Primary Master DNS na LAN akan Debian 6.0 (V) da ƙarshe

fico

5 minti

Wadanda suka biyo bayan Na 12daNa 3 y Na 4 wani ɓangare na wannan labarin da kuma shawarwarin da aka yi wa BIND ɗinsu sun sami sakamako mai gamsarwa, sun riga sun zama masana kan batun. :-) Kuma ba tare da bata lokaci ba bari mu shiga bangare na karshe:

  • Ationirƙirar nau'in "Invers" na Main Zone Zone fayil 10.168.192.in-addr.arpa
  • Shirya matsala
  • Tsaya

Ationirƙirar nau'in "Invers" na Main Zone Zone fayil 10.168.192.in-addr.arpa

Sunan yankin ya kawo muku su, dama? Kuma shi ne cewa Yankunan Baya suna wajaba ne don samun ƙudurin suna daidai gwargwadon matsayin Intanet. Ba mu da wani zaɓi face ƙirƙirar wanda ya dace da yankinmu. Don wannan muna amfani da azaman samfuri fayil ɗin /etc/bind/db.127:

cp /etc/bind/db.127 /var/cache/bind/192.168.10.rev

Muna shirya fayil din /var/cache/bind/192.168.10.rev kuma mun barshi kamar haka:

; /var/cache/bind/192.168.10.rev; ; BIND baya bayanan fayil don yankin mai gida 10.168.192.in-addr.arpa; Fayil ɗin bayanan BIND don Sashin Jagora (Baya) 10.168.192.in-addr.arpa; $ TTL 604800 @ A SOA ns.amigos.cu. tushen.amigos.cu. (2; Serial 604800; Refresh 86400; Sake gwada 2419200; Expare 604800); Korau mara kyau TTL; @ IN NS ns. 10 A PTR ns.amigos.cu. 1 A PTR gandalf.amigos.cu. 9 IN PTR mail.amigos.cu. 20 A cikin PTR web.amigos.cu. 100 IN PTR fedex.amigos.cu. ; haka nan za mu iya rubuta cikakken adireshin IP. Ex :; 192.168.10.1 IN PTR gandalf.amigos.cu.
  • Lura da yadda a wannan yanayin muka bar lokutan cikin sakan kamar yadda aka ƙirƙira shi ta tsohuwa lokacin da daura9. Yana aiki iri ɗaya. Suna daidai da waɗanda aka nuna a cikin fayil ɗin abokai.cu.host. Lokacin da kake shakka, duba.
  • Har ila yau, lura cewa kawai muna bayyana rikodin rikodin rundunonin waɗanda ke da izini ko "ainihin" IP a kan LAN ɗinmu, kuma wannan yana keɓance ta musamman.
  • Ka tuna ka sabunta fayil din Zone na baya tare da DUK daidai adiresoshin IP da aka ayyana a cikin Direct Direct.
  • Ka tuna ka ƙara Lambar Serial na Yanki duk lokacin da suka gyara fayil din kuma kafin su sake BIND.

Bari mu bincika sabon yankin da aka kirkira:

mai suna-rajista 10.168.192.in-addr.arpa /var/cache/bind/192.168.10.rev

Muna duba sanyi:

mai suna-checkconf -z mai suna-checkconf -p

Idan komai ya tafi daidai, zamu sake farawa sabis ɗin:

service bind9 sake kunnawa

Daga yanzu, duk lokacin da muka gyara fayilolin shiyya, kawai dole ne mu aiwatar:

rndc sake loda

Don haka mun bayyana maɓallin shiga /etc/bind/named.conf.options, a'a?

