DNS iyo DHCP ee CentOS 7 - Shabakadaha SMB

Tusmada guud ee taxanaha: Shabakadaha Kombuyuutarka ee loogu talagalay SMEs: Hordhac

Saaxiibbo waad salaaman tihiin !. Waxaan ku arki doonnaa qodobkaan sida aan u hirgelin karno labada adeeg ee muhiimka u ah shabakadaha ay sameysay DNS iyo DHCP ee CentOS - Linux, gaar ahaan nooca 7.2.

  • Maqaallada qaarkood ee ku saabsan DNS waxay tixraacayaan xaqiiqda ah in hirgelinta adeeggan ay tahay waxoogaa mugdi ah oo adag. Aad ugama raacsani hadalkaas. Waxaan jeclaan lahaa inaan iraahdo waa wax fikradeed iyo inbadan oo faylalka iskuxirka ah ay leeyihiin iskudhaf isku buuq badan. Nasiib wanaag, waxaan haynaa qalab aan ku hubino, talaabo talaabo, qaabeynta feyl kasta oo qaabeynta ah oo aan wax ka bedelno. Sidaa darteed, waxaan isku dayi doonaa inaan ka dhigno aqrinta qoraalkan mid raaxo leh oo raaxo leh intii suurtagal ah..

Kuwa raadinaya aasaasiga labada adeeg, waxaan si xoog leh kugula talineynaa inaad ka bilowdo raadintaada Wikipedia, labadaba noocyadeeda Isbaanishka iyo Ingiriiska. Run ma ahan run run ahaan maqaallada ku qoran Ingiriisigu had iyo jeer way ka dhameystiran yihiin isla markaana waa isku xiran yihiin. Weli, Wikipedia waa bar bilow aad u wanaagsan.

Kuwa idinka mid ah ee runtii doonaya inay wax ka bartaan DNS iyo BIND, waxaan kugula talineynaa inaad aqriso buugga «OReilly - DNS iyo BIND 4ed"waxaa qoray Paul albitz y Liu Cricket, ama daabac dambe oo hubaal jira.

Waxaan horey u daabacnay maqaal ku saabsan mowduuca cinwaankiisu yahay «DNS iyo DHCP ee furanSUSE 13.2 Shabakadaha Harlequin - SME»Loogu talagalay dadka jecel jawiga muuqaalka leh. Si kastaba ha noqotee, wixii hadda ka dambeeya waxay la kulmi doonaan maqaallo ku saabsan mowduucan - ma ahan kuwa kale- oo lagu qoray adeegsi fara badan oo emulator ka ah terminal ama konsol. Wow, qaabka caadiga ah ee ay adeegsadaan UNIX® / Linux Maamulayaasha Nidaamka.

Haddii aad rabto inaad waxbadan ka ogaato magaca dambe ee cinwaanka maqaalkan «Shabakadaha SME»Waxaad booqan kartaa bogga ku jira boggan«Shabakadaha SME: markii ugu horreysay oo la jaro«. Dhexdeeda waxaad ka heli doontaa xiriiriyeyaal maqaallo kale oo badan oo la daabacay ah.

  • Ka dib marka la rakibo CentOS 7 Operating System waxaa lagu dhammeeyaa xirmooyinka aan kugula talineyno, el tusaha /usr/share/doc/bind-9.9.4/ Waxay ka kooban tahay qaddarro dukumiinti ah oo aan kugula talineyno inaad la tashato ka hor intaadan ku dhaqaaqin raadinta internetka adigoon marka hore ogeyn, farahaaga iyo gurigaaga, waxaad ka heli kartaa waxa aad raadineyso.

Rakibaadda nidaamka salka

Xogta guud ee bogga iyo server-ka DNS

Magaca domain: desdelinux. taageere
Magaca server-ka DNS: dns.desdelinux. taageere
Cinwaanka IP: 192.168.10.5
Maaskaro Subnet: 255.255.255.0

Ku rakibida

Waxaan ku bilaabaynaa rakibid cusub ama nadiif ah oo ah nidaamka hawlgalka ee CentOS 7 sida ku xusan qodobka hore «CentOS 7 Hypervisor I - Shabakadaha SMB«. Waxaan kaliya u baahanahay inaan sameyno isbeddelada soo socda:

  • In 22 image «XULASHADA SOFTWARE«, Waxaan kugula talineynaa xulashada safka bidix«Deegaanka BaseIkhtiyaarka u dhigma «Server kaabayaasha«, Inta aad ku jirto safka saxda ah«Plugins loogu talagalay deegaanka la xushayXulo sanduuqa calaamadaha «Magaca DNS server«. Waxaan gadaal ka rakibeynaa server-ka DHCP.
  • Aynu xasuusano cadeynta keydadka dheeraadka ah sida ku cad 23 image, ka dib dejinta «MAGACA Shabakadda & KOOXDA«.
  • Sawirada tixraacaya qormooyinka aan ku abuuri doonno darawgeena adag waxaa kaliya loo siinayaa hageyaal. Xor ayaad u tahay inaad ku xulato qormooyinka ikhtiyaarkaaga, ku dhaqankaaga, iyo caqligaaga wanaagsan.
  • Ugu dambeyntii, in Sawirka 13 «NETWORK & MAGACA KOOXDA»Waa inaan u badalnaa qiimayaasha iyadoo loo eegayo xuduudaha guud ee lagu dhawaaqay domainka iyo serverka DNS, adigoon ilaawin inaan cadeeyo magaca martida loo yahay-kiiskan «dns«- ka dib marka qaabeynta shabakadda la dhammaystiro. Waa wax wanaagsan in la sameeyo ping - laga bilaabo martigaliye kale - cinwaanka IP-ga ee la cayimay ka dib markii shabakadu firfircoon tahay:

DNS iyo DHCP ee CentOS

Xaqiiqdii waxaa jira isbeddelo aad u yar oo aad u muuqda oo ay tahay inaan ku sameyno ixtiraamka maqaalka hore.

Jeegaga hore iyo hagaajinta

Ka dib markaan rakibno nidaamka qalliinka waa inaan dib u eegno feylasha soo socda ugu yaraan, tanna waxaan ku bilaabaynaa kalfadhi iyada oo loo marayo SSH kombiyuutarkayaga sysadmin.desdelinux. taageere:

buzz @ sysadmin: ~ $ ssh 192.168.10.5
buzz@192.168.10.5's password: Soo galitaankii ugu dambeeyay: Sabti Jan 28 09:48:05:2017 192.168.10.1 laga bilaabo XNUMX
[buuqa @ dns ~] $

Hawlgalka kor ku xusan wuxuu qaadan karaa waqti ka dheer kan caadiga ah, waxaana badanaa sabab u ah xaqiiqda ah inaanan weli haysan DNS ku saabsan LAN. Mar kale mar kale hubi in DNS uu shaqeynayo.

[buzz @ dns ~] $ bisad / iwm / martigeliyayaal
127.0.0.1 localhost localhost.cocaldomain localhost4 localhost4.localdomain4 :: 1 localhost maxhost.localdomain localhost6 localhost6.localdomain6

[buzz @ dns ~] $ bisad / iwm / magaca martida loo yahay
dns

[buzz @ dns ~] $ bisad / iwm / sysconfig / shabakadaha-qoraallada / ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eth0
UUID=946f5ac9-238a-4a94-9acb-9e3458c680fe
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.10.5
PREFIX=24
GATEWAY=192.168.10.1
DNS1=127.0.0.1
DOMAIN=desdelinux. taageere

[buzz @ dns ~] $ bisad /etc/resolv.conf 
# Generated by NetworkManager
search desdelinux.fan
nameserver 127.0.0.1

Qaababka ugu muhiimsan waxay ka jawaabaan xulashadeenna. Xusuusnow xitaa server-ka Koofiyad Cas 7 - CentOS 7, waxaa loo qaabeeyaa asal ahaan marka Maareeyaha Shabakadda sidaa darteed kani waa kan maamula shabakadaha isku xidhka, ha noqdaan kuwo fiilooyin leh ama kuwo aan fiilo lahayn (WiFi), isku xidhka VPN, xidhiidhada PPPoE, iyo isku xidhka shabakad kasta oo kale.

[buzz @ dns ~] $ sudo systemctl status networkmanager
[sudo] ereyga sirta ah ee loogu talagalay buzz: ● networkmanager.service Rarra: lama helin (Sababta: Ma jiro faylkaas ama galkaas oo kale) Firfircoon: firfircoonayn (dhintay)

[buzz @ dns ~] $ sudo statusctl status NetworkManager
● NetworkManager.service - Maareeyaha Shabakada Load: xamuul ah (/usr/lib/systemd/system/NetworkManager.service; karti u yeeshay; hore u iibiyaha: karti leh) Firfircoon: firfircoon (socda) illaa Sabti 2017-01-28 12:23:59 EST; 12min ago Main PID: 705 (NetworkManager) CGroup: /system.slice/NetworkManager.service └─705 / usr / sbin / NetworkManager --no-daemon

Red Hat - CentOS sidoo kale waxay kuu oggolaaneysaa inaad isku xirto oo aad ka gooyso isdhexgalka shabakadaha adoo adeegsanaya amarrada caadiga ah ifka e hadday hoos u dhacdo. Aynu ku ordi karno qalabka kombuyuutarka:

[xididka @ dns ~] # ifdown eth0
Qalabka 'eth0' ayaa si guul leh looga jaray.

[xididka @ dns ~] # ifup eth0
Xidhiidhku si guul leh ayuu u hawlgalay (D-Bus Jidka firfircoon: / org / freedesktop / NetworkManager / ActiveConnection / 1)
  • Waxaan soo jeedinaynaa ha beddelin hab-dhismeedka asaasiga ah ee CentOS 7 ay bixiso Maareeyaha Shabakadda.

