Tusmada guud ee taxanaha: Shabakadaha Kombuyuutarka ee loogu talagalay SMEs: Hordhac
Saaxiibbo waad salaaman tihiin !. Si loo fahmo loona raaco si sax ah qodobkaan waa muhiim ah akhrinaya kuwii ka horreeyay:
Waxay sharaxayaan fikradaha fikradaha iyo fikradaha ah oo aannan ku tixraaci doonin midkaan. Waxaan u baddali doonnaa qaybinta sanadka hadda socda oo aan u beddeleynaa Debian 8.6 "Jessie" waana sii wadaynaa isla halbeegyada aan ku isticmaalno XIDHIIDHKA iyo Tusaha Firfircoon®.
- Nidaamka lagu sharaxay qoraalkan sidoo kale wuxuu ansax u yahay CentOS 7. Faylka qaabeynta / iwm / dnsmasq waa isku mid. Waxaan ku dhawaaqayaa sababtoo ah waxaan u arkaa inay tahay wax aan loo baahnayn in la sameeyo maqaal u gaar ah Dnsmasq iyo Tusaha FirfircoonKu saleysan CentOS. Nasiib wanaag, tusaha laxiriira dukumiintiyada iyo qaabeynta waa isku mid. 😉
- Dnsmaq waa abuur Simon Kelley
Xaddidaadda isticmaalka Dnsmasq
Muhiimaddiisa awgeed ayaan ugu celcelinaynaa XUDUUDDA kaas oo taageera Dnsmasq -run nin dnsmasq- taas oo ka tarjumeysa si sax ah ku xiga:
XUDUUDDA
- Qiimaha caadiga ah ee xadadka kheyraadka guud ahaan waa muxaafid, waxayna ku habboon yihiin in loo isticmaalo qalabka nooca router-ka. ku dhagan processor-yada gaabiska ah iyo xusuusta yar. In qalab dheeraad ah karti leh, waa suurtagal in la kordhiyo xadka, oo la taageero qaar kaloo badan macaamiisha. Kuwa soo socdaa waxay khuseeyaan dnsmasq-2.37: noocyadii hore ma sameeyaan sifiican bay u fuuleen.
- Dnsmasq wuxuu awood u leeyahay inuu taageero DNS iyo DHCP ugu yaraan hal kun (1,000) macaamiisha. Waqtiyada ijaarku waa inaysan aad u gaabin (in ka yar hal waqtiga). Qiimaha –dns-forward-max waa la kordhin karaa: ka bilow u dhiganta tirada macaamiisha oo kordhi haddii haddii DNS. Ogsoonow in waxqabadka DNS sidoo kale ay kuxirantahay server-yada Kor u kaca DNS. Cabbirka xajmiga DNS waa la kordhin karaa: xadka Loo baahan yahay waa 10,000 magac oo kan caadiga ah (150) aad ayuu u hooseeyaa. U dirista SIGUSR1 dnsmasq waxay sameysaa macluumaad bitacore ah oo ah faa'iido u leh hagaajinta qiyaasta xajmiga. Faahfaahinta ka eeg qaybta XUSUUS.
- Server-ka ku-meel-gaarka ah ee TFTP-gu wuxuu awood u leeyahay inuu taageero kala-wareejinta kala duwan faylal isku mar ah: xadka saxda ah wuxuu laxiriira yahay tirada feylasha-gacan qabashada loo oggol yahay howsha iyo awooda sys‐tem call xulo () si ay u taageeraan tirooyin fara badan oo faylalka gacanta ku haya. Haddii xadka si aad ah loo dejiyo –tftp-max waa la dejinayaa oo xadka dhabta ah ayaa lagu qorayaa bilowga. Xusuusnow in wareejin intaa ka badan waa suurtagal marka isla feylka la diro maxaa trans-trans kastaferencia waxay dirtaa fayl kale. Waa suurtagal in la isticmaalo dnsmasq si loogu diido xayeysiinta Webka iyadoo la adeegsanayo liiska server caan ah oo caan ah, dhammaantoodna waxay ku xallinayaan 127.0.0.1 ama 0.0.0.0 gudaha / iwm / marti-geliyeyaasha ama faylka marti-geliyeyaasha dheeriga ah. Liistadu way awoodaa aad u dheeree Dnsmasq waxaa si tijaabo ah loogu tijaabiyey hal milyan oo magac. Cabirka faylkaasi wuxuu u baahan yahay 1GHz processor iyo qiyaas ahaan60MB RAM.
- Dnsmasq wuxuu awood u leeyahay inuu taageero DNS iyo DHCP ugu yaraan hal kun (1,000) macaamiisha.
Aynu rakibno oo aan qaabeyno Jessie iyo Dnsmasq
Waxaan ku bilaabi doonnaa rakibaad cusub oo nadiif ah server oo ku saleysan Debian 8 "Jessie". Si kale haddii loo dhigo, nidaamka qalliinka oo aan lahayn wax garaaf ah oo garaaf ah ama xirmo kale oo lagu rakibay. Xuduudaha shabakadu waxay la mid noqon doonaan kuwii loo adeegsaday maqaalka XIDHIIDHKA iyo Tusaha Firfircoon®:
Magaca domain mordor.fan Shabakadda LAN 10.10.10.0/24 ================================== == ========================================= Servers IP Address Ujeeddo (Servers leh OS Windows ) ============================================== = ============================== suunka.mordor.fan. 10.10.10.3 Tusaha Firfircoon ® 2008 SR2 mamba.mordor.fan. 10.10.10.4 Windows Server Server dns.mordor.fan 10.10.10.5 DnsMasq Server Jessie mugdiyo.mordor.fan. 10.10.10.6 Wakiil, albaab iyo gidaar-dhiska Kerios troll.mordor.fan. 10.10.10.7 Blog ku saleysan ... ma xasuusan karo shadowftp.mordor.fan. 10.10.10.8 FTP server blackelf.mordor.fan. 10.10.10.9 Adeeg e-mayl buuxa blackspider.mordor.fan. 10.10.10.10 WWW adeegga palantir.mordor.fan. 10.10.10.11 Kuwada hadal Openfire ee Windows Real CNAME ============================== sauron ad-dc mamba fileserver darklord proxyweb troll blog shadowftp ftpserver blackelf mail blackspider www palantir openfire
Dejinta hore ee dns.mordor.fan server
xididka @ dns: ~ # nano / iwm / hostname dns xididka @ dns: ~ # nano / iwm / martida loo yahay 127.0.0.1 localhost 10.10.10.5 dns.mordor.fan dns # Khadadka soosocda ayaa loogu jecelyahay IPv6 martigaliyaal karti leh :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouter xididka @ dns: ~ # nano / etc / network / interfaces # Faylkani wuxuu sharxayaa isku xirnaanta shabakadaha ee laga heli karo nidaamkaaga # iyo sida loo kiciyo. Macluumaad intaas ka badan, kafiiri boggaga (5). source /etc/network/interfaces.d/* # Isku xirka shabakada loopback auto lo iface lo inet loopback # Isku xidhka shabakada aasaasiga ah u ogolaan-hotplug eth0 iface eth0 cinwaanka ma guurto ah 10.10.10.5 shabakada netmask 255.255.255.0 10.10.10.0 baahinta 10.10.10.255. 10.10.10.1 marinka 127.0.0.1 # dns- * xulashooyinka waxaa fuliya xirmada xallinta, haddii la rakibo dns-magacyada XNUMX dns-search mordor.fan
Aynu rakibno Dnsmasq iyo htop
xididka @ dns: ~ # aptitude rakibi dnsmasq htop
Kadib rakibida xirmada htop waan hubin karnaa processor-ka iyo isticmaalka xusuusta qalabka. Waxay kaliya cunaysay qiyaastii 71 megabyte oo RAM ah. Haddii aan rabno inaan hoos u dhigno isticmaalka xitaa inbadan, waxaan rakibi karnaa xirmada SSMTP -ku fududaan MTA- taas oo iyaduna nadiifisa xirmada exim4 in Debian had iyo jeer ku rakibo si aan caadi aheyn iyo inaanan runtii u baahnayn iyada oo loo eegayo isticmaalka aan siin doono adeegaan:
xididka @ dns: ~ # aptitude rakibi ssmtp xididka @ dns: ~ # nadiifinta aptitude ~ c xididka @ dns: ~ # karti nadiif ah xididka @ dns: ~ # autoclean karti leh xididka @ dns: ~ # systemctl reboot
Kadib dib udajinta kumbuyuutarka, isticmaalka waa sida soo socota: 
Hoose, sax? Aan horay usocono.