Shirya matsala

Mahimmanci shine ainihin abun ciki na fayil ɗin /etc/resolv.conf kamar yadda muka gani a babin da ya gabata. Ka tuna ka nuna a ciki aƙalla waɗannan masu zuwa:

bincika abokai.cu nameserver 192.168.10.20

Umurnin tono na kunshin dnsutil. A kan na'ura mai kwakwalwa, rubuta umarnin da #:

# dig -x 127.0.0.1 ..... ;; RASHIN AMSA: 1.0.0.127.in-addr.arpa. 604800 IN PTR localhost. .... # dig -x 192.168.10.9 .... ;; SASAN AMSA: 9.10.168.192.in-addr.arpa. 604800 IN PTR mail.amigos.cu. .... # host gandalf gandalf.amigos.cu yana da adireshi 192.168.10.1 # host gandalf.amigos.cu gandalf.amigos.cu yana da adireshi 192.168.10.1 # dig gandalf; << >> DiG 9.7.2-P3 << >> gandalf ;; zaɓuɓɓukan duniya: + cmd ;; haɗin lokaci ya ƙare; babu sabar da aka samu # tono gandalf.amigos.cu .... ;; SASHE NA AMSA: gandalf.amigos.cu. 604800 A CIKIN 192.168.10.1 .... Idan suna da damar yin amfani da Cuban ko Intanet na Duniya, kuma Masu gabatarwa an ayyana su daidai: # dig debian.org .... ;; SASHE NA TAMBAYA :; debian.org. A CIKIN A ;; SASAN AMSA: debian.org. 3600 A Cikin 86.59.118.148 debian.org. 3600 IN A 128.31.0.51 .... # host bohemia.cu bohemia.cu yana da adireshi 190.6.81.130 # host yahoo.es yahoo.es yana da adireshi 77.238.178.122 yahoo.es yana da adireshi 87.248.120.148 yahoo.es mail ana kula dashi ta hanyar 10 mx-eu.mail.am0.yahoodns.net. # tono -x 77.238.178.122 ;; SASHE NA AMSA: 122.178.238.77.in-addr.arpa. 429 A cikin PTR w2.rc.vip.ird.yahoo.com.

Kuma gabaɗaya tare da sauran yankuna a wajen LAN ɗin mu. Yi shawara kuma bincika abubuwa masu ban sha'awa akan Intanet.

Ofayan mafi kyawun hanyoyi don bincika aikin sabar daura9, kuma gaba ɗaya na kowane sabis ɗin da aka girka, yana karanta fitowar na Saƙonnin tsarin ta amfani da umarnin wutsiya -f / var / log / syslog gudu a matsayin mai amfanitushen.

Yana da ban sha'awa sosai ganin fitowar wannan umarni lokacin da muka yiwa BIND ɗinmu na gida tambaya game da yankin waje ko mai masaukin baki. A wannan yanayin, ana iya gabatar da yanayi da yawa:

  • Idan ba mu da damar yin amfani da Intanet, tambayarmu za ta gaza.
  • Idan muna da damar shiga yanar gizo kuma bamu Bada ayyana Masu Gabatarwa ba, da alama ba zamu sami amsa ba.
  • Idan muna da damar shiga yanar gizo kuma mun bayyana masu turawa, zamu sami amsa tunda zasu kasance masu kula da tuntuɓar uwar garken DNS ko sabobin da suke buƙata.

Idan muna aiki akan LAN Rufe a cikin abin da ba shi yiwuwa ta kowace hanya zuwa ƙasashen waje kuma ba mu da Masu Gabatar da kowane nau'i, za mu iya kawar da saƙonnin bincike na Sabbin Akidar "Sakarwa" fayil ɗin /etc/bind/db.root. Don yin wannan, zamu fara adana fayil ɗin tare da wani suna sannan mu share duk abubuwan da ke ciki. Bayan haka zamu bincika daidaitawar kuma sake kunna sabis ɗin:

cp /etc/bind/db.root /etc/bind/db.root.original cp / dev / null /etc/bind/db.root mai suna-checkconf -z mai suna-checkconf -p sabis ɗaura 9 sake farawa

Tsaya

Ya zuwa yanzu, jama'a, ɗan gabatarwa ga sabis na DNS. Abin da muka yi a yanzu zai iya yi mana aiki daidai ga ƙananan kasuwancinmu. Hakanan don gidan idan muka ƙirƙiri injuna na zamani tare da tsarin aiki daban-daban da adiresoshin IP daban, kuma ba ma so mu koma zuwa gare su ta IP amma da suna. Kullum ina girka BIND akan mai masaukin gidana dan girkawa, daidaitawa, da kuma gwada ayyukan da suke dogaro da aikin DNS. Ina yawan amfani da Desktops da Sabin Virtual, kuma bana son adana fayil / sauransu / runduna akan kowane inji. Nayi kuskure da yawa.

