Babbar Jagora DNS don LAN akan Debian 6.0 (III)

fico

7 minti

Effortoƙari ne ƙwarai don ragewa a cikin ƙananan ƙananan labarai 5 Ilimin da ya gabata, Girkawa, igaddamarwa, da ofirƙirar Yankuna da cksididdigar BIND, don a iya fahimtar ta da yawan masu karatu wanda shine babban dalilin mu.

Waɗanda suka yi haƙuri a hankali karanta Na 1 y 2da Ga wani ɓangare na wannan labarin, a shirye suke su ci gaba tare da daidaitawa da saita saitin Sababin Sunan yanki don LAN.

Ga Sabon, da waɗanda ba su da cikakken haske game da takaitattun ra'ayoyin da aka bayar a ɓangarorin da suka gabata, muna ba da shawarar ku karanta su da nazarin su kafin ku ci gaba. Wadanda Ake Tsammani da Rashin Tunawa! dawo idan baka karanta a hankali ba.

Za mu gani a ƙasa:

  • Babban bayanan LAN
  • Configayyadaddun tsarin daidaitawa
  • Gyarawa zuwa fayil /etc/resolv.conf
  • Gyarawa zuwa fayil /etc/bind/named.conf
  • Gyarawa zuwa fayil /etc/bind/named.conf.option
  • Gyarawa zuwa fayil /etc/bind/named.conf.local

 Babban bayanan LAN

LAN Sunan Sunan: amigos.cu LAN Subnet: 192.168.10.0/255.255.255.0 A DAURA Server IP: 192.168.10.10 Server NetBIOS Sunan: ns

Kodayake a bayyane yake, tuna don canza bayanan da suka gabata don kanku.

Configayyadaddun tsarin daidaitawa

Yana da matukar mahimmanci a daidaita fayilolin daidai / Sauransu / cibiyar sadarwa / musaya y/ sauransu / runduna don samun kyakkyawan aikin DNS. Idan aka bayyana duk bayanan yayin girkawa, babu gyara da zai zama dole. Abubuwan kowane ɗayansu ya zama mai zuwa:

# abinda ke ciki na file din / etc / network / / musaya # Wannan fayil din yana bayanin hanyoyin sadarwar da ake samu akan tsarin # da yadda ake kunna su. Don ƙarin bayani, duba musaya (5). # Hanyar sadarwar hanyar sadarwa ta lopback ta hanyar amfani da yanar gizo ta hanyar amfani da yanar gizo ta hanyar komputa # Babban hanyar sadarwar yanar gizo damar-hotplug eth0 iface eth0 inet a tsaye adireshin 192.168.10.10 netmask 255.255.255.0 hanyar sadarwa 192.168.10.0 watsawa 192.168.10.255 ƙofa 192.168.10.2 # dns- * zaɓuɓɓuka sune aiwatarwa ta kunshin warwarewa, idan an shigar dns-nameservers 192.168.10.10 dns-search amigos.cu # abun ciki na / etc / runduna 127.0.0.1 localhost 192.168.10.10 ns.amigos.cu ns # Lines masu zuwa suna da kyawawa ga masu karɓar bakuncin IPv6 :: 1 ip6-localhost ip6-loopback fe00 :: 0 ip6-localnet ff00 :: 0 ip6-mcastprefix ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouter

Gyarawa zuwa fayil /etc/resolv.conf

Don tambayoyinmu da bincikenmu suyi aiki daidai, ya zama dole a bayyana a cikin tsarin gida na mai masaukin, wanda zai zama yankin bincikenmu kuma wanda zai zama yankin mu na DNS. Ba tare da matakan da ke sama ba aƙalla, duk wata tambaya ta DNS za ta gaza. Kuma wannan kuskurene wanda yawancin masu farawa sukeyi. Don haka bari mu gyara fayil ɗin /etc/resolv.conf kuma mun bar shi tare da abubuwan da ke tafe:

# abun ciki na /etc/resolv.conf bincika abokai.cu mai sakawa 192.168.10.10

A kwamfutar da muke sanya sabar DNS za mu iya rubuta:

bincika abokai.cu nameserver 127.0.0.1

A cikin abubuwan da ke sama, bayanin nameserver 127.0.0.1, yana nuna cewa za a yi tambayoyin zuwa Localhost.