Aynu tilmaanno in Dnsmasq ay sidoo kale la tashato Microsft® DNS
Si aad u tijaabiso qaabeynta suurtogalka ah ee 'Dnsmasq' ee kombiyuutarkaaga DNS.mordor. taageere, waa inaan ku darno bayaan tilmaamaya in Microsoft DNS ee server-ka lala tashanayo suunka.mordor.fan. Waan sameyn karnaa oo ay kujirto dardaaranka server = / mordor.fan / 10.10.10.3 kaydka dnsmasq.conf -sida aan gadaal arki doonno- ama ku darista khadka xawaalad 10.10.10.3 kaydka /etc/resolv.conf. Maaddaama aynaan weli u dhigin Dnsmasq hadba baahidayada, waxaannu dooranaynaa habka labaad:
xididka @ dns: ~ # nano /etc/resolv.conf
domain mordor.fan
xawaalad 127.0.0.1
xawaalad 10.10.10.3
Waxaan hadda xallin karnaa weydiimaha DNS
Iyada oo qaabeynta asaasiga ah ee Dnsmasq ay bixiso feylkeeda weyn /etc/dnasmq.conf, iyo waxa lagu cadeeyay faylka /etc/resolv.conf ka yimid server-ka laftiisa «dns«, Macaamiil kasta oo ku xiran LAN -ka oo ku dhawaaqay inuu yahay server-ka DNS DNS.mordor. taageere- waad xallin kartaa weydiimaha DNS kharashka Microsoft® DNS hadda…
- Aad ayey muhiim u tahay in la hubiyo xawaaraha jawaabta ee Dnsmasq marka aad soo bandhigeyso xaaladdeeda sida Weeraryahan ku darista kaliya IP 10.10.10.3 faylkaaga /etc/resolv.conf.
Laga soo bilaabo goobteyda shaqada iyo taageerada dhammaan agabyada aan wax ku qoro, waxaan ku ordaa:
buzz @ sysadmin: ~ $ bisad /etc/resolv.conf # Waxaa abuuray Shabakada NetworkManager mordor.fan magac bixiyaha 10.10.10.5 buzz @ sysadmin: ~ $ nslookup > dns Server: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magaca: dns.mordor.fan Cinwaanka: 10.10.10.5 > sauron Server: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Jawaab aan awood lahayn: Magaca: sauron.mordor.fan Cinwaanka: 10.10.10.3 > 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan Server: 10.10.10.5 Cinwaan: 10.10.10.5 # 53 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan magac canonical = sauron.mordor.fan. Magaca: sauron.mordor.fan Cinwaanka: 10.10.10.3 > 10.10.10.3 Server: 127.0.0.1 Cinwaanka: 127.0.0.1 # 53 3.10.10.10.in-addr.arpa magaca = sauron.mordor.fan. > 10.10.10.9 Server: 127.0.0.1 Cinwaanka: 127.0.0.1 # 53 9.10.10.10.in-addr.arpa magaca = blackelf.mordor.fan. > 10.10.10.5 Server: 127.0.0.1 Cinwaanka: 127.0.0.1 # 53 5.10.10.10.in-addr.arpa magaca = dns.mordor.fan. > boosto Adeegaha: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Jawaab aan awood lahayn: mail.mordor.fan magac canonical = blackelf.mordor.fan. Magaca: blackelf.mordor.fan Cinwaanka: 10.10.10.9> bixitaan buuzz @ sysadmin: ~ $
Aynu si dhow u eegno dhinacyada soo socda:
- DNS.mordor. taageere waxay si toos ah uga jawaabtaa weydiimaha DNS-ka ah ee ay ku xallin karto hadba halka aad hadda ku sugan tahay ee Dnsmasq. Haddii aadan xallin karin, waxay u shaqeysaa sida Weeraryahan oo weydii IP 10.10.10.3 haddii ay ka jawaabi karto su'aasha. Markii lagu weydiiyay IP-ga qalabka «dns«, Wuxuu si toos ah uga jawaabayaa. Marka Dnsmasq la waydiiyo waa ayo «sauron",?, samee gudbinta ilaa 10.10.10.3 Si toos ah ugama jawaabi kartid maxaa yeelay wali ma diiwaangelin- yaa ku soo celiya Jawaab sax ah oo aan sharci ku dhisnayn.
- Markii la weydiiyay waa kuma «03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan"?, samee gudbinta markale iyo markan waxaad kaheleysaa Jawaab Awood leh Microsoft® DNS.
- Xawaaraha sare ee jawaabta ee Dnsmasq nooc kasta oo weydiin ah.
Waxay yihiin faahfaahin yar oo jacaylka ka dhigaya mid weyn ;-).
Farqiga aasaasiga ah ee u dhexeeya Dnsmasq iyo BIND oo lagu daray Diiwaanka Firfircoon®
Aynu ku socodsiino dhowr su'aalood oo DNS ah oo ku saabsan diiwaannada SOA y NS ee domainka mordor.fan, mid kasta oo ka mid ah magacyada magacyada ku lug leh:
buzz @ sysadmin: ~ $ host -t SOA mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyo: mordor.fan wuxuu leeyahay rikoodh SOA sauron.mordor.fan. maareeyaha.mordor.fan. 56 900 600 86400 3600 XNUMX buzz @ sysadmin: ~ $ host -t SOA mordor.fan 10.10.10.5 Adoo adeegsanaya server-ka: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyo: mordor.fan wuxuu leeyahay rikoodh SOA sauron.mordor.fan. maareeyaha.mordor.fan. 56 900 600 86400 3600 XNUMX buzz @ sysadmin: ~ $ host -t NS mordor.fan 10.10.10.5 Adoo adeegsanaya server-ka: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyo: mordor.fan magaca server sauron.mordor.fan. buzz @ sysadmin: ~ $ host -t NS mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyo: mordor.fan magaca server sauron.mordor.fan.