Waxaan si rasmi ah u cadeynaynaa meelaha lagu keydiyo ee aan isticmaali doonno oo aan cusbooneysiin doono nidaamka qalliinka haddii loo baahdo:

[buzz @ dns ~] $ su Password: [xididka @ dns buzz] # cd /etc/yum.repos.d/
[xididka @ dns yum.repos.d] # ls -l
guud ahaan 28 -rw-r - r--. 1 xididka xididka 1664 Dec 9 2015 CentOS-Base.repo -rw-r - r--. 1 xididka xididka 1309 Dec 9 2015 CentOS-CR.repo -rw-r - r--. 1 xididka xididka 649 Dec 9 2015 CentOS-Debuginfo.repo -rw-r - r--. 1 xididka xididka 290 Dec 9 2015 CentOS-fasttrack.repo -rw-r - r--. 1 xididka xididka 630 Dec 9 2015 CentOS-Media.repo -rw-r - r--. 1 xididka xididka 1331 Dec 9 2015 CentOS-Sources.repo -rw-r - r--. 1 xididka xididka 1952 Dec 9 2015 CentOS-Vault.repo

Waa caafimaad in la akhriyo waxa ku jira faylasha cadeynta asalka ah ee ka yimid xarumaha lagu taliyay ee CentOS. Isbedelada aan halkaan ku sameyno waxaa sabab u ah xaqiiqda ah in aanaan haysan internet, oo waxaan la shaqeyneynaa bakhaarro maxalli ah oo laga soo dejiyey tuulada WWW, oo ay wada shaqeeyaan asxaabteena nolosheenna wax yar ka fudud. 😉

[xididka @ dns yum.repos.d] # mkdir asal ah
[xididka @ dns yum.repos.d] # mv CentOS- * asalka /

[xididka @ dns yum.repos.d] # nano centos-repos.repo
[centos-base]
name=CentOS-$releasever
baseurl=http://10.10.10.1/repos/centos/7/base/
gpgcheck=0
enabled=1

[centos-updates]
name=CentOS-$releasever
baseurl=http://10.10.10.1/repos/centos/7/updates/x86_64/
gpgcheck=0
enabled=1

[xididka @ dns yum.repos.d] # yum nadiif dhammaan
Xayeysiisyo la soo raray: fastestmirror, langpacks Meelaha lagu nadiifiyo nadiifinta: centos-base centos-updates Nadiifinta wax walba

[xididka @ dns yum.repos.d] # yum cusbooneysiin
Qalabyo la soo raray: fastestmirror, centos-base langpacks | 3.4 kB 00:00 xarun-cusbooneysiin | 3.4 kB 00:00 (1/2): santos-saldhig / primary_db | 5.3 MB 00:00 (2/2): xarunta-cusbooneysiinta / primary_db | 9.1 MB 00:00 Go'aaminta muraayadaha ugu dheereeya Ma jiraan xirmooyin loo calaamadeeyay cusbooneysiinta

Fariinta «Maya (jira) xirmooyin loo calaamadeeyay cusbooneysiin» - «Xirmo ma jiraan oo loo calaamadeeyay cusbooneysiinta»Waxay muujineysaa, iyadoo lagu dhawaaqayo keydadkii ugu dambeeyay ee aan heli karno inta lagu jiro rakibida, si sax ah xirmooyinka hadda jira ayaa la rakibay.

Ku saabsan macnaha guud ee 'SELinux' iyo "firewall"

Waxaan diirada saari doonnaa qodobkaan - asal ahaan - hirgelinta adeegyada DNS iyo adeegyada DHCP, oo ah Ujeeddadeeda Weyn.

Haddii akhriste kasta xusho Siyaasad Amni inta lagu gudajiro hawsha rakibida, sida ku cad 06 image ee maqaalka tixraaca «CentOS 7 Hypervisor I - Shabakadaha SMB»Waxaa loo adeegsaday rakibida adeegaan DNS-ka - DHCP, waxaadna ogaatay inaadan aqoon sida saxda ah ee loo kala hagaajiyo SELinux iyo CentOS Firewall, waxaan kugula talineynaa inaad ku shaqeyso waxyaabaha soo socda:

Wax ka beddel faylka / etc / sysconfig / selinux iyo isbedel SELINUX = xoojinta by SELINUX = dami

[xididka @ dns ~] # nano / iwm / sysconfig / selinux
# Faylkani wuxuu xukumaa xaaladda SELinux ee nidaamka. # SELINUX = waxay qaadan kartaa mid ka mid ah seddexdaan qiime: # fulinta - siyaasada amniga SELinux waa la dhaqan galiyay. # oggolaansho - SELinux wuxuu daabacaa digniino halkii uu ka fulin lahaa. # naafo ah - Majiro siyaasad SELinux ah oo la raray.
SELINUX = naafada
# SELINUXTYPE = wuxuu qaadan karaa mid kamid ah sedexda qiime: # bartilmaameed - Howlaha la bartilmaameedsaday waa la ilaaliyaa, # ugu yar - Wax ka badalka siyaasada bartilmaameedka. Kaliya habab la xushay waa pr $ # mls - Ilaalinta Amniga Heerka Badan. SELINUXTYPE = bartilmaameed

Kadibna amarrada soo socda

[xididka @ dns ~] # dejin xoog 0
[xididka @ dns ~] # adeegga joojinta dabka
U hagida / bin / systemctl u joojinta firewalld.service

[xidid @ dns ~] # systemctl gab dab-damiska
Laga saaray symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Laga saaray symlink /etc/systemd/system/basic.target.wants/firewalld.service.

Haddii aad fulinaysid server-ka DNS ee aad u jeedinaysid Internet-ka, waa in AADAN samayn waxa kor ku xusan, laakiin aad u qaabeysid qaabka SELinux iyo Firewall si sax ah. Eeg "Qaabeynta Server ee GNU / Linux, qoraaga Joel Barrios Dueñas" ama dukumiintiyada CentOS lafteeda - Koofiyad Cas

Waxaan u qaabeynaa BIND-ga la magacaabay

  • El tusaha /usr/share/doc/bind-9.9.4/ waxaa ku jira qaddar badan oo dukumiinti ah oo aan kugula talineyno inaad la tashato ka hor intaadan ku dhaqaaqin raadinta internetka adigoon marka hore ogeyn, farahaaga iyo gurigaaga, waxaad ka heli kartaa waxa aad raadineyso

Qeybinta badan adeegga DNS ee lagu rakibay xirmada BIND ayaa la yiraahdaa magacaabay (Magaca Daemon). CentOS 7 waxaa lagu rakibay naafo ahaan, marka loo eego soo saarida amarka soo socda, halkaasoo ay ku sheegayso in xaaladdeeda ay tahay «naafo ah«, Iyo in gobolkan lagu caddeeyay« iibiyaha »- hore iibiyaha. Diiwaanka, BIND waa Software Bilaash ah.

Awood u siinta adeegga la magacaabay

[xididka @ dns ~] # systemctl status magacaabay
Named.service - Berkeley Magaca Internetka (DNS) Load: raran (/usr/lib/systemd/system/named.service; naafo ah; hore u iibiyaha: naafo ah) Firfircoon: firfircooneyn (dhintay)

[xididka @ dns ~] # systemctl karti loo siiyay
Summad laga sameeyay /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

[xididka @ dns ~] # systemctl bilawga la magacaabay

[xididka @ dns ~] # systemctl status magacaabay
Named.service - Berkeley Magaca Internetka (DNS) Load: raran (/usr/lib/systemd/system/named.service; karti leh; hore u iibiyaha: naafo ah)
   Hawl: firfircoon (ordaya) ilaa Sab 2017-01-28 13:22:38 EST; 5min kahor Geeddi-socod: 1990 ExecStart = / usr / sbin / magacaabay -u magacaabay $ XULASHADA (lambar = kabaxsan, xaalad = 0 / GUUL) Geeddi-socod: 1988 ExecStartPre = / bin / bash -c haddii [! "$ DISABLE_ZONE_CHECKING" == "haa"]; markaa / usr / sbin / magacaabay-checkconf -z /etc/named.conf; kale ayaa ku celceliya "Hubinta faylasha aagga oo naafo ah"; fi (koodh = baxay, status = 0 / GUUL) Main PID: 1993 (magacaabay) CGroup: /system.slice/named.service └─1993 / usr / sbin / magacaabay -u oo la magacaabay Jan 28 13:22:45 dns magacaabay [1993]: khalad (shabakad aan la heli karin) xallin './NS/IN': 2001: 500: 2f :: f # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (network lama helin) xallin './ DNSKEY / IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalinta' ./NS/IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalin './DNSKEY/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns oo la magacaabay [1993] ]: khalad (shabakad aan la heli karin) xallin './NS/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalin './DNSKEY/ IN ': 2001: dc3 :: 35 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalin' ./NS/IN ': 2001: dc3 :: 35 # 53 Jan 28 13: 22:47 dns magacaabay [1993]: qalad (network lama heli karo) xallin './DNSKEY/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (network lama helin) res olving './NS/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:48 dns magacaabay [1993]: management-key-zone: Lama keeni karo DNSKEY set '.': timed out

[xididka @ dns ~] # systemctl dib u bilaw magaciisu yahay

[xididka @ dns ~] # systemctl status magacaabay
Named.service - Berkeley Internet Name Domain (DNS) Load: raran (/usr/lib/systemd/system/named.service; karti u leh, iibiyaha horena waa naafo u yahay)
   Hawl: firfircoon (ordaya) ilaa Sab 2017-01-28 13:29:41 EST; 1s kahor Geedi socod: 1449 ExecStop = / bin / sh -c / usr / sbin / rndc stop> / dev / null 2> & 1 || / bin / dil -TERM $ MAINPID (koodh = kabax, xaalad = 0 / GUUL) Geedi socodka: 1460 ExecStart = / usr / sbin / magacaabay -u magacaabay $ OPTIONS (koodh = kabax, xaalad = 0 / GUUL) Nidaamka: 1457 ExecStartPre = / bin / bash -c haddii [! "$ DISABLE_ZONE_CHECKING" == "haa"]; markaa / usr / sbin / magacaabay-checkconf -z /etc/named.conf; kale ayaa ku celceliya "Hubinta faylasha aagga oo naafo ah"; fi (koodh = baxay, xaalad = 0 / GUUL) Main PID: 1463 (magacaabay) CGroup: /system.slice/named.service └─1463 / usr / sbin / magacaabay -u oo la magacaabay Jan 28 13:29:41 dns oo la magacaabay . magacaabay [1463]: aagga 28.in-addr.arpa/IN: xamuul taxan 13 Jan 29 41:1463:2 dns magacaabay [28]: zone localhost.localdomain / IN: serial load 13 Jan 29 41:1463:0 dns magacaabay [0]: zone 28.in-addr.arpa/IN: xamuul taxane ah 13 Jan 29 41:1463:0 dns magacaabay [28]: soonaha 13 .29.ip41.arpa / IN: serial load 1463 Jan 1.0.0.127 0:28:13 dns magacaabay [29]: zone localhost / IN: taxane rar 41 Jan 1463 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 : 6: 0 dns oo loogu magac daray [28]: dhammaan aagagga ay rarteen Jan 13 29:41:1463 dns oo la magacaabay [0]: socda Jan 28 13:29:41 dns systemd [1463]: Wuxuu bilaabay Berkeley Internet Name Domain (DNS).

