Dns Setup Process
From CSLabsWiki
This page summarizes how the virtual machine dns was set up in Spring 2009.
Install
- Installed CentOS 5.2 x64.
- Partition Scheme
- 3 GB /
- 1.5 GB /var
- 512 MB swap
- Partition Scheme
Configuration
Updated System
- Added Extra Repositories
- RPMForge Yum Repository
- Fedora EPEL Yum Repository
- Configured Yum Priorities & to use our mirror
- Edited
/etc/yum.repos.d/CentOS-Base.repo
- Edited
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirror.clarkson.edu/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
priority=1
exclude=dnsmasq
#released updates
[updates]
name=CentOS-$releasever - Updates
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirror.clarkson.edu/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
priority=1
exclude=dnsmasq
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
baseurl=http://mirror.clarkson.edu/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
priority=1
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirror.clarkson.edu/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
priority=1
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://mirror.clarkson.edu/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
priority=2
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
baseurl=http://mirror.clarkson.edu/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
priority=2
- Edited
/etc/yum.repos.d/rpmforge.repo
- Edited
# Name: RPMforge RPM Repository for Red Hat Enterprise 5 - dag
# URL: http://rpmforge.net/
[rpmforge]
name = Red Hat Enterprise $releasever - RPMforge.net - dag
baseurl = http://mirror.clarkson.edu/rpmforge/redhat/el5/en/$basearch/dag
#mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1
priority=15
- Edited
/etc/yum.repos.d/epel.repo
- Edited
[epel]
name=Extra Packages for Enterprise Linux 5 - $basearch
baseurl=http://mirror.clarkson.edu/epel/5/$basearch
#mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
priority=30
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 5 - $basearch - Debug
baseurl=http://mirror.clarkson.edu/epel/5/$basearch/debug
#mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1
priority=30
[epel-source]
name=Extra Packages for Enterprise Linux 5 - $basearch - Source
baseurl=http://mirror.clarkson.edu/epel/5/SRPMS
#mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1
priority=30
- Edited
/etc/yum.repos.d/epel-testing.repo
- Edited
[epel-testing]
name=Extra Packages for Enterprise Linux 5 - Testing - $basearch
baseurl=http://mirror.clarkson.edu/epel/testing/5/$basearch
#mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel5&arch=$basearch
failovermethod=priority
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
priority=40
[epel-testing-debuginfo]
name=Extra Packages for Enterprise Linux 5 - Testing - $basearch - Debug
baseurl=http://mirror.clarkson.edu/epel/testing/5/$basearch/debug
#mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=testing-debug-epel5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1
priority=40
[epel-testing-source]
name=Extra Packages for Enterprise Linux 5 - Testing - $basearch - Source
baseurl=http://mirror.clarkson.edu/epel/testing/5/SRPMS
#mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=testing-source-epel5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1
priority=40
- Disabled Yum FastestMirror since using local mirror
sed -i 's/enabled=1/enabled=0/g' /etc/yum/pluginconf.d/fastestmirror.conf
- Installed Yum Priorities (Note: This must be installed prior to installing the packages below.)