Jawaabaha waa isku mid - taas oo macquul ah - maxaa yeelay siempre jawaab jawaab suunka.mordor.fan. ka hor weydiinta DNS ee ku saabsan diiwaanada SOA o NSinkastoo u eg muxuu ku jawaabayaa DNS.mordor. taageere. Si kastaba ha noqotee way ka duwan tahay waxa lagu arkay maqaalka XIDHIIDH iyo Tusaha FirfircoonHalkaas oo aan gebi ahaanba ka saarnay shaqeynta Microsoft® DNS. Maqaalkaas DHAMMAAN weydiimaha DNS ee ku saabsan Magaca Magaca Domino mordor.fan BIND ayaa ujawaabtay iyaga, maxaa yeelay taasi waa sida aan u kala dhig dhigno, iyo sababta oo ah BIND waxay ka jawaabtaa weydiimaha SOA y NS marka lagu daro ogolaanshaha qorshaha Ustaad - addoon, Wareejinta aagga, iwm, oo sidaas darteed waa adeege DNS ah oo dhammaystiran - kakan.
Malaha kuwani waa farqiga ugu weyn ee u dhexeeya DNS-ka Dnsmasq iyo BIND ... laakiin XIRI - marwalba waxaa jiri kara hal ama in kabadan - ma laha adeege DHCP ah oo si habsami leh u dhexgalaya serverka DNS hal daemon, iyo iyada oo aan loo baahnayn furayaasha TSIG, feylasha qaabeynta, Keydadka aagga, iwm, sidaan ku soo aragnay qormooyinkii hore.
- Waxaan u maleynayaa hadda, Akhristayaasha Sharafta leh waxay ogaan doonaan inaanan necbeynin BIND ama aanan ka jeclayn Dnsmasq BIND. Wadahadalka mustaqbalka ee ku saabsan waa waqti lumis guud, maadaama ay wax badan ku xiran tahay baahiyaha, dalabaadka, dhadhanka, dookhyada iyo .... xal kasta wuxuu leeyahay soo jiidashadiisa ;-)
- Xaaladaha la midka ah, qof kastaa ha rakibo oo habeeyo softiweer ay doortaan iyo inay wax badan ka ogaadaan. iyo in wax waliba sidii la filayay u shaqeeyaan.
Faa'iidooyinka isku darka Dnsmasq + Tusaha Firfircoon®
Isku dhafkan waxaan haynaa jawaabihii kaladuwanaa ee jawaabaha ee weydiimaha DNS iyo habab wax ku ool ah oo lagu kireysto cinwaanada IP-da ee SME LAN. Sida aan gadaal ka arki doonno, waxay si sax ah ugu shaqeysaa xaalad kasta oo la xiriirta in kumbiyuutarka lagu daro iyo in kale Microsoft® Active Directory® Domain Controller. Intaa waxaa dheer, waxaan leenahay DNS iyo DNS server Weeraryahan heer sare ah, oo lagu daray server DHCP aad u dhakhso badan. Iyo dhammaantood oo leh baahi yar oo ilaha. Ma rabtaa wax intaa ka badan?
Suurtagal ma tahay Dnsmasq + BIND?
Xaqiiqdii haa. In kasta oo aan ku talinayo in lagu rakibo kombiyuutarro kala duwan si aysan u dhicin wax isku dhacyo ah sababo la xiriira dekedda aadka loo jecel yahay ee 53 ee adeegga DNS. Waxaa laga yaabaa inaan wax uun ka arki doonno marka aan tagno Samba 4-ka saldhiggeedu yahay AD-DC.Yaa og?
Talooyin ku saabsan Dnamasq
- Faylasha shaqada ee muhiimka u ah Dnsmasq si ay u bixiso adeegyada DHCP iyo DNS ee LAN waa: /etc/dnsmasq.conf, / iwm, /var/lib/misc/dnsmasq. fasaxyoiyo /etc/resolv.conf. Faylka dnsmasq.waxyaabaha waxaa loo sameeyaa markaad kireysato cinwaankaaga ugu horreeya ee IP-ga.
- Fayl kale oo shaqo ah oo aad isticmaali karto ayaa ah / iwm / kuwa kale. Haddii feyl noocan oo kale ahi jiro, dardaaranka akhris-ethers lagu caddeeyay faylka faylka, wuxuu u sheegayaa Dnsmasq inuu akhriyo. Aad ayey faa'iido u leedahay markaan xiriir la samayno MAC cinwaanada / magacyada martida loo yahay ujeedooyin gaar ah.
- Adeegga DNS ayaa gabi ahaanba naafo laga dhigi karaa iyadoo la adeegsanayo dardaaranka dekedda = 0 gudaha dnsmasq.conf.
- Adeegga DHCP ee hal ama in ka badan oo shabakadaha isku xidhka ah ayaa lagu naafoobi karaa dardaaranno-mid khad walba- no-dhcp-interface = eth0, no-dhcp-interface = eth1, iyo wixii la mid ah. Faa'iido badan ayaan leenahay marka aan horjoogno koox leh 2-ama in ka badan oo isku xira shabakadaha oo aan dooneyno in adeegga DHCP uu bixiyo midkood ama midkoodna. Dabcan, haddii aan ka joojino adeegga DHCP dhammaan isdhaafsiga, waxaan kaliya ka tagi doonnaa adeegga DNS oo socda. Haddii aan joojino labada adeeg, haddaba maxaan ugu baahan nahay Dnsmasq? 😉
- Si aad ugu dhawaaqdo server-yada kale ee Magaca DNS maya yihiin kuwo dadweyne ama dibadeed ka ah LAN -s haddii ay dhacdo Microsoft DNS- waxaan ku sameynaa dardaaranka server = / magac domain / DNS server IP kaydka /etc/dnsmasq.conf. Tusaale: server = / mordor.fan / 10.10.10.3.
- Si loogu sheego Dnsmasq in weydiimaha ku saabsan aagagga maxalliga ah laga jawaabo kaliya faylka / iwm ama iyada oo loo marayo DHCP-gaaga, waa inaan ku darno dardaaranka maxalli = / localnet / faylka guud ee qaabeyntaada. Tusaale: maxalli = / mordor.fan /.
- Si aad si sax ah ugu habayso feylka /etc/resolv.conf - xallin waxaan kuu soo jeedinaynaa inaad aqriso buugeeda adoo adeegsanaya amarka nin xallinta. conf. Haddii aad rakibtid Debian 8.6 "Jessie" waxaad ogaan doontaa inay si wanaagsan ugu qoran tahay Isbaanish.
- Dnsmasq uma isticmaasho Zones faylasha si ay uga jawaabto su'aalaha tooska ah ama dib u celinta.
- In la ogaado macnaha beero kasta «khaas ah»Taasi waxaa loo isticmaalaa bayaanka Diiwaanka Kheyraadka ee SRV, waa inaad la tashataa XIDHIIDHKA iyo Tusaha Firfircoon®. Qaaciddada diiwaanada SRV ee faylka ku jira /etc/dnsmasq.conf Waa sida soo socota:
srv-host = , , , ,
Akhristayaasha doonaya inay waxbadan ogaadaan, fadlan si taxaddar leh u akhri faylka asalka ah /etc/dnsmasq.conf ama dukumiintiyada jira ee kujira galka / usr / share / doc / dnsmasq-base.
xididka @ dns: ~ # ls -l / usr / share / doc / dnsmasq-base / wadarta 128 -rw-r - r-- 1 xidid xidid 883 Me 5 2015 1 copyright -rw-r - r-- 36261 xidid xidid 5 2015 May 1 11297 changelog.archive.gz -rw-r - r-- 5 xidid xidid 2015 Meey 1 26014 changelog.Debian.gz -rw-r - r-- 5 xidid xidid 2015 May 1 2084 changelog.gz -rw-r - r - 5 xidid xidid 2015 May 1 4297 DBus-interface. Gz -rw- r - r-- 5 xidid xidid 2015 May 2 4096 doc.html drwxr-xr-x 19 xidid xidid 17 Feb 52 1:9721 tusaalooyin -rw-r - r-- 5 xidid 2015 May 1 4180 FAQ.gz -rw -r - r-- 5 xidid xidid 2015 May 1 12019 README.Debian -rw-r - 5-- xidid xidid 2015 May XNUMX XNUMX setup.html
Aynu isku hagaajinno Dnsmasq iyo Resolver
Waxaan u qaadan doonnaa hage bilow ah - bedelida magacyada iyo kuwa kale, dabcan - feylka qaabeynta ee lagu isticmaalay qodobka «Dnsmasq ee CentOS 7.3«.