Ka dib markaan karti u yeelano adeegga magacaabay oo waxaan ku bilaabaynaa markii ugu horeysay, soo saarida taliska systemctl status loo magacaabay waxay muujinaysaa khaladaad. Markii aan dib u bilaabanno adeegga hoosta, the magacaabay wuxuu abuuraa dhammaan feylasha qaabeynta oo, marka loo eego, ay lagama maarmaan u tahay hawlgalkeeda saxda ah. Sidaa darteed, markaan mar kale fulino amarka systemctl status loo magacaabay khaladaad dambe lama muujinayo.

  • Qaali qaali ah, qaali ah, oo dalbanaya Akhriste: haddii aad rabto inaad ogaato - ugu yaraan - jidkee ku socda dhammaadka godka bakaylaha, fadlan si deggan u akhri natiijooyinka faahfaahsan ee amar kasta. 😉 Xaqiiqdii qodobku wuxuu umuuqanayaa xoogaa dheer, laakiin ha inkirin inuu ku kasbaday sharraxaad iyo caddayn.

Waxaan wax ka badalnaa faylka /etc/named.conf

Faallooyin badan oo akhristayaal ah ayaa muujinaya -Ma dhahayo- Caqli xumada haysata qaybaha kala duwan ee Linux waxay leedahay, oo ah in la dhigo faylasha qaabeynta qaabdhismeed fayl ay ku jiraan magacyo kaladuwan iyadoo kuxiran distoorka. Way saxan yihiin. Laakiin maxaan samayn karnaa, adeegsadayaasha fudud ee adeegsada qaybinta, ma sameyn karnaa? La qabsi! 😉

By the way, in FreeBSD, UNIX® clone «Asalka», feylku wuxuu ku jiraa /usr/local/etc/namedb/named.conf; intii aad ku jirtay Debian, marka lagu daro in loo kala baxo afarta fayl magacaabay.conf, magacaabay.conf.options, magacaabay.conf.default-aagagga, iyo magacaabay.conf.local, wuxuu ku jiraa galka / iwm / xidho /. Kuwa doonaya inay ogaadaan meesha u furan yahaySUSE dhigeeda, akhri «DNS iyo DHCP ee furanSUSE 13.2 Shabakadaha Harlequin - SME«. Akhristayaashu waa sax! 😉

Iyo sida aan had iyo jeer sameyno: ka hor inta aan wax laga badalin, waxaan ku keydineynaa faylka qaabeynta asalka ah magac kale.

[xididka @ dns ~] # cp /etc/named.conf /etc/named.conf.original

Si loo fududeeyo nolosha, halkii laga soo saari lahaa furaha TSIG wixii cusbooneysiin ah oo ku saabsan cusbooneysiinta DNS-ka ee DHCP, waxaan nuqul ka dhignaa isla furaha rdc.key sida dhcp.keyga.

[xididka @ dns ~] # cp /etc/rndc.key /etc/dhcp.key

[xididka @ dns ~] # nano /etc/dhcp.key
fure "dhcp-key" {algorithm hmac-md5; qarsoodi ah "OI7Vs + TO83L7ghUm2xNVKg =="; };

Sidaas in magacaabay akhrin karaa feylka hadda la soo guuriyey, waxaan wax ka beddeleynaa kooxdii iska lahayd:

[xididka @ dns ~] # xididka la jarjaray: oo loo magacaabay /etc/dhcp.key [xididka @ dns ~] # ls -l /etc/rndc.key /etc/dhcp.key -rw-r -----. 1 xidid magaciisu yahay 77 Jan 28 16:36 PM /etc/dhcp.key -rw-r -----. 1 xidid magaciisu yahay 77 Jan 28 13:22 /etc/rndc.key

Faahfaahinta yar yar sida tii hore ayaa ah waxa nagu waalan kara isku dayga inaan xisaabino, hadda ... meeday dhibaatadu ...? oo leh sifooyin kale oo dheeraad ah, kuwaas oo aynaan u qorin si xushmad leh xushmadda.

Hadda haddii - ugu dambeyntii! - waxaan wax ka beddeleynaa feylka /etc/named.conf. Isbedelada ama ku darista ee aan sameynay, marka loo eego asalka, waxay ku jiraan geesi. Si fiican u fiirso inta yar.

[xididka @ dns ~] # nano /etc/named.conf
// // magacaabay.conf // // Waxaa bixiya xirmo xirmo ah oo loo yaqaan 'Red Hat bind bond' si loogu habeeyo ISC BIND oo loogu magac daray (8) DNS // server oo ah keydiyaha kaliya kaydiyaha (sida xalliyaha DNS local local kaliya). // // Eeg / usr / share / doc / bind * / muunad / tusaale feylasha qaabeynta la magacaabay. //

// Liiska Xakamaynta Helitaanka oo ku dhawaaqaya shabakadaha awood u yeelan doona la-tashiga
// adeegeyga la magacaabay
acl dhoobnaa {
 127.0.0.0 / 8;
 192.168.10.0 / 24;
};

doorashooyinka {
 // Waxaan cadeynayaa in daemon la magacaabay uu sidoo kale dhageysto isdhexgalka
 // eth0 oo leh IP: 192.168.10.5
    dhagayso-dekedda 53 {127.0.0.1; 192.168.10.5; };
    dhagayso-on-v6 dekedda 53 {:: 1; }; galka "/ var / magacaabay"; qashin-fayl "/var/named/data/cache_dump.db"; tirakoobka-faylka "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";

 // Bayaanka gudbiyeyaasha
 // hagayaasha {
 // 0.0.0.0;
 // 1.1.1.1;
 //};
    // hore u sii gudbi;

    // Waxaan kaliya u oggolaanayaa weydiimaha ACL-ga miisaanka leh
    allow-query     { mired; };

    // Para comprobar con el comando dig desdelinux.fan axfr
    // desde la estación de trabajo del SysAdmin y el localhost solamente
    // No tenemos servidores DNS esclavos. No lo necesitamos... hasta ahora.
 ogolaansho-wareejin {localhost; 192.168.10.1; };

    / * - Haddii aad dhiseysid serverka AGOODKA DNS ah, HA u oggolaan dib u noqoshada. - Haddii aad dhiseysid serverka 'RECURSIVE (caching) DNS', waxaad u baahan tahay inaad awood u siiso dib u noqoshada. - Haddii server-kaaga DNS-ka ah ee soo noqnoqda uu leeyahay cinwaan IP ah oo dadweyne ah, WAA INAAD awood u yeelatid xakameynta marin u helidda si loo xaddido weydiimaha isticmaalayaashaada sharciga ah. Haddii aanad sidaa yeelin waxay sababi doontaa in adeegahaagu qayb ka noqdo weerarada ballaadhinta ballaaran ee DNS. Ku-hirgelinta BCP38 gudaha shabakaddaada waxay si weyn u yareyn doontaa dusha weerarka *
    // Waxaan ubaahanahay adeege AQOONSIGA LANkeena - SME
    dib u noqoshada maya;

    dnssec-karti haa; ansaxnimada dnssec haa; / * Jidka loo maro furaha ISC DLV * / bindkeys-file "/etc/named.iscdlv.key"; maaraynta-furayaasha-galka "/ var / magacaabay / firfircoon"; faylka-faylka "/run/named/named.pid"; fadhi-keyfile "/run/named/session.key"; }; qorista {kanaalka default_debug {feyl "data / named.run"; darnaanta firfircoonaanta; }; }; aagga "." IN {nooc tilmaam ah; faylka "magacaabay.ca"; }; ka mid ah "/etc/named.rfc1912.zones"; ka mid ah "/etc/named.root.key";

// Waxaan ku darnaa furaha TSIG ee loogu talagalay cusbooneysiinta DNS // // by DHCP
ku dar "/etc/dhcp.keyga";

// Bayaanka magaca, nooca, goobta, iyo cusboonaysiinta rukhsadda
// ee Aagagga Diiwaanada DNS // Labada Aag waa MASTERS
zone "desdelinux.fan" {
 nooca master;
 file "dynamic/db.desdelinux.fan";
 u oggolow-cusbooneysiin {fure dhcp-key; };
};

aagga "10.168.192.in-addr.arpa" {
 nooca master;
 faylka "firfircoon / db.10.168.192.in-addr.arpa";
 u oggolow-cusbooneysiin {fure dhcp-key; };
};

Waxaan hubineynaa qaabeynta

[xididka @ dns ~] # magacaabay-jeegga 
[xididka @ dns ~] #

Maadaama amarka kor ku xusan uusan waxba soo celinayn, qaab dhismeedka waa ok. Si kastaba ha noqotee, haddii aan fulino isla amarka, laakiin ikhtiyaar ahaan -z, wax soo saarku wuxuu noqon doonaa:

[xididka @ dns ~] # magacaabay-jeegga -f
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone desdelinux.fan/IN: loading from master file dynamic/db.desdelinux.fan failed: file not found
zone desdelinux.fan/IN: not loaded due to errors.
_default/desdelinux.fan/IN: file not found
zone 10.168.192.in-addr.arpa/IN: loading from master file dynamic/db.10.168.192.in-addr.arpa failed: file not found
zone 10.168.192.in-addr.arpa/IN: not loaded due to errors.
_default/10.168.192.in-addr.arpa/IN: file not found

Dabcan waa khaladaad dhaca maxaa yeelay weli maanaan abuurin aagagga Diiwaangelinta DNS ee bartayada.