Idan baku taɓa sanyawa ba kuma kun saita BIND, don Allah kar a kashe ku idan wani abu ya sami matsala a ƙoƙarin farko kuma dole ne ku sake farawa. Kullum muna bada shawara a cikin waɗannan sharuɗɗan don farawa tare da shigarwa mai tsabta. Yana da daraja a gwada!

Ga waɗanda suke buƙatar ɗimbin yawa a cikin sabis na ƙuduri na suna, wanda za a iya cimma ta hanyar daidaitawa sabar Jagora ta Secondary, muna ba da shawarar ku ci gaba da tare da mu a ci gaba mai zuwa: Secondry Master DNS na LAN.

Taya murna ga waɗanda suka bi duk labaran kuma suka sami sakamakon da ake tsammani!


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   st0bayan4 m
    sa 11 shekaru

    A ƙarshe! .. matsayi na ƙarshe: D!

    Godiya ga raba abokina!

    Na gode!

    Amsa zuwa st0rmt4il
  2.   Rafael Hernandez ne adam wata m
    sa 11 shekaru

    Mai matukar ban sha'awa, labaranku, Ina da ingantaccen DNS wanda aka ɗora akan freeBSD don yankin .edu.mx, ya zuwa yanzu ya yi aiki daidai a gare ni, amma a cikin watan da ya gabata na gano hare-hare da yawa, zuwa ga sabar, menene hanyoyin tsaro zuwa An fallasa DNS? maigida

    Amsa wa Rafael Hernandez
  3.   PICCORUS m
    sa 11 shekaru

    Kunshin matse bind9 yana da matsalar aiki tare da samba, sigar 9.8.4 ta riga ta kasance a cikin reshe na bayan fage na matsi, sigar wheeze ba ta da wannan matsalar, don lenny venenux.net za ta sake dawo da kunshin.

    Labari mai kyau.

    Wannan shine kawai labarin da ke yin komai da kyau ..

    Ya kamata a lura cewa acl don ɓarna ba ya aiki tunda kamar yadda za'a yi masa allurar daga cibiyar sadarwar cikin gida, mafita za ta kasance musanta canje-canjen ga abokan cinikin, da ƙirƙirar rikitaccen acl wanda ke hana sake sanya sunaye (wani abu mai kama da dnts tsaye)

    TAMBAYA TA MUSAMMAN:

    zai yi kyau a kara sanyawa a kan yadda ake yin dns matattara maimakon na Tacewar zaɓi

    Amsa wa PICCORO
    1.    Federico Antonio Valdes Toujague m
      sa 11 shekaru

      Godiya ga yin tsokaci @PICCORO !!!.
      Na bayyana a farkon duk labarin na cewa ban dauki kaina gwani ba. Ya rage ƙasa sosai akan batun DNS. A nan duk muna koya. Zan yi la'akari da shawarwarin ku yayin girka DNS ɗin da ke fuskantar Intanet ba don LAN ta al'ada da sauƙi ba.

      Amsa wa Federico Antonio Valdés Toujague
  4.   Frank Davida m
    sa 9 shekaru

    KYAUTA KYAUTA! Babban taimako ne a gareni tunda na fara kawai a wannan jujjuyawar sabar, komai yayi daidai. Na gode kuma ku ci gaba da buga irin waɗannan kyawawan karatuttukan !!!

    Amsa wa Frank Davila
  5.   Yesu Fenández Toledo m
    sa 9 shekaru

    Fico, ina sake taya ku murna da wannan babban kayan.