Ha iloobin tallaabada xigta:
[xididka @ dns ~] # mv /etc/dnsmasq.conf /etc/dnsmasq.conf.original
Cinwaanada IP-ga oo go'an
Cinwaanada server-yada ama qalabka u baahan IP -both go'an IPv4 sida IPv6- ayaa lagu caddeeyay faylka / iwm:
[xididka @ dns ~] # nano / iwm / martigeliyayaal 127.0.0.1 localhost # Khadadka soosocda ayaa loo jecelyahay martigaliyaasha awooda IPv6 :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouter # Servers iyo kumbuyuutaro leh IPs go'an. 10.10.10.1 sysadmin.mordor.fan 10.10.10.3 sauron.mordor.fan 10.10.10.4 mamba.mordor.fan 10.10.10.5 dns.mordor.fan 10.10.10.6 darklord.mordor.fan 10.10.10.7 troll.mordor.fan 10.10.10.8. 10.10.10.9 shadowftp.mordor.fan 10.10.10.10 blackelf.mordor.fan 10.10.10.11 blackspider.mordor.fan XNUMX palantir.mordor.fan
Aynu abuurno faylka /etc/dnsmasq.conf
[xididka @ dns ~] # nano /etc/dnsmasq.conf
# ------------------------------------------------- ------------------ # XULASHADA GUUD # ---------------------------- - -------------------------------------- domain-loo baahan yahay # Ha ku dhaafin magacyada domain la'aan qayb bogus-priv # Ha ku dhaafin cinwaanada meelaha banaan ee balaadhinta-martigaliyayaasha # Si otomatik ah kudar domain si aad uhesho interface = eth0 # Interface. KA DIGTOONOW Isdhexgalka # marka laga reebo-interface = eth1 # HA DHAGEYSAN NIC-amar adag # Amarka aad ku tashanayso faylka /etc/resolv.conf # Ku dar xulashooyin badan oo qaabeynta badan # adigoo u maraya feyl ama adoo helaya qaabka # faylasha lagu daro diiwaanka # conf-file = / etc / dnsmasq.more.conf conf-dir = / etc / dnsmasq.d # Laxiriira Magaca Magaca domain = mordor.fan # Magaca Magaca # Wakhtiga Serverku waa 10.10.10.1. 10.10.10.1 cinwaanka = / time.windows.com / XNUMX # Waxay dirtaa ikhtiyaar madhan oo ah qiimaha WPAD. Waxaa looga baahan yahay # Windos 7 iyo hadhow macaamiisha inay si wanaagsan u dhaqmaan. ;-) dhcp-option = 252, "\ n" # Faylka oo aan ku caddeyn doono HOSTS-yada "la mamnuucayo" addn-host = / etc / banner_add_hosts # La tasho Microsoft® DNS server "sauron" haddii aan # u oggolaanno run server = / mordor.fan / 10.10.10.3 # Su'aalaha ku saabsan domains-ka maxaliga ah waxaa looga jawaabi doonaa # ka / iwm / martigaliyayaasha ama iyada oo loo marayo DHCP deegaanka = / mordor.fan / # Su'aalaha ku saabsan PTR ama Diiwaanada Dib u dhaca ayaa looga jawaabi doonaa # server-yada dns "iyo" sauron "ee nidaamkaas server = / 10.10.10.in-addr.arpa / 10.10.10.5 server = / 10.10.10.in-addr.arpa / 10.10.10.3 # ------- - ---------------------------------------------------- - --------- # DIIWAANGELINTAXUKUMMXTXT # ------------------------------------ - ---------------------------- # Diiwaangelinta noocan ah waxay u baahan tahay gal # # / / / martida # feyl tusaale: 10.10.0.7. 10 troll.mordor.fan troll # cname = ALIAS, REAL_NAME cname = ad-dc.mordor.fan, sauron.mordor.fan cname = fileserver.mordor.fan, mamba.mordor.fan cname = proxyweb.mordor.fan, madow .mordor.fan cname = blog.mordor .fan, troll.mordor.fan cname = ftpserver.mordor.fan, shadowftp.mordor.fan cname = mail.mordor.fan, blackelf.mordor.fan cname = www.mordor.fan, blackspider.mordor.fan cname = opendire .mordor. mordor,
dhcp-lease-max = 222 # Tirada ugu badan ee cinwaanada la kiraysto
# asal ahaan waa 150
# IPV6 Range # dhcp-range = 1234 ::, ra-only # Ikhtiyaarrada loogu talagalay Range # XULASHADA dhcp-option = 1,255.255.255.0 # NETMASK dhcp-option = 3,10.10.10.253 # ROUTER GATEWAY dhcp-option = 6,10.10.10.5. 15 # DNS Servers dhcp-option = 19,1, mordor.fan # DNS Magaca Magaca dhcp-option = 28,10.10.10.255 # xulashada ip-gudbinta ON dhcp-option = 42,10.10.10.1 # BROADCAST dhcp-option = 40. 41,10.10.10.3 # NTP # dhcp-option = 44,10.10.10.3, MORDOR # NIS Magaca Magaca # dhcp-option = 45,10.10.10.3 # NIS Server # dhcp-option = 73,10.10.10.3 # WINS # dhcp-option = 46,8 # Xog uruurinta NetBIOS # dhcp-option = XNUMX # Server Finger # dhcp-option = XNUMX # NetBIOS node dhcp-authoritative # Authoritative DHCP in the subnet # ------------- - ---------------------------------------------------- - --- # -------------------------------------------- - - --------------------- # DIGITAANKA dabada -f / var / log / syslog ama journalctl -f # ------------ - ---------------------------------------------------- - ---- log-weydiimo # -------------------------------------------- - ------------------------ # Re Diiwaanada A iyo SRV ee u dhigma Tusaha Firfircoon # ---------------------------------------- --------------------------
# Diiwaanada A
address = / gc._msdcs.mordor.fan / 10.10.10.3 address = / DomainDnsZones.mordor.fan / 10.10.10.3 address = / ForestDnsZones.mordor.fan / 10.10.10.3
# Diiwaanka Microsoft DNS Zone CNAME _msdcs.mordor.fan
cname=03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan,sauron.mordor.fan
Diiwaanka # SRV
# srv-host = , , , ,
# Diiwaanka Caalamiga ah # Microsoft DNS zone _msdcs.mordor.fan
srv-host = _ldap._tcp.gc._msdcs.mordor.fan, sauron.mordor.fan, 3268,0,0 srv-host = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mordor .fan, suugo.mordor.fan, 3268,0,0
# Microsoft DNS aag mordor.fan
srv-host = _gc._tcp.mordor.fan, sauron.mordor.fan, 3268,0,0 srv-host = _gc._tcp.Default-First-Site-Name._sites.mordor.fan, sauron.mordor.fan .3268,0,0
# Wax laga beddelay oo gaar loo leeyahay LDAP oo ah Tusaha Firfircoon
# Microsoft zone zone _msdcs.mordor.fan
srv-host=_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.pdc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
# Microsoft aaga Microsoft mordor.fan
srv-host=_ldap._tcp.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
#
# KERBEROS wax laga badalay oo laga khaasiyay Diiwaanka Firfircoon
srv-host=_kerberos._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kerberos._tcp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._tcp.mordor.fan,sauron.mordor.fan,464,0,0
srv-host=_kerberos._udp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._udp.mordor.fan,sauron.mordor.fan,464,0,0
