# Install NetoDNS (Linux package)

Installing NetoDNS is part of the steps to ingest [infoblox-nios-dns-logs-via-netodns-syslog](https://docs.netography.com/ingest-network-traffic-logs/dns-logs/infoblox-nios-dns-logs-via-netodns-syslog "mention")

## Deployment Options

NetoDNS is available as a Docker-compatible container or a Linux software package. To deploy the container, see: [install-netodns-container](https://docs.netography.com/netodns/install-netodns-container "mention")

### Supported Platforms

NetoDNS software packages are provided in these formats:

* x86\_64 and ARM64 EL8 RPM packages available via **yum**
  * EL8 packages are compatible with CentOS 8 and RHEL 8
  * Most other Linux distributions that use EL8 packages will also work
* x86\_64 Debian package available via **apt-get**
  * Debian, Ubuntu, and other Linux distributions using Debian package management

> ⚖️ Selecting a deployment option
>
> Netography recommends deploying the container for most customers. Containers provide isolation that ensures NetoDNS will operate properly and simplifies the deployment process. The software package is best suited for organizations with a standard Linux build that meets your internal security and compliance requirements.

## Installing the Linux Software Package

### Step 1.  Setup Package Repository

**CentOS 8 / RHEL 8 / EL8 - RPM / yum Instructions**

```shell
sudo rpm --import https://netography-repo.s3.amazonaws.com/RPM-GPG-KEY-netography
sudo wget -O /etc/yum.repos.d/netography.repo https://netography-repo.s3.amazonaws.com/yum/el/8/x86\_64/yum.repo
```

**Debian / Ubuntu - apt-get Instructions**

```shell
sudo sh -c '/bin/echo "deb [arch=amd64] https://netography-repo.s3.amazonaws.com/apt/ stable main" > /etc/apt/sources.list.d/netography.list'
cd /etc/apt/trusted.gpg.d/
sudo wget https://netography-repo.s3.amazonaws.com/DEB-GPG-KEY-netography.gpg
sudo apt-get update
```

### Step 2.  Install the package

#### yum install

```shell
yum install netodns
```

#### apt-get install

```shell
sudo apt-get install netodns
```

The installation will write the following files:

* `/etc/systemd/system/netodns.service`
* `/usr/local/bin/netodns`

Installation will enable the service to run at boot, but it will not start the service.

### Step 3.  Configure NetoDNS

You can run NetoDNS by setting configuration in environment variables.

Refer to [configure-netodns](https://docs.netography.com/netodns/configure-netodns "mention") for details on configuration options.

#### 3a. Create a Fusion API key

You will need to [Create a Fusion API key](https://docs.netography.com/api-reference/create-a-netography-api-key) in the Fusion Portal, using the `neto_flow`role or another role with the `Send NetoDNS` permission. Copy the `netosecret` value provided when creating the key.

**Using a secrets vault is the most secure approach for storing this secret**

For production deployments, you should store this value in a secrets vault and have it set the value to this environment variable: `NETO_NETOSECRET`

**Setting the secret in your local environment**

You can also set it directly in your local environment to the variable: `NETO_NETOSECRET`

```
NETO_NETOSECRET="REPLACEME"
export NETO_NETOSECRET
```

#### 3b. Create `/etc/netodns/netodns.env` environment file and set systemd to use

You can run the following commands in a shell to create `/etc/netodns/netodns.env`and set this file to be used to load environment variables when running the `netodns` service. This is one method to set configuration in the environment with `systemctl`.

```
##### Create the directory for env files (if not exists)
sudo mkdir -p /etc/netodns
# Create the environment file and add variables
sudo tee /etc/netodns/netodns.env > /dev/null <<EOF  
NETO_NETOSECRET=REPLACEME
NETO_DATASRC=infoblox-nios  
# NETO_PROTOCOL=tcp  
# NETO_PORT=514  
# NETO_OUTPUT_FILE=  
# NETO_EXCLUDE_QUERIES=  
# NETO_EXCLUDE_QUERIES_RE=  
# NETO_INTERVAL=30  
EOF

# Configure systemd to use the environment file
sudo mkdir -p /etc/systemd/system/netodns.service.d
sudo tee /etc/systemd/system/netodns.service.d/override.conf > /dev/null <<EOF
[Service]  
EnvironmentFile=/etc/netodns/netodns.env  
EOF

# Reload systemd to apply changes
sudo systemctl daemon-reexec  
sudo systemctl daemon-reload
# Restart the service to apply env vars
sudo systemctl restart netodns.service
```

<br>

### Step 4.  Syslog output configuration

NetoDNS outputs logs via syslog. `/var/log/syslog` is the likely default location for these logs, but this may vary depending on your Linux distribution and syslog configuration.

If you need to customize syslog output, syslog output (for logging from netodns, not the syslog listener for ingesting DNS logs) in netodns uses the socket, so if you’re using rsyslog, make sure it’s enabled and has the appropriate log levels going where you want in `/etc/rsyslog.conf`

```shell
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
```

Also, if you would like debug level logging, on most enterprise Linux distributions that will not be sent anywhere by default, so add `kern.debug` file to the appropriate log settings:

`kern.debug;\*.info;mail.none;authpriv.none;cron.none /var/log/messages`

Then restart:

`sudo systemctl restart rsyslog.service`

### Step 5.  Start NetoDNS

`systemctl start netodns.service`

### Step 6.  Set NetoDNS to start at boot

If you would like NetoDNS to run at boot time, you must run the following command:

`systemctl enable netodns.service`

### Step 7. Confirm NetoDNS is Running

`curl localhost:8080/api/v1/stats/rate`