    Ni ba gwani bane a BIND9, ku gafarce ni idan nayi kuskure game da sharhin, amma ina tsammanin baku da ma'anar yankin don binciken da baya cikin fayil din mai suna.conf.local

    Amsa wa Jesús Fenández Toledo
    1.    kari m
      sa 9 shekaru

      Abin kunya ne ace Fico ta kasa amsa maka yanzu.

      Amsa zuwa bayani
      1.    Federico Antonio Valdes Toujague m
        sa 9 shekaru

        Gaisuwa da Godiya, Elav, kuma ga shi ina amsawa. Kamar koyaushe, Ina baku shawarar ku karanta a hankali ... 🙂

        Amsa wa Federico Antonio Valdés Toujague
    2.    Federico Antonio Valdes Toujague m
      sa 9 shekaru

      A cikin sakon: https://blog.desdelinux.net/dns-maestro-primario-para-una-lan-en-debian-6-0-iii/

      Na rubuta wadannan:
      Gyarawa zuwa fayil /etc/bind/named.conf.local

      A cikin wannan fayil ɗin muna bayyana yankunan yanki na yankinmu. Dole ne mu hada da Gaba da Baya Yankuna a matsayin mafi karanci. Ka tuna cewa a cikin fayil ɗin sanyi /etc/bind/named.conf.options mun bayyana a cikin wane kundin adireshi za mu karɓi fayilolin Zones ta amfani da umarnin shugabanci. A ƙarshe, fayil ɗin ya zama kamar haka:

      //etc/bind/named.conf.local
      //
      // Yi kowane tsari na gida anan
      //
      // Yi la'akari da ƙara yankunan 1918 a nan, idan ba a amfani da su a cikin ku ba
      // kungiya
      // sun hada da "/etc/bind/zones.rfc1918";
      // Sunayen fayiloli a kowane yanki sune a
      // dandano mai amfani. Mun zabi abokai.cu.hosts
      // da 192.168.10.rev saboda suna bamu bayyananniyar su
      // abubuwan ciki. Babu sauran asiri 😉
      //
      // Sunayen Yankunan BA BATSA NE BA
      // kuma zasu dace da sunan yankinmu
      // kuma zuwa LAN subnet
      // Master Main Zone: «Kai tsaye» nau'in
      yankin «amigos.cu» {
      Nau'in mashigin;
      fayil "amigos.cu.hosts";
      };
      // Master Main Zone: nau'in «Inverse»
      yankin "10.168.192.in-addr.arpa" {
      Nau'in mashigin;
      fayil "192.168.10.rev";
      };
      // Karshen sunan mai suna.conf.local file

      Amsa wa Federico Antonio Valdés Toujague
  6.   Fabian Valery m
    sa 9 shekaru

    Kyakkyawan, abubuwan ban sha'awa sosai game da post ɗin ku game da dns, sun taimaka min don farawa kan batun, na gode. Na fayyace cewa ni sabon shiga ne a wannan batun. Amma karanta bayanan da kuka wallafa na lura cewa yana aiki tare da adreshin adreshin a cikin rundunonin cibiyar sadarwar cikin gida. Tambayata ita ce, yaya za ku yi da hanyar sadarwar cikin gida tare da adiresoshin IP masu ƙarfi, waɗanda aka sanya ta hanyar uwar garken dhcp, don ƙirƙirar fayilolin babban yankin manyan nau'ikan "kai tsaye" da "juyawa"?

    Zan yi godiya ga hasken da za ku iya bayarwa game da batun da aka tayar. Na gode. Fv

    Amsa wa Fabian Valery
    1.    Federico A. Valdes Toujague m
      sa 9 shekaru

      Godiya ga yin tsokaci, @fabian. Kuna iya tuntuɓar waɗannan labarai masu zuwa, wanda nake fatan zasu taimaka muku aiwatar da hanyar sadarwa tare da adiresoshin haɓaka:

      https://blog.desdelinux.net/servicio-de-directorio-con-ldap-2-ntp-y-dnsmasq/
      https://blog.desdelinux.net/servicio-de-directorio-con-ldap-3-isc-dhcp-server-y-bind9/

      gaisuwa

      Amsa wa Federico A. Valdés Toujague