
# uncomment this.
no-resolv
address=/facebook.com/192.168.56.128
address=/hp.com/192.168.56.98
address=/pakiti.com/192.168.56.129
address=/isolationserver.com/192.168.56.78

Edit the resolv.conf file to resolve to the local DNS server:

sudo nano /etc/resolv.conf

Set the DNS sever to the local server:

nameserver 127.0.0.1

When you make changes you will need to restart dnsmaq. An easy way to do that is as follows:

sudo /etc/init.d/dnsmasq restart

Example restart:

sdn@UbuntuBasic:~$ sudo /etc/init.d/dnsmasq restart
 * Restarting DNS forwarder and DHCP server dnsmasq                      [ OK ] 
sdn@UbuntuBasic:~$

That’s it! We can now test.

Testing:

On the DNS server, resolve some domains:

sdn@UbuntuBasic:~$ nslookup facebook.com
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	facebook.com
Address: 192.168.56.128

sdn@UbuntuBasic:~$ nslookup hp.com
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	hp.com
Address: 192.168.56.98

sdn@UbuntuBasic:~$
sdn@UbuntuBasic:~$ ping facebook.com -c 1
PING facebook.com (192.168.56.128) 56(84) bytes of data.
64 bytes from facebook.com (192.168.56.128): icmp_req=1 ttl=255 time=0.270 ms

--- facebook.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.270/0.270/0.270/0.000 ms

sdn@UbuntuBasic:~$ ping pakiti.com -c 1
PING pakiti.com (192.168.56.129) 56(84) bytes of data.
64 bytes from pakiti.com (192.168.56.129): icmp_req=1 ttl=64 time=0.172 ms

--- pakiti.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.172/0.172/0.172/0.000 ms
sdn@UbuntuBasic:~$ 

Set the DNS server on a windows host for example to test:

Find DNS server IP address:

sdn@UbuntuBasic:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:de:32:24  
          inet addr:192.168.56.131  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fede:3224/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8454 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4760 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:6250621 (6.2 MB)  TX bytes:692315 (692.3 KB)

Set DNS server on windows client:

Set-DNS-server-on-windows-client
nslookup on windows client:

nslookup

Summary:

In this blog entry I showed you how to configure a lab DNS server on either a Cisco router (or GNS3) or a DNS server which could run in virtualbox.

All the best!

David Bombal



Tags: , , , , ,


About :

These days I am involved in some exciting SDN and OpenFlow projects involving the HP VAN SDN Controller, HP ProVision and HP Comware switches. These new developments in the networking world combine my passions of networking and application development. I hope to write some interesting blog entries on these exiting topics. I am both a Cisco CCIE #11023 and HP MASE as well as a Cisco Certified Systems Instructor (CCSI #22787) and Certified HP Instructor. I have been training networking courses for well over 10 years teaching on a wide range of topics including routing and switching, VoIP, OpenFlow and SDN. I have delivered instructor led courses all over the world. I started working with Cisco Unified Communications Manager when it was still called Cisco Call Manager and have been deploying, troubleshooting and teaching Unified Communications products since version 3.0. I have developed various network utilities such as the VPN Config Generator and others to help engineers in their day to day jobs. I also develop software, training materials, EBooks, videos and other products which are used throughout the world. I have designed, implemented and managed networks ranging from single sites to those that span 50 countries.

View all posts by


No comments yet.

Leave a Reply

  • Proper format "info@pakiti.com"