  • Wixii macluumaad dheeraad ah ee ku saabsan taliska loo yaqaan 'checkconf', orod nin loo yaqaan-checkconf, intaadan ka raadin macluumaad kale internetka. Waxaan kuu xaqiijinayaa inay badbaadin doonto waqti fiican.

Creamos el archivo de la Zona Directa desdelinux. taageere

... maahan in yar oo aragti ah marka hore. 😉

Sida template si loo abuuro feylka xogta aaga, waxaan qaadan karnaa /var/magacaabay/magacaabay.madhan, ama /usr/share/doc/bind-9.9.4/sample/var/named/named.empty. Labaduba waa isku mid.

[xididka @ dns ~] # bisad /var/named/named.empty 
$ TTL 3H @ SOO SOA @ rname.invalid. (0; serial 1D; Refresh 1H; iskuday 1W; dhaca 3H); ugu yaraan ama Wakhtiga khasnado taban ee lagu noolaado NS @ A 127.0.0.1 AAAA :: 1

Waqtiga nolosha - Waqti lagu noolaado TTL Diiwaanka SOA

Aynu qaadanno qawaaniin si aan u sharaxno TTL - Waqti aad ku noolaato diiwaanka SOA - Bilowga Maamulka ee aag Master. Waa wax xiiso leh in la ogaado macnahooda marka aan dooneyno inaan wax ka beddelno mid ka mid ah qiimayaashooda.

$ TTL: Waqtiga nolosha - Waqtiga lagu noolaado dhammaan diiwaanada ku jira faylka raacaya bayaanka (laakiin ka horreeya cadeyn kale oo ah $ TTL) oo aan lahayn cadeyn cad oo TTL ah.

serial: Tirada taxanaha ah ee xogta aaga. Mar kasta oo aan gacanta wax ka beddeleyno diiwaanka DNS ee aag, waa inaan ku kordhinnaa tiradaas 1, gaar ahaan haddii aan leenahay adeegeyaal ama adeegeyaal sare. Mar kasta oo server sare ama addoon DNS ah uu la xiriiro server-kiisa, wuxuu weydiisanayaa lambarka taxanaha ah ee xogta sayidkiisa. Haddii lambarka taxanaha ah ee addoonku ka yar yahay, markaa xogta aaggaas ee server-ka addoonku waa mid dhacay, addoonkuna wuxuu sameeyaa wareejinta aagga si uu isu cusbooneysiiyo.

helid: Waxay u sheegaysaa adeegaha addoonta inta u dhexeysa taas oo ay tahay inay hubiso haddii xogteeda ay cusbooneysiineyso sayidka.

Kuceli: Haddii serverka sayidka ah aan la heli karin - sababtoo ah wuu xanuunsaday, aan dhahno - addoonka mudo ka dib helid, Kuceli Waxay u sheegaysaa addoonka inta uu sugayo ka hor inta uusan markale isku dayin inuu xiriir la yeesho sayidkiisa.

dhacayo: Haddii uusan addoonku la xiriiri karin sayidkiisa muddo u dhexeysa dhacayo, markaa haddii xiriirkii aagga addoonta la sii kala furfuray, iyo in adeegaha addoonku uusan lahayn xulasho aan ka ahayn inuu dhaco aagga su'aasha laga hadlayo. Waqtiga uu dhacayo aaga addoon DNS server wuxuu ka dhigan yahay inay joojinayso ka jawaabida weydiimaha DNS ee la xiriira aagaas, maxaa yeelay xogta la hayo waa mid aad u da 'weyn oo aan waxtar lahayn.

  • Waxyaabaha kor ku xusan waxay ina barayaan si aan toos ahayn oo ay ku raran yihiin dareen caadi ah oo weyn - uguyaraan kuwa caadiga ah ee dareenka - in haddii aynaan u baahnayn adeegeyaasha DNS addoon ee hawlgalka SME, ma fulinayno, inay iyagu si adag daruuri u yihiin mooyee. Aynu marwalba isku dayno inaan ka gudubno fudud una gudubno dhismaha.

minimuun: Noocyada ka hor XIDH 8.2, diiwaanka ugu dambeeya SOA Waxay sidoo kale tilmaamaysaa Nolosha Default - Waqtiga ugu habboon ee lagu noolaado, iyo Nolosha Kaydka xun - Kaydinta wakhti xun oo lagu noolaado loogu talagalay Aagga. Markan waxa loola jeedaa dhammaan jawaabaha taban ee ay bixiyeen server-ka awoodda u leh Aagga.

Archivo de zona /var/named/dynamic/db.desdelinux. taageere

[root@dns ~]# nano /var/named/dynamic/db.desdelinux. taageere
$TTL 3H
@   IN SOA  dns.desdelinux.fan. root.dns.desdelinux.fan. (
                                        1   ; serial
                                        1D  ; refresh
                                        1H  ; retry
                                        1W  ; expire
                                        3H )    ; minimum or
                                                ; Negative caching time to live
;
@               IN  NS  dns.desdelinux.fan.
@               IN  MX  10 mail.desdelinux.fan.
@       IN  TXT "DesdeLinux, su Blog dedicado al Software Libre"
;
sysadmin        IN  A   192.168.10.1
ad-dc           IN  A   192.168.10.3
fileserver  IN  A   192.168.10.4
dns             IN  A   192.168.10.5
proxyweb        IN  A   192.168.10.6
blog            IN  A   192.168.10.7
ftpserver   IN  A   192.168.10.8
mail            IN  A   192.168.10.9

Comprobamos /var/named/dynamic/db.desdelinux. taageere

[root@dns ~]# named-checkzone desdelinux.fan /var/named/dynamic/db.desdelinux. taageere
zone desdelinux.fan/IN: loaded serial 1
OK

Waxaan abuureynaa Faylka Aagga Dib-u-dhaca 10.168.192.in-addr.arpa

  • Rikoorka SOA ee Aaggan wuxuu la mid yahay kan Aagga Tooska ah iyada oo aan la tixgelin diiwaanka MX..
[xididka @ dns ~] # nano /var/named/dynamic/db.10.168.192.in-addr.arpa
$TTL 3H
@   IN SOA  dns.desdelinux.fan. root.dns.desdelinux.fan. (
                                        1   ; serial
                                        1D  ; refresh
                                        1H  ; retry
                                        1W  ; expire
                                        3H )    ; minimum or
                                                ; Negative caching time to live
;
@               IN  NS  dns.desdelinux.fan.
;
1   IN  PTR     sysadmin.desdelinux.fan.
3   IN  PTR     ad-dc.desdelinux.fan.
4   IN  PTR     fileserver.desdelinux.fan.
5   IN  PTR     dns.desdelinux.fan.
6   IN  PTR     proxyweb.desdelinux.fan.
7   IN  PTR     blog.desdelinux.fan.
8   IN  PTR     ftpserver.desdelinux.fan.
9   IN  PTR     mail.desdelinux.fan.

[xididka @ dns ~] # magacaabay-jeeg 10.168.192.in-addr.arpa /var/named/dynamic/db.10.168.192.in-addr.arpa 
aagga 10.168.192.in-addr.arpa/IN: taxane xamuul ah 1 Ok

Kahor intaanan dib u bilaabin magacyada waxaan hubinaynaa qaabkiisa

  • Ilaa aan hubinno in feylasha qaabeynta ee loo magacaabay magacaabay.conf, iyo faylalka aaggiisa aan si sax ah loo qaabeyn, waxaan soo jeedineynaa inaan dib loo bilaabin daemon la magacaabay. Haddii aan sidan yeelno oo aan hadhow wax ka beddelno aag feyl, waa inaan ku kordhinnaa tirada taxanaha ah ee aagga wax laga beddelay 1.
  • Aynu eegno "." dhamaadka domain iyo magacyada martida loo yahay.
[xididka @ dns ~] # magacaabay-jeegga 
[xididka @ dns ~] # magacaabay-jeegga -f
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone desdelinux.fan/IN: loaded serial 1
zone 10.168.192.in-addr.arpa/IN: loaded serial 1

Dhammaan qaabeynta hadda la magacaabay

Si loo helo caddayn, iyo in kasta oo maqaalku dheeraado, waxaan siinnaa wax soo saar dhammaystiran ee amarka magacaabay-jeeg-kontrof -zp:

[xididka @ dns ~] # magacaabay-jeegga -fabka -zp
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone desdelinux.fan/IN: loaded serial 1
zone 10.168.192.in-addr.arpa/IN: loaded serial 1
options {
    bindkeys-file "/etc/named.iscdlv.key";
    session-keyfile "/run/named/session.key";
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    listen-on port 53 {
        127.0.0.1/32;
        192.168.10.5/32;
    };
    listen-on-v6 port 53 {
        ::1/128;
    };
    managed-keys-directory "/var/named/dynamic";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    pid-file "/run/named/named.pid";
    statistics-file "/var/named/data/named_stats.txt";
    dnssec-enable yes;
    dnssec-validation yes;
    recursion no;
    allow-query {
        "mired";
    };
    allow-transfer {
        192.168.10.1/32;
    };
};
acl "mired" {
    127.0.0.0/8;
    192.168.10.0/24;
};
logging {
    channel "default_debug" {
        file "data/named.run";
        severity dynamic;
    };
};
key "dhcp-key" {
    algorithm "hmac-md5";
    secret "OI7Vs+TO83L7ghUm2xNVKg==";
};
zone "." IN {
    type hint;
    file "named.ca";
};
zone "localhost.localdomain" IN {
    type master;
    file "named.localhost";
    allow-update {
        "none";
    };
};
zone "localhost" IN {
    type master;
    file "named.localhost";
    allow-update {
        "none";
    };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
    type master;
    file "named.loopback";
    allow-update {
        "none";
    };
};
zone "1.0.0.127.in-addr.arpa" IN {
    type master;
    file "named.loopback";
    allow-update {
        "none";
    };
};
zone "0.in-addr.arpa" IN {
    type master;
    file "named.empty";
    allow-update {
        "none";
    };
};
zone "desdelinux.fan" {
    type master;
    file "dynamic/db.desdelinux.fan";
    allow-update {
        key "dhcp-key";
    };
};
zone "10.168.192.in-addr.arpa" {
    type master;
    file "dynamic/db.10.168.192.in-addr.arpa";
    allow-update {
        key "dhcp-key";
    };
};
managed-keys {
    "." initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq QxA+Uk1ihz0=";
};
  • Iyadoo la raacayo nidaamka wax ka beddelka magacaabay.conf Iyadoo loo eegayo baahiyahayaga iyo hubinta, oo aan abuureyno aag walba oo aan hubinno, waxaan ka shakisanahay inay tahay inaan wajahno dhibaatooyinka ugu weyn ee qaabeynta. Ugu dambayntii waxaan garwaaqsan nahay inay tahay ciyaar wiil, oo leh fikrado badan iyo isku xirnaan xanaf leh. 😉

Jeegaantu waxay soo celisay natiijooyin lagu qanco, sidaa darteed waxaan dib u bilaabi karnaa BIND - magacaabay.

Waxaan dib u bilaabi doonaa magacyada oo aan hubinaa xaaladiisa

[xididka @ dns ~] # systemctl dib u bilaw magaciisuna yahay adeeg
[xididka @ dns ~] # systemctl status magacaabay.service

Haddii aan helno nooc kasta oo khalad ah oo ka soo baxa amarka ugu dambeeya, waa inaan dib u bilownaa magacaabay. adeeg oo dib u hubi adiga xaaladda. Haddii khaladaadku dhammaadaan, adeeggu wuxuu ku bilaabmay si guul leh. Haddii kale, waa inaan dib u eegis dhameystiran ku sameynaa dhammaan feylasha wax laga beddelay iyo kuwa la abuuray, oo aan ku soo celino nidaamka.

Soosaarka saxda ah ee xaalada waa inuu noqdaa:

[xididka @ dns ~] # systemctl status magacaabay.service
Named.service - Berkeley Magaca Internetka (DNS) Load: raran (/usr/lib/systemd/system/named.service; karti u leh; iibiyaha horay loo sii qorsheeyay: naafo yahay) Firfircoon: firfircoon (socda) since dom 2017-01-29 10:05:32 EST; 2min 57s ago
  Process: 1777 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 1788 ExecStart=/usr/sbin/named -u named $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 1786 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 1791 (named)
   CGroup: /system.slice/named.service
           └─1791 /usr/sbin/named -u named

ene 29 10:05:32 dns named[1791]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: zone 10.168.192.in-addr.arpa/IN: loaded serial 1
ene 29 10:05:32 dns named[1791]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: zone desdelinux.fan/IN: loaded serial 1
ene 29 10:05:32 dns named[1791]: zone localhost.localdomain/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: zone localhost/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: dhammaan aagagga waa la raray
Jan 29 10:05:32 dns magacaabay [1791]: orodkii
Jan 29 10:05:32 dns systemd [1]: Wuxuu bilaabay Berkeley Magaca Magaca Internetka (DNS). Jan 29 10:05:32 dns magacaabay [1791]: aagga 10.168.192.in-addr.arpa/IN: dirista ogeysiisyada (taxanaha 1)

Hubinta

Jeegaga waxaa lagu mari karaa isla server-ka ama mashiin ku xiran LAN-ka. Waxaan door bidnay inaan iyaga ka qabano kooxda sysadmin.desdelinux. taageere kaas oo aan siinay ogolaansho deg deg ah oo lagu sameeyo Wareejinta Aaga. Faylka /etc/resolv.conf kooxdaas waa kuwan soo socda:

buzz @ sysadmin: ~ $ bisad /etc/resolv.conf 
# Generated by NetworkManager
search desdelinux.fan
nameserver 192.168.10.5

buzz@sysadmin:~$ dig desdelinux.fan axfr
; <<>> DiG 9.9.5-9+deb8u1-Debian <<>> desdelinux.fan axfr
;; global options: +cmd
desdelinux.fan.     10800   IN  SOA dns.desdelinux.fan. root.dns.desdelinux.fan. 1 86400 3600 604800 10800
desdelinux.fan.     10800   IN  NS  dns.desdelinux.fan.
desdelinux.fan.     10800   IN  MX  10 mail.desdelinux.fan.
desdelinux.fan.     10800   IN  TXT "DesdeLinux, su Blog dedicado al Software Libre"
ad-dc.desdelinux.fan.   10800   IN  A   192.168.10.3
blog.desdelinux.fan.    10800   IN  A   192.168.10.7
dns.desdelinux.fan. 10800   IN  A   192.168.10.5
fileserver.desdelinux.fan. 10800 IN A   192.168.10.4
ftpserver.desdelinux.fan. 10800 IN  A   192.168.10.8
mail.desdelinux.fan.    10800   IN  A   192.168.10.9
proxyweb.desdelinux.fan. 10800  IN  A   192.168.10.6
sysadmin.desdelinux.fan. 10800  IN  A   192.168.10.1
desdelinux.fan.     10800   IN  SOA dns.desdelinux.fan. root.dns.desdelinux.fan. 1 86400 3600 604800 10800
;; Query time: 0 msec
;; SERVER: 192.168.10.5#53(192.168.10.5)
;; WHEN: Sun Jan 29 11:44:18 EST 2017
;; XFR size: 13 records (messages 1, bytes 385)

buzz @ sysadmin: ~ $ dig 10.168.192.in-addr.arpa axfr
; <<>> DiG 9.9.5-9+deb8u1-Debian <<>> 10.168.192.in-addr.arpa axfr
;; global options: +cmd
10.168.192.in-addr.arpa. 10800  IN  SOA dns.desdelinux.fan.10.168.192.in-addr.arpa. root.dns.desdelinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800
10.168.192.in-addr.arpa. 10800  IN  NS  dns.desdelinux.fan.
1.10.168.192.in-addr.arpa. 10800 IN PTR sysadmin.desdelinux.fan.
3.10.168.192.in-addr.arpa. 10800 IN PTR ad-dc.desdelinux.fan.
4.10.168.192.in-addr.arpa. 10800 IN PTR fileserver.desdelinux.fan.
5.10.168.192.in-addr.arpa. 10800 IN PTR dns.desdelinux.fan.
6.10.168.192.in-addr.arpa. 10800 IN PTR proxyweb.desdelinux.fan.
7.10.168.192.in-addr.arpa. 10800 IN PTR blog.desdelinux.fan.
8.10.168.192.in-addr.arpa. 10800 IN PTR ftpserver.desdelinux.fan.
9.10.168.192.in-addr.arpa. 10800 IN PTR mail.desdelinux.fan.
10.168.192.in-addr.arpa. 10800  IN  SOA dns.desdelinux.fan.10.168.192.in-addr.arpa. root.dns.desdelinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800
;; Query time: 0 msec
;; SERVER: 192.168.10.5#53(192.168.10.5)
;; WHEN: Sun Jan 29 11:44:57 EST 2017
;; XFR size: 11 records (messages 1, bytes 352)

buzz@sysadmin:~$ dig IN SOA desdelinux. taageere
buzz@sysadmin:~$ dig IN MX desdelinux.fan
buzz@sysadmin:~$ dig IN TXT desdelinux. taageere
buzz @ sysadmin: ~ $ host dns
DNS.desdelinux.fan has address 192.168.10.5
buzz @ sysadmin: ~ $ host sysadmin
sysadmin.desdelinux.fan has address 192.168.10.1

... Y cualquier otra comprobación que necesitemos
  • Illaa iyo hadda, waxaan haysannaa aasaaska server-ka DNS ee shabakadeena SME. Waxaan rajeyneynaa inaad ka heshay dhamaan howlaha, oo ahaa mid fudud, sax? 😉

Waxaan rakibnaa oo aan qaabeynaa DHCP

[xididka @ dns ~] # yum rakib dhcp
Qalabyo la soo raray: fastestmirror, centos-base langpacks | 3.4 kB 00:00:00 xarunta-cusbooneysiinta | 3.4 kB 00:00:00 Soo dejinta xawaaraha muraayadaha laga soo qaado hoyga hostel Xallinta ku tiirsanaanta -> Socodka tijaabada macaamilka ---> Xidhmada dhcp.x86_64 12: 4.2.5-42.el7.centos waa in lagu rakibaa -> Xallinta ku tiirsanaanta la joojiyay ku tiirsanaanta la xaliyay ============================================== ================================================== =================================== Nooca Nooca Dhismaha Xirmada Xajmiga Xawaaraha =========== ================================================== ================================================== ====================== Ku rakibidda: dhcp x86_64 12: 4.2.5-42.el7.centos-base 511k Soo Koobid Macaamiil ==== ================================================ ================================================== =========================== Ku rakib 1 Xidhmo Wadarta cabbirka soo dejinta: 511k Cabbirka rakibay: 1.4 M Ma caadi baa taas d / N]: y Soo dejinta baakadaha: dhcp-4.2.5-42.el7.centos.x86_64.rpm | 511 kB 00:00:00:12 socodsiinta macaamil ganacsi Running test macaamil tijaabo macaamil ganacsi ayaa ku guulaystay socodsiinta macaamilka Rakibida: 4.2.5: dhcp-42-7.el86.centos.x64_1 1/12 Hubinta: 4.2.5: dhcp-42-7. el86.centos.x64_1 1/86 rakibay: dhcp.x64_12 4.2.5: 42-7.elXNUMX.centos Waa la qabtay!