yum install yum-priorities
- Configured Yum Priorities to check for obsoletes
echo "check_obsoletes=1" >> /etc/yum/pluginconf.d/priorities.conf
yum install vim-enhanced gcc emacs-nox screenyum update
Created User
- Created user mccarrms
/usr/sbin/useradd -m mccarrms
- Set password for mccarrms
passwd mccarrms
Configured Sudo
/usr/sbin/visudo
## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
#User_Alias ADMINS = mccarrms
## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
## Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
## Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
## Updating the locate database
Cmnd_Alias LOCATE = /usr/sbin/updatedb
## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
## Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
## Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe
## Shells
Cmnd_Alias SHELLS = /bin/sh, /bin/bash, /usr/bin/rsh, /bin/dash, /bin/rbash, /bin/su
## Users
Cmnd_Alias USERS = /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/userhelper, /usr/sbin/usermod, /usr/sbin/usernetctl
Defaults requiretty
Defaults env_reset,tty_tickets,lecture=always,logfile=/var/log/sudo.log
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
_XKB_CHARSET XAUTHORITY"
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
%dns-admins ALL=/usr/local/bin/dnsupdate, /etc/init.d/dhcpd restart, /etc/init.d/dnsmasq restart
#ADMINS ALL=(root) ALL, !SHELLS, !USERS, !DELEGATING
Configured Networks
- Configured hostname in
/etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=dns
- Verified eth0 configuration for Clarkson Network in
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
BROADCAST=128.153.145.255
HWADDR=00:16:3E:1B:BA:E4
IPADDR=128.153.145.2
NETMASK=255.255.255.0
NETWORK=128.153.145.0
ONBOOT=yes
GATEWAY=128.153.145.1
TYPE=Ethernet
- Verified eth1 configuration for the Server Room Network in
/etc/sysconfig/network-scripts/ifcfg-eth1
# Xen Virtual Ethernet
DEVICE=eth1
BOOTPROTO=none
BROADCAST=10.0.1.255
HWADDR=00:16:3E:2C:28:6C
IPADDR=10.0.1.1
NETMASK=255.255.255.0
NETWORK=10.0.1.0
ONBOOT=yes
TYPE=Ethernet
- Verified eth2 configuration for the Internal Network in
/etc/sysconfig/network-scripts/ifcfg-eth2
# Xen Virtual Ethernet
DEVICE=eth2
BOOTPROTO=none
BROADCAST=10.0.0.255
HWADDR=00:16:3E:0D:78:4E
IPADDR=10.0.0.1
NETMASK=255.255.255.0
NETWORK=10.0.0.0
ONBOOT=yes
TYPE=Ethernet
Configured Hosts
- Edited
/etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
128.153.145.2 dns.cslabs.clarkson.edu dns.cslabs dns
10.0.1.1 dns.sr.cslabs.clarkson.edu dns.sr.cslabs dns.sr
10.0.0.1 dns.int.cslabs.clarkson.edu dns.int.cslabs dns.int
- Edited
/etc/hosts.allow
For security purposes, this information has been intentionally left off.
- Edited
/etc/hosts.deny
ALL: ALL
Configured DNS Servers
- Edited
/etc/resolv.conf
nameserver 128.153.0.254
nameserver 128.153.5.254
Disabled IP v6
- Appended the following to
/etc/modprobe.conf
install ipv6 /bin/true
- Disabled IP v6 firewall
/sbin/chkconfig ip6tables off
Configured IPtables
Due to the sensitivity of this material, this config file has been left off; however, the following rules are needed.
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i eth2 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i eth2 -p udp -m udp --dport 68 -j ACCEPT
Configured SSH
- Edited
/etc/ssh/sshd_config
Due to the sensitivity of this material, this config file has been left off.
