Isalathiso ngokubanzi sothotho: Iinethiwekhi zekhompyuter zee-SMEs: Intshayelelo
Molweni zihlobo! Siza kubona kweli nqaku ukuba singazisebenzisa njani iinkonzo ezibini zonxibelelwano ezenziweyo yi I-DNS kunye ne-DHCP kwi-CentOS -Linux, ngokukodwa kuhlobo lwayo 7.2.
- Amanye amanqaku malunga ne-DNS abhekisa kwinto yokuba ukuphunyezwa kwale nkonzo kuyinto engacacanga kwaye inzima. Andivumelani kwaphela nale ngxelo. Ndingathanda ukuthi yingcinga encinci kwaye uninzi lweefayile zalo zokumisela zine-fussy syntax. Ngethamsanqa, sinezixhobo zokujonga, inyathelo ngenyathelo, isichazi sefayile nganye yokumisela esiyiguqulayo. Ke ngoko, siya kuzama ukwenza ukuba ukufunda le post kube mnandi kwaye kumnandi njengoko kunokwenzeka..
Kulabo bafuna iziseko zeenkonzo zombini, sicebisa ukuba uqale ukukhangela kwiWikipedia, zombini kwiinguqulelo zayo zaseSpanish naseNgilani. Ayinyani kangako ukuba amanqaku esiNgesi phantse onke ahlala egqibelele kwaye ehambelana. Okwangoku, iWikipedia sisiqalo esihle kakhulu.
Kwabo bafuna ngokwenene ukufunda malunga ne-DNS kunye NOKUBOPHA, sicebisa ukuba ufunde incwadi «I-OReilly - i-DNS kunye ne-BIND 4ed" ibhalwe ngu UPaul albitz y Iqakamba Liu, okanye uhlelo lwamva olukhoyo ngokuqinisekileyo.
Sele sipapashe inqaku ngesihloko esithi «I-DNS kunye ne-DHCP kwi-OpenSUSE 13.2 Harlequin -Iinethiwekhi ze-SME»Kubathandi bendawo yemizobo. Nangona kunjalo, ukusukela ngoku ukuya phambili baya kujongana namanqaku malunga nalo mbandela-hayi kwabanye-abhalwe ngokusetyenziswa kakhulu kwe-emulator yesiphelo okanye ikhonsoli. Wow, kwisitayile esidala esisetyenziswa ngabalawuli beNkqubo ye-UNIX® / Linux.
Ukuba ufuna ukwazi ngakumbi ngegama lokugqibela lesihlokoIinethiwekhi zeSME»Ungandwendwela iphepha kule blog«Iinethiwekhi ze-SME: ukusikwa okokuqala«. Kuyo uya kufumana amakhonkco kwamanye amanqaku amaninzi apapashiweyo.
- Emva kokufakwa kweNkqubo yokuSebenza ye-CentOS 7 kugqityiwe ngeephakeji esizicebisayo, el isikhombisi /usr/share/doc/bind-9.9.4/ Inamaxwebhu afanelekileyo esincomela ukuba ubonane nawo ngaphambi kokuba ungene kukhangelo lwe-Intanethi ngaphandle kokuqala wazi ukuba, ezandleni zakho nakwikhaya lakho, ungayifumana into oyifunayo.
Inkqubo yofakelo olusisiseko
Idatha ngokubanzi yesizinda kunye neseva ye-DNS
Igama lesizinda: desdelinux.umlandeli Igama lomncedisi we-DNS: dns.desdelinux.umlandeli Idilesi ye-IP: 192.168.10.5 Imaski engaphantsi: 255.255.255.0
Ukufakwa
Siqala ngofakelo olutsha okanye olucocekileyo lwenkqubo yokusebenza yeCentOS 7 njengoko kubonisiwe kwinqaku elidlulileyo «I-CentOS 7 Hypervisor I-iiNethiwekhi zeSMB«. Sifuna kuphela ukwenza olu tshintsho lulandelayo:
- Kulo 22 umfanekiso «UKHETHO LWE-SOFTWARE«, Sicebisa ukuba ukhethe kwikholamu yasekhohlo«Indawo yokuSingqongileyo»Inketho ehambelana ne«Isixhobo sezixhobo«, Ngexa kwikholamu elungileyo«Iiplagi zeNdalo eKhethiweyo»Khetha ibhokisi yokukhangela«Igama lomncedisi we-DNS«. Siza kufaka iserver ye-DHCP kamva.
- Masikhumbule ukubhengezwa kwendawo yokugcina eyongezelelweyo njengoko kubonisiwe kwi 23 umfanekiso, emva kokusetha i «INETWORK NEGAMA LEQELA«.
- Imifanekiso ebhekisa kwizahlulelo esiza kuzenza kwi-hard drive yethu zinikwa kuphela njengezikhokelo. Zive ukhululekile ukukhetha izahlulelo ngokokubona kwakho, ukuziqhelanisa, kunye nokugweba okuhle.