Bayan mun daidaita BIND dinmu daidai zamu iya yin duk wata tambaya ta DNS daga mai masaukinmu, zama sabar kanta daura9 ko wani wanda aka haɗa zuwa cibiyar sadarwar kuma wannan yana cikin ƙaramin mahaɗa ɗaya kuma yana da mashin ɗin hanyar sadarwa iri ɗaya. Don ƙarin koyo game da fayil ɗin, gudu mutum resolv.conf.

Gyarawa zuwa fayil /etc/bind/named.conf

Don iyakance tambayoyi ga BIND ɗinmu don kawai su amsa ta hanyar subnet ɗin mu kuma su hana kai hari Kwashewa, Mun bayyana a cikin fayil din mai suna.conf Jerin Lissafin Lantarki ko ACL (Jerin Lissafin Samun Dama) kuma muna kiran sa mired. Fayil dinmai suna.conf Ya kamata ya zama kamar haka:

// /etc/bind/named.conf // Wannan shine farkon fayil ɗin daidaitawa don BIND DNS uwar garken mai suna. // // Da fatan za a karanta /usr/share/doc/bind9/README.Debian.gz don bayani kan tsarin // tsarin fayilolin daidaita BIND a cikin Debian, * KAFIN * ka tsara // wannan fayil ɗin sanyi. // // Idan kawai kuna ƙara yankuna ne, da fatan za a yi hakan a cikin /etc/bind/named.conf.local // // Sharhi a cikin Sifaniyanci namu ne // Mun bar asali a Turanci // HATTARA da yin kwafa da manna // KADA KA BAR TATTALIN SHUGABA A KARSHEN KOWANE LAYYA // // Lissafin Sarrafa Samun Dama: // Zai ba da izinin tambayoyi daga yankin yankin da kuma daga subnet ɗinmu // A cikin fayil ɗin da aka haɗa mai suna.conf.options za mu koma zuwa gare shi . acl ya haɗu {127.0.0.0/8; 192.168.10.0/24; }; hada da "/etc/bind/named.conf.options"; hada da "/etc/bind/named.conf.local"; hada da "/etc/bind/named.conf.default-zones"; // ƙarshen fayil /etc/bind/named.conf

Bari mu bincika daidaitawar BIND har zuwa yanzu kuma sake kunna sabis ɗin:

mai suna-checkconf -z sabis ɗauri9 sake farawa

Gyare-gyare ga fayil ɗin /etc/bind/named.conf.options

A kashi na farko “zažužžukan"Zamu bayyana kawai Masu turawa, kuma su waye zasu iya tuntubar BIND din mu. Sannan mun bayyana Mabudin ko key ta inda zamu iya sarrafa daura9, kuma a ƙarshe daga wane rukuni za mu iya sarrafa shi. Don sanin wanne mabudi ko mabuɗi, dole ne muyi cat /etc/bind/rndc.key. Muna kwafin fitarwa kuma liƙa shi a cikin fayil ɗin name.conf.options. A ƙarshe, fayil ɗinmu yakamata yayi kama da wannan:

Zaɓuɓɓukan zaɓuka // /etc/bind/named.conf.options {// HATTARA KWAI DA KASHE, PLEASE ... // Tsoffin kundin adireshi don nemo kundin fayil ɗin mu na Zones "/ var / cache / bind"; // Idan akwai Tacewar zaɓi tsakanin ku da sunayen masu son da kuke so // kuyi magana da su, kuna iya buƙatar gyaran katangar don ba da dama // mashigai suyi magana. Duba http://www.kb.cert.org/vuls/id/800113 // Idan ISP naka ya ba da adireshin IP ɗaya ko sama don masu karko // masu amfani da suna, mai yiwuwa kana son amfani da su azaman masu turawa. // Ba a bayyana abin toshe ba, sa'annan shigar da adiresoshin maye gurbin // mai wurin-0 duka. // masu gabatarwa {// 0.0.0.0; // 0.0.0.0; //} // Masu Gabatarwa. Ba ni da kyakkyawar fassara // Adiresoshin sun fito daga sabobin ceniai.net.cu // Idan KADA KA sami damar shiga Intanet ba lallai ba ne // ka bayyana su, sai dai idan kana da LAN mai rikitarwa // tare da sabobin DNS waɗanda ke aiki a matsayin Masu Turawa a waje // na zangon adireshin IP ɗinku na subnet. A wannan yanayin // dole ne ku bayyana IP (s) na waɗannan sabobin. // Tambayoyin masu gabatarwa sune Cascade. masu gabatarwa {169.158.128.136; 169.158.128.88; }; // A kan ingantaccen LAN, Dukan tambayoyin DNS // ya kamata a yi wa uwar garken DNS na gida akan wannan LAN, // BA zuwa sabobin da ke wajen LAN. // Musamman idan kana da damar shiga Intanet, // ya zama na Kasa ko na Duniya. Don haka // muna sanar da Masu turawa auth-nxdomain ba; # dace da RFC1035 saurara-on-v6 {kowane; }; // Kare kan tambayar izini-neman bayanai {mired; }; }; // Abubuwan cikin fayil / etc / bind / rndc-key // samu ta hanyar cat / etc / bind / rndc-key // Ka tuna canza shi idan muka sake sabunta maɓallin "rndc-key" {algorithm hmac-md5; sirrin "dlOFESXTp2wYLa86vQNU6w =="; }; // Daga wane rukuni za mu sarrafa kuma ta wace hanya mabuɗin sarrafawa {inet 127.0.0.1 kyale {localhost; } mabuɗan {rndc-key; }; }; // fayil ɗin ƙarshe /etc/bind/named.conf.options

Bari mu bincika daidaitawar BIND har zuwa yanzu kuma sake kunna sabis ɗin:

mai suna-checkconf -z sabis ɗauri9 sake farawa

Mun yanke shawarar hada da // Sharhi bangarorin asasi waɗanda zasu iya zama matsayin ishara don shawarwari na gaba.

Hujjar ayyana Masu Gabatarwa, ya canza sabar BIND din mu ta cikin Sabar Caché, tare da kiyaye aikin Primary Master. Lokacin da muka nemi mai masauki ko yanki na waje, amsar - idan ta tabbata - za a adana ta a cikin ɓoye, don haka lokacin da muka sake tambayarsa ga mai masauka ɗaya ko yankin waje ɗaya, za mu sami amsa da sauri ta rashin shawara koma zuwa DNS na waje.

Gyarawa zuwa fayil /etc/bind/named.conf.local

A cikin wannan fayil ɗin muna bayyana yankunan yanki na yankinmu. Dole ne mu hada da Gaba da Baya Yankuna a matsayin mafi karanci. Ka tuna cewa a cikin fayil ɗin daidaitawa/etc/bind/named.conf.options Mun bayyana a wanne kundin adireshi zamu dauki bakuncin fayilolin Zones ta hanyar amfani da kundin adireshi. A ƙarshe, fayil ɗin ya zama kamar haka:

// /etc/bind/named.conf.local // // Yi kowane tsari na gida a nan // // Yi la'akari da ƙara yankunan 1918 a nan, idan ba a amfani da su a cikin ƙungiyar ku // sun haɗa da "/ sauransu / ɗaure /zones.rfc1918 "; // Sunayen fayiloli a kowane yanki sune // dandano mai amfani. Mun zabi amigos.cu.hosts // da 192.168.10.rev saboda suna bamu haske game da abinda suke ciki. Babu sauran asiri // // Sunayen Yankunan BASU DANGANE BA // kuma zai dace da sunan yankinmu // da kuma LAN subnet // Main Master Zone: rubuta yankin "Direct" yankin amigos.cu "{ Nau'in bugawa; fayil "amigos.cu.hosts"; }; // Master Main Zone: rubuta yankin "Inverse" "10.168.192.in-addr.arpa" {type master; fayil "192.168.10.rev"; }; // Karshen sunan mai suna.conf.local file