- Restarted sshd
/etc/init.d/sshd restart
Set Up SSH Login Banner
- Edited
/etc/issue.net
__
___/ /__ ___
/ _ / _ \(_-<
\_,_/_//_/___/
Configured Password Requirements
- Edited
/etc/login.defs
MAIL_DIR /var/spool/mail
PASS_MAX_DAYS 360
PASS_MIN_DAYS 0
PASS_MIN_LEN 8
PASS_WARN_AGE 60
UID_MIN 500
UID_MAX 60000
GID_MIN 500
GID_MAX 60000
CREATE_HOME yes
UMASK 077
USERGROUPS_ENAB yes
MD5_CRYPT_ENAB yes
ENCRYPT_METHOD MD5
Added Custom PATH Variables
- Added the following to
/etc/profile
PATH=$PATH:/usr/sbin:/sbin
export PATH
Configured Aliases
- Edited
/etc/aliases
#
# Aliases in this file will NOT be expanded in the header from
# Mail, but WILL be visible over networks or from /bin/mail.
#
# >>>>>>>>>> The program "newaliases" must be run after
# >> NOTE >> this file is updated for any changes to
# >>>>>>>>>> show through to sendmail.
#
# Basic system aliases -- these MUST be present.
mailer-daemon: postmaster
postmaster: logwatch@cslabs.clarkson.edu
# General redirections for pseudo accounts.
bin: logwatch@cslabs.clarkson.edu
daemon: logwatch@cslabs.clarkson.edu
adm: logwatch@cslabs.clarkson.edu
lp: logwatch@cslabs.clarkson.edu
sync: logwatch@cslabs.clarkson.edu
shutdown: logwatch@cslabs.clarkson.edu
halt: logwatch@cslabs.clarkson.edu
mail: logwatch@cslabs.clarkson.edu
news: logwatch@cslabs.clarkson.edu
uucp: logwatch@cslabs.clarkson.edu
operator: logwatch@cslabs.clarkson.edu
games: logwatch@cslabs.clarkson.edu
gopher: logwatch@cslabs.clarkson.edu
ftp: logwatch@cslabs.clarkson.edu
nobody: logwatch@cslabs.clarkson.edu
radiusd: logwatch@cslabs.clarkson.edu
nut: logwatch@cslabs.clarkson.edu
dbus: logwatch@cslabs.clarkson.edu
vcsa: logwatch@cslabs.clarkson.edu
canna: logwatch@cslabs.clarkson.edu
wnn: logwatch@cslabs.clarkson.edu
rpm: logwatch@cslabs.clarkson.edu
nscd: logwatch@cslabs.clarkson.edu
pcap: logwatch@cslabs.clarkson.edu
apache: logwatch@cslabs.clarkson.edu
webalizer: logwatch@cslabs.clarkson.edu
dovecot: logwatch@cslabs.clarkson.edu
fax: logwatch@cslabs.clarkson.edu
quagga: logwatch@cslabs.clarkson.edu
radvd: logwatch@cslabs.clarkson.edu
pvm: logwatch@cslabs.clarkson.edu
amanda: logwatch@cslabs.clarkson.edu
privoxy: logwatch@cslabs.clarkson.edu
ident: logwatch@cslabs.clarkson.edu
named: logwatch@cslabs.clarkson.edu
xfs: logwatch@cslabs.clarkson.edu
gdm: logwatch@cslabs.clarkson.edu
mailnull: logwatch@cslabs.clarkson.edu
postgres: logwatch@cslabs.clarkson.edu
sshd: logwatch@cslabs.clarkson.edu
smmsp: logwatch@cslabs.clarkson.edu
postfix: logwatch@cslabs.clarkson.edu
netdump: logwatch@cslabs.clarkson.edu
ldap: logwatch@cslabs.clarkson.edu
squid: logwatch@cslabs.clarkson.edu
ntp: logwatch@cslabs.clarkson.edu
mysql: logwatch@cslabs.clarkson.edu
desktop: logwatch@cslabs.clarkson.edu
rpcuser: logwatch@cslabs.clarkson.edu
rpc: logwatch@cslabs.clarkson.edu
nfsnobody: logwatch@cslabs.clarkson.edu
ingres: logwatch@cslabs.clarkson.edu
system: logwatch@cslabs.clarkson.edu
toor: logwatch@cslabs.clarkson.edu
manager: logwatch@cslabs.clarkson.edu
dumper: logwatch@cslabs.clarkson.edu
abuse: logwatch@cslabs.clarkson.edu
newsadm: news
newsadmin: news
usenet: news
ftpadm: ftp
ftpadmin: ftp
ftp-adm: ftp
ftp-admin: ftp
www: webmaster
webmaster: logwatch@cslabs.clarkson.edu
noc: logwatch@cslabs.clarkson.edu
security: logwatch@cslabs.clarkson.edu
hostmaster: logwatch@cslabs.clarkson.edu
info: postmaster
marketing: postmaster
sales: postmaster
support: postmaster
# trap decode to catch security attacks
decode: logwatch@cslabs.clarkson.edu
# Person who should get roots's mail
root: logwatch@cslabs.clarkson.edu
- Updated aliases
/usr/bin/newaliases
Disabled Various Kernel Modules
- Added the following to
/etc/modprobe.conf
install pppox /bin/true
install bluetooth /bin/true
install sctp /bin/true
Installed & Configured SNMP
- Installed needed packages
yum install net-snmp ntp
- Configured SNMP Daemon
/etc/snmp/snmpd.conf
rocommunity <passphrase> 127.0.0.1
rocommunity <passphrase> <ipsallowed>
syslocation Clarkson University Applied CS Labs
syscontact Matt McCarrell <mccarrms@gmail.com>
disk /
disk /var
proc dnsmasq
proc dhcpd
exec timeskew /usr/local/sbin/ntp_check
exec uptime /usr/bin/uptime
- Deployed
ntp_checkscript- Copied over
/usr/local/sbin/ntp_checkfrom Isengard to /usr/local/sbin/ chown root.root /usr/local/sbin/ntp_check
- Copied over
- Configured SNMP to start at specific run levels
/sbin/chkconfig --levels 2345 snmpd on
- Started daemon
/etc/init.d/snmpd start
Increased Detail of Logwatch Reports
- Set detail level to be high
echo "Detail = High" >> /etc/logwatch/conf/logwatch.conf
Modified Cron Weekly Execution Time
This was done to reduce load spikes that produce Nagios alerts around 4:30 AM every Sunday. In the event that this VM get moved off of righteous, this should be changed back to the default setting of 4:22 AM.