[xididka @ dns ~] # nano /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
ddns-update-style interim;
ddns-updates on;
ddns-domainname "desdelinux.fan.";
ddns-rev-domainname "in-addr.arpa.";
ignore client-updates;

authoritative;

option ip-forwarding off;
option domain-name "desdelinux.fan";
# option ntp-servers 0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org, 3.pool.ntp.org;

include "/etc/dhcp.key";

zone desdelinux.fan. {
    primary 127.0.0.1;
        key dhcp-key;
}
zone 10.168.192.in-addr.arpa. {
        primary 127.0.0.1;
        key dhcp-key;
}

shared-network redlocal {
        subnet 192.168.10.0 netmask 255.255.255.0 {
                option routers 192.168.10.1;
                option subnet-mask 255.255.255.0;
                option broadcast-address 192.168.10.255;
                option domain-name-servers 192.168.10.5;
                option netbios-name-servers 192.168.10.5;
                range 192.168.10.30 192.168.10.250;
        }
}
# FIN dhcpd.conf

[xididka @ dns ~] # dhcpd -t
Dalada Nidaamyada Internetka Serverka DHCP 4.2.5 Xuquuqda daabacaadda 2004-2013 Dalladda Nidaamyada Internetka. Xuquuqda daabacaadu way xifdisan. Faahfaahin, fadlan booqo https://www.isc.org/software/dhcp/ Ma raadineysid LDAP tan iyo markii ldap-server, ldap-port iyo ldap-base-dn aan lagu cayimin feylka iskuxirka

[xididka @ dns ~] # systemctl karti u dhcpd
Summad laga sameeyay /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.

[xididka @ dns ~] # systemctl bilaw dhcpd

[xididka @ dns ~] # systemctl status dhcpd
● dhcpd.service - Server-ka DHCPv4 Daemon Loaded: raran (/usr/lib/systemd/system/dhcpd.service; karti leh; iibiyaha horay loo sii qorsheeyay: naafo ah) Firfircoon: firfircoon (socda) ilaa dom 2017-01-29 12:04:59 IST T; 23s ago Docs: man: dhcpd (8) man: dhcpd.conf (5) Main PID: 2381 (dhcpd) Status: "Fidinta xirmooyinka ..." CGroup: /system.slice/dhcpd.service └─2381 / usr / sbin / dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd - no-pid Jan 29 12:04:59 dns dhcpd [2381]: Nidaamyada Nidaamka Internetka Internetka Dalada DHCP 4.2.5 Jan 29 12 : 04: 59 dns dhcpd [2381]: Xuquuqda daabacaadda 2004-2013 Dalladda Nidaamyada Internetka. Jan 29 12:04:59 dns dhcpd [2381]: Xuquuqda daabacaadu way xifdisan. Jan 29 12:04:59 dns dhcpd [2381]: Macluumaad ahaan, fadlan booqo https://www.isc.org/software/dhcp/ Jan 29 12:04:59 dns dhcpd [2381]: Ma raadineyno LDAP tan iyo markii ldap -server, ldap-dekedda iyo ldap-base-dn laguma xusin feylka isku xidhka Jan 29 12:04:59 dns dhcpd [2381]: Waxa loo qoray 0 heshiisyo kiro ah. Jan 29 12:04:59 dns dhcpd [2381]: Dhageysiga LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: U dirista LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: Udiraya Socket / fallback / fallback-net Jan 29 12:04:59 dns systemd [1]: bilaabay DHCPv4 Server Daemon.

Maxaa hadhay oo la qabanayaa?

Fudud Ku bilow Windows 7 ama macmiil kale Software Bilaash ah bilawna tijaabinta iyo hubinta. Waxaan ku sameynay laba macmiil: toddobo.desdelinux. taageere y suse-desktop.desdelinux. taageere. Jeegagga waxay ahaayeen sidan soo socota:

buzz @ sysadmin: ~ $ martigaliya toddobo
toddobo.desdelinux.fan has address 192.168.10.30

buzz@sysadmin:~$ host seven.desdelinux. taageere
toddobo.desdelinux.fan has address 192.168.10.30

buzz@sysadmin:~$ dig IN TXT seven.desdelinux. taageere
....
;; QUESTION SECTION:
;seven.desdelinux.fan.      IN  TXT

;; ANSWER SECTION:
seven.desdelinux.fan.   3600    IN  TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"....

Waxaan magacawnay kooxda "toddobo" oo aan ugu magac darnay "LAGER" oo aan dib ugu bilaabanay. Ka dib markii dib loo bilaabo LAGER cusub, waxaan hubin:

buzz @ sysadmin: ~ $ martigaliya toddobo
Marti geliyaha toddobada lama helin: 5 (DIID)

buzz@sysadmin:~$ host seven.desdelinux. taageere
Host seven.desdelinux.fan not found: 3(NXDOMAIN)

buzz@sysadmin: ~ $ host lager
lager.desdelinux.fan has address 192.168.10.30

buzz@sysadmin:~$ host lager.desdelinux. taageere
lager.desdelinux.fan has address 192.168.10.30

buzz@sysadmin:~$ dig IN TXT lager.desdelinux. taageere
....
;; QUESTION SECTION:
;lager.desdelinux.fan.      IN  TXT

;; ANSWER SECTION:
lager.desdelinux.fan.   3600    IN  TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"....

Ku saabsan macaamiisha suse-desktop:

buzz @ sysadmin: ~ $ host suse-dektop
Marti suse-dektop lama helin: 5 (DIID)

buzz @ sysadmin: ~ $ host suse-desktop
suse-desktop.desdelinux.fan has address 192.168.10.33

buzz@sysadmin:~$ host suse-desktop.desdelinux. taageere
suse-desktop.desdelinux.fan has address 192.168.10.33

buzz @ sysadmin: ~ $ host 192.168.10.33
33.10.168.192.in-addr.arpa domain name pointer suse-desktop.desdelinux.fan.

buzz @ sysadmin: ~ $ host 192.168.10.30
30.10.168.192.in-addr.arpa domain name pointer LAGER.desdelinux.fan.
buzz @ sysadmin: ~ $ dig -x 192.168.10.33
....
;; QUESTION SECTION:
;33.10.168.192.in-addr.arpa.    IN  PTR

;; ANSWER SECTION:
33.10.168.192.in-addr.arpa. 3600 IN PTR suse-desktop.desdelinux.fan.

;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 10800  IN  NS  dns.desdelinux.fan.

;; ADDITIONAL SECTION:
dns.desdelinux.fan. 10800   IN  A   192.168.10.5
....

buzz@sysadmin:~$ dig IN TXT suse-desktop.desdelinux.fan
....
;suse-desktop.desdelinux.fan.   IN  TXT

;; ANSWER SECTION:
suse-desktop.desdelinux.fan. 3600 IN    TXT "31b78d287769160c93e6dca472e9b46d73"

; QORSHAHA SHAQADA:
desdelinux.fan.     10800   IN  NS  dns.desdelinux.fan.

;; ADDITIONAL SECTION:
dns.desdelinux.fan. 10800   IN  A   192.168.10.5
....

Aynu sidoo kale socodsiino amarrada soo socda

[root@dns ~]# dig desdelinux.fan axfr
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> desdelinux.fan axfr
;; global options: +cmd
desdelinux.fan.     10800   IN  SOA dns.desdelinux.fan. root.dns.desdelinux.fan. 6 86400 3600 604800 10800
desdelinux.fan.     10800   IN  NS  dns.desdelinux.fan.
desdelinux.fan.     10800   IN  MX  10 mail.desdelinux.fan.
desdelinux.fan.     10800   IN  TXT "DesdeLinux, su Blog dedicado al Software Libre"
ad-dc.desdelinux.fan.   10800   IN  A   192.168.10.3
blog.desdelinux.fan.    10800   IN  A   192.168.10.7
dns.desdelinux.fan. 10800   IN  A   192.168.10.5
fileserver.desdelinux.fan. 10800 IN A   192.168.10.4
ftpserver.desdelinux.fan. 10800 IN  A   192.168.10.8
LAGER.desdelinux.fan.   3600    IN  TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"
LAGER.desdelinux.fan.   3600 IN  A   192.168.10.30
mail.desdelinux.fan.    10800   IN  A   192.168.10.9
proxyweb.desdelinux.fan. 10800  IN  A   192.168.10.6
suse-desktop.desdelinux.fan. 3600 IN    TXT "31b78d287769160c93e6dca472e9b46d73"
suse-desktop.desdelinux.fan. 3600 IN A   192.168.10.33
sysadmin.desdelinux.fan. 10800  IN  A   192.168.10.1
desdelinux.fan.     10800   IN  SOA dns.desdelinux.fan. root.dns.desdelinux.fan. 6 86400 3600 604800 10800

Soo saarida kore, waxaan ku iftiiminay geesi ka TTL - ilbiriqsiyo - kumbuyuutarrada leh cinwaanada IP-ga ee ay bixiso adeegga DHCP kuwa leh caddeyn cad oo ah TTL 3600 oo ay bixiso DHCP. IPs go'an waxaa haga $ TTL ee 3H -3 saacadood = 10800 ilbiriqsiyo- oo lagu caddeeyay diiwaanka SOA ee feyl kasta aag.

Waxay ku hubin karaan aaga gadaal si isku mid ah.