Don bincika tsarin BIND har yanzu:

mai suna-checkconf -z

Umurnin da ya gabata zai dawo da kuskure har sai fayilolin yankin ba su wanzu. Babban abu shine yana gargadinmu cewa ba za'a ɗora Kwatancen da aka ayyana a cikin suna.conf.local ba, tunda fayilolin DNS ba su wanzu, wanda yake gaskiya ne a yanzu. Za mu iya ci gaba.

Bari mu sake farawa da sabis don la'akari da canje-canje:

service bind9 sake kunnawa

Kamar yadda ba mu son yin kowane matsayi mai tsayi, za mu magance batun ƙirƙirar fayilolin Yankin Localungiyoyi a cikin kashi na 4 na gaba. Har sai abokai!


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   st0bayan4 m
    sa 11 shekaru

    Godiya ga mutum!

    A yau yana da wahala a ga sakonnin wannan ingancin a yanar gizo!

    Na gode!

    Amsa zuwa st0rmt4il
    1.    phico m
      sa 11 shekaru

      Na gode sosai da bayaninka .. Abin farin ciki ne karanta abubuwa kamar haka .. 😉

      Amsa wa Fico
  2.   kara 0 m
    sa 11 shekaru

    Labari mai kyau!
    Na gode fico, Elav, KZ, duk da haka… DesdeLinux domin akwai

    Gaba ɗaya, ana iya aiwatar da plugin wanda zai ba da damar zazzage abubuwan azaman pdf (Yanayin ɗan Adam)
    gaisuwa
    Gashi

    Amsa zuwa dasht0
    1.    federico m
      sa 11 shekaru

      Na gode duka don ra'ayoyin ku. Muna koyon DUKAN su.
      Sauke labaran a cikin PDF bai haɗa da maganganun abokai da abokan aiki ba, waɗanda ke dacewa da gidan kuma suna da amfani ƙwarai. Ba da Jagora ba tare da sharhi ba kusan ba zai yuwu ba saboda girman batun. UNIX / Linux suna da faɗi sosai don kawar da kwarewar kowa.

      Amsa wa federico
      1.    kara 0 m
        sa 11 shekaru

        Labari masu kyau!
        A bayyane yake cewa maganganun sun cika bayanan labaran, har ma suna bayar da shawarar abubuwan da zasu iya wanzuwa ko wadanda za a iya karawa, amma ina kula da ra'ayina cewa zai yi kyau idan za a iya adana labarin azaman pdf, aƙalla a wurina
        Rungumewa daga Cuba da ci gaba da ɗokin sa

        Amsa zuwa dasht0
  3.   abarinn m
    sa 9 shekaru

    Gudun:
    mai suna-checkconf -z
    Ina jin kamar:
    /etc/bind/named.conf.options:30: zaɓin da ba a sani ba 'sarrafawa'

    Amsa wa elpapineo
    1.    abarinn m
      sa 9 shekaru

      Na amsa kaina: dole ne ku sanya sashin sarrafawa a waje da sashin zaɓuɓɓuka.

      Ina kuma son ba da gudummawa wani abu: idan maimakon yin kwafa da liƙawa a cikin fayil ɗin suna.conf.options

      mabudi "rndc-key" {
      algorithm hmac-md5;
      sirrin "dlOFESXTp2wYLa86vQNU6w ==";
      };

      Muna yin:

      hada da "/etc/bind/rndc.key";

      a cikin suna.conf fayil Ina tsammanin yana aiki ma.

      Na gode.

      Amsa wa elpapineo