- Modified the following line in
/etc/crontab
32 4 * * 0 root run-parts /etc/cron.weekly
Installed DNS Masquerade
- Installed DNS Masquerade
yum install dnsmasq
- Configured DNS Masquerade
/etc/dnsmasq.conf
no-dhcp-interface=eth0
no-dhcp-interface=eth1
no-dhcp-interface=eth2
local-ttl=3600
mx-host=cslabs.clarkson.edu,aspmx.l.google.com,1
mx-host=cslabs.clarkson.edu,alt1.aspmx.l.google.com,5
mx-host=cslabs.clarkson.edu,alt2.aspmx.l.google.com,5
mx-host=cslabs.clarkson.edu,aspmx2.googlemail.com,10
mx-host=cslabs.clarkson.edu,aspmx3.googlemail.com,10
cname=mail.cslabs.clarkson.edu,ghs.google.com
cname=mail.cslabs,ghs.google.com
cname=mail,ghs.google.com
- Configured DNS Masquerade to start on boot
/sbin/chkconfig --levels 345 dnsmasq on
Installed DHCP Server
- Installed DHCP Server
yum install dhcp
- Configured parts of dhcp
/etc/sysconfig/dhcpd
DHCPDARGS=eth2
- Configured to listen for DHCP requests
/sbin/route add -host 255.255.255.255 dev eth2
- Configured dhcpd to start on boot
/sbin/chkconfig --levels 345 dhcpd on
Generated Config Files & Started Services
- Modified the previous perl generation script & put it in
/usr/local/bin/
#!/usr/bin/perl
$cuhosts = "/root/scripts/cu_hosts";
$srhosts = "/root/scripts/sr_hosts";
$inhosts = "/root/scripts/in_dhcp_hosts";
$inhosts2 = "/root/scripts/in_dns_hosts";
$hostsfile = "/etc/hosts";
$dhcpfile = "/etc/dhcpd.conf";
if ((-e $cuhosts) && (-e $srhosts) && (-e $inhosts) && (-e $inhosts2) && (-e $hostsfile) && (-e $dhcpfile)){
print "Using Master Files: $cuhosts, $srhosts, $inhosts, and $inhosts2\n";
parse();
dump_dhcp();
dump_hosts();
print `/etc/init.d/dhcpd restart`;
print `/etc/init.d/dnsmasq restart`;
}
else{
die("ERROR - Please check that the following files exist: $cuhosts, $srhosts, $inhosts, $inhosts2, $hostsfile, $dhcpfile\n");
}
sub parse {
open(INFILE, "$cuhosts") or die("Error: cannot open input file: $!\n");
$cucount=0;
while(<INFILE>) {
$line = $_;
chomp($line);
if($line =~ /^#.*/) {
next;
}
@terms = split(/[\s\t]+/, $line);
$cuhost[$cucount] = $terms[0];
$cuip[$cucount] = $terms[1];
$cucount++;
}
close(INFILE);
open(INFILE2, "$srhosts") or die("Error: cannot open input file: $!\n");
$srcount=0;
while(<INFILE2>) {
$line = $_;
chomp($line);
if($line =~ /^#.*/) {
next;
}
@terms = split(/[\s\t]+/, $line);
$srhost[$srcount] = $terms[0];
$srip[$srcount] = $terms[1];
$srcount++;
}
close(INFILE2);
open(INFILE3, "$inhosts") or die("Error: cannot open input file: $!\n");
$incount=0;