[xididka @ dns ~] # qod 10.168.192.in-addr.arpa axfr

Amarada kale ee aadka u xiisaha badan waa:

[root@dns ~]# named-journalprint /var/named/dynamic/db.desdelinux.fan.jnl
[xididka @ dns ~] # magacaabay-journalprint /var/named/dynamic/db.10.168.192.in-addr.arpa.jnl
[xididka @ dns ~] # journalctl -f

Wax ka beddelka gacanta ee faylasha Aagagga

Ka dib markii DHCP ay soo gasho ciyaarta si firfircoon u cusbooneysiinta faylasha aagga magacaabayHaddii aan waligeen u baahanahay inaan gacanta wax ka beddelno aag feyl ah, waa inaan fulinno nidaamka soo socda, laakiin aan ahayn ka hor ogaanshaha wax yar oo ku saabsan sida korontada u shaqeyso rdc magaca server gacanta.

[xididka @ dns ~] # nin rndc
....
       barafee [aagga [fasalka [aragtida]]]
           Jooji cusbooneysiinta aagga firfircoon. Haddii aag aan la cayimin, markaa dhammaan aagagga waa la hakiyay. Tani waxay u oggolaaneysaa wax ka beddelka gacanta in lagu sameeyo aag caadi ahaan lagu cusbooneysiiyo cusbooneysiin firfircoon. Waxay sidoo kale keentaa isbeddelada feylka joornaalka si loogu midoobo feylka sayidkiisa. Dhammaan isku dayda cusbooneysiinta firfircoonaanta waa la diidi doonaa inta aagga qabow yahay

       dhalaal [aag [fasal [aragti]]]
           Daar cusbooneysiinta aagga firfircoon ee la qaboojiyay. Haddii aag aan la cayimin, markaa dhammaan aagagga la qaboojiyey waa la awoodsiiyay. Tani waxay u keentaa server-ka inuu dib uga soo rogo aagga ka soo baxa diskka, oo uu dib u cusbooneysiiyo cusbooneysiinta firfircoon ka dib markii xamuulka uu dhammaado. Ka dib marka aag la dhalaaliyo, cusbooneysiinta firfircoonida mar dambe lama diidi doono. Haddii aaggu isbeddelay oo ikhtiyaarka ixfr-ka-khilaafaadka la adeegsanayo, markaa feylka joornaalka waa la cusbooneysiin doonaa si uu uga muuqdo isbeddelada aagga. Haddii kale, haddii aaggu isbeddelay, faylka joornaal kasta ee jira ayaa laga saari doonaa. ....

Waa maxay, miyaad u maleysay inaan qorayo buugan oo dhan? ... gabal waxayna ku socdaan gaari. Inta kale adigaan kuu daayey. 😉

Asal ahaan:

  • qaboojiyaha rndc [aaga [fasalka [aragtida]]], wuxuu hakiyaa cusbooneysiinta firfircoonaanta aagga. Haddii midkoodna aan la cayimin, dhammaantood waa la qaboojin doonaa. Amarku wuxuu u oggolaanayaa tafatirka gacanta ee aagga la qaboojiyey ama dhammaan aagagga. Wixii cusbooneysiin firfircoon ayaa la diidi doonaa inta la qaboojinayo.
  • rndc dhalaal [aag [fasal [aragti]]], wuxuu awood u siinayaa cusbooneysiinta firfircoon ee aag hore loo qaboojiyey. Server-ka DNS-ka wuxuu dib uga soo buuxiyaa faylka aagga disk-ka, cusbooneysiinta firfircoonina dib ayaa loo shaqeysiiyaa kadib markii dib u buuxinta ay dhammaato.

Digtoonno in la qaado marka aan gacanta ku saxno faylka aag? La mid ah haddii aan abuureyno, annaga oo aan ilaawin inaan ku kordhinno tirada taxanaha ah 1 ama serial ka hor intaadan kaydin feylka oo leh isbeddelada ugu dambeeya.

Tusaale:

[xididka @ dns ~] # rndc xayiray desdelinux. taageere

[root@dns ~]# nano /var/named/dynamic/db.desdelinux. taageere
Waxaan wax ka beddelaa feylka aagga sabab kasta ha noqotee, lagama maarmaan ama maahan. Waxaan badbaadinayaa isbedelada

[xididka @ dns ~] # rndc dhalaal desdelinux. taageere
Dib-u-dejin aag iyo dhalaalid ayaa la bilaabay. Hubi diiwaanada si aad u aragto natiijada.

[xididka @ dns ~] # journalctl -f
ene 29 14:06:46 dns named[2257]: thawing zone 'desdelinux.fan/IN': success
ene 29 14:06:46 dns named[2257]: zone desdelinux.fan/IN: zone serial (6) unchanged. zone may fail to transfer to slaves.
ene 29 14:06:46 dns named[2257]: zone desdelinux.fan/IN: loaded serial 6

Ciladdii soo-saarkii hore, oo lagu muujiyay casaanka qalabka, waxaa sabab u ah xaqiiqda ah inaan "ilaaway" inaan ku kordhiyo nambarka taxanaha ah 1. Haddii aan si sax ah u raaci lahaa nidaamka, wax soo saarku wuxuu noqon lahaa:

[xididka @ dns ~] # journalctl -f
-- Logs begin at dom 2017-01-29 08:31:32 EST. --
ene 29 14:06:46 dns named[2257]: zone desdelinux.fan/IN: loaded serial 6
ene 29 14:10:01 dns systemd[1]: Started Session 43 of user root.
ene 29 14:10:01 dns systemd[1]: Starting Session 43 of user root.
ene 29 14:10:01 dns CROND[2693]: (root) CMD (/usr/lib64/sa/sa1 1 1)
ene 29 14:10:45 dns named[2257]: received control channel command 'freeze desdelinux.fan'
ene 29 14:10:45 dns named[2257]: freezing zone 'desdelinux.fan/IN': success
ene 29 14:10:58 dns named[2257]: received control channel command 'thaw desdelinux.fan'
ene 29 14:10:58 dns named[2257]: thawing zone 'desdelinux.fan/IN': success
ene 29 14:10:58 dns named[2257]: zone desdelinux.fan/IN: journal file is out of date: removing journal file
ene 29 14:10:58 dns named[2257]: zone desdelinux.fan/IN: loaded serial 7
  • Saaxiibbada akhristaha, waxaan ku celinayaa inaad si taxaddar leh u akhrido wax soo saarka amarka. Waxyaabaha ay horumariyayaasheeda ku bixiyeen shaqo aad u fara badan ayaa ku amartay amar kasta, iyadoon loo eegin sida ay u fududahay.

Resumen

Illaa iyo hadda waxaan wax ka qabannay hirgelinta labada dhinac ee loo yaqaan 'DNS - DHCP couple', oo muhiim u ah adeegyada muhiimka u ah waxqabadka wanaagsan ee shabakadeena 'SME Network', annaga oo tixraacayna bixinta cinwaannada firfircoon ee loo maro DHCP iyo xallinta kumbuyuutarrada iyo magacyada domain ee loo maro DNS.

Waxaan si dhab ah u rajeyneynaa inaad ugu riyaaqday nidaamka oo dhan sidaan ugu faraxnay. In kasta oo ay umuuqato mid aad u dhib badan adoo adeegsanaya qunsulka, hadana way ka fududdahay waxbarashaduna inay kafiican tahay UNIX® / Linux iyadoo adeegsanaysa

Waxay iga cafiyaan fasiraad kasta oo khaldan ee fikradaha fikirka ah, la abuuray, la qoray, dib loo eegay, dib loo qoray, laguna daabacay luqadda Shakespeare, ee aan ahayn Cervantes. 😉

Gaarsiinta xigta

Waxaan u maleynayaa in yar oo isku mid ah - oo lagu daro aragtiyo ku saabsan diiwaanka DNS - laakiin Debian. Ma hilmaami karno qaybintaas, sax?


15 faallooyin, ka tag taada

Ka tag faalladaada

cinwaanka email aan la daabacin doonaa. Beeraha loo baahan yahay waxaa lagu calaamadeeyay la *

*

*

  1. Masuul ka ah xogta: Miguel Ángel Gatón
  2. Ujeedada xogta: Xakamaynta SPAM, maaraynta faallooyinka.
  3. Sharci: Oggolaanshahaaga
  4. Isgaarsiinta xogta: Xogta looma gudbin doono dhinacyada saddexaad marka laga reebo waajibaadka sharciga ah.
  5. Kaydinta xogta: Macluumaadka ay martigelisay Shabakadaha Occentus (EU)
  6. Xuquuqda: Waqti kasta oo aad xadidi karto, soo ceshan karto oo tirtiri karto macluumaadkaaga.

  1.   Christian Merchan dijo

    Aad iyo aad baad ugu mahadsan tihiin shaqadiina la mahadiyey ee qorista maqaallada midho-dhalka ah. Wax badan ayey ii tari doontaa

  2.   federico dijo

    Aad baadna ugu mahadsantahay, Cristian, inaad ila socotid iyo qiimeyntaada qormadan. Guul!

  3.   Ismaaciil Alvarez Wong dijo

    Ka dib markii aan muuqaalka koowaad ku eegay qoraalkan cusub ee Federico, xirfad-yaqaankii weynaa ee lagu dhex arkay taxanaha «PYMES» ayaa mar kale la ogaan karaa; marka lagu daro faahfaahinta weyn ee muujineysa boggaaga laba ka mid ah adeegyada ugu muhiimsan (DNS iyo DHCP) ee shabakad kasta. Munaasabaddan oo aan kaga duwannahay faallooyinkaygii hore, waxaan hayaa faallo 2aad oo aan sugayo ka dib markaan dhaqan geliyo wixii aan ku sheegay qoraalkan.