# DHAMMAAD faylka /etc/dnsmasq.conf
# ------------------------------------------------- ------------------
Aynu abuurno faylka / iwm / banner_add_host
[xididka @ dns ~] # nano / iwm /banner_ku dar_martigeliyayaal 127.0.0.1 windowsupdate.com 127.0.0.1 ctldl.windowsupdate.com 127.0.0.1 ocsp.verisign.com 127.0.0.1 csc3-2010-crl.verisign.com 127.0.0.1 www.msftncsi.com 127.0.0.1 ipv6.msftncsi.com 127.0.0.1 teredo.ipv6.microsoft.com 127.0.0.1 ds.download.windowsupdate.com 127.0.0.1 download.microsoft.com 127.0.0.1 fe2.update.microsoft.com 127.0.0.1 crl.microsoft.com 127.0.0.1 www .download.windowsupdate.com 127.0.0.1 win8.ipv6.microsoft.com 127.0.0.1 spynet.microsoft.com 127.0.0.1 spynet1.microsoft.com 127.0.0.1 spynet2.microsoft.com 127.0.0.1 spynet3.microsoft.com 127.0.0.1. 4 spynet127.0.0.1.microsoft.com 5 spynet127.0.0.1.microsoft.com 15 office127.0.0.1client.microsoft.com 127.0.0.1 addons.mozilla.org XNUMX crl.verisign.com [xididka @ dns ~] # dnsmasq --test dnsmasq: syntax hubi OK. [xididka @ dns ~] # systemctl dib u bilaabi dnsmasq.service [xididka @ dns ~] # systemctl status dnsmasq.service
Aynu wax ka bedelno feylka /etc/resolv.conf - Xallin
xididka @ dns: ~ # nano /etc/resolv.conf
raadinta mordor.fan raadinta mordor.fan
Maxaynaan u haynin khadadka caadiga ah ee lagu caddeeyay feylka xallinta. conf? Sababtoo ah waxaan ku dhawaaqeynaa dnsmasq.conf awaamiirta soo socota:
# La tasho Microsoft® DNS serverka "sauron" haddii aan # uga tagno inuu shaqeynayo server = / mordor.fan / 10.10.10.3 # Weydiimaha ku saabsan cinwaanada maxalliga ah ayaa laga jawaabi doonaa # ka / iwm / martigaliyayaasha ama loo soo marin doonaa DHCP maxalli = / mordor.fan / # Su'aalaha ku saabsan PTR ama diiwaanka Reverse waxaa ka jawaabi doona # "dns" iyo "sauron" serverka siday u kala horeeyaan server = / 10.10.10.in-addr.arpa / 10.10.10.5 server = / 10.10.10.in-addr.arpa / 10.10.10.3
Weydiimaha sysadmin.mordor.fan
Faylka /etc/resolv.conf kooxdan waa:
buzz @ sysadmin: ~ $ bisad /etc/resolv.conf # Waxaa abuuray NetworkManager raadinta mordor.fan magac bixiyaha 10.10.10.5
buzz @ sysadmin: ~ $ host -t To spynet4.microsoft.com spynet4.microsoft.com wuxuu leeyahay cinwaan 127.0.0.1 buzz @ sysadmin: ~ $ host -t To www.download.windowsupdate.com www.download.windowsupdate.com wuxuu leeyahay cinwaan 127.0.0.1 buzz@sysadmin: ~ $ qod dns buzz @ sysadmin: ~ $ qodo dns.mordor.fan ;; QAYBTA SU'AASHA :; dns.mordor.fan. IN A ;; QAYBTA JAWAABTA: dns.mordor.fan. 0 IN 10.10.10.5 buzz @ sysadmin: ~ $ host -t SRV _ldap._tcp.gc._msdcs buzz @ sysadmin: ~ $ host -t SRV _ldap._tcp.gc._msdcs.mordor.fan _ldap._tcp.gc._msdcs.mordor.fan wuxuu leeyahay rikoor SRV 0 0 3268 sauron.mordor.fan. buzz @ sysadmin: ~ $ dig _ldap._tcp.gc._msdcs.mordor.fan ;; QAYBTA SU'AAL :; _ldap._tcp.gc._msdcs.mordor.fan. IN A ;; QEYBTA Jawaabta: _ldap._tcp.gc._msdcs.mordor.fan. 0 IN 10.10.10.3 buzz @ sysadmin: ~ $ qodo mordor.fan axfr buzz @ sysadmin: ~ $ dig 10.10.10.in-addr.arpa axfr
Qaabkaasna, imisa wadatashi ayaan u baahanahay
Dnsmasq + Active Directory® + Microsoft® Macaamiisha Windows®
Magacaabista Macmiilka Windows® ee Windows
toddobo.mordor.fan kireysiga IP address:
xididka @ dns: ~ # cat /var/lib/misc/dnsmasq.leases 1488006009 00:0c:29:d6:14:36 10.10.10.115 seven 01:00:0c:29:d6:14:36
Aynu dib u magacawno «toddobada»-Taas kuma biirin Liiska Tilmaamaha Firfircoon - by«Eucalyptus«. Ka dib isbeddelka iyo dib u bilaabista waxaan hubin:
xididka @ dns: ~ # cat /var/lib/misc/dnsmasq.leases 1488006633 00:0c:29:d6:14:36 10.10.10.115 eucaliptus 01:00:0c:29:d6:14:36
Taariikhda isbeddelada waxaa laga arki karaa "sysadmin":
buzz @ sysadmin: ~ $ host -t A toddobo toddobada.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
Magaca ka dib
buzz @ sysadmin: ~ $ host -t A toddobo toddobo ma laha rikoor A buzz @ sysadmin: ~ $ host -t A eucaliptus eucaliptus.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
Weydiimaha macmiilka eucaliptus.mordor.fan
Microsoft Windows [Nooca 6.1.7601] Xuquuqda daabacaadda (c) 2009 Shirkadda Microsoft. Xuquuqda daabacaadu way xifdisan. C: \ Users \ buzz> nslookup Server Default: dns.mordor.fan Cinwaanka: 10.10.10.5 > suugo Server: dns.mordor.fan Cinwaanka: 10.10.10.5 Magaca: sauron.mordor.fan Cinwaanka: 10.10.10.3 > mordor.fan Server: dns.mordor.fan Cinwaanka: 10.10.10.5 Magaca: mordor.fan Cinwaanka: 10.10.10.3 > eucalyptus Server: dns.mordor.fan Cinwaanka: 10.10.10.5 Magaca: eucaliptus.mordor.fan Cinwaanka: 10.10.10.115 > 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan Server: dns.mordor.fan Cinwaanka: 10.10.10.5 Magaca: sauron.mordor.fan Cinwaanka: 10.10.10.3 Magacyada: 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan > nooca loo dejiyey = SRV > _kerberos._udp.mordor.fan Server: dns.mordor.fan Cinwaanka: 10.10.10.5 _kerberos._udp.mordor.fan Goobta adeegga SRV: mudnaanta = 0 miisaanka = 0 dekedda = 88 svr hostname = sauron.mordor.fan sauron.mordor.fan cinwaanka internetka = 10.10.10.3. XNUMX > _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan Server: dns.mordor.fan Cinwaanka: 10.10.10.5 _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan Goobta adeegga SRV: mudnaanta = 0 miisaanka = 0 dekedda = 389 svr hostname = sauron .mordor.fan sauron.mordor.fan cinwaanka internetka = 10.10.10.3 > bixid C: \ Users \ buzz>
Diiwaangelinta macaamiisha Windows ee Microsoft® DNS
Macaamiisha Windows Kuma Biirin Cinwaanka Active Directory®
Waa inaan hubinaa in cinwaanada IP ee ay kireysteen macaamiisha Windows ee kala duwan ee ka socda Dnsmasq ay si sax ah uga diiwaan gashan yihiin Microsoft® DNS. Waxay saameyn ku yeelan kartaa habka aan u daarayno Updates Dynamic - Cusbooneysiinta firfircoon ee Microsoft® DNS Aagagga Diiwaanka Firfircoon®. Waxaan ka bilaabeynaa qaabeynta asaasiga ah ee Microsoft DNS kaas oo u oggolaanaya kaliya Updates Dynamic Updates - Cusbooneysiinta dhaqdhaqaaqa -> Sug oo keliya, mid kasta oo ka mid ah Aagaggeeda.