while(<INFILE3>) {
$line = $_;
chomp($line);
if($line =~ /^#.*/) {
next;
}
@terms = split(/[\s\t]+/, $line);
$inhost[$incount] = $terms[0];
$inmac[$incount] = $terms[1];
$inip[$incount] = $terms[2];
$incount++;
}
close(INFILE3);
open(INFILE4, "$inhosts2") or die("Error: cannot open input file: $!\n");
$incount2=0;
while(<INFILE4>) {
$line = $_;
chomp($line);
if($line =~ /^#.*/) {
next;
}
@terms = split(/[\s\t]+/, $line);
$inhost2[$incount2] = $terms[0];
$inip2[$incount2] = $terms[1];
$incount2++;
}
close(INFILE4);
}
sub dump_dhcp {
open(OUTFILE, ">$dhcpfile") or die("Error: cannot open $dhcpfile file: $!\n");
print "Writing: $dhcpfile\n";
print OUTFILE "ddns-update-style none;\n";
print OUTFILE "ignore client-updates;\n";
print OUTFILE "authoritative;\n";
print OUTFILE "subnet 10.0.0.0 netmask 255.255.255.0 {\n";
print OUTFILE "\tdefault-lease-time 21600;\n";
print OUTFILE "\tmax-lease-time 43200;\n";
print OUTFILE "\trange 10.0.0.150 10.0.0.253;\n";
print OUTFILE "\toption subnet-mask 255.255.255.0;\n";
print OUTFILE "\toption broadcast-address 10.0.0.255;\n";
print OUTFILE "\toption domain-name-servers 10.0.0.1;\n";
print OUTFILE "\toption time-offset -18000;\n";
for($x=0;$x<$incount;$x++) {
print OUTFILE "\thost $inhost[$x] {\n";
print OUTFILE "\t\thardware ethernet $inmac[$x];\n";
print OUTFILE "\t\tfixed-address $inip[$x];\n";
print OUTFILE "\t\toption host-name \"$inhost[$x]\";\n";
print OUTFILE "\t}\n";
}
print OUTFILE "}\n";
close(OUTFILE);
}
sub dump_hosts {
open(OUTFILE, ">$hostsfile") or die("Error: cannot open $hostsfile file: $!\n");
print "Writing: $hostsfile\n";
print OUTFILE "#Local Host\n";
print OUTFILE "127.0.0.1\tlocalhost\n";
print OUTFILE "::1\tlocalhost6.localdomain6\tlocalhost6\n";
print OUTFILE "#Clarkson Network Hosts\n";
for($x=0;$x<$cucount;$x++) {
print OUTFILE "$cuip[$x]\t$cuhost[$x].cslabs.clarkson.edu $cuhost[$x].cslabs $cuhost[$x]\n";
}
print OUTFILE "128.153.145.15\tcslabs.clarkson.edu cslabs\n";
print OUTFILE "#Server Room Network Hosts\n";
for($x=0;$x<$srcount;$x++) {
print OUTFILE "$srip[$x]\t$srhost[$x].sr.cslabs.clarkson.edu $srhost[$x].sr.cslabs $srhost[$x].sr\n";
}
print OUTFILE "#Internal Network Hosts\n";
for($x=0;$x<$incount;$x++) {
print OUTFILE "$inip[$x]\t$inhost[$x].int.cslabs.clarkson.edu $inhost[$x].int.cslabs $inhost[$x].int\n";
}
for($x=0;$x<$incount2;$x++) {
print OUTFILE "$inip2[$x]\t$inhost2[$x].int.cslabs.clarkson.edu $inhost2[$x].int.cslabs $inhost2[$x].int\n";
}
close(OUTFILE);
