Server Installation/miredo

< Server Installation

Miredo Installation

• Miredo installieren: apt-get install miredo
• Status prüfen: ‘‘ifconfig teredo‘‘ und ‘‘ping6 www.on-i.de -n
• DNS Erreichbarkeit kann über den Opennet DNS Service unter *.dyn.opennet-inititive.de hergestellt werden

Miredo mit Dynamic DNS Update

• CNAME im Opennet DNS für <hostname>.opennet-initiative.de -> <hostname>.dyn.opennet-initiative.de aufnehmen
• Key für nsupdate im Opennet DNS erzeugen und DNS Update Rechte zuweisen (named.conf.local)
• ggf. dnsutils installieren (falls nicht bereits vorhanden)
• do_nsupdate.sh Wrapper Script unter /usr/local/sbin ablegen (benötigte Version unten)
• das Skript unter /etc/miredo/client-hock wie folgt vor dem exit 0 am Ende erweitern:

# modified mathias mahnke, 2013-05-16
# do_nsupdate.sh wrapper script for nsupdate
if test "$STATE" = "up"; then
   /usr/local/sbin/do_nsupdate.sh -n heartofgold.on -p /etc/bind/dyndns_<hostname>.key \
     -r <hostname>.dyn.opennet-initiative.de -t 3600 -i "$ADDRESS";
fi

Nsupdate Wrapper Script

• basiert auf https://github.com/anl/nsupdate-wrapper/blob/master/do_nsupdate.sh
• do_nsupdate.sh:

#!/bin/bash

#
# modified mathias mahnke, 2013-05-16
#

# Copyright 2013 Andrew Leonard
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
# or implied. See the License for the specific language governing
# permissions and limitations under the License.


function usage {
    echo "Usage: $0 <flags>"
    echo
    echo "          -n nameserver - DNS server to send updates to"
    echo "          -p privkey - Path to private key"
    echo "          -r record - Record to update"
    echo "          -t ttl - Time to live for updated record; default 300s."
    echo "          -i ip - IP address to send"
    exit 1
}

# Parse arguments
while getopts "n:p:r:t:z:i:" flag ; do
    case $flag in
	n) nameserver=$OPTARG ;;
	p) priv_key=$OPTARG ;;
	r) record=$OPTARG ;;
	t) ttl=$OPTARG ;;
	i) ip=$OPTARG ;;
	*) usage ;;
    esac
done

if [ -z $nameserver ] ; then
    echo "Nameserver is a required option; exiting."
    echo
    usage
fi

if [ -z $priv_key ] ; then
    echo "Path to private key is a required option; exiting."
    echo
    usage
fi

if [ -z $record ] ; then
    echo "DNS record is a required option; exiting."
    echo
    usage
fi

if [ -z $ttl ] ; then
    ttl=300
fi

echo "server $nameserver
update delete $record AAAA
update add $record $ttl AAAA $ip
show
send" | nsupdate -k $priv_key