Ogsoonow in macmiilku hadda wato FQDN eucalyptus.mordor.fan maya wuxuu ku lifaaqan yahay Active Directory Domain (ama Samba4 AD-DC), waana mid ka reeban sharciga Microsoft ee ahKaliya macaamiisha ka diiwaangashan My Domain ayaa fasax kaheli doona Nidaamkeyga Cusboonaysiinta - oo aan kaliya ogahay- inay iska diiwaangeliyaan My DNS«. Wax wanaagsan Samba4 AD-DC ayaa wax inaga baraya.
eucalyptus.mordor.fan kireystay IP 10.10.10.115:
buzz @ sysadmin: ~ $ host -t A eucaliptus eucaliptus.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
Aynu u beddelo magaceeda «caoba«, Aan dib u bilowno Windows 7, oo aan aragno waxa dhaca markaan weydiisanno magacyada«Eucalyptus»Iyo«caoba»Mid kasta oo ka mid ah DNS-ka, marka hore Microsoft DNS ka dibna Dnsmasq:
buzz @ sysadmin: ~ $ host -t A eucaliptus.mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyo: Martigeliyaha eucaliptus.mordor.fan lama helin: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyo: Marti geliyaha mahogany.mordor.fan lama helin: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A eucaliptus.mordor.fan 10.10.10.5 Adoo adeegsanaya server-ka: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyo: Martigeliyaha eucaliptus.mordor.fan lama helin: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.5 Adoo adeegsanaya server-ka: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyo: mahogany.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
Waxaan badali karnaa magaca macmiilka Windows 7 kaas maya waxaa ku lifaaqan Domainka mordor.fan ka mid ah Diiwaanka Firfircoon® inta jeer ee aan dooneyno, in Microsoft® DNS uusan wax ka ogaanin isbeddeladan ama in macmiil noocan oo kale ahi jiro. Suurtagal ma tahay inay kaliya tahay maxaa yeelay waxaan dooranay ikhtiyaarka Cusbooneysiinta dhaqdhaqaaqa -> Sug oo keliya Aag kasta oo ka mid ah Micorosft DNS?.
Si Mr. Microsoft® DNS uu wax uga ogaado isbeddelada, waa inaan doorannaa Cusbooneysiinta isbedbeddelka -> Waxyeello la'aan iyo ammaan. Doorashadan, Akhristayaasha Sharafta Leh, waxay tusineysaa u nuglaansho weyn oo xagga amniga ah oo ah Server Server kasta oo Magaca la ixtiraamo, ha noqdo Microsft® ama UNIX® / Linux. Microsoft® DNS wuxuu ka digayaa nuglaanta maxaa yeelay aakhirka wax kale ma ahan oo keliya BIND wax laga beddelay oo gaar loo leeyahay inuu na siiyo «Amniga Mugdiga«. Haddii kale, maxaad kugula talineysaa inaad ku keydiso waxyaabaha caanka ah Registro dhammaan dejimaha DNS iyo diiwaanada Microsoft® DNS-gaaga markaan fulinayno Tusaha Firfircoon®?. Marka lagu daro taageerida casriyeynta aan sugnayn ee Microsoft® DNS, wax ka beddelka soo socda ayaa looga baahan yahay qaabeynta kaararka shabakadda macmiilka Windows 7:
Aynu hubino:
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyada: caoba.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115 buzz @ sysadmin: ~ $ host 10.10.10.115 10.10.10.3 Isticmaalka server domain: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyada: 115.10.10.10.in-addr.arpa magaca magaca tilmaame tilmaame mahogany.mordor.fan. buzz @ sysadmin: ~ $ host -t A mahogany 10.10.10.5 Adoo adeegsanaya server-ka: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyada: caoba.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115 buzz @ sysadmin: ~ $ host 10.10.10.115 10.10.10.5 Isticmaalka server domain: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyada: 115.10.10.10.in-addr.arpa magaca magaca tilmaame tilmaame mahogany.mordor.fan.
Haa hada. Waa maxay isku duubni wanaagsan oo loogu talagalay laba server oo DNS ah oo aan loo dhigin si kasta!
Macaamiisha Windows waxay ku biireen Active Directory® Domain
Aan mideyno macmiilka mahogany.mordor.fan dhanka Domainka, laakiin maahan kahor intaan laga tirtirin wax ka badalka aan ku sameynay qaabeynta kaarkaaga shabakada, hadii waqti kasta aan u qabanay si aan u xaqiijinno wax kale oo aan ahayn qodobka cutubkii hore. Sidoo kale tirtir gelitaanka «caoba»Gudaha Microsoft® DNS, kuna soo celi Cusbooneysiinta Dynamic barta ay ka soo jeedaan «Sug oo keliya«. By habka, waa ansax in dib loo bilaabo adeegga Microsoft® DNS.
Ka dib markii uu ku soo biiray Domain, iyo in kasta oo dadaalkeenna oo dhan, macmiilku «caoba»Kama diiwaan gashanayn Microsoft® DNS. Waxaan xitaa ku dhawaaqnay dnsmasq.conf -madaxweyne- in Server-ka ugu horeeya ee DNS yahay 10.10.10.3.
Microsoft Windows [Nooca 6.1.7601]
Xuquuqda daabacaadda (c) 2009 Shirkadda Microsoft. Xuquuqda daabacaadu way xifdisan.