}
- Modifed
/root/scripts/cu_hosts
# This file specifies all COSI / ITL hosts which have static IPs.
# All hosts in this file will resolve to <Host>.cslabs.clarkson.edu
#
# ALL CHANGES TO THIS FILE SHOULD BE NOTED ON THE CSLABS WIKI.
#
#Host IP Address Notes
#
mail 74.125.47.121
cusw1 128.153.144.10
cusw2 128.153.144.11
dns 128.153.145.2
cusw4 128.153.145.5
isengard 128.153.145.12
web1 128.153.145.15
rrs 128.153.145.15
xen 128.153.145.15
cosi 128.153.145.15
planet 128.153.145.15
lab-build 128.153.145.15
laconica 128.153.145.15
kickstart 128.153.145.15
netstat 128.153.145.16
mysql 128.153.145.17
kernelmirror 128.153.145.18
mirror 128.153.145.19
vpn 128.153.145.21
auth 128.153.145.23
svn 128.153.145.24
docs 128.153.145.26
autoguilt 128.153.145.27
dukr 128.153.145.28
atp 128.153.145.30
osp1 128.153.145.31
osp2 128.153.145.32
list 128.153.145.35
tremulous 128.153.145.36
sunrack 128.153.145.37
storage 128.153.145.40
xen1 128.153.145.41
xen2 128.153.145.42
xen3 128.153.145.43
mirror.dev 128.153.145.44
netstat.dev 128.153.145.50
vpn.dev 128.153.145.51
web1.dev 128.153.145.55
cslabs.dev 128.153.145.55
cosi.dev 128.153.145.55
planet.dev 128.153.145.55
xen.dev 128.153.145.55
rrs.dev 128.153.145.55
drbd1.dev 128.153.145.56
drbd2.dev 128.153.145.57
generic-vm.dev 128.153.145.70
mercury 128.153.145.80
vmware1 128.153.145.100
vmware2 128.153.145.101
applepie 128.153.145.102
pepperjack 128.153.145.103
comm 128.153.145.145
management 128.153.145.200
hydrogen 128.153.145.201
helium 128.153.145.202
lithium 128.153.145.203
beryllium 128.153.145.204
boron 128.153.145.205
carbon 128.153.145.206
nitrogen 128.153.145.207
oxygen 128.153.145.208
fluorine 128.153.145.209
neon 128.153.145.210
sodium 128.153.145.211
magnesium 128.153.145.212
aluminum 128.153.145.213
silicon 128.153.145.214
righteous 128.153.145.215
vmware-server 128.153.145.230
monitor 128.153.145.250
gde 128.153.145.251
printer 128.153.145.252
itlwebcam 128.153.145.253
downtime 128.153.145.254
- Modified
/root/scripts/sr_hosts
#Host IP Address
#
# MISC (1-24)
#
dns 10.0.1.1
animal 10.0.1.2
isengard 10.0.1.5
#
# PRODUCTION MACHINES (25-49)
#
hydrogen 10.0.1.25
helium 10.0.1.26
lithium 10.0.1.27
vmware1 10.0.1.29
vmware2 10.0.1.30
righteous 10.0.1.33
applepie 10.0.1.34
storage 10.0.1.35
mirror 10.0.1.36
xen1 10.0.1.37
xen2 10.0.1.38
xen3 10.0.1.39
#
# PRODUCTION IMAGES (50-99)
#mirror 10.0.1.51
netstat 10.0.1.55
auth 10.0.1.59