- Okokugqibela, kwifayile ye- Umfanekiso 13, kufuneka sitshintshe amaxabiso ngokwemiqathango ngokubanzi yesizinda esichaziweyo kunye neseva ye-DNS, ngaphandle kokulibala ukukhankanya igama lomamkeli-kule meko «dns«- emva kokuba ubumbeko lwenethiwekhi lugqityiwe. Kulungile ukwenza ping -usuka komnye umamkeli- kwidilesi ye-IP echaziweyo emva kokuba inethiwekhi isebenza:
Zimbalwa ngokwenene kwaye zibonakala ngokucacileyo iinguqu ekufuneka sizenzile ngokubhekisele kwinqaku elidlulileyo.
Ukutshekishwa kwasekuqaleni kunye nohlengahlengiso
Emva kokufaka inkqubo yokusebenza kufuneka siphonononge ezi fayile zilandelayo ubuncinci, kwaye koku siqala iseshoni ngeSSH kwikhompyuter yethu sysadmin.desdelinux.umlandeli:
buzz @ sysadmin: ~ $ ssh 192.168.10.5 buzz@192.168.10.5 iphasiwedi: Ukungena kokugqibela: Sat Jan 28 09:48:05 2017 ukusuka 192.168.10.1 [buzz @ dns ~] $
Lo msebenzi ungasentla ungathatha ixesha elide kunesiqhelo, kwaye ikakhulu kungenxa yokuba asikabinayo i-DNS kwi-LAN. Jonga kwakhona kamva ukuba iDNS iyasebenza.
[buzz @ dns ~] $ cat / njl / yemikhosi 127.0.0.1 indawo yangaphakathihosthost.localdomain localhost4hosthost4.localdomain4 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6 [buzz @ dns ~] $ cat / njl / igama lenginginya dns [buzz @ dns ~] $ cat / njl / sysconfig / izikripthi zenethiwekhi / ifcfg-eth0 TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=eth0 UUID=946f5ac9-238a-4a94-9acb-9e3458c680fe DEVICE=eth0 ONBOOT=yes IPADDR=192.168.10.5 PREFIX=24 GATEWAY=192.168.10.1 DNS1=127.0.0.1 DOMAIN=desdelinux.umlandeli [buzz @ dns ~] $ ikati / njl njl / resolv.conf # Yenziwe kukhangelo lweNethiwekhi yomphathi desdelinux.iseva yegama lomlandeli 127.0.0.1
Uqwalaselo oluphambili luphendula kukhetho lwethu. Qaphela ukuba nakwiseva I-Red Hat 7-CentOS 7, iqwalaselwe ngokungagqibekanga xa InethiwekhiManager ke ukuba ngoyena ulawula uthungelwano lwenethiwekhi, nokuba banentambo okanye ngaphandle kwamacingo (iWiFi), uqhagamshelo lweVPN, uqhagamshelo lwePPPoE, kunye nolunye unxibelelwano lwenethiwekhi.
[buzz @ dns ~] $ sudo systemctl yenethiwekhi umphathi wecandelo [Sudo] iphasiwedi ye-buzz: ● networkmanager.service Loaded: not-found (Reason: No such file or directory) Iyasebenza: ayisebenzi (ifile) [buzz @ dns ~] $ sudo systemctl imeko yeNethiwekhiManager ● INethiwekhiManager.service - Umphathi weNethiwekhi ulayishiwe: ulayishiwe (/usr/lib/systemd/system/NetworkManager.service; yenziwe; Ukucwangciswa kwangaphambili komthengisi: kuvunyelweIyasebenza: iyasebenza (iyasebenza) ukusukela nge-Sat 2017-01-28 12:23:59 EST; I-12min eyadlulayo iPID ephambili: 705 (NetworkManager) CGroup: /system.slice/NetworkManager.service └─705 / usr / sbin / NetworkManager -no-daemon
I-Red Hat-CentOS ikwavumela ukuba uqhagamshele kwaye unqamle izixhobo zonxibelelwano usebenzisa imiyalelo yakudala ukuba e ukuba phantsi. Masigijime kwikhonsoli yeseva:
[(Imeyile ikhuselwe) ~] # i-eth0 Isixhobo 'eth0' sinqunyanyisiwe ngempumelelo. [(Imeyile ikhuselwe) ~] # i-eth0 Uqhagamshelo lwenziwe lwasebenza ngempumelelo (indlela esebenzayo ye-D-Bus: / org / freedesktop / NetworkManager / ActiveConnection / 1)
- Siyacebisa Sukutshintsha useto olungagqibekanga olunikezelwa yiCentOS 7 ngokubhekisele kuko InethiwekhiManager.
Ngokuqinisekileyo sibhengeza indawo yokugcina esiza kuyisebenzisa kunye nokuhlaziya inkqubo yokusebenza ukuba kukho imfuneko:
[buzz @ dns ~] $ su Iphasiwedi: [root @ dns buzz] # cd /etc/yum.repos.d/ [(Imeyile ikhuselwe) yum.repos.d] # ls