Technically minded Weblog

Finally found some time to write a blog post.

First, some background. I’ve had an ancient Pentium 3 PC (upgraded with Intel Gigabit NIC and USB 2.0 card) with Windows 2003 running as my home server for many years. This old beast had many uses in the past, including being my web code testing sandbox, torrenting box, IPTV multicast bridge and others. Recently however, the server was only being used as a DNS filter (mostly for ad blocking and mapping local IPs to hostnames) and DHCP.

I’ve been thinking of transferring these duties to my Asus RT-N66U router (running DD-WRT and Debian) for a while but never found time to do it. Well, I finally did it. For those interested in how to do transfer DNS and DHCP from Windows 2003 to Linux, read below.

First, the easy part: DHCP. I mostly used Windows 2003 DHCP to map MAC addresses to static IPs. Since DD-WRT has this functionality built-in (heck, even most stock router firmwares have this built-in), all I had to do is copy existing static IP assignments to DD-WRT configuration (Services -> Static Leases). I know this method isn’t very suitable for those with a lot of assignments.

For users with a lot of assignments, the best way to go would be to export DHCP configuration and process it to generate a database of static leases (eg. using a script). But how to do it is outside the scope of this post.

Now the hard part: DNS. Like I mentioned before, I mostly used my local DNS server to do Ad domain blocking and mapping LAN IPs to hostnames. To block a domain (and all of it’s subdomains) using a local DNS, all you need to do is create a zone record for that domain in your local DNS server (you can optionally point it to a local IP, eg. for displaying an error message to the user).

There are a lot of domains hosting Ads out there. Over the years, my zone count grew to nearly 200 domains. Copying all these zone records manually to Linux BIND server (which is what I wanted to use) would have been a pain-in-the-a**, so I started looking for a more automated way of doing this.

Here’s what I found:

For those not using Active Directory for DNS, dumping zone files is very easy. They are stored as text files in C:\Windows\System32\DNS.

Unfortunately, I was using unknowingly AD for my DNS zones because this was the default setting when creating new zones. So I had no zone files in C:\Windows\System32\DNS. I had to use a shell script to dump all the zones from AD. I’ve used powershell, but any other language will work as well. Basically, what you need is to run:

dnscmd /enumzones

Then process the output of this command to get a zone list and run this for each zone:

dnscmd /zoneexport <zone name> <export file>

eg. dnscmd /zonnexport example.com example.com.txt

This will export the zone files to C:\Windows\System32\DNS (I strongly suggest using zone name as export file name).

To use these zone files, you’ll also need to generate a config file for BIND. I did this by just getting list of all zone files in generating a config entry for each of them, using file name as zone name. Entries look like this:

zone “example.com” {
type master;
file “/etc/bind/zones/example.com.zone”;
};

After generating the config file, all you need to do is copy all your exported zone files to /etc/bind/zones/ and include your generated config file in BINDs configuration.

This is a rough guide. If you need any help with this guide, do contact me dds[alpha]ddscentral.org.