  4.   isxaaq 88 dijo

    Faallooyin ma jiraan, pa '400 !!! Fico waad ku mahadsan tahay waayo sifiican ayaad u ogtahay inaan aqriyay qoraaladaada mana waydiisan karno wax intaa ka badan. Waxaad ku bilaabaysaa urur aad u wanaagsan, laga bilaabo sida loo rakibo oo loo dejiyo desktop-ka shaqsiyeed ee isticmaaleha, xarrunta shaqadu waa saldhigga, waa dareenka ahaanshaha adeegyadan shabakadeed ee aad si fiican u sharaxday. Waad fuuleysay inkasta oo ay run tahay in heerka uu sii kordhayo, waa run inaad wax u qortay oo aad daabacday kuwa ka yar kuwa bilaabaya, kuwa aniga ila mid ahaa in muddo ah iyo kuwa ugu horumarsan.
    Waqti ka dib waxaan soo gunaanaday in aan ogahay in qaar badani hore u yimaadeen, aragtida, taas oo kharash badan noogu kacaysa inaan ku kasbano xaqiiqda fudud ee ah inaanan rabin inaan wax akhriyo, maxaa yeelay fulinta xukunku mar horeba wuu ka fudud yahay markaan ogaano waxa aan qabanayno, sababta ???, su'aalaha, halkee laga helayaa iyo sida looga baxayaa khaladka madax xanuunka badan keenaya marka aynaan garanaynin halka ay ka yimaadeen, oo u qalma dib-u-dhigista.
    Sababtaas awgeed, ma jecli inaad ka tagto waxyaabahaas aragtiyaha ah ee aad ku dari doontid ee ku saabsan diiwaanka DNS ee daabacaadda soo socota sidaad ku dhawaaqday, aad iyo aad bay uga yar tahay markay u timaaddo gacaliyaha iyo gacaliye DEBIAN.
    AAD BAAD U MAHADSAN tahay waana sugeynaa.

  5.   ka fogaansho dijo

    Aad u fiican sida had iyo jeer Fico! Waxaan sugayaa nooca Debian-ka, sanado badan ayaan ku ciyaarayay wax walboo 'distro' ah.

  6.   federico dijo

    Wong: Aragtidaada ka dib akhriska ayaa qiimo badan leh. Waxaan sugayaa faallooyinkaaga marka aad tijaabiso waxyaabaha ku jira, maxaa yeelay waan ogahay inay taasi tahay sida aad u jeceshahay inaad sameyso. 😉

  7.   federico dijo

    Crespo: Had iyo jeer, faallooyinkaaga si wanaagsan ayaa loo aqbalay. Waxaan arkaa inaad qabsatay xariiqa guud ee aan ku soo qaatay halabuurka silsiladan. Waxaan rajeynayaa in, sidaada oo kale, inbadan ay durba ogaadeen. Waad ku mahadsantahay faalladaada.

  8.   federico dijo

    Qulqulka: Wanaagsan inaan markale ku aqriyo! Ma sugi doontid waqti dheer. Isniinta ugu dambayn - ama ka hor - waa la dhammayn doonaa daabacaadda. Ha u malayn inay ii fududahay inaan daboollo saddex diro oo kala duwan, laakiin Akhristaha Ixtiraamka leh, ayaa codsanaya. Kaliya maahan Debian iyo Ubuntu, laakiin Saddexda u janjeedha SMEs.

  9.   isxaaq 88 dijo

    Haddii aad daabacday, waa sababta oo ah waad awoodi kartaa, waanu ku taageersanahay waana ognahay inaad raacayso qadkaas.
    Dhunkad ahaan waxaan sugaa sii deynta Debian-ka oo leh ilko fiiqan. Way fiicnaan laheyd haddii aad wax yar ka daboosho NTP. Sl2 iyo hab weyn. Haddii macallimiintaydu i bari lahaayeen wax walba oo sidaas ah, HAHAJJA, Platinum Degree, HAHAJJA.

  10.   federico dijo

    Heerka faahfaahinta ee soo saarista taliska ayaa lagama maarmaan u ah in la muujiyo muhiimadda ay leedahay. Wax badan bay dhahaan. Waa run in maqaallo kooban ay ka hadlayaan heerkan faahfaahinta ah, maxaa yeelay waxay u maleynayaan inay ahaan lahaayeen maqaallo dhaadheer oo culus in la akhriyo. Hagaag, qayb kamid ah shaqada SysAdmin waa aqrinta waxsoosaarka culus oo faahfaahsan, kaliya ma ahan wajiga dhibaatada, laakiin sidoo kale wajiga jeegagga.

  11.   Ismaaciil Alvarez Wong dijo

    Hello Federico, horey ayaan u ballanqaaday, inaan qoro faallooyin ka dib markaan si taxaddar leh u darsay boostada su'aasha laga hadlayo; Hagaag, halkan ayay ku sii socdaan:
    - Farsamo weyn halkii laga abuuri lahaa furaha TSIG ee loogu talagalay cusbooneysiinta cusbooneysiinta DNS-ka ee DHCP, oo nuqul ka ah isla rndc.key fure u ah dhcp.key, tan oo u muuqata "si fudud" waxay muujineysaa in ujeedku uusan ahayn oo keliya farsamada ee HOWTO-INSTALL-DNS - & - DHCP laakiin wuxuu na barayaa inaan ka fikirno, 5 Xidigood oo loo qoro qoraaga.
    – Muy interesante en el archivo de configuración del DNS, named.conf, la presencia de la linea «allow-transfer { localhost; 192.168.10.1; };» para realizar test el Dominio «desdelinux.fan» solamente desde la estación de trabajo del SysAdmin y el localhost (el propio server DNS), y además de la inserción de la clave TSIG para la actualización del DNS desde el DHCP.
    - Aad u wanaagsan abuurista aagagga tooska ah iyo rogaalka ee DNS oo ay weheliso sharraxaad "faahfaahsan" noocyadooda diiwaanno, marka lagu daro fulinta amarka "# magacaabay-jeegga -fp" si loo hubiyo dhammaan qaabeynta magaca ka hor intaan la gaarin dib u dejin adag, iyo sidoo kale tusaalooyinka socodsiinta "qod" amarka si loo xaqiijiyo noocyada kala duwan ee diiwaanada DNS.
    . Qaabeynta DHCP (adoo adeegsanaya faylka /etc/dhcp/dhcpd.conf):
    - Sida loogu daro shabakadeena maxalliga ah kala duwanaanta cinwaanada IP-ga ee firfircoon si loo qoondeeyo, qeexitaanka magaca server-ka, iwm; iyo sidoo kale sida loogu sheego DHCP si loo cusbooneysiiyo diiwaanka DNS adoo adeegsanaya khadadka "ddns- ..." qaabeynta.
    . Cuando todo ya esta operativo, 5 ESTRELLAS PARA EL AUTOR, en la ejecucion del comando «# dig desdelinux.fan axfr» para comprobar el TTL de los equipos de la LAN que tienen IP static de los que tienen IP dinámicas asignadas.
    . Por ultimo, GENIAL, la modificación manual de archivos de Zonas congelándolas primero con «# rndc freeze desdelinux.fan», realizando a continuación la modificación y descongelándolas finalmente con «# rndc thaw desdelinux.fan»
    . IYO KII UGU FIICAN, WAX KASTA OO LAGU QABTAY KU-MEEL GAARKA.
    Sii wad Fico.

    1.    Joy dijo

      Hello,
      Haddii aad tahay shabakad, waxaad ka heli kartaa baaritaan ku saabsan achterhalen hoe het kan dat alles gedeeld en verwijderd wordt op mijn computer zelfs mijn foto's. Ik heb totaal geen control meer over mijn eigen computer on mobiel.
      Het zit m dus ook in het dns gudaha dhcp. Ik weet echt niet hoe ik dit moet oplossen en het kan verwijderen. Misschien dat iemand mij willilten? Dit waa namelijk buiten mij om geinstalleerd. Walgelijk gedrag vind ik het.

  12.   federico dijo

    Wong: faalladaadu waxay dhameystireysaa maqaalka. Dhab ahaan, waxay muujineysaa inaad si fiican u baratay. Haddii kale, kama faalloon kartid heerka faahfaahinta aad samaynayso. Kaliya ku dar intaas ogolaansho-wareejin Waxaa badanaa loo adeegsadaa marka aan leenahay addoon DNS ah waxaanan u oggolaaneynaa wareejinta aagagga sayidka. Waxaan ku isticmaalaa habkaas maxaa yeelay waa farsamo si fudud loo hirgelin karo oo lagu sameeyo jeegag aan khatar ahayn oo laga sameeyo hal kombiyuutar. Aad baad ugu mahadsantahay qiimeyntaada 5. Salaan! waana ku sii sugi doonaa maqaaladeyda soo socota.

  13.   IgnacioM dijo

    Waad salaaman tahay Federico. Waan ogahay inaan yara yara daahay, laakiin waxaan jeclaan lahaa inaan ku weydiiyo su'aal.
    Nidaamkani miyuu i caawin doonaa haddii aan doonayo inaan tilmaamo domain ka ah serverkayga vps?

    15-kii daqiiqo ee kasta waxaan helayaa farriimahan nidaamka:

    DHCPREQUEST on eth0 ilaa dekedda 67 (xid =…)
    DHCPACK laga bilaabo (xid =…)
    ku xidhan - cusboonaysiinta 970 ilbidhiqsi.

    Iyo wixii aan ka fahmay waa inaan ku abuuraa rikoor diiwaanka boggeyga iyo ip ee adeegeyga gaarka ah.

    * Waan ku hambalyeynayaa waana ku mahadsan yahay maqaalkan, ma garanayo inay tahay waxa aan raadinayey laakiin waxaan ka helay mid aad u xiiso badan oo si fiican loo sharaxay. Intaa waxaa sii dheer waxaan qaataa talo soo jeedinta "DNS iyo BIND" oo aan horeyba u xamanayay oo ay umuuqato mid aad u xiiso badan.

    Salaan ka timid Argentina!

    1.    Antonio valdes toujague dijo

      fadlan ila soo xiriir valdestoujague@yandex.com