DNS iyo DHCP ee CentOS 7 - Shabakadaha SMB

Tusmada guud ee taxanaha: Shabakadaha Kombuyuutarka ee loogu talagalay SMEs: Hordhac

Saaxiibbo waad salaaman tihiin !. Waxaan ku arki doonnaa qodobkaan sida aan u hirgelin karno labada adeeg ee muhiimka u ah shabakadaha ay sameysay DNS iyo DHCP ee CentOS - Linux, gaar ahaan nooca 7.2.

  • Maqaallada qaarkood ee ku saabsan DNS waxay tixraacayaan xaqiiqda ah in hirgelinta adeeggan ay tahay waxoogaa mugdi ah oo adag. Aad ugama raacsani hadalkaas. Waxaan jeclaan lahaa inaan iraahdo waa wax fikradeed iyo inbadan oo faylalka iskuxirka ah ay leeyihiin iskudhaf isku buuq badan. Nasiib wanaag, waxaan haynaa qalab aan ku hubino, talaabo talaabo, qaabeynta feyl kasta oo qaabeynta ah oo aan wax ka bedelno. Sidaa darteed, waxaan isku dayi doonaa inaan ka dhigno aqrinta qoraalkan mid raaxo leh oo raaxo leh intii suurtagal ah..

Kuwa raadinaya aasaasiga labada adeeg, waxaan si xoog leh kugula talineynaa inaad ka bilowdo raadintaada Wikipedia, labadaba noocyadeeda Isbaanishka iyo Ingiriiska. Run ma ahan run run ahaan maqaallada ku qoran Ingiriisigu had iyo jeer way ka dhameystiran yihiin isla markaana waa isku xiran yihiin. Weli, Wikipedia waa bar bilow aad u wanaagsan.

Kuwa idinka mid ah ee runtii doonaya inay wax ka bartaan DNS iyo BIND, waxaan kugula talineynaa inaad aqriso buugga «OReilly - DNS iyo BIND 4ed"waxaa qoray Paul albitz y Cricket Liu, ama daabac dambe oo hubaal jira.

Waxaan horey u daabacnay maqaal ku saabsan mowduuca cinwaankiisu yahay «DNS iyo DHCP ee furanSUSE 13.2 Shabakadaha Harlequin - SME»Loogu talagalay dadka jecel jawiga muuqaalka leh. Si kastaba ha noqotee, wixii hadda ka dambeeya waxay la kulmi doonaan maqaallo ku saabsan mowduucan - ma ahan kuwa kale- oo lagu qoray adeegsi fara badan oo emulator ka ah terminal ama konsol. Wow, qaabka caadiga ah ee ay adeegsadaan UNIX® / Linux Maamulayaasha Nidaamka.

Haddii aad rabto inaad waxbadan ka ogaato magaca dambe ee cinwaanka maqaalkan «Shabakadaha SME»Waxaad booqan kartaa bogga ku jira boggan«Shabakadaha SME: markii ugu horreysay oo la jaro«. Dhexdeeda waxaad ka heli doontaa xiriiriyeyaal maqaallo kale oo badan oo la daabacay ah.

  • Ka dib marka la rakibo CentOS 7 Operating System waxaa lagu dhammeeyaa xirmooyinka aan kugula talineyno, el tusaha /usr/share/doc/bind-9.9.4/ Waxay ka kooban tahay qaddarro dukumiinti ah oo aan kugula talineyno inaad la tashato ka hor intaadan ku dhaqaaqin raadinta internetka adigoon marka hore ogeyn, farahaaga iyo gurigaaga, waxaad ka heli kartaa waxa aad raadineyso.

Rakibaadda nidaamka salka

Xogta guud ee bogga iyo server-ka DNS

Magaca domain: desdelinux.fan
Magaca server-ka DNS: dns.fromlinux.fan
Cinwaanka IP: 192.168.10.5
Maaskaro Subnet: 255.255.255.0

Ku rakibida

Waxaan ku bilaabaynaa rakibid cusub ama nadiif ah oo ah nidaamka hawlgalka ee CentOS 7 sida ku xusan qodobka hore «CentOS 7 Hypervisor I - Shabakadaha SMB«. Waxaan kaliya u baahanahay inaan sameyno isbeddelada soo socda:

  • In 22 image «XULASHADA SOFTWARE«, Waxaan kugula talineynaa xulashada safka bidix«Deegaanka BaseIkhtiyaarka u dhigma «Server kaabayaasha«, Inta aad ku jirto safka saxda ah«Plugins loogu talagalay deegaanka la xushayXulo sanduuqa calaamadaha «Magaca DNS server«. Waxaan gadaal ka rakibeynaa server-ka DHCP.
  • Aynu xasuusano cadeynta keydadka dheeraadka ah sida ku cad 23 image, ka dib dejinta «MAGACA Shabakadda & KOOXDA«.
  • Sawirada tixraacaya qormooyinka aan ku abuuri doonno darawgeena adag waxaa kaliya loo siinayaa hageyaal. Xor ayaad u tahay inaad ku xulato qormooyinka ikhtiyaarkaaga, ku dhaqankaaga, iyo caqligaaga wanaagsan.
  • Ugu dambeyntii, in Sawirka 13 «NETWORK & MAGACA KOOXDA»Waa inaan u badalnaa qiimayaasha iyadoo loo eegayo xuduudaha guud ee lagu dhawaaqay domainka iyo serverka DNS, adigoon ilaawin inaan cadeeyo magaca martida loo yahay-kiiskan «dns«- ka dib marka qaabeynta shabakadda la dhammaystiro. Waa wax wanaagsan in la sameeyo ping - laga bilaabo martigaliye kale - cinwaanka IP-ga ee la cayimay ka dib markii shabakadu firfircoon tahay:

DNS iyo DHCP ee CentOS

Xaqiiqdii waxaa jira isbeddelo aad u yar oo aad u muuqda oo ay tahay inaan ku sameyno ixtiraamka maqaalka hore.

Jeegaga hore iyo hagaajinta

Ka dib markaan rakibno nidaamka qalliinka waa inaan dib u eegno feylasha soo socda ugu yaraan, tanna waxaan ku bilaabaynaa kalfadhi iyada oo loo marayo SSH kombiyuutarkayaga sysadmin.fromlinux.fan:

buzz @ sysadmin: ~ $ ssh 192.168.10.5
buzz@192.168.10.5's password: Soo galitaankii ugu dambeeyay: Sabti Jan 28 09:48:05:2017 192.168.10.1 laga bilaabo XNUMX
[buuqa @ dns ~] $

Hawlgalka kor ku xusan wuxuu qaadan karaa waqti ka dheer kan caadiga ah, waxaana badanaa sabab u ah xaqiiqda ah inaanan weli haysan DNS ku saabsan LAN. Mar kale mar kale hubi in DNS uu shaqeynayo.

[buzz @ dns ~] $ bisad / iwm / martigeliyayaal
127.0.0.1 localhost localhost.cocaldomain localhost4 localhost4.localdomain4 :: 1 localhost maxhost.localdomain localhost6 localhost6.localdomain6

[buzz @ dns ~] $ bisad / iwm / magaca martida loo yahay
dns

[buzz @ dns ~] $ bisad / iwm / sysconfig / shabakadaha-qoraallada / ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eth0
UUID=946f5ac9-238a-4a94-9acb-9e3458c680fe
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.10.5
PREFIX=24
GATEWAY=192.168.10.1
DNS1=127.0.0.1
DOMAIN=desdelinux.fan

[buzz @ dns ~] $ bisad /etc/resolv.conf 
# Waxaa abuuray NetworkManager raadinta linux.fan magac bixiyaha 127.0.0.1

Qaababka ugu muhiimsan waxay ka jawaabaan xulashadeenna. Xusuusnow xitaa server-ka Koofiyad Cas 7 - CentOS 7, waxaa loo qaabeeyaa asal ahaan marka Maareeyaha Shabakadda sidaa darteed kani waa kan maamula shabakadaha isku xidhka, ha noqdaan kuwo fiilooyin leh ama kuwo aan fiilo lahayn (WiFi), isku xidhka VPN, xidhiidhada PPPoE, iyo isku xidhka shabakad kasta oo kale.

[buzz @ dns ~] $ sudo systemctl status networkmanager
[sudo] ereyga sirta ah ee loogu talagalay buzz: ● networkmanager.service Rarra: lama helin (Sababta: Ma jiro faylkaas ama galkaas oo kale) Firfircoon: firfircoonayn (dhintay)

[buzz @ dns ~] $ sudo statusctl status NetworkManager
● NetworkManager.service - Maareeyaha Shabakada Load: xamuul ah (/usr/lib/systemd/system/NetworkManager.service; karti u yeeshay; hore u iibiyaha: karti leh) Firfircoon: firfircoon (socda) illaa Sabti 2017-01-28 12:23:59 EST; 12min ago Main PID: 705 (NetworkManager) CGroup: /system.slice/NetworkManager.service └─705 / usr / sbin / NetworkManager --no-daemon

Red Hat - CentOS sidoo kale waxay kuu oggolaaneysaa inaad isku xirto oo aad ka gooyso isdhexgalka shabakadaha adoo adeegsanaya amarrada caadiga ah ifka e hadday hoos u dhacdo. Aynu ku ordi karno qalabka kombuyuutarka:

[xididka @ dns ~] # ifdown eth0
Qalabka 'eth0' ayaa si guul leh looga jaray.

[xididka @ dns ~] # ifup eth0
Xidhiidhku si guul leh ayuu u hawlgalay (D-Bus Jidka firfircoon: / org / freedesktop / NetworkManager / ActiveConnection / 1)
  • Waxaan soo jeedinaynaa ha beddelin hab-dhismeedka asaasiga ah ee CentOS 7 ay bixiso Maareeyaha Shabakadda.

