FAQ:OpenWRT: Difference between revisions

From Leurent
Jump to navigation Jump to search
(Enable DNSSEQ)
(Install ddns-scripts_nsupdate)
Line 15: Line 15:


</source>
</source>

= DDNS =

== Install ddns-scripts_nsupdate ==

* On the server that will generate Klede.+157+55429.key and Klede.+157+55429.private files
<source lang="bash">
dnssec-keygen -a HMAC-md5 -b 512 -n USER lede
</source>

* In the /etc/bind9/named.conf.local, update section like this one
<source lang="text">
key lede {
algorithm HMAC-MD5;
secret "ADDTHEKEYFROM_LEDE_PRIVATE_FILE";
};

zone "leurent.eu" {
type master;
notify yes;
file "/etc/bind/leurent/leurent.eu.db";
update-policy { grant lede name lede.leurent.eu A; };
...
};
</source>


* On LEDE box, you can install ddns-scripts_nsupdate and have a look at /usr/lib/ddns/update_nsupdate.sh to see how it works
<source lang="bash">
opkg install ddns-scripts_nsupdate
</source>
# Now you can go in the DDNS section
# Use the bind-nsupdate client
## For the login use the name of the key you created on the server "lede" here
## For the password, use the key





Revision as of 14:33, 3 June 2018

Perso

Install basic packages

opkg update
opkg install diffutils lsof usbutils

opkg install snmpd
opkg install mount-utils block-mount kmod-usb-storage kmod-fs-ext4 kmod-fs-vfat kmod-fs-exfat kmod-fs-ntfs kmod-fs-hfs kmod-fs-hfsplus kmod-nls-cp437 kmod-nls-iso8859-1
opkg install luci-app-samba
opkg install luci-app-ddns ddns-scripts_no-ip_com

opkg install dnsmasq-full
# Go in http://10.146.199.1/cgi-bin/luci/admin/network/dhcp Advanced Settings and enable both DNSSEC option

DDNS

Install ddns-scripts_nsupdate

  • On the server that will generate Klede.+157+55429.key and Klede.+157+55429.private files
dnssec-keygen -a HMAC-md5 -b 512 -n USER lede
  • In the /etc/bind9/named.conf.local, update section like this one
key lede {
        algorithm HMAC-MD5;
        secret "ADDTHEKEYFROM_LEDE_PRIVATE_FILE";
};

zone "leurent.eu" {
        type master;
        notify yes;
        file "/etc/bind/leurent/leurent.eu.db";
        update-policy { grant lede name lede.leurent.eu A; };
        ...
};


  • On LEDE box, you can install ddns-scripts_nsupdate and have a look at /usr/lib/ddns/update_nsupdate.sh to see how it works
opkg install ddns-scripts_nsupdate
  1. Now you can go in the DDNS section
  2. Use the bind-nsupdate client
    1.  For the login use the name of the key you created on the server "lede" here
    2. For the password, use the key


System Commands

Upgrade all packages

opkg update
opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade

cf https://lede-project.org/docs/user-guide/opkg