Category: Networking

.local domain fails

This post is meant for users who can do a dns query on a local dns record but cannot access this name. E.g. dig is giving you the IP address of the host, but you cannot ping or SSH to it (and it’s not firewall related)

Recently I’ve changed my network setup and moved away from my router as DHCP/DNS server. I installed pi-hole and I’m quite satisfied.

I have several RPI’s and other material (Yún and linkit7688) running and I want to reach them via a host name. You can add the host name in “etc/hosts” file on the RPI-hole (192.168.x.x [name] [name].[local-domain name]). You can ping or ssh from different kinds of OS, but not from Ubuntu.

This is caused mdns (multicast dns, for auto configuration of the .local domain).

Check /etc/nsswitch.conf, and you will see:

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
mdns4 is what is doing multicast dns.

If you change this to, you should be able to reach the host:
hosts: files dns

The you have two options:
1.) Remove mdns permanently with sudo apt-get remove libnss-mdns
2.) don’t use .local – use .lan or something instead

I’ve chosen for option 2, due to the fact that I want Ubuntu to work “out of the box” and in my opinion it’s better to make a server side change then updating all the clients of the network.

Turn your Raspberry PI into a malicious network traffic scanner with wireshark

I needed to scan a network with wireshark to check for malicious traffic. I took my RPi turned into a router with a DHCP server and installed wireshark to check all the network traffic.

Step 1: Static IP address

See my previous article for the setup.

Step 2: Install and configure DHCP server

In this case I’ve chosen the ISC as DHCP server. To install:

sudo apt-get install isc-dhcp-server

For the configuration, please edit /etc/dhcp/dhcpd.conf and add the following:

subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.20 192.168.100.39;
option broadcast-address 192.168.100.255;
option routers 192.168.100.1; option domain-name-servers 8.8.8.8;
}

Now we need to tell the daemon some specifics, please edit /etc/default/isc-dhcp-server and uncomment the following:

DHCPD_CONF=/etc/dhcp/dhcpd.conf
DHCPD_PID=/var/run/dhcpd.pid
INTERFACES="eth0"

And add “eth0” to the interfaces list, this tells the daemon on which interface he needs to react on.

Before you run the DHCP server please stop the DHCP server on your rputer. Now you can start the daemon on your RPi with: sudo service isc-dhcp-server start

If you run into any problems please use systemctl status isc-dhcp-server.service to check the output.

You can use cat /var/lib/dhcp/dhcpd.leases to check out the leases.

Step 3: Turn your RPi into a router

Your RPi is now able to respond to DHCP requests, but now we need to be able to forward the traffic.

sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

Please edit /etc/sysctl.conf and uncomment out the line that says net.ipv4.ip_forward = 1
Last step is to enable NATTING via IPtables:

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Excellent, your RPi is now a router in your network and forwarding the traffic.

Step 4: Wireshark
I want to see all network traffic and for this purpose I installed wireshark. The RPi2 is fast enough to use the GUI of wireshark. For this purpose I installed tightvncserver and wireshark.

sudo apt-get install tightvncserver
sudo apt-get install wireshark

Now with a VNC client you can connect to your RPi and start wireshark in a terminal. You can use not (port 5901) as capture filter which does not capture the VNC traffic.

wireshark capture

How to setup a static IP address raspberry PI

You cannot get a static or fixed IP address working on you Raspberry PI with the current tutorials? Then you came to the right place!

The raspberry PI is an excellent device and I use it often as a server to host my projects. For most of my project I need a static IP address on my RPi. I thought that this would be an easy job just to change the /etc/network/interfaces (also according to a lot of tutorials).  Turns out that from the jessie image (kernel 4.x) you need to change the dhcpd.conf. Below I will explain in detail the steps and some more guidance on where to configure your static IP address.

Network

Before you add a static IP address on your RPi, please consider where you want to make the configuration. It makes a lot of sense to configure your DHCP server (in most home networks your ISP router) with the appropiate settings rather then on the RPi.  Based on the MAC address of your device the router is able to hand out a static IP address. Configuring this on your router makes administration easier due to the fact that you have 1 administration where all the data of the devices with a static IP address is stored.

Bonjour

Now that you have configured your router and your RPi has a static IP you can log on to the given IP address. But we people are better in remembering a name than numbers. So to make life more easier you can install avahi on your RPi.

Avahi is a linux implementation which enables programs/OS to publish and discover services and hosts running on a local network. For example, a user can plug their computer into a network and have Avahi automatically advertise the network services running on the machine which could enable access to files and printers.

The protocol behind avahi is known as Multicast Domain Name Service (mDNS) and can also be used as a system for local DNS resolution. Also apple addopted this protocol and implemented it in bonjour. Probally a lot of your devices in your network are already using this, eg. Chromecast, NAS server, open elec and arduino yun.

Next to boradcasting the services available on your host you can also reach your device by using the hostname and the .local suffix. E.g. ping monitoring.local

> ping monitoring.local
PING domotiga.local (192.168.2.30) 56(84) bytes of data.
64 bytes from 192.168.2.30: icmp_seq=1 ttl=64 time=3.87 ms
64 bytes from 192.168.2.30: icmp_seq=2 ttl=64 time=42.6 ms
64 bytes from 192.168.2.30: icmp_seq=3 ttl=64 time=66.6 ms

You can enable this on your RPi:

sudo apt-get update
sudo apt-get install avahi-daemon

Go ahead and ping the new .local address on the machine you wish to access the device from! If you installed Itunes on your windows machines you also have the bonjour service installed. If not, just donwload it from the apple website. You can now use this on your CLI but also from your webbrowser. If you want to browse through al available services/clients please install the avahi utils:

apt-get install avahi-utils
avahi-browse -a -t

The browse command will provide you with all available service:

+ wlan0 IPv4 DiskStation Apple File Sharing local
+ wlan0 IPv4 DiskStation _device-info._tcp local
+ wlan0 IPv4 Woonkamer _googlecast._tcp local
+ wlan0 IPv4 monitoring Remote Disk Management local
+ wlan0 IPv4 domotiga Remote Disk Management local

Static on Raspberry PI

Still you can have a good reason not to configure the static IP address via your router, in my case it was a network related project.  Probally you already tried some configuration changes to the /etc/network/interface file. Please undo them. If you did not make a backup, you can use below config:

# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d</code>

auto lo
iface lo inet loopback

iface eth0 inet manual

allow-hotplug wlan0
iface wlan0 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

allow-hotplug wlan1
iface wlan1 inet manual

You can now edit /etc/dhcpcd.conf and please add:

interface eth0
static ip_address=x.x.x.x/24
static routers=x.x.x.x
static domain_name_servers=8.8.8.8

In my case I was connected via SSH, so you can now reboot RPi.