management 10.0.1.65
#
# PROJECT MACHINES (100-124)
#
# PROJECT IMAGES (125-199)
#
# TESTING/TEMPORARY (200-225)
#
- Modified
/root/scripts/in_dhcp_hosts
#Host MAC IP Address
#COSI Computers
cosi-01 00:11:25:F6:15:22 10.0.0.51
cosi-02 00:11:25:F6:5C:13 10.0.0.52
cosi-03 00:11:25:F6:52:95 10.0.0.53
cosi-04 00:11:25:F6:5D:C9 10.0.0.54
cosi-05 00:11:25:F6:70:7A 10.0.0.55
cosi-06 00:11:25:F6:5D:7C 10.0.0.56
cosi-07 00:11:25:F6:70:8C 10.0.0.57
cosi-08 00:11:25:F6:67:9C 10.0.0.58
cosi-09 00:11:25:F6:2F:C1 10.0.0.59
cosi-10 00:11:25:F6:5B:2E 10.0.0.60
#ITL Computers
itl-01 00:16:E6:01:AC:EA 10.0.0.61
itl-02 00:16:41:2C:E8:F8 10.0.0.62
itl-03 00:16:E6:01:87:C0 10.0.0.63
itl-04 00:16:E6:01:AE:32 10.0.0.64
itl-05 00:16:41:2C:B0:DC 10.0.0.65
itl-06 00:16:E6:01:BB:C4 10.0.0.66
itl-07 00:16:E6:01:C0:86 10.0.0.67
itl-08 00:16:E6:01:AC:7C 10.0.0.68
itl-09 00:16:E6:01:B1:82 10.0.0.69
itl-10 00:16:41:E8:83:9E 10.0.0.70
itl-11 00:16:E6:01:BD:80 10.0.0.71
itl-12 00:16:E6:01:CF:3A 10.0.0.72
itl-13 00:16:E6:01:BF:98 10.0.0.73
itl-14 00:16:E6:01:C0:3C 10.0.0.74
itl-15 00:16:E6:01:BB:8A 10.0.0.75
itl-16 00:16:E6:01:AE:2A 10.0.0.76
itl-17 00:16:E6:01:BD:6C 10.0.0.77
itl-18 00:16:E6:01:C0:48 10.0.0.78
itl-19 00:16:41:E8:50:48 10.0.0.79
itl-20 00:16:E6:01:BD:8A 10.0.0.80
itl-21 00:16:E6:01:AC:5C 10.0.0.81
itl-22 00:16:E6:01:BB:B2 10.0.0.82
itl-23 00:16:E6:01:C0:22 10.0.0.83
itl-24 00:16:E6:01:B1:2E 10.0.0.84
itl-25 00:16:41:2C:E8:FE 10.0.0.85
itl-ts 00:16:41:2C:DB:5E 10.0.0.86
#VR-COSI Computers
vr-cosi-01 00:1A:A0:A9:62:88 10.0.0.87
vr-cosi-02 00:1A:A0:A9:F4:F1 10.0.0.88
vr-cosi-03 00:1A:A0:A9:F2:81 10.0.0.89
vr-cosi-04 00:1A:A0:A9:F5:32 10.0.0.90
vr-cosi-05 00:1A:A0:A9:F5:0A 10.0.0.91
vr-cosi-06 00:1A:A0:A9:60:E2 10.0.0.92
vr-cosi-ts 00:16:41:2C:E9:A0 10.0.0.93
#VR Computers
vr-alienware 00:15:58:38:DB:E6 10.0.0.94
vr-kit 00:18:4D:F0:0E:3C 10.0.0.95
vr-kat 00:1E:4F:E2:8B:66 10.0.0.96
- Modified
/root/scripts/in_dns_hosts
#Host IP Address
#
#Switches and DNS Server
dns 10.0.0.1
insw1 10.0.0.2
insw2 10.0.0.3
bladecenter 10.0.0.4
bcsw1 10.0.1.5
bcsw2 10.0.1.6
#Physical Servers
righteous 10.0.0.10
vmware1 10.0.0.11
vmware2 10.0.0.12
applepie 10.0.0.13
mirror 10.0.0.14
storage 10.0.0.15
xen1 10.0.0.16
xen2 10.0.0.17
xen3 10.0.0.18
pepperjack 10.0.0.254
#Virtual Machines
isengard 10.0.0.20
netstat 10.0.0.21
#Development Servers
vpn.dev 10.0.0.35
- Generated config files & started DNS Masquerade and DHCP
dnsupdate