Waxaan si rasmi ah u cadeynaynaa meelaha lagu keydiyo ee aan isticmaali doonno oo aan cusbooneysiin doono nidaamka qalliinka haddii loo baahdo:

[buzz @ dns ~] $ su Password: [xididka @ dns buzz] # cd /etc/yum.repos.d/
[xididka @ dns yum.repos.d] # ls -l
guud ahaan 28 -rw-r - r--. 1 xididka xididka 1664 Dec 9 2015 CentOS-Base.repo -rw-r - r--. 1 xididka xididka 1309 Dec 9 2015 CentOS-CR.repo -rw-r - r--. 1 xididka xididka 649 Dec 9 2015 CentOS-Debuginfo.repo -rw-r - r--. 1 xididka xididka 290 Dec 9 2015 CentOS-fasttrack.repo -rw-r - r--. 1 xididka xididka 630 Dec 9 2015 CentOS-Media.repo -rw-r - r--. 1 xididka xididka 1331 Dec 9 2015 CentOS-Sources.repo -rw-r - r--. 1 xididka xididka 1952 Dec 9 2015 CentOS-Vault.repo

Waa caafimaad in la akhriyo waxa ku jira faylasha cadeynta asalka ah ee ka yimid xarumaha lagu taliyay ee CentOS. Isbedelada aan halkaan ku sameyno waxaa sabab u ah xaqiiqda ah in aanaan haysan internet, oo waxaan la shaqeyneynaa bakhaarro maxalli ah oo laga soo dejiyey tuulada WWW, oo ay wada shaqeeyaan asxaabteena nolosheenna wax yar ka fudud. 😉

[xididka @ dns yum.repos.d] # mkdir asal ah
[xididka @ dns yum.repos.d] # mv CentOS- * asalka /

[xididka @ dns yum.repos.d] # nano centos-repos.repo
[centos-base]
name=CentOS-$releasever
baseurl=http://10.10.10.1/repos/centos/7/base/
gpgcheck=0
enabled=1

[centos-updates]
name=CentOS-$releasever
baseurl=http://10.10.10.1/repos/centos/7/updates/x86_64/
gpgcheck=0
enabled=1

[xididka @ dns yum.repos.d] # yum nadiif dhammaan
Xayeysiisyo la soo raray: fastestmirror, langpacks Meelaha lagu nadiifiyo nadiifinta: centos-base centos-updates Nadiifinta wax walba

[xididka @ dns yum.repos.d] # yum cusbooneysiin
Qalabyo la soo raray: fastestmirror, centos-base langpacks | 3.4 kB 00:00 xarun-cusbooneysiin | 3.4 kB 00:00 (1/2): santos-saldhig / primary_db | 5.3 MB 00:00 (2/2): xarunta-cusbooneysiinta / primary_db | 9.1 MB 00:00 Go'aaminta muraayadaha ugu dheereeya Ma jiraan xirmooyin loo calaamadeeyay cusbooneysiinta

Fariinta «Maya (jira) xirmooyin loo calaamadeeyay cusbooneysiin» - «Xirmo ma jiraan oo loo calaamadeeyay cusbooneysiinta»Waxay muujineysaa, iyadoo lagu dhawaaqayo keydadkii ugu dambeeyay ee aan heli karno inta lagu jiro rakibida, si sax ah xirmooyinka hadda jira ayaa la rakibay.

Ku saabsan macnaha guud ee 'SELinux' iyo "firewall"

Waxaan diirada saari doonnaa qodobkaan - asal ahaan - hirgelinta adeegyada DNS iyo adeegyada DHCP, oo ah Ujeeddadeeda Weyn.

Haddii akhriste kasta xusho Siyaasad Amni inta lagu gudajiro hawsha rakibida, sida ku cad 06 image ee maqaalka tixraaca «CentOS 7 Hypervisor I - Shabakadaha SMB»Waxaa loo adeegsaday rakibida adeegaan DNS-ka - DHCP, waxaadna ogaatay inaadan aqoon sida saxda ah ee loo kala hagaajiyo SELinux iyo CentOS Firewall, waxaan kugula talineynaa inaad ku shaqeyso waxyaabaha soo socda:

Wax ka beddel faylka / etc / sysconfig / selinux iyo isbedel SELINUX = xoojinta by SELINUX = dami

[xididka @ dns ~] # nano / iwm / sysconfig / selinux
# Faylkani wuxuu xukumaa xaaladda SELinux ee nidaamka. # SELINUX = waxay qaadan kartaa mid ka mid ah seddexdaan qiime: # fulinta - siyaasada amniga SELinux waa la dhaqan galiyay. # oggolaansho - SELinux wuxuu daabacaa digniino halkii uu ka fulin lahaa. # naafo ah - Majiro siyaasad SELinux ah oo la raray.
SELINUX = naafada
# SELINUXTYPE = wuxuu qaadan karaa mid kamid ah sedexda qiime: # bartilmaameed - Howlaha la bartilmaameedsaday waa la ilaaliyaa, # ugu yar - Wax ka badalka siyaasada bartilmaameedka. Kaliya habab la xushay waa pr $ # mls - Ilaalinta Amniga Heerka Badan. SELINUXTYPE = bartilmaameed

Kadibna amarrada soo socda

[xididka @ dns ~] # dejin xoog 0
[xididka @ dns ~] # adeegga joojinta dabka
U hagida / bin / systemctl u joojinta firewalld.service

[xidid @ dns ~] # systemctl gab dab-damiska
Laga saaray symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Laga saaray symlink /etc/systemd/system/basic.target.wants/firewalld.service.

Haddii aad fulinaysid server-ka DNS ee aad u jeedinaysid Internet-ka, waa in AADAN samayn waxa kor ku xusan, laakiin aad u qaabeysid qaabka SELinux iyo Firewall si sax ah. Eeg "Qaabeynta Server ee GNU / Linux, qoraaga Joel Barrios Dueñas" ama dukumiintiyada CentOS lafteeda - Koofiyad Cas

Waxaan u qaabeynaa BIND-ga la magacaabay

  • El tusaha /usr/share/doc/bind-9.9.4/ waxaa ku jira qaddar badan oo dukumiinti ah oo aan kugula talineyno inaad la tashato ka hor intaadan ku dhaqaaqin raadinta internetka adigoon marka hore ogeyn, farahaaga iyo gurigaaga, waxaad ka heli kartaa waxa aad raadineyso

Qeybinta badan adeegga DNS ee lagu rakibay xirmada BIND ayaa la yiraahdaa magacaabay (Magaca Daemon). CentOS 7 waxaa lagu rakibay naafo ahaan, marka loo eego soo saarida amarka soo socda, halkaasoo ay ku sheegayso in xaaladdeeda ay tahay «naafo ah«, Iyo in gobolkan lagu caddeeyay« iibiyaha »- hore iibiyaha. Diiwaanka, BIND waa Software Bilaash ah.

Awood u siinta adeegga la magacaabay

[xididka @ dns ~] # systemctl status magacaabay
Named.service - Berkeley Magaca Internetka (DNS) Load: raran (/usr/lib/systemd/system/named.service; naafo ah; hore u iibiyaha: naafo ah) Firfircoon: firfircooneyn (dhintay)

[xididka @ dns ~] # systemctl karti loo siiyay
Summad laga sameeyay /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.

[xididka @ dns ~] # systemctl bilawga la magacaabay

[xididka @ dns ~] # systemctl status magacaabay
Named.service - Berkeley Magaca Internetka (DNS) Load: raran (/usr/lib/systemd/system/named.service; karti leh; hore u iibiyaha: naafo ah)
   Hawl: firfircoon (ordaya) ilaa Sab 2017-01-28 13:22:38 EST; 5min kahor Geeddi-socod: 1990 ExecStart = / usr / sbin / magacaabay -u magacaabay $ XULASHADA (lambar = kabaxsan, xaalad = 0 / GUUL) Geeddi-socod: 1988 ExecStartPre = / bin / bash -c haddii [! "$ DISABLE_ZONE_CHECKING" == "haa"]; markaa / usr / sbin / magacaabay-checkconf -z /etc/named.conf; kale ayaa ku celceliya "Hubinta faylasha aagga oo naafo ah"; fi (koodh = baxay, status = 0 / GUUL) Main PID: 1993 (magacaabay) CGroup: /system.slice/named.service └─1993 / usr / sbin / magacaabay -u oo la magacaabay Jan 28 13:22:45 dns magacaabay [1993]: khalad (shabakad aan la heli karin) xallin './NS/IN': 2001: 500: 2f :: f # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (network lama helin) xallin './ DNSKEY / IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalinta' ./NS/IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalin './DNSKEY/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns oo la magacaabay [1993] ]: khalad (shabakad aan la heli karin) xallin './NS/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalin './DNSKEY/ IN ': 2001: dc3 :: 35 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (shabakad aan la heli karin) xalin' ./NS/IN ': 2001: dc3 :: 35 # 53 Jan 28 13: 22:47 dns magacaabay [1993]: qalad (network lama heli karo) xallin './DNSKEY/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:47 dns magacaabay [1993]: qalad (network lama helin) res olving './NS/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:48 dns magacaabay [1993]: management-key-zone: Lama keeni karo DNSKEY set '.': timed out

[xididka @ dns ~] # systemctl dib u bilaw magaciisu yahay

[xididka @ dns ~] # systemctl status magacaabay
Named.service - Berkeley Internet Name Domain (DNS) Load: raran (/usr/lib/systemd/system/named.service; karti u leh, iibiyaha horena waa naafo u yahay)
   Hawl: firfircoon (ordaya) ilaa Sab 2017-01-28 13:29:41 EST; 1s kahor Geedi socod: 1449 ExecStop = / bin / sh -c / usr / sbin / rndc stop> / dev / null 2> & 1 || / bin / dil -TERM $ MAINPID (koodh = kabax, xaalad = 0 / GUUL) Geedi socodka: 1460 ExecStart = / usr / sbin / magacaabay -u magacaabay $ OPTIONS (koodh = kabax, xaalad = 0 / GUUL) Nidaamka: 1457 ExecStartPre = / bin / bash -c haddii [! "$ DISABLE_ZONE_CHECKING" == "haa"]; markaa / usr / sbin / magacaabay-checkconf -z /etc/named.conf; kale ayaa ku celceliya "Hubinta faylasha aagga oo naafo ah"; fi (koodh = baxay, xaalad = 0 / GUUL) Main PID: 1463 (magacaabay) CGroup: /system.slice/named.service └─1463 / usr / sbin / magacaabay -u oo la magacaabay Jan 28 13:29:41 dns oo la magacaabay . magacaabay [1463]: aagga 28.in-addr.arpa/IN: xamuul taxan 13 Jan 29 41:1463:2 dns magacaabay [28]: zone localhost.localdomain / IN: serial load 13 Jan 29 41:1463:0 dns magacaabay [0]: zone 28.in-addr.arpa/IN: xamuul taxane ah 13 Jan 29 41:1463:0 dns magacaabay [28]: soonaha 13 .29.ip41.arpa / IN: serial load 1463 Jan 1.0.0.127 0:28:13 dns magacaabay [29]: zone localhost / IN: taxane rar 41 Jan 1463 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 : 6: 0 dns oo loogu magac daray [28]: dhammaan aagagga ay rarteen Jan 13 29:41:1463 dns oo la magacaabay [0]: socda Jan 28 13:29:41 dns systemd [1463]: Wuxuu bilaabay Berkeley Internet Name Domain (DNS).