C: \ Users \ saruman> ipconfig / all
Windows IP Qaabeynta Magaca martida. . . . . . . . . . . . : MAHOGANY Primary Dns Suuffix. . . . . . . : mordor.fan Nooca noodhka. . . . . . . . . . . . : Wadada iskuxirka IP-ga oo awood leh. . . . . . . . : Ma jiro WINS Wakiil oo Daaran. . . . . . . . : Ma jiro Liiska Raadinta ee Suufiyeynta DNS. . . . . . : adabtarada Ethernet-ka mordor.fan Xiriirka Aagga Deegaanka: Iskuxiraha gaarka ah ee DNS-ga ah. : mordor.fan Sharaxaad. . . . . . . . . . . : Intel (R) PRO / 1000 MT Iskuxirka Shabakada Cinwaanka Jirka. . . . . . . . . : 00-0C-29-D6-14-36 DHCP Waa Daaran tahay. . . . . . . . . . . : Haa Iskudhiska Awood-gelinta . . . : Haa Xiriirinta-Cinwaanka IPv6 ee deegaanka. . . . . : fe80 :: 352a: b954: 7eba: 963e% 12 (Jecel) IPv4 Cinwaanka. . . . . . . . . . . : 10.10.10.115 (La Doorbiday) Maskaxda Subnet. . . . . . . . . . . : 255.255.255.0 Waxaa la helay heshiis kiro ah. . . . . . . . . . : Sabti, Febraayo 25, 2017 8:19:05 AM Kireysku wuu dhacayaa. . . . . . . . . . : Sabti, Febraayo 25, 2017 4: 20: 36PM Default Gateway. . . . . . . . . : 10.10.10.253 Server DHCP. . . . . . . . . . . : 10.10.10.5 DHCPv6 IAID. . . . . . . . . . . : 251661353 DHCPv6 Macmiilka DUID. . . . . . . . : 00-01-00-01-20-3B-69-81-00-0C-29-D6-14-36
Server Server. . . . . . . . . . . : 10.10.10.3
10.10.10.5
NetBIOS ka badan Tcpip. . . . . . . . : Adapter Tunnel firfircoon isatap.mordor.fan: Gobolka Warbaahinta. . . . . . . . . . . : Warbaahinta ayaa go'day Xiriirinta gaarka ah ee DNS Suufiye. : mordor.fan Sharaxaad. . . . . . . . . . . : Microsoft ISATAP Adapter Cinwaanka Jirka. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Waa Daaran. . . . . . . . . . . : No Autoconfiguration karti uma leh . . . : Haa adapter Tunnel Xiriirinta Aagga Deegaanka * 9: Gobolka Warbaahinta. . . . . . . . . . . : Warbaahinta ayaa go'day Xiriirinta gaarka ah ee DNS Suufiye. : Sharaxaad. . . . . . . . . . . : Adreeska Adareeska Tunneling ee Tunnelka Microsoft Cinwaanka Jirka. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Waa Daaran. . . . . . . . . . . : No Autoconfiguration karti uma leh . . . : Waana
C: \ Users \ saruman>
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3
Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyada: Marti-geliyeyaasha caoba.mordor.fan lama helin: 3 (NXDOMAIN)
buzz@sysadmin: ~ $ host -t To mahogany.mordor.fan
mahogany.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
- Sida kaliya ee macmiilku u diiwaangashan yahay «caoba»Microsft®-ka DNS wuxuu wax ka beddelayaa kaarkaaga shabakadda sida ku xusanó sawirka hore, taas oo ah, si cad u sheegaysa in: cinwaanada 'DNS suffix' ee isku xirka ay tahay mordor.fan, in ay diiwaangeliso cinwaanka cinwaanka ee DNS, iyo in ay isticmaasho dheecaanka la shaaciyay ee DNS marka la diiwaangelinayo xiriirka.
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyada: caoba.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115 buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan mahogany.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
Aynu ka bedelno magaca "mahogany" oo aan ugu beddelno "kedar"
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Adoo adeegsanaya server-ka: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyada: Marti-geliyeyaasha caoba.mordor.fan lama helin: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t To cedar.mordor.fan 10.10.10.3 Isticmaalka server domain: Magaca: 10.10.10.3 Cinwaanka: 10.10.10.3 # 53 Magacyada: cedro.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115 buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.5 Adoo adeegsanaya server-ka: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyada: Marti-geliyeyaasha caoba.mordor.fan lama helin: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t To cedar.mordor.fan 10.10.10.5 Isticmaalka server domain: Magaca: 10.10.10.5 Cinwaanka: 10.10.10.5 # 53 Magacyada: cedro.mordor.fan wuxuu leeyahay cinwaan 10.10.10.115
Iyo wax walba oo caadi ah, sida macaamiisha Microsoft® iyo Microsoft® DNS sida waxyaabaha ay ahaadaan.
Aynu la shaqeyno Microsoft® DHCP iyo Microsoft® DNS
Akhristayaasha Sharafta Leh, cutubkani wuxuu ka baxsan yahay macnaha barta loo qoondeeyay Barnaamijka Bilaashka ah. Eeg caawimaadda Microsoft®. Ma rumaystaan ?. 😉
LOOGU TALAGALAY
Waxaa jira dhowr qaab oo loola shaqeeyo Microsoft® DNS markii aan ka dhigno inay ku wada noolaan karaan Shabakadda SME iyo Dnsmasq. Kuwaas waxaan ka xusi doonnaa oo keliya kuwa soo socda:
- Si buuxda u jooji adeegga Microsoft® DNS ee kombiyuutarka uu ku shaqeynayo, taas oo muujineysa intaas ka dib in bilowga adeegga uu naafo yahay. Ka hubi qaabeynta kaarka shabakadda ee macmiil kasta oo Microsoft® ah ikhtiyaarka ah inuu Diiwaangaliyo cinwaanka isku xirka DNS. Ka saar faylka /etc/dnsmasq.conf Dardaaran server = / mordor.fan / 10.10.10.3. Notas:
- Xitaa haddii su'aalaha ku saabsan diiwaannada aan laga jawaabin SOA y NS, shabakadu si sax ah ayey u shaqeyn doontaa, iyo sidoo kale midowga macaamiisha kala duwan -Microsoft® iyo Linux- ilaa Active Directory® Domain.
- Faa'iido ayey leedahay in SME LAN ay jiri doonaan oo keliya hal Server Magaca Server - lab lab - waxayna noqon doontaa Dnsmasq. ;-). Dhinaca kale, suurtagalnimada iswaafaq la’aan udhaxeysa diiwaanka DNS ee ku kaydsan Microsoft® DNS iyo kuwa laga heli karo Dnsmasq waa la tirtiray.
- Ka tag Microsoft® DNS oo ordaya si aad uga jawaabto kaliya weydiimaha DNS ee ku saabsan SOA iyo NS diiwaanka. Notas:
- Wax ka beddel qaabeynta kaarka shabakadda ee macmiil kasta oo Windows ah, adoo hubinaya ikhtiyaarka ah inaad Diiwaangeliso cinwaanka isku xirka ee DNS.
- Waxaan u maleyneynaa in xalkaani yahay qashin-urursi.
- U qaabee adeegyada sida aan ku aragnay maqaalka oo dhan, kaas oo muujinaya xalka in badan oo ka mid ah jeclaanta falsafadda Microsoft-ma ahan FreeBSD / Linux- Ok?.
Resumen
- Soo jeedinta Microsoft® DNS waa mid aad u xiran. Meelna ugama tageyso xalalka kale ee aan waafaqsanayn falsafada hermetic-keeda.
- Dabeecadda Hooyo waxay na baraysaa inaan ku nool nahay adduunyo kala jaad ah. Waxyaabaha caadiga ah waa in la helo LAN isku dhafan, oo u dhaqaaqaya Software Bilaash ah, oo hodan ku ah nolosha iyo noocyo kala duwan.
- Waxay u muuqataa in Microsoft®, macaamiisha aan ku soo biirin falsafadiisa ay yihiin kuwa laga takhalusay, sidaa darteedna aysan ku mashquulin inay tixgeliyaan.
