Configuring a private DNS server on Openfiler for use with Oracle RAC 12C on Virtual Boxes

0

To build an Oracle 12C RAC database – on Virtual Boxes – there’s at least shared storage needed for ASM, and a DNS-server for the SCAN-addresses. Several methods can be used for this, but  for the storage in my private project I chose Openfiler, an open source management storage tool, on a separate Virtual Box. It’s like a SAN in real life (the complete system will be three Virtual Boxes: two RAC-nodes and 1 storage Virtual Box). Version Openfiler: 2.99.

O.k. storage is clear, but what about DNS? The quickest and dirtiest way to accomplish this is to use Dnsmasq on every RAC-node. A nice blogpost about this subject is here to be found.

But what I want is a separate DNS-server, just as in real life. The perfect candidate is to use the separate Openfiler Virtual Box. Agreed, a bit more complicated to setup, but I just have to do it once…. I used a nice blogpost about DHCP and DNS setup in the past as my starting point. In this post I will describe the various steps to take to get your own DNS-server on Openfiler, with the complete content of the files I used. The installation of openfiler will be described in another post. So the assumption here is that the openfiler-virtual box is running and accessible.

 

image

First the DNS-package has to be installed on Openfiler (internet access needed):

image_thumb1

For the RAC-nodes I needed the ip-range 192.168.188.xxx as public, and 192.168.190.xxx as private addresses.

Just a few files to be configured to accomplish this:

–  /etc/named.conf  which point to the other files:

|—>  /srv/named/data/<domain-name-host-file> , in this case srv/named/data/amis.nl.hosts.

|—>  /srv/named/data/<reversed-files>

Hereby the content of these files.

/etc/named.conf:


//
// named.conf for Red Hat caching-nameserver
//

options {
directory "/srv/named/data";
dump-file "/srv/named/data/cache_dump.db";
statistics-file "/srv/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below.  Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "amis.nl" {
type master;
file "amis.nl.hosts";
};

# reverse zone

zone "188.168.192.in-addr.arpa" {
type master;
file "188.168.192.rev";
};

zone "190.168.192.in-addr.arpa" {
type master;
file "190.168.192.rev";
};

include "/etc/rndc.key";

/srv/named/data/<domain-name-host-file> , in my case amis.nl.hosts.


$TTL 86400  ; 1 day
@ IN SOA Openfiler2.amis.nl.  foo.bar.tld. (
200612069 ; serial
7200 ; refresh (2 hours)
300 ; retry (5 minutes)
604800 ; expire (1 week)
60 ; minimum (1 minute)
)
@ IN NS  Openfiler2.amis.nl.
Openfiler2.amis.nl.        IN   A   192.168.188.195
rac1-ol6-121.amis.nl.      IN   A   192.168.188.100
rac2-ol6-121.amis.nl.      IN   A   192.168.188.110
rac1-ol6-121-vip.amis.nl.  IN   A   192.168.188.150
rac2-ol6-121-vip.amis.nl.  IN   A   192.168.188.160
ol6-121-scan.amis.nl.      IN   A   192.168.188.210
ol6-121-scan.amis.nl.      IN   A   192.168.188.220
ol6-121-scan.amis.nl.      IN   A   192.168.188.230
rac1-ol6-121-priv.amis.nl. IN   A   192.168.190.200
rac2-ol6-121-priv.amis.nl. IN   A   192.168.190.250

 

Then the two ‘reversed’ files, named in /etc/named.conf:

First the 188.168.192.in-addr.arpa file:


@ IN SOA Openfiler2.amis.nl admin.amis.nl. (
200612069 ; serial
7200 ; refresh (2 hours)
300 ; retry (5 minutes)
604800 ; expire (1 week)
60 ; minimum (1 minute)
)

188.168.192.in-addr.arpa. IN  NS  Openfiler2.amis.nl.

195    PTR Openfiler2.amis.nl.

100    PTR rac1-ol6-121.amis.nl.
110    PTR rac2-ol6-121.amis.nl.

150    PTR rac1-ol6-121-vip.amis.nl.
160    PTR rac2-ol6-121-vip.amis.nl.

210    PTR ol6-121-scan.amis.nl.
220    PTR ol6-121-scan.amis.nl.
230    PTR ol6-121-scan.amis.nl.

 

Then the 190.168.192.in-addr.arpa file:


$TTL 86400  ; 1 day
@ IN SOA Openfiler2. admin.amis.nl. (
200612069 ; serial
7200 ; refresh (2 hours)
300 ; retry (5 minutes)
604800 ; expire (1 week)
60 ; minimum (1 minute)
)

190.168.192.in-addr.arpa. IN  NS  Openfiler2.amis.nl.

200 PTR rac1-ol6-121-priv.amis.nl.
250 PTR rac2-ol6-121-priv.amis.nl.

 

Start the named server:

# service named start

Should give o.k.

You may experience an error while stopping the service:

image

You may ignore this error for the purpose of this blog. I did..

Make sure the nameserver is started at boottime:

# chkconfig named on

# chkconfig named –list

But is it working?  To check this out, you’ll have to reconfigure your DNS-resolving on your own server. In my case the first node of my cluster: ‘rac1-ol6-121’.

To make sure that all the hostnames can be resolved the file /etc/resolv.conf must be edited. Create this file with the following entries:


search amis.nl

nameserver 192.168.188.195

But you may experience that this will gets overwritten in OEL6. To overcome this you’ll have to edit the adapter-settings (eth0 / eth1) through the GUI. Or, as Rob state in his blog, create the file /etc/dhclient-enter-hooks with the following content:


make_resolv_conf() {echo "doing nothing to resolv.conf}

So let’s test this (configured this in another domain, jobacle.nl, so the output of the ‘nslookup’ is somewhat different than the configuration above  Smile ):

 nslookup-ol6-121-scan

Openfiler-server (192.168.188.195) is default listening on port 53.

 

Sources:

Configuring DHCP and DNS on Openfiler 2.3:  http://www.denbraber.org/?p=4

RAC-scan dns server setup:  http://ora12c.blogspot.nl/2012/08/oracle-rac-scan-dns-server-setup.html

Using Dnsmasq:  http://dbaora.com/configure-scan-dns-for-rac-11g-rac-12c-using-dnsmasq-in-oel5-oel6-2/

Share.

About Author

Leave a Reply