Ka dib markaan karti u yeelano adeegga magacaabay oo waxaan ku bilaabaynaa markii ugu horeysay, soo saarida taliska systemctl status loo magacaabay waxay muujinaysaa khaladaad. Markii aan dib u bilaabanno adeegga hoosta, the magacaabay wuxuu abuuraa dhammaan feylasha qaabeynta oo, marka loo eego, ay lagama maarmaan u tahay hawlgalkeeda saxda ah. Sidaa darteed, markaan mar kale fulino amarka systemctl status loo magacaabay khaladaad dambe lama muujinayo.

  • Qaali qaali ah, qaali ah, oo dalbanaya Akhriste: haddii aad rabto inaad ogaato - ugu yaraan - jidkee ku socda dhammaadka godka bakaylaha, fadlan si deggan u akhri natiijooyinka faahfaahsan ee amar kasta. 😉 Xaqiiqdii qodobku wuxuu umuuqanayaa xoogaa dheer, laakiin ha inkirin inuu ku kasbaday sharraxaad iyo caddayn.

Waxaan wax ka badalnaa faylka /etc/named.conf

Faallooyin badan oo akhristayaal ah ayaa muujinaya -Ma dhahayo- Caqli xumada haysata qaybaha kala duwan ee Linux waxay leedahay, oo ah in la dhigo faylasha qaabeynta qaabdhismeed fayl ay ku jiraan magacyo kaladuwan iyadoo kuxiran distoorka. Way saxan yihiin. Laakiin maxaan samayn karnaa, adeegsadayaasha fudud ee adeegsada qaybinta, ma sameyn karnaa? La qabsi! 😉

By the way, in FreeBSD, UNIX® clone «Asalka», feylku wuxuu ku jiraa /usr/local/etc/namedb/named.conf; intii aad ku jirtay Debian, marka lagu daro in loo kala baxo afarta fayl magacaabay.conf, magacaabay.conf.options, magacaabay.conf.default-aagagga, iyo magacaabay.conf.local, wuxuu ku jiraa galka / iwm / xidho /. Kuwa doonaya inay ogaadaan meesha u furan yahaySUSE dhigeeda, akhri «DNS iyo DHCP ee furanSUSE 13.2 Shabakadaha Harlequin - SME«. Akhristayaashu waa sax! 😉

Iyo sida aan had iyo jeer sameyno: ka hor inta aan wax laga badalin, waxaan ku keydineynaa faylka qaabeynta asalka ah magac kale.

[xididka @ dns ~] # cp /etc/named.conf /etc/named.conf.original

Si loo fududeeyo nolosha, halkii laga soo saari lahaa furaha TSIG wixii cusbooneysiin ah oo ku saabsan cusbooneysiinta DNS-ka ee DHCP, waxaan nuqul ka dhignaa isla furaha rdc.key sida dhcp.keyga.

[xididka @ dns ~] # cp /etc/rndc.key /etc/dhcp.key

[xididka @ dns ~] # nano /etc/dhcp.key
fure "dhcp-key" {algorithm hmac-md5; qarsoodi ah "OI7Vs + TO83L7ghUm2xNVKg =="; };

Sidaas in magacaabay akhrin karaa feylka hadda la soo guuriyey, waxaan wax ka beddeleynaa kooxdii iska lahayd:

[xididka @ dns ~] # xididka la jarjaray: oo loo magacaabay /etc/dhcp.key [xididka @ dns ~] # ls -l /etc/rndc.key /etc/dhcp.key -rw-r -----. 1 xidid magaciisu yahay 77 Jan 28 16:36 PM /etc/dhcp.key -rw-r -----. 1 xidid magaciisu yahay 77 Jan 28 13:22 /etc/rndc.key

Faahfaahinta yar yar sida tii hore ayaa ah waxa nagu waalan kara isku dayga inaan xisaabino, hadda ... meeday dhibaatadu ...? oo leh sifooyin kale oo dheeraad ah, kuwaas oo aynaan u qorin si xushmad leh xushmadda.

Hadda haddii - ugu dambeyntii! - waxaan wax ka beddeleynaa feylka /etc/named.conf. Isbedelada ama ku darista ee aan sameynay, marka loo eego asalka, waxay ku jiraan geesi. Si fiican u fiirso inta yar.

[xididka @ dns ~] # nano /etc/named.conf
// // magacaabay.conf // // Waxaa bixiya xirmo xirmo ah oo loo yaqaan 'Red Hat bind bond' si loogu habeeyo ISC BIND oo loogu magac daray (8) DNS // server oo ah keydiyaha kaliya kaydiyaha (sida xalliyaha DNS local local kaliya). // // Eeg / usr / share / doc / bind * / muunad / tusaale feylasha qaabeynta la magacaabay. //

// Liiska Xakamaynta Helitaanka oo ku dhawaaqaya shabakadaha awood u yeelan doona la-tashiga
// adeegeyga la magacaabay
acl dhoobnaa {
 127.0.0.0 / 8;
 192.168.10.0 / 24;
};

doorashooyinka {
 // Waxaan cadeynayaa in daemon la magacaabay uu sidoo kale dhageysto isdhexgalka
 // eth0 oo leh IP: 192.168.10.5
    dhagayso-dekedda 53 {127.0.0.1; 192.168.10.5; };
    dhagayso-on-v6 dekedda 53 {:: 1; }; galka "/ var / magacaabay"; qashin-fayl "/var/named/data/cache_dump.db"; tirakoobka-faylka "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";

 // Bayaanka gudbiyeyaasha
 // hagayaasha {
 // 0.0.0.0;
 // 1.1.1.1;
 //};
    // hore u sii gudbi;

    // Waxaan kaliya u oggolaanayaa weydiimaha ACL-ga miisaanka leh
    su'aal-weydiin {mired; }; // Si aad uga hubiso amarka dig desdelinux.fan axfr // oo ka socda goobta shaqada ee SysAdmin iyo localhost oo keliya // Ma lihin adeegeyaal addoon DNS ah. Uma baahnin ... ilaa hadda.
 ogolaansho-wareejin {localhost; 192.168.10.1; };

    / * - Haddii aad dhiseysid serverka AGOODKA DNS ah, HA u oggolaan dib u noqoshada. - Haddii aad dhiseysid serverka 'RECURSIVE (caching) DNS', waxaad u baahan tahay inaad awood u siiso dib u noqoshada. - Haddii server-kaaga DNS-ka ah ee soo noqnoqda uu leeyahay cinwaan IP ah oo dadweyne ah, WAA INAAD awood u yeelatid xakameynta marin u helidda si loo xaddido weydiimaha isticmaalayaashaada sharciga ah. Haddii aanad sidaa yeelin waxay sababi doontaa in adeegahaagu qayb ka noqdo weerarada ballaadhinta ballaaran ee DNS. Ku-hirgelinta BCP38 gudaha shabakaddaada waxay si weyn u yareyn doontaa dusha weerarka *
    // Waxaan ubaahanahay adeege AQOONSIGA LANkeena - SME
    dib u noqoshada maya;

    dnssec-karti haa; ansaxnimada dnssec haa; / * Jidka loo maro furaha ISC DLV * / bindkeys-file "/etc/named.iscdlv.key"; maaraynta-furayaasha-galka "/ var / magacaabay / firfircoon"; faylka-faylka "/run/named/named.pid"; fadhi-keyfile "/run/named/session.key"; }; qorista {kanaalka default_debug {feyl "data / named.run"; darnaanta firfircoonaanta; }; }; aagga "." IN {nooc tilmaam ah; faylka "magacaabay.ca"; }; ka mid ah "/etc/named.rfc1912.zones"; ka mid ah "/etc/named.root.key";

// Waxaan ku darnaa furaha TSIG ee loogu talagalay cusbooneysiinta DNS // // by DHCP
ku dar "/etc/dhcp.keyga";

// Bayaanka magaca, nooca, goobta, iyo cusboonaysiinta rukhsadda
// ee Aagagga Diiwaanada DNS // Labada Aag waa MASTERS
soonaha "desdelinux.fan" {
 nooca master;
 faylka "firfircoon / db.fromlinux.fan";
 u oggolow-cusbooneysiin {fure dhcp-key; };
};

aagga "10.168.192.in-addr.arpa" {
 nooca master;
 faylka "firfircoon / db.10.168.192.in-addr.arpa";
 u oggolow-cusbooneysiin {fure dhcp-key; };
};

Waxaan hubineynaa qaabeynta

[xididka @ dns ~] # magacaabay-jeegga 
[xididka @ dns ~] #

Maadaama amarka kor ku xusan uusan waxba soo celinayn, qaab dhismeedka waa ok. Si kastaba ha noqotee, haddii aan fulino isla amarka, laakiin ikhtiyaar ahaan -z, wax soo saarku wuxuu noqon doonaa:

[xididka @ dns ~] # magacaabay-jeegga -f
aagga localhost.localdomain / IN: aag xarago 0 aag localhost / IN: aag 0 ah 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .ip6.arpa / IN: taxane xamuul 0 aag 1.0.0.127.in-addr.arpa/IN: taxane xamuul 0 aag 0.in-addr.arpa/IN: taxane ah 0 soone laga keenay linux.fan/IN: ka soo rarida sayidka faylka firfircoon / db.from Linux.fan wuu kufashilmay: faylka kama helin soonaha ka yimid Linux.fan/IN: looma shubin khaladaadka jira awgood. _default / desdelinux.fan / IN: Faylka lama helin aag 10.168.192.in-addr.arpa/IN: rarkii laga keenay faylka masterka dynamics / db.10.168.192.in-addr.arpa wuu fashilmay: Faylka lama helin aaga 10.168.192 .in-addr.arpa / IN: looma shubin khaladaadka jira awgood. _default / 10.168.192.in-addr.arpa / IN: faylka lama helin

Dabcan waa khaladaad dhaca maxaa yeelay weli maanaan abuurin aagagga Diiwaangelinta DNS ee bartayada.

  • Wixii macluumaad dheeraad ah ee ku saabsan taliska loo yaqaan 'checkconf', orod nin loo yaqaan-checkconf, intaadan ka raadin macluumaad kale internetka. Waxaan kuu xaqiijinayaa inay badbaadin doonto waqti fiican.

Waxaan ka abuureynaa faylka Aaga Tooska ah linux.fan

... maahan in yar oo aragti ah marka hore. 😉

Sida template si loo abuuro feylka xogta aaga, waxaan qaadan karnaa /var/magacaabay/magacaabay.madhan, ama /usr/share/doc/bind-9.9.4/sample/var/named/named.empty. Labaduba waa isku mid.

[xididka @ dns ~] # bisad /var/named/named.empty 
$ TTL 3H @ SOO SOA @ rname.invalid. (0; serial 1D; Refresh 1H; iskuday 1W; dhaca 3H); ugu yaraan ama Wakhtiga khasnado taban ee lagu noolaado NS @ A 127.0.0.1 AAAA :: 1

Waqtiga nolosha - Waqti lagu noolaado TTL Diiwaanka SOA

Aynu qaadanno qawaaniin si aan u sharaxno TTL - Waqti aad ku noolaato diiwaanka SOA - Bilowga Maamulka ee aag Master. Waa wax xiiso leh in la ogaado macnahooda marka aan dooneyno inaan wax ka beddelno mid ka mid ah qiimayaashooda.

$ TTL: Waqtiga nolosha - Waqtiga lagu noolaado dhammaan diiwaanada ku jira faylka raacaya bayaanka (laakiin ka horreeya cadeyn kale oo ah $ TTL) oo aan lahayn cadeyn cad oo TTL ah.

serial: Tirada taxanaha ah ee xogta aaga. Mar kasta oo aan gacanta wax ka beddeleyno diiwaanka DNS ee aag, waa inaan ku kordhinnaa tiradaas 1, gaar ahaan haddii aan leenahay adeegeyaal ama adeegeyaal sare. Mar kasta oo server sare ama addoon DNS ah uu la xiriiro server-kiisa, wuxuu weydiisanayaa lambarka taxanaha ah ee xogta sayidkiisa. Haddii lambarka taxanaha ah ee addoonku ka yar yahay, markaa xogta aaggaas ee server-ka addoonku waa mid dhacay, addoonkuna wuxuu sameeyaa wareejinta aagga si uu isu cusbooneysiiyo.

helid: Waxay u sheegaysaa adeegaha addoonta inta u dhexeysa taas oo ay tahay inay hubiso haddii xogteeda ay cusbooneysiineyso sayidka.

Kuceli: Haddii serverka sayidka ah aan la heli karin - sababtoo ah wuu xanuunsaday, aan dhahno - addoonka mudo ka dib helid, Kuceli Waxay u sheegaysaa addoonka inta uu sugayo ka hor inta uusan markale isku dayin inuu xiriir la yeesho sayidkiisa.

dhacayo: Haddii uusan addoonku la xiriiri karin sayidkiisa muddo u dhexeysa dhacayo, markaa haddii xiriirkii aagga addoonta la sii kala furfuray, iyo in adeegaha addoonku uusan lahayn xulasho aan ka ahayn inuu dhaco aagga su'aasha laga hadlayo. Waqtiga uu dhacayo aaga addoon DNS server wuxuu ka dhigan yahay inay joojinayso ka jawaabida weydiimaha DNS ee la xiriira aagaas, maxaa yeelay xogta la hayo waa mid aad u da 'weyn oo aan waxtar lahayn.

  • Waxyaabaha kor ku xusan waxay ina barayaan si aan toos ahayn oo ay ku raran yihiin dareen caadi ah oo weyn - uguyaraan kuwa caadiga ah ee dareenka - in haddii aynaan u baahnayn adeegeyaasha DNS addoon ee hawlgalka SME, ma fulinayno, inay iyagu si adag daruuri u yihiin mooyee. Aynu marwalba isku dayno inaan ka gudubno fudud una gudubno dhismaha.

minimuun: Noocyada ka hor XIDH 8.2, diiwaanka ugu dambeeya SOA Waxay sidoo kale tilmaamaysaa Nolosha Default - Waqtiga ugu habboon ee lagu noolaado, iyo Nolosha Kaydka xun - Kaydinta wakhti xun oo lagu noolaado loogu talagalay Aagga. Markan waxa loola jeedaa dhammaan jawaabaha taban ee ay bixiyeen server-ka awoodda u leh Aagga.

Faylka aaga /var/named/dynamic/db.fromlinux.fan

[xididka @ dns ~] # nano /var/named/dynamic/db.fromlinux.fan
$ TTL 3H @ IN SOA dns.fromlinux.fan. xididka.dns.fromlinux.fan. (1; taxane 1D; qabooji 1H; iskuday 1W; dhaca 3H); ugu yar ama; Kaydinta xun ee wakhtiga noolaanshaha; @ IN NS dns.fromlinux.fan. @ IN MX 10 mail.fromlinux.fan. @ IN TXT "FromLinux, Blog-kaaga wuxuu u heellan yahay Barnaamijka Bilaashka ah"; sysadmin IN 192.168.10.1 ad-dc IN 192.168.10.3 fayl geeyo A 192.168.10.4 dns IN 192.168.10.5 proxyweb IN a blog 192.168.10.6 IN a 192.168.10.7 ftpserver IN 192.168.10.8 mail A 192.168.10.9

Waxaan hubin /var/named/dynamic/db.fromlinux.fan

[xididka @ dns ~] # magacaabay-hubinta aaladda linux.fan / var / magacaabay / firfircoon / db. fromlinux.fan
soone ka socota Linux.fan/IN: taxane xamuul ah 1 Ok

Waxaan abuureynaa Faylka Aagga Dib-u-dhaca 10.168.192.in-addr.arpa

  • Rikoorka SOA ee Aaggan wuxuu la mid yahay kan Aagga Tooska ah iyada oo aan la tixgelin diiwaanka MX..
[xididka @ dns ~] # nano /var/named/dynamic/db.10.168.192.in-addr.arpa
$ TTL 3H @ IN SOA dns.fromlinux.fan. xididka.dns.fromlinux.fan. (1; taxane 1D; qabooji 1H; iskuday 1W; dhaca 3H); ugu yar ama; Kaydinta xun ee wakhtiga noolaanshaha; @ IN NS dns.fromlinux.fan. ; 1 IN PTR sysadmin.fromlinux.fan. 3 IN PTR ad-dc.fromlinux.fan. 4 Feylka faylka ee PTR. 5 Gudaha PTR dns.fromlinux.fan. 6 INT wakiilka protweweb.desdelinux.fan. 7 INTA PTR blog.desdelinux.fan. 8 Gudaha PTR ftpserver.fromlinux.fan. 9 PTR mail.fromlinux.fan.

[xididka @ dns ~] # magacaabay-jeeg 10.168.192.in-addr.arpa /var/named/dynamic/db.10.168.192.in-addr.arpa 
aagga 10.168.192.in-addr.arpa/IN: taxane xamuul ah 1 Ok

Kahor intaanan dib u bilaabin magacyada waxaan hubinaynaa qaabkiisa

  • Ilaa aan hubinno in feylasha qaabeynta ee loo magacaabay magacaabay.conf, iyo faylalka aaggiisa aan si sax ah loo qaabeyn, waxaan soo jeedineynaa inaan dib loo bilaabin daemon la magacaabay. Haddii aan sidan yeelno oo aan hadhow wax ka beddelno aag feyl, waa inaan ku kordhinnaa tirada taxanaha ah ee aagga wax laga beddelay 1.
  • Aynu eegno "." dhamaadka domain iyo magacyada martida loo yahay.
[xididka @ dns ~] # magacaabay-jeegga 
[xididka @ dns ~] # magacaabay-jeegga -f
aagga localhost.localdomain / IN: aag xarago 0 aag localhost / IN: aag 0 ah oo.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .ip6.arpa / IN: serial 0 zone 1.0.0.127.in-addr.arpa/IN: serial 0 zone 0.in-addr.arpa/IN: 0 zone serial oo laga soo qaaday linux.fan/IN: serial rar 1 aagga 10.168.192.in-addr.arpa/IN: taxane xamuul ah 1

Dhammaan qaabeynta hadda la magacaabay

Si loo helo caddayn, iyo in kasta oo maqaalku dheeraado, waxaan siinnaa wax soo saar dhammaystiran ee amarka magacaabay-jeeg-kontrof -zp:

[xididka @ dns ~] # magacaabay-jeegga -fabka -zp
aagga localhost.localdomain / IN: aag xarago 0 aag localhost / IN: aag 0 ah oo.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .ip6.arpa / IN: serial 0 zone 1.0.0.127.in-addr.arpa/IN: serial 0 zone 0.in-addr.arpa/IN: 0 1 serial oo laga soo qaaday linux.fan/IN: serial 10.168.192 la rakibey aagga 1.in-addr.arpa/IN: xulashooyin taxane ah oo xamuul ah {bindkeys-file "/etc/named.iscdlv.key"; fadhi-keyfile "/run/named/session.key"; galka "/ var / magacaabay"; qashin-fayl "/var/named/data/cache_dump.db"; dhagayso-dekedda 53 {127.0.0.1/32; 192.168.10.5/32; }; dhagayso-on-v6 dekedda 53 {:: 1/128; }; maaraynta-furayaasha-galka "/ var / magacaabay / firfircoon"; memstatistics-file "/var/named/data/named_mem_stats.txt"; faylka-faylka "/run/named/named.pid"; tirakoobka-faylka "/var/named/data/named_stats.txt"; dnssec-karti haa; ansaxnimada dnssec haa; dib u noqoshada maya; su'aal-weydiin {"mired"; }; ogolaansho-wareejin {192.168.10.1/32; }; }; acl "mired" {127.0.0.0/8; 192.168.10.0/24; }; qorista {channel 'default_debug "{file" data / named.run "; darnaanta firfircoonaanta; }; }; fure "dhcp-key" {algorithm "hmac-md5"; qarsoodi ah "OI7Vs + TO83L7ghUm2xNVKg =="; }; aagga "." IN {nooc tilmaam ah; faylka "magacaabay.ca"; }; soonaha "localhost.localdomain" IN {nooca sayidka; faylka "magacaabay.localhost"; u oggolow-cusbooneysiin "" midna "; }; }; soonaha "localhost" IN {nooca sayidka; faylka "magacaabay.localhost"; u oggolow-cusbooneysiin "" midna "; }; }; soone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {nooca sayidkiisa; faylka "magacaabay.loopback"; u oggolow-cusbooneysiin "" midna "; }; }; soone "1.0.0.127.in-addr.arpa" IN {nooca sayidka; faylka "magacaabay.loopback"; u oggolow-cusbooneysiin "" midna "; }; }; soonaha "0.in-addr.arpa" IN {nooca sayidka; faylka "loo yaqaan" madhan "; u oggolow-cusbooneysiin "" midna "; }; }; soonaha "desdelinux.fan" {type master; faylka "firfircoon / db.fromlinux.fan"; u oggolow-cusbooneysiin {fure "dhcp-key"; }; }; soonaha "10.168.192.in-addr.arpa" {type master; faylka "firfircoon / db.10.168.192.in-addr.arpa"; u oggolow-cusbooneysiin {fure "dhcp-key"; }; }; furayaasha la maareeyay {"." muhiimka ah bilowga-257 ee 3 March "AwEAAagAIKlVZrpC8Ia6gEzahOR + 7W9euxhJhVVLOyQbSEW29O0gcCjF FVQUTf8v6fLjwBd58YI0EzrAcQqBGCzh / RStIoO0g8NfnfL0MTJRkxoX bfDaUeVPQuYEhg2NZWAJQ37VnMVDxP / VHL9M / QZxkjf496 / Efucp5gaD X2RS6CXpoY6LsvPVjR68ZSwzz0apAzvN1dlzEheX9ICJBBtuA7G6LQpz W3hOA5hzCTMjJPJ2LbqF8dsV6DoBQzgul6sGIcGOYl0OyQdXfZ7relS Qageu + ipAdTTJ57AsRTAoub25ONGcLmqrAmRLKBP8dfwhYB1N4knNnulq QXA + Uk7ihz1 ="; };
  • Iyadoo la raacayo nidaamka wax ka beddelka magacaabay.conf Iyadoo loo eegayo baahiyahayaga iyo hubinta, oo aan abuureyno aag walba oo aan hubinno, waxaan ka shakisanahay inay tahay inaan wajahno dhibaatooyinka ugu weyn ee qaabeynta. Ugu dambayntii waxaan garwaaqsan nahay inay tahay ciyaar wiil, oo leh fikrado badan iyo isku xirnaan xanaf leh. 😉

Jeegaantu waxay soo celisay natiijooyin lagu qanco, sidaa darteed waxaan dib u bilaabi karnaa BIND - magacaabay.

Waxaan dib u bilaabi doonaa magacyada oo aan hubinaa xaaladiisa

[xididka @ dns ~] # systemctl dib u bilaw magaciisuna yahay adeeg
[xididka @ dns ~] # systemctl status magacaabay.service

Haddii aan helno nooc kasta oo khalad ah oo ka soo baxa amarka ugu dambeeya, waa inaan dib u bilownaa magacaabay. adeeg oo dib u hubi adiga xaaladda. Haddii khaladaadku dhammaadaan, adeeggu wuxuu ku bilaabmay si guul leh. Haddii kale, waa inaan dib u eegis dhameystiran ku sameynaa dhammaan feylasha wax laga beddelay iyo kuwa la abuuray, oo aan ku soo celino nidaamka.

Soosaarka saxda ah ee xaalada waa inuu noqdaa:

[xididka @ dns ~] # systemctl status magacaabay.service
Named.service - Berkeley Magaca Internetka (DNS) Load: raran (/usr/lib/systemd/system/named.service; karti u leh; iibiyaha horay loo sii qorsheeyay: naafo yahay) Firfircoon: firfircoon (socda) ilaa Sun 2017-01-29 10:05:32 EST; 2min 57s kahor Geedi socod: 1777 ExecStop = / bin / sh -c / usr / sbin / rndc stop> / dev / null 2> & 1 || / bin / dil -TERM $ MAINPID (koodh = kabax, xaalad = 0 / GUUL) Geedi socodka: 1788 ExecStart = / usr / sbin / magacaabay -u magacaabay $ OPTIONS (koodh = kabax, xaalad = 0 / GUUL) Nidaamka: 1786 ExecStartPre = / bin / bash -c haddii [! "$ DISABLE_ZONE_CHECKING" == "haa"]; markaa / usr / sbin / magacaabay-checkconf -z /etc/named.conf; kale ayaa ku celceliya "Hubinta faylasha aagga oo naafo ah"; fi (koodh = baxay, xaalad = 0 / GUUL) Main PID: 1791 (magacaabay) CGroup: /system.slice/named.service └─1791 / usr / sbin / magacaabay -u oo la magacaabay Jan 29 10:05:32 dns oo la magacaabay [1791]: aagga 1.0.0.127.in-addr.arpa/IN: taxane xamuul ah 0 Jan 29 10:05:32 dns magacaabay [1791]: aagga 10.168.192.in-addr.arpa/IN: taxane taxan 1 Jan 29 10:05:32 dns la magacaabay [1791]: aag 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN : loaded serial 0 Jan 29 10:05:32 dns named [1791]: zone desdelinux.fan/IN: load serial 1 Jan 29 10:05:32 dns magacaabay [1791]: zone localhost.localdomain / IN: xamuul taxan 0 Jan 29 10:05:32 dns magacaabay [1791]: zone localhost / IN: xamuul taxan 0 Jan 29 10:05:32 dns magacaabay [1791]: dhammaan aagagga waa la raray
Jan 29 10:05:32 dns magacaabay [1791]: orodkii
Jan 29 10:05:32 dns systemd [1]: Wuxuu bilaabay Berkeley Magaca Magaca Internetka (DNS). Jan 29 10:05:32 dns magacaabay [1791]: aagga 10.168.192.in-addr.arpa/IN: dirista ogeysiisyada (taxanaha 1)

Hubinta

Jeegaga waxaa lagu mari karaa isla server-ka ama mashiin ku xiran LAN-ka. Waxaan door bidnay inaan iyaga ka qabano kooxda sysadmin.fromlinux.fan kaas oo aan siinay ogolaansho deg deg ah oo lagu sameeyo Wareejinta Aaga. Faylka /etc/resolv.conf kooxdaas waa kuwan soo socda:

buzz @ sysadmin: ~ $ bisad /etc/resolv.conf 
# Waxaa abuuray NetworkManager raadinta linux.fan magac bixiyaha 192.168.10.5

buzz @ sysadmin: ~ $ ka qoso linux.fan axfr
; << >> DiG 9.9.5-9 + deb8u1-Debian << >> desdelinux.fan axfr ;; ikhtiyaarrada caalamiga ah: + cmd laga bilaabo Linux.fan. 10800 ee SOA dns.fromlinux.fan. xididka.dns.fromlinux.fan. 1 86400 3600 604800 10800 laga bilaabo Linux.fan. 10800 IN NS dns.fromlinux.fan. ka socda Linux.fan. 10800 IN MX 10 mail.fromlinux.fan. ka socda Linux.fan. 10800 TXT "FromLinux, Blog-kaaga wuxuu u heellan yahay Barnaamijka Bilaashka ah" ad-dc.desdelinux.fan. 10800 IN 192.168.10.3 blog.desdelinux.fan. 10800 IN 192.168.10.7 dns.fromlinux.fan. 10800 IN 192.168.10.5 faylasha faylka.fromlinux.fan. 10800 IN 192.168.10.4 ftpserver.fromlinux.fan. 10800 IN 192.168.10.8 mail.fromlinux.fan. 10800 IN 192.168.10.9 proxyweb.fromlinux.fan. 10800 IN 192.168.10.6 sysadmin.fromlinux.fan. 10800 IN Ilaa 192.168.10.1 laga bilaabo Linux.fan. 10800 ee SOA dns.fromlinux.fan. xididka.dns.fromlinux.fan. 1 86400 3600 604800 10800 ;; Waqtiga weydiinta: 0 msec ;; SARE: 192.168.10.5 # 53 (192.168.10.5) ;; Goorma: Sun Jan 29 11:44:18 EST 2017 ;; Cabbirka XFR: 13 diiwaan (farriimaha 1, bytes 385)

buzz @ sysadmin: ~ $ dig 10.168.192.in-addr.arpa axfr
; << >> DiG 9.9.5-9 + deb8u1-Debian << >> 10.168.192.in-addr.arpa axfr ;; ikhtiyaaraadka adduunka: + cmd 10.168.192.in-addr.arpa. 10800 IN SOA dns.fromlinux.fan.10.168.192.in-addr.arpa. root.dns.fromlinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800 10.168.192.in-addr.arpa. 10800 IN NS dns.fromlinux.fan. 1.10.168.192.in-addr.arpa. 10800 INTA PTR sysadmin.fromlinux.fan. 3.10.168.192.in-addr.arpa. 10800 IN PTR ad-dc.fromlinux.fan. 4.10.168.192.in-addr.arpa. 10800 IN PTR faylalka faylalka.fromlinux.fan. 5.10.168.192.in-addr.arpa. 10800 INT PTR dns.fromlinux.fan. 6.10.168.192.in-addr.arpa. 10800 IN PTR proxyweb.fromlinux.fan. 7.10.168.192.in-addr.arpa. 10800 INTA PTR blog.desdelinux.fan. 8.10.168.192.in-addr.arpa. 10800 IN PTR ftpserver.fromlinux.fan. 9.10.168.192.in-addr.arpa. 10800 IN PTR mail.fromlinux.fan. 10.168.192.in-addr.arpa. 10800 IN SOA dns.fromlinux.fan.10.168.192.in-addr.arpa. root.dns.fromlinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800 ;; Waqtiga weydiinta: 0 msec ;; SARE: 192.168.10.5 # 53 (192.168.10.5) ;; Goorma: Sun Jan 29 11:44:57 EST 2017 ;; Xajmiga XFR: 11 diiwaanka (farriimaha 1, bytes 352)

buzz @ sysadmin: ~ $ ka qodo SOA laga bilaabo linux.fan
buzz @ sysadmin: ~ $ ka qodo MX oo ka socda linux.fan buzz @ sysadmin: ~ $ qodo IN TXT laga helo Linux.fan
buzz @ sysadmin: ~ $ host dns
dns.fromlinux.fan wuxuu leeyahay cinwaan 192.168.10.5
buzz @ sysadmin: ~ $ host sysadmin
sysadmin.desdelinux.fan wuxuu leeyahay cinwaan 192.168.10.1 ... Iyo jeegag kasta oo kale oo aan u baahanahay
  • Illaa iyo hadda, waxaan haysannaa aasaaska server-ka DNS ee shabakadeena SME. Waxaan rajeyneynaa inaad ka heshay dhamaan howlaha, oo ahaa mid fudud, sax? 😉

Waxaan rakibnaa oo aan qaabeynaa DHCP

[xididka @ dns ~] # yum rakib dhcp
Qalabyo la soo raray: fastestmirror, centos-base langpacks | 3.4 kB 00:00:00 xarunta-cusbooneysiinta | 3.4 kB 00:00:00 Soo dejinta xawaaraha muraayadaha laga soo qaado hoyga hostel Xallinta ku tiirsanaanta -> Socodka tijaabada macaamilka ---> Xidhmada dhcp.x86_64 12: 4.2.5-42.el7.centos waa in lagu rakibaa -> Xallinta ku tiirsanaanta la joojiyay ku tiirsanaanta la xaliyay ============================================== ================================================== =================================== Nooca Nooca Dhismaha Xirmada Xajmiga Xawaaraha =========== ================================================== ================================================== ====================== Ku rakibidda: dhcp x86_64 12: 4.2.5-42.el7.centos-base 511k Soo Koobid Macaamiil ==== ================================================ ================================================== =========================== Ku rakib 1 Xidhmo Wadarta cabbirka soo dejinta: 511k Cabbirka rakibay: 1.4 M Ma caadi baa taas d / N]: y Soo dejinta baakadaha: dhcp-4.2.5-42.el7.centos.x86_64.rpm | 511 kB 00:00:00:12 socodsiinta macaamil ganacsi Running test macaamil tijaabo macaamil ganacsi ayaa ku guulaystay socodsiinta macaamilka Rakibida: 4.2.5: dhcp-42-7.el86.centos.x64_1 1/12 Hubinta: 4.2.5: dhcp-42-7. el86.centos.x64_1 1/86 rakibay: dhcp.x64_12 4.2.5: 42-7.elXNUMX.centos Waa la qabtay!

[xididka @ dns ~] # nano /etc/dhcp/dhcpd.conf
# # Faylka Qaabeynta Server Server DHCP. # arag /usr/share/doc/dhcp*/dhcpd.conf.example # eeg dhcpd.conf (5) nin bogga # ddns-cusboonaysiinta-qaabka kumeelgaarka ah; ddns-cusbooneysiinta; ddns-domainname "desdelinux.fan."; ddns-rev-domainname "in-addr.arpa."; iska indha-cusboonaysiinta macmiilka; awood leh; ikhtiyaarka ip-gudbinta; ikhtiyaar magac-magac ah "desdelinux.fan"; # xulashada ntp-server 0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org, 3.pool.ntp.org; ku dar "/etc/dhcp.keyga"; soone ka Linux.fan. {aasaasiga ah 127.0.0.1; furaha dhcp-key; } aagga 10.168.192.in-addr.arpa. {aasaasiga 127.0.0.1; furaha dhcp-key; } wadajirka-shabakadda dib-u-cusboonaysiinta {subnet 192.168.10.0 netmask 255.255.255.0 {option router 192.168.10.1; ikhtiyaarka subnet-mask 255.255.255.0; ikhtiyaarka baahinta-cinwaanka 192.168.10.255; ikhtiyaar ikhtiyaar ah magac-magac-server 192.168.10.5; xulashada netbios-magaca-server 192.168.10.5; baaxad 192.168.10.30 192.168.10.250; }} # DHAMMAAD dhcpd.conf

[xididka @ dns ~] # dhcpd -t
Dalada Nidaamyada Internetka Serverka DHCP 4.2.5 Xuquuqda daabacaadda 2004-2013 Dalladda Nidaamyada Internetka. Xuquuqda daabacaadu way xifdisan. Faahfaahin, fadlan booqo https://www.isc.org/software/dhcp/ Ma raadineysid LDAP tan iyo markii ldap-server, ldap-port iyo ldap-base-dn aan lagu cayimin feylka iskuxirka

[xididka @ dns ~] # systemctl karti u dhcpd
Summad laga sameeyay /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.

[xididka @ dns ~] # systemctl bilaw dhcpd

[xididka @ dns ~] # systemctl status dhcpd
● dhcpd.service - Server-ka DHCPv4 Daemon Loaded: raran (/usr/lib/systemd/system/dhcpd.service; karti leh; iibiyaha horay loo sii qorsheeyay: naafo ah) Firfircoon: firfircoon (socda) ilaa dom 2017-01-29 12:04:59 IST T; 23s ago Docs: man: dhcpd (8) man: dhcpd.conf (5) Main PID: 2381 (dhcpd) Status: "Fidinta xirmooyinka ..." CGroup: /system.slice/dhcpd.service └─2381 / usr / sbin / dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd - no-pid Jan 29 12:04:59 dns dhcpd [2381]: Nidaamyada Nidaamka Internetka Internetka Dalada DHCP 4.2.5 Jan 29 12 : 04: 59 dns dhcpd [2381]: Xuquuqda daabacaadda 2004-2013 Dalladda Nidaamyada Internetka. Jan 29 12:04:59 dns dhcpd [2381]: Xuquuqda daabacaadu way xifdisan. Jan 29 12:04:59 dns dhcpd [2381]: Macluumaad ahaan, fadlan booqo https://www.isc.org/software/dhcp/ Jan 29 12:04:59 dns dhcpd [2381]: Ma raadineyno LDAP tan iyo markii ldap -server, ldap-dekedda iyo ldap-base-dn laguma xusin feylka isku xidhka Jan 29 12:04:59 dns dhcpd [2381]: Waxa loo qoray 0 heshiisyo kiro ah. Jan 29 12:04:59 dns dhcpd [2381]: Dhageysiga LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: U dirista LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: Udiraya Socket / fallback / fallback-net Jan 29 12:04:59 dns systemd [1]: bilaabay DHCPv4 Server Daemon.

Maxaa hadhay oo la qabanayaa?

Fudud Ku bilow Windows 7 ama macmiil kale Software Bilaash ah bilawna tijaabinta iyo hubinta. Waxaan ku sameynay laba macmiil: toddobo.fromlinux.fan y suse-desktop.fromlinux.fan. Jeegagga waxay ahaayeen sidan soo socota:

buzz @ sysadmin: ~ $ martigaliya toddobo
toddobada.fromlinux.fan wuxuu leeyahay cinwaan 192.168.10.30

buzz @ sysadmin: ~ $ martigelin toddobo.fromlinux.fan
toddobada.fromlinux.fan wuxuu leeyahay cinwaan 192.168.10.30

buzz @ sysadmin: ~ $ qodo QODOBKA toddobada.fromlinux.fan
.... ;; QAYBTA SU'AASHA :; seven.fromlinux.fan. QODOBKA ;; QAYBTA JAWAABTA: toddobo.fromlinux.fan. 3600 TXT AH "31b7228ddd3a3b73be2fda9e09e601f3e9"....

Waxaan magacawnay kooxda "toddobo" oo aan ugu magac darnay "LAGER" oo aan dib ugu bilaabanay. Ka dib markii dib loo bilaabo LAGER cusub, waxaan hubin:

buzz @ sysadmin: ~ $ martigaliya toddobo
Marti geliyaha toddobada lama helin: 5 (DIID)

buzz @ sysadmin: ~ $ martigelin toddobo.fromlinux.fan
Marti geliyaha toddobada .desdelinux.fan lama helin: 3 (NXDOMAIN)

buzz@sysadmin: ~ $ host lager
lager.desdelinux.fan wuxuu leeyahay cinwaan 192.168.10.30

buzz@sysadmin: ~ $ host lager.fromlinux.fan
lager.desdelinux.fan wuxuu leeyahay cinwaan 192.168.10.30

buzz @ sysadmin: ~ $ dig IN TXT lager.fromlinux.fan
.... ;; QAYBTA SU'AAL :; lager.fromlinux.fan. QODOBKA ;; QAYBTA Jawaabta: lager.fromlinux.fan. 3600 TXT AH "31b7228ddd3a3b73be2fda9e09e601f3e9"....

Ku saabsan macaamiisha suse-desktop:

buzz @ sysadmin: ~ $ host suse-dektop
Marti suse-dektop lama helin: 5 (DIID)

buzz @ sysadmin: ~ $ host suse-desktop
suse-desktop.desdelinux.fan wuxuu leeyahay cinwaan 192.168.10.33

buzz @ sysadmin: ~ $ host suse-desktop.fromlinux.fan
suse-desktop.desdelinux.fan wuxuu leeyahay cinwaan 192.168.10.33

buzz @ sysadmin: ~ $ host 192.168.10.33
33.10.168.192.in-addr.arpa magaca domain tilmaamaha tilmaamaha suse-desktop.desdelinux.fan.

buzz @ sysadmin: ~ $ host 192.168.10.30
30.10.168.192.in-addr.arpa tilmaamaha magaca domain tilmaame LAGER.desdelinux.fan.
buzz @ sysadmin: ~ $ dig -x 192.168.10.33
.... ;; QAYBTA SU'AASHA :; 33.10.168.192.in-addr.arpa. INKA PTR ;; QAYBTA Jawaabta: 33.10.168.192.in-addr.arpa. 3600 INTA PTR suse-desktop.fromlinux.fan. ;; QAYBTA AWOODDA: 10.168.192.in-addr.arpa. 10800 IN NS dns.fromlinux.fan. ;; QAYBTA DHEERAADA: dns.fromlinux.fan. 10800 IN 192.168.10.5 ....

buzz @ sysadmin: ~ $ dig IN TXT suse-desktop.fromlinux.fan ....
; suse-desktop.desdelinux.fan. QODOBKA ;; QAYBTA Jawaabta: suse-desktop.desdelinux.fan. 3600 TXT AH "31b78d287769160c93e6dca472e9b46d73"

;; QAYBTA AWOODDA: desdelinux.fan. 10800 IN NS dns.fromlinux.fan. ;; QAYBTA DHEERAADA: dns.fromlinux.fan. 10800 IN 192.168.10.5
....

Aynu sidoo kale socodsiino amarrada soo socda

[xididka @ dns ~] # qod ka Linux.fan axfr
; << >> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 << >> desdelinux.fan axfr ;; ikhtiyaarrada caalamiga ah: + cmd laga bilaabo Linux.fan. 10800 ee SOA dns.fromlinux.fan. xididka.dns.fromlinux.fan. 6 86400 3600 604800 10800 laga bilaabo Linux.fan. 10800 IN NS dns.fromlinux.fan. ka socda Linux.fan. 10800 IN MX 10 mail.fromlinux.fan. ka socda Linux.fan. 10800 TXT "FromLinux, Blog-kaaga wuxuu u heellan yahay Barnaamijka Bilaashka ah" ad-dc.desdelinux.fan. 10800 IN 192.168.10.3 blog.desdelinux.fan. 10800 IN 192.168.10.7 dns.fromlinux.fan. 10800 IN 192.168.10.5 faylasha faylka.fromlinux.fan. 10800 IN 192.168.10.4 ftpserver.fromlinux.fan. 10800 IN 192.168.10.8 LAGER.fromlinux.fan. 3600 TXT AH "31b7228ddd3a3b73be2fda9e09e601f3e9"LAGER.fromlinux.fan.   3600 IN 192.168.10.30 mail.fromlinux.fan. 10800 IN 192.168.10.9 proxyweb.fromlinux.fan. 10800 IN 192.168.10.6 suse-desktop.fromlinux.fan. 3600 TXT AH "31b78d287769160c93e6dca472e9b46d73"suse-desktop.desdelinux.fan. 3600 IN 192.168.10.33 sysadmin.fromlinux.fan. 10800 IN Ilaa 192.168.10.1 laga bilaabo Linux.fan. 10800 ee SOA dns.fromlinux.fan. xididka.dns.fromlinux.fan. 6 86400 3600 604800 10800

Soo saarida kore, waxaan ku iftiiminay geesi ka TTL - ilbiriqsiyo - kumbuyuutarrada leh cinwaanada IP-ga ee ay bixiso adeegga DHCP kuwa leh caddeyn cad oo ah TTL 3600 oo ay bixiso DHCP. IPs go'an waxaa haga $ TTL ee 3H -3 saacadood = 10800 ilbiriqsiyo- oo lagu caddeeyay diiwaanka SOA ee feyl kasta aag.

Waxay ku hubin karaan aaga gadaal si isku mid ah.

[xididka @ dns ~] # qod 10.168.192.in-addr.arpa axfr

Amarada kale ee aadka u xiisaha badan waa:

[xididka @ dns ~] # magacaabay-journalprint /var/named/dynamic/db.desdelinux.fan.jnl
[xididka @ dns ~] # magacaabay-journalprint /var/named/dynamic/db.10.168.192.in-addr.arpa.jnl
[xididka @ dns ~] # journalctl -f

Wax ka beddelka gacanta ee faylasha Aagagga

Ka dib markii DHCP ay soo gasho ciyaarta si firfircoon u cusbooneysiinta faylasha aagga magacaabayHaddii aan waligeen u baahanahay inaan gacanta wax ka beddelno aag feyl ah, waa inaan fulinno nidaamka soo socda, laakiin aan ahayn ka hor ogaanshaha wax yar oo ku saabsan sida korontada u shaqeyso rdc magaca server gacanta.

[xididka @ dns ~] # nin rndc
....
       barafee [aagga [fasalka [aragtida]]]
           Jooji cusbooneysiinta aagga firfircoon. Haddii aag aan la cayimin, markaa dhammaan aagagga waa la hakiyay. Tani waxay u oggolaaneysaa wax ka beddelka gacanta in lagu sameeyo aag caadi ahaan lagu cusbooneysiiyo cusbooneysiin firfircoon. Waxay sidoo kale keentaa isbeddelada feylka joornaalka si loogu midoobo feylka sayidkiisa. Dhammaan isku dayda cusbooneysiinta firfircoonaanta waa la diidi doonaa inta aagga qabow yahay

       dhalaal [aag [fasal [aragti]]]
           Daar cusbooneysiinta aagga firfircoon ee la qaboojiyay. Haddii aag aan la cayimin, markaa dhammaan aagagga la qaboojiyey waa la awoodsiiyay. Tani waxay u keentaa server-ka inuu dib uga soo rogo aagga ka soo baxa diskka, oo uu dib u cusbooneysiiyo cusbooneysiinta firfircoon ka dib markii xamuulka uu dhammaado. Ka dib marka aag la dhalaaliyo, cusbooneysiinta firfircoonida mar dambe lama diidi doono. Haddii aaggu isbeddelay oo ikhtiyaarka ixfr-ka-khilaafaadka la adeegsanayo, markaa feylka joornaalka waa la cusbooneysiin doonaa si uu uga muuqdo isbeddelada aagga. Haddii kale, haddii aaggu isbeddelay, faylka joornaal kasta ee jira ayaa laga saari doonaa. ....

Waa maxay, miyaad u maleysay inaan qorayo buugan oo dhan? ... gabal waxayna ku socdaan gaari. Inta kale adigaan kuu daayey. 😉

Asal ahaan:

  • qaboojiyaha rndc [aaga [fasalka [aragtida]]], wuxuu hakiyaa cusbooneysiinta firfircoonaanta aagga. Haddii midkoodna aan la cayimin, dhammaantood waa la qaboojin doonaa. Amarku wuxuu u oggolaanayaa tafatirka gacanta ee aagga la qaboojiyey ama dhammaan aagagga. Wixii cusbooneysiin firfircoon ayaa la diidi doonaa inta la qaboojinayo.
  • rndc dhalaal [aag [fasal [aragti]]], wuxuu awood u siinayaa cusbooneysiinta firfircoon ee aag hore loo qaboojiyey. Server-ka DNS-ka wuxuu dib uga soo buuxiyaa faylka aagga disk-ka, cusbooneysiinta firfircoonina dib ayaa loo shaqeysiiyaa kadib markii dib u buuxinta ay dhammaato.

Digtoonno in la qaado marka aan gacanta ku saxno faylka aag? La mid ah haddii aan abuureyno, annaga oo aan ilaawin inaan ku kordhinno tirada taxanaha ah 1 ama serial ka hor intaadan kaydin feylka oo leh isbeddelada ugu dambeeya.

Tusaale:

[xididka @ dns ~] # rndc ka xayiraadda Linux.fan

[xididka @ dns ~] # nano /var/named/dynamic/db.fromlinux.fan
Waxaan wax ka beddelaa feylka aagga sabab kasta ha noqotee, lagama maarmaan ama maahan. Waxaan badbaadinayaa isbedelada

[xididka @ dns ~] # rndc dhalaal ka yimid Linux.fan
Dib-u-dejin aag iyo dhalaalid ayaa la bilaabay. Hubi diiwaanada si aad u aragto natiijada.

[xididka @ dns ~] # journalctl -f
Jan 29 14:06:46 dns magacaabay [2257]: aagga dhalaalida 'desdelinux.fan/IN': guusha
Jan 29 14:06:46 dns oo la magacaabay [2257]: aag laga soo qaaday linux.fan/IN: aagga taxanaha ah (6) oo aan isbeddelin. aagga waxaa laga yaabaa inuu ku guuldareysto inuu u wareejiyo addoomada.
Jan 29 14:06:46 dns magacaabay [2257]: zone desdelinux.fan/IN: xamuul taxane ah 6

Ciladdii soo-saarkii hore, oo lagu muujiyay casaanka qalabka, waxaa sabab u ah xaqiiqda ah inaan "ilaaway" inaan ku kordhiyo nambarka taxanaha ah 1. Haddii aan si sax ah u raaci lahaa nidaamka, wax soo saarku wuxuu noqon lahaa:

[xididka @ dns ~] # journalctl -f
- Diiwaanku wuxuu bilaabmayaa Sun 2017-01-29 08:31:32 EST. - Jan 29 14:06:46 dns magacaabay [2257]: zone desdelinux.fan/IN: xamuul taxane ah 6 Jan 29 14:10:01 dns systemd [1]: Kulankii Bilaabmay ee 43 ee isticmaalaha xididka. Jan 29 14:10:01 dns systemd [1]: Bilaabida Kalfadhiga 43 ee xididka isticmaalaha. Jan 29 14: 10: 01 dns CROND [2693]: (xididka) CMD (/ usr / lib64 / sa / sa1 1 1) Jan 29 14:10:45 dns oo la magacaabay [2257]: wuxuu helay amarka kanaalka xakamaynta 'ka xayirida Linux. fan 'Jan 29 14:10:45 dns magacaabay [2257]: aagga qaboojinta' desdelinux.fan/IN ': success Jan 29 14:10:58 dns magacaabay [2257]: waxay heshay amarka kanaalka xakamaynta' thaw desdelinux.fan 'Jan 29 14:10:58 dns magacaabay [2257]: aagga dhalaalida 'desdelinux.fan/IN': success Jan 29 14:10:58 dns magacaabay [2257]: zone desdelinux.fan/IN: faylka joornaalku waa mid aan dhicin: ka saarida feylka joornaalka Jan 29 14:10:58 dns magacaabay [2257]: zone desdelinux.fan/IN: load serial 7
  • Saaxiibbada akhristaha, waxaan ku celinayaa inaad si taxaddar leh u akhrido wax soo saarka amarka. Waxyaabaha ay horumariyayaasheeda ku bixiyeen shaqo aad u fara badan ayaa ku amartay amar kasta, iyadoon loo eegin sida ay u fududahay.

Resumen

Illaa iyo hadda waxaan wax ka qabannay hirgelinta labada dhinac ee loo yaqaan 'DNS - DHCP couple', oo muhiim u ah adeegyada muhiimka u ah waxqabadka wanaagsan ee shabakadeena 'SME Network', annaga oo tixraacayna bixinta cinwaannada firfircoon ee loo maro DHCP iyo xallinta kumbuyuutarrada iyo magacyada domain ee loo maro DNS.

Waxaan si dhab ah u rajeyneynaa inaad ugu riyaaqday nidaamka oo dhan sidaan ugu faraxnay. In kasta oo ay umuuqato mid aad u dhib badan adoo adeegsanaya qunsulka, hadana way ka fududdahay waxbarashaduna inay kafiican tahay UNIX® / Linux iyadoo adeegsanaysa

Waxay iga cafiyaan fasiraad kasta oo khaldan ee fikradaha fikirka ah, la abuuray, la qoray, dib loo eegay, dib loo qoray, laguna daabacay luqadda Shakespeare, ee aan ahayn Cervantes. 😉

Gaarsiinta xigta

Waxaan u maleynayaa in yar oo isku mid ah - oo lagu daro aragtiyo ku saabsan diiwaanka DNS - laakiin Debian. Ma hilmaami karno qaybintaas, sax?


Nuxurka maqaalka wuxuu u hogaansamayaa mabaadi'deena anshaxa tifaftirka. Si aad u soo sheegto khalad guji Halkan.

15 faallooyin, ka tag taada

Ka tag faalladaada

cinwaanka email aan la daabacin doonaa. Beeraha loo baahan yahay waxaa lagu calaamadeeyay la *

*

*

  1. Masuul ka ah xogta: Miguel Ángel Gatón
  2. Ujeedada xogta: Xakamaynta SPAM, maaraynta faallooyinka.
  3. Sharci: Oggolaanshahaaga
  4. Isgaarsiinta xogta: Xogta looma gudbin doono dhinacyada saddexaad marka laga reebo waajibaadka sharciga ah.
  5. Kaydinta xogta: Macluumaadka ay martigelisay Shabakadaha Occentus (EU)
  6. Xuquuqda: Waqti kasta oo aad xadidi karto, soo ceshan karto oo tirtiri karto macluumaadkaaga.

  1.   Cristian Merchan dijo

    Aad iyo aad baad ugu mahadsan tihiin shaqadiina la mahadiyey ee qorista maqaallada midho-dhalka ah. Wax badan ayey ii tari doontaa

  2.   federico dijo

    Aad baadna ugu mahadsantahay, Cristian, inaad ila socotid iyo qiimeyntaada qormadan. Guul!

  3.   Ismaaciil Alvarez Wong dijo

    Ka dib markii aan muuqaalka koowaad ku eegay qoraalkan cusub ee Federico, xirfad-yaqaankii weynaa ee lagu dhex arkay taxanaha «PYMES» ayaa mar kale la ogaan karaa; marka lagu daro faahfaahinta weyn ee muujineysa boggaaga laba ka mid ah adeegyada ugu muhiimsan (DNS iyo DHCP) ee shabakad kasta. Munaasabaddan oo aan kaga duwannahay faallooyinkaygii hore, waxaan hayaa faallo 2aad oo aan sugayo ka dib markaan dhaqan geliyo wixii aan ku sheegay qoraalkan.

  4.   isxaaq 88 dijo

    Faallooyin ma jiraan, pa '400 !!! Fico waad ku mahadsan tahay waayo sifiican ayaad u ogtahay inaan aqriyay qoraaladaada mana waydiisan karno wax intaa ka badan. Waxaad ku bilaabaysaa urur aad u wanaagsan, laga bilaabo sida loo rakibo oo loo dejiyo desktop-ka shaqsiyeed ee isticmaaleha, xarrunta shaqadu waa saldhigga, waa dareenka ahaanshaha adeegyadan shabakadeed ee aad si fiican u sharaxday. Waad fuuleysay inkasta oo ay run tahay in heerka uu sii kordhayo, waa run inaad wax u qortay oo aad daabacday kuwa ka yar kuwa bilaabaya, kuwa aniga ila mid ahaa in muddo ah iyo kuwa ugu horumarsan.
    Waqti ka dib waxaan soo gunaanaday in aan ogahay in qaar badani hore u yimaadeen, aragtida, taas oo kharash badan noogu kacaysa inaan ku kasbano xaqiiqda fudud ee ah inaanan rabin inaan wax akhriyo, maxaa yeelay fulinta xukunku mar horeba wuu ka fudud yahay markaan ogaano waxa aan qabanayno, sababta ???, su'aalaha, halkee laga helayaa iyo sida looga baxayaa khaladka madax xanuunka badan keenaya marka aynaan garanaynin halka ay ka yimaadeen, oo u qalma dib-u-dhigista.
    Sababtaas awgeed, ma jecli inaad ka tagto waxyaabahaas aragtiyaha ah ee aad ku dari doontid ee ku saabsan diiwaanka DNS ee daabacaadda soo socota sidaad ku dhawaaqday, aad iyo aad bay uga yar tahay markay u timaaddo gacaliyaha iyo gacaliye DEBIAN.
    AAD BAAD U MAHADSAN tahay waana sugeynaa.

  5.   ka fogaansho dijo

    Aad u fiican sida had iyo jeer Fico! Waxaan sugayaa nooca Debian-ka, sanado badan ayaan ku ciyaarayay wax walboo 'distro' ah.

  6.   federico dijo

    Wong: Aragtidaada ka dib akhriska ayaa qiimo badan leh. Waxaan sugayaa faallooyinkaaga marka aad tijaabiso waxyaabaha ku jira, maxaa yeelay waan ogahay inay taasi tahay sida aad u jeceshahay inaad sameyso. 😉

  7.   federico dijo

    Crespo: Had iyo jeer, faallooyinkaaga si wanaagsan ayaa loo aqbalay. Waxaan arkaa inaad qabsatay xariiqa guud ee aan ku soo qaatay halabuurka silsiladan. Waxaan rajeynayaa in, sidaada oo kale, inbadan ay durba ogaadeen. Waad ku mahadsantahay faalladaada.

  8.   federico dijo

    Qulqulka: Wanaagsan inaan markale ku aqriyo! Ma sugi doontid waqti dheer. Isniinta ugu dambayn - ama ka hor - waa la dhammayn doonaa daabacaadda. Ha u malayn inay ii fududahay inaan daboollo saddex diro oo kala duwan, laakiin Akhristaha Ixtiraamka leh, ayaa codsanaya. Kaliya maahan Debian iyo Ubuntu, laakiin Saddexda u janjeedha SMEs.

  9.   isxaaq 88 dijo

    Haddii aad daabacday, waa sababta oo ah waad awoodi kartaa, waanu ku taageersanahay waana ognahay inaad raacayso qadkaas.
    Dhunkad ahaan waxaan sugaa sii deynta Debian-ka oo leh ilko fiiqan. Way fiicnaan laheyd haddii aad wax yar ka daboosho NTP. Sl2 iyo hab weyn. Haddii macallimiintaydu i bari lahaayeen wax walba oo sidaas ah, HAHAJJA, Platinum Degree, HAHAJJA.

  10.   federico dijo

    Heerka faahfaahinta ee soo saarista taliska ayaa lagama maarmaan u ah in la muujiyo muhiimadda ay leedahay. Wax badan bay dhahaan. Waa run in maqaallo kooban ay ka hadlayaan heerkan faahfaahinta ah, maxaa yeelay waxay u maleynayaan inay ahaan lahaayeen maqaallo dhaadheer oo culus in la akhriyo. Hagaag, qayb kamid ah shaqada SysAdmin waa aqrinta waxsoosaarka culus oo faahfaahsan, kaliya ma ahan wajiga dhibaatada, laakiin sidoo kale wajiga jeegagga.

  11.   Ismaaciil Alvarez Wong dijo

    Hello Federico, horey ayaan u ballanqaaday, inaan qoro faallooyin ka dib markaan si taxaddar leh u darsay boostada su'aasha laga hadlayo; Hagaag, halkan ayay ku sii socdaan:
    - Farsamo weyn halkii laga abuuri lahaa furaha TSIG ee loogu talagalay cusbooneysiinta cusbooneysiinta DNS-ka ee DHCP, oo nuqul ka ah isla rndc.key fure u ah dhcp.key, tan oo u muuqata "si fudud" waxay muujineysaa in ujeedku uusan ahayn oo keliya farsamada ee HOWTO-INSTALL-DNS - & - DHCP laakiin wuxuu na barayaa inaan ka fikirno, 5 Xidigood oo loo qoro qoraaga.
    - Aad u xiiso badan feylka qaabeynta DNS, oo loo yaqaan'con.conf ', joogitaanka khadka «oggolaansho-wareejin {localhost; 192.168.10.1; }, » si loo tijaabiyo Domainka «desdelinux.fan» oo keli ah goobta shaqada ee SysAdmin iyo localhost (server-ka DNS laftiisa), iyo sidoo kale geli furaha TSIG si aad u cusboonaysiiso DNS-ka DHCP.
    - Aad u wanaagsan abuurista aagagga tooska ah iyo rogaalka ee DNS oo ay weheliso sharraxaad "faahfaahsan" noocyadooda diiwaanno, marka lagu daro fulinta amarka "# magacaabay-jeegga -fp" si loo hubiyo dhammaan qaabeynta magaca ka hor intaan la gaarin dib u dejin adag, iyo sidoo kale tusaalooyinka socodsiinta "qod" amarka si loo xaqiijiyo noocyada kala duwan ee diiwaanada DNS.
    . Qaabeynta DHCP (adoo adeegsanaya faylka /etc/dhcp/dhcpd.conf):
    - Sida loogu daro shabakadeena maxalliga ah kala duwanaanta cinwaanada IP-ga ee firfircoon si loo qoondeeyo, qeexitaanka magaca server-ka, iwm; iyo sidoo kale sida loogu sheego DHCP si loo cusbooneysiiyo diiwaanka DNS adoo adeegsanaya khadadka "ddns- ..." qaabeynta.
    . Markay waxwalba horey ushaqeeyaan, 5 XIDIGAL EE QORAHA, fulinta amarka "# dig desdelinux.fan axfr" si loo hubiyo TTL-ka kumbuyuutarrada kujira LAN-ka ee leh IP-gu taagan oo kuwa IP firfircoon loo xilsaaray.
    . Ugu dambeyntii, GREAT, wax ka beddelka buug-gacmeedka ee Aagagga faylalka adiga oo marka hore ku qaboojinaya "# rndc freeze desdelinux.fan", ka dib sameynta wax-ka-beddelka oo ugu dambeynna lagu sii daayo "# rndc thaw desdelinux.fan"
    . IYO KII UGU FIICAN, WAX KASTA OO LAGU QABTAY KU-MEEL GAARKA.
    Sii wad Fico.

    1.    Joy dijo

      Hello,
      Haddii aad tahay shabakad, waxaad ka heli kartaa baaritaan ku saabsan achterhalen hoe het kan dat alles gedeeld en verwijderd wordt op mijn computer zelfs mijn foto's. Ik heb totaal geen control meer over mijn eigen computer on mobiel.
      Het zit m dus ook in het dns gudaha dhcp. Ik weet echt niet hoe ik dit moet oplossen en het kan verwijderen. Misschien dat iemand mij willilten? Dit waa namelijk buiten mij om geinstalleerd. Walgelijk gedrag vind ik het.

  12.   federico dijo

    Wong: faalladaadu waxay dhameystireysaa maqaalka. Dhab ahaan, waxay muujineysaa inaad si fiican u baratay. Haddii kale, kama faalloon kartid heerka faahfaahinta aad samaynayso. Kaliya ku dar intaas ogolaansho-wareejin Waxaa badanaa loo adeegsadaa marka aan leenahay addoon DNS ah waxaanan u oggolaaneynaa wareejinta aagagga sayidka. Waxaan ku isticmaalaa habkaas maxaa yeelay waa farsamo si fudud loo hirgelin karo oo lagu sameeyo jeegag aan khatar ahayn oo laga sameeyo hal kombiyuutar. Aad baad ugu mahadsantahay qiimeyntaada 5. Salaan! waana ku sii sugi doonaa maqaaladeyda soo socota.

  13.   IgnacioM dijo

    Waad salaaman tahay Federico. Waan ogahay inaan yara yara daahay, laakiin waxaan jeclaan lahaa inaan ku weydiiyo su'aal.
    Nidaamkani miyuu i caawin doonaa haddii aan doonayo inaan tilmaamo domain ka ah serverkayga vps?

    15-kii daqiiqo ee kasta waxaan helayaa farriimahan nidaamka:

    DHCPREQUEST on eth0 ilaa dekedda 67 (xid =…)
    DHCPACK laga bilaabo (xid =…)
    ku xidhan - cusboonaysiinta 970 ilbidhiqsi.

    Iyo wixii aan ka fahmay waa inaan ku abuuraa rikoor diiwaanka boggeyga iyo ip ee adeegeyga gaarka ah.

    * Waan ku hambalyeynayaa waana ku mahadsan yahay maqaalkan, ma garanayo inay tahay waxa aan raadinayey laakiin waxaan ka helay mid aad u xiiso badan oo si fiican loo sharaxay. Intaa waxaa sii dheer waxaan qaataa talo soo jeedinta "DNS iyo BIND" oo aan horeyba u xamanayay oo ay umuuqato mid aad u xiiso badan.

    Salaan ka timid Argentina!

    1.    Antonio valdes toujague dijo

      fadlan ila soo xiriir valdestoujague@yandex.com