- Sidee ayey u adag tahay in lala shaqeeyo Software-ka gaarka loo leeyahay! Waxaan jeclaan lahaa inaan xoogaa shaqo ah ku qaato dejinta Software bilaash ah oo aan runtii noqdo Bilaash, nacalaa!
"Shayga ugu wanaagsan ee runta ah waa ku celcelin."
Maqaal weyn oo aad qortay, Federico!
Maqaal aad u qaali ah gacaliye. Soo koobiduna waa XD-ga ugu fiican
Isku dheelitirka;
Uma maleynayo inaan ku arkay tilifoon dhameystiran oo faahfaahsan sysadmin internetka (luqada Isbaanishka), shaqada aad ka qabaneyso Shabakadaha SMEs waa inaad qaabeyso.
In kasta oo shaqadu dhib badan tahay oo gaadhista heerkaas faahfaahsan ay tahay arrin saacado badan ah, waxaan aaminsanahay inaad abuureysid tixraac loo adeegsan doono sida ay ku ogaadeen tiro badan oo SysAdmin ah oo furaha u ah maqaalkaaga macallinka waxqabadyo badan oo ay la kulanto maalin kasta.
Dhanka dnsmasq iyo diiwaanka firfircoon, waxaan u maleynayaa inaanan waligey fursad u helin inaan labadaba lashaqeeyo, laakiin shaybaarkayga, maqnaanshaha macmiilka daaqadaha, wax walba waxay umuuqdaan inay fiicnaayeen, layaabna malahan tillaabadan wanaagsan tallaabo.
Samatabbixi weedhaada «Sidee ayey u adag tahay inaad la shaqeyso Software-ka Khaaska ah!. Waxaan door bidi lahaa in yar oo ka mid ah shaqeynta qaabeynta softiweer bilaash ah runtiina xor, nacalad! dad badan oo kale, sidee waliba ula mid noqoshada joogtada ah ee barnaamijyada bilaashka ah.
Hambalyo FIco… Waan sii soconaa.
Zodiac: Erayadaadu waa dhiirigelin inay sii wadaan qorista. Ha ka waaban, saacado badan oo wanaagsan - badhida ayaa lagama maarmaan u ah in la qoro maqaal dhexdhexaad ah oo kan oo kale ah.
Julio León: Waad ku salaantay adiguba, gacaliye Julio. Waxaan rajeyneynaa oo aad nagula sii socotaa wadada aad waxbadan uga ogaato Software Free.
Lagarto: Maalmaha iyo saacadaha la qaatay waxay mudan yihiin markaan akhriyo faallooyinka sida kuwa ku jira qoraalkan. Iyagu waa abaalmarinta ugu fiican ee shaqadeena. Waxaan u gudbiyay cinwaanka maqaalka Simon Kelley qudhiisa wuuna ii roonaaday inuu iigu soo jawaabo.
Waxaan rabaa inaan ka faa'iideysto meeshan si aan u idhaahdo arinta DNS iyo DHCP waxaan ka bilaabaynaa - istiraatiijiyad - iskuxirka ilaa sahlan. Dnsmasq waa xal aad u ansax ah oo loogu talagalay Shabakadaha SME, waana ka fududaan tahay hirgelinteeda marka loo eego labada BIND + Isc-Dhcp-Server. Mawduuca ayaa u muuqda inuu xoogaa farsamo u yahay akhristayaal badan. Waqti iyo tababarba waxay ogaan doonaan inaanay taasi ahayn kiiska. Way ku habboon tahay in la barto Mabaadi'da Adeegga Kaabayaasha, cinwaan kaas oo koobaya 6da maqaal ee laga qoray adeegyada DNS iyo DHCP, oo aan la iloobin NTP.
Dhammaantiin waan ku hambalyeynayaa
Waad ku mahadsan tahay Federico maqaal kale oo weyn oo si faahfaahsan u faahfaahsan iyo aragti ballaadhan oo ku saabsan Dnsmasq, oo ah aalad aan horay u aragnay oo waxtar weyn u leh sysadmins.
WAAWEYN wax kasta oo la xiriira gelinta Microsoft DNS Zone "_msdcs.mordor.fan" faylkaaga qaabeynta /etc/dnsmasq.conf faylkaaga SRV ee adeegsanaya adeegyada: _gc, _ldap, _kerberos iyo _kpasswd leh Hadafku waa in la isticmaalo Microsoft DNS ("server = / mordor.fan / 10.10.10.3" bayaan) marka lagu daro Dnsmasq ("local = / mordor.fan /" statement) si loo xaliyo weydiimaha DNS.
GREAT sidoo kale waa tusaalaha loogu talagalay in Microsoft DNS ay ku diiwaangeliso macaamiisha Windows ee leh isbeddelada IP-ga ee LAN, waa inaad ku xushaa qaabeynta DNS, "Cusbooneysiinta Dynamic" sida "Wax-qabad la'aan iyo xasillooni" iyo waxa loola jeedo u nuglaanta amniga waxkastoo Server Name Name ah oo la ixtiraamo, ha noqdaan Microsoft ama UNIX / Linux. Ka sokow inay lagama maarmaan tahay in wax laga beddelo qaabeynta kaarka shabakadda macmiilka Windows.
Waxba maaha in qoraal kasta oo cusub aad kor u qaaddo joogsiga! Si xiiso leh u sugaya qodobbada soo socda!
Aad baad ugu mahadsantahay qiimeyntaada iyo faallooyinkaaga, IWO. Maqaal kasta oo aan daabaco, marwalba waan sugaa fikirkaaga, maadaama ay taageereyso shaqadaada, aqoontaada iyo dhaqankaaga. Hambalyo IWO. Waxaan kugu arki doonnaa maqaalka soo socda
Shaqo aad u wanaagsan, sida had iyo jeer dhajinta alaabadaas loogu talagalay sysadmins. Mahadsanid kun!
Fursad sii DNS-ka Microsoft, xitaa ha u oggolaan inay muujiso. Ma garanayno inuu weli nool yahay iyo xitaa inuu xishood u hadhay. Maqaal aad u fiican.
Dahab aan noociisa oo kale ahayn, ayaa loogu kaydiyay kuwa ugu cadcad la-tashiga. Maqaal aad u fiican.
Waad ku mahadsan tahay HO2Gi qiimeyntaada. Waxaan kugula talinayaa adiga - iyo guud ahaan in QOF KASTA- booqo https://blog.desdelinux.net/redes-computadoras-las-pymes-introduccion/. Waxaa mar labaad lagu tafatiray iyadoo la tusaayo dhamaan qoraalada la daabacay iyo mowduucyada laga hadlayo. Salaan kadib na sii wad.
Dukumiinti aad u fiican sida kan laga heli karo gudaha https://blog.desdelinux.net/bind-active-directory/
Kaliya waxaan rabaa inaan sameeyo talo bixin, fadlan u qaado dhaliil wax dhisaysa; Si loo muujiyo qaabeynta, way fiicnaan laheyd haddii halkii aan ka isticmaali lahaa shabakadda 10.10.10.0/24, waxaan isticmaali lahaa mid ka mid ah halka baloog kastaa ku leeyahay lambarro kala duwan, sida shabakadda 192.168.1.0/24.
Tani waxay cadeyn laheyd qodobada halka cinwaanada shabakadu ay ku noqonayaan gadaal, sida marka ay tahay inaad kudarto qiyamka nooca ".in-addr.arpa"
Waad ku mahadsantahay wadaagida aqoonta tayada fiican leh.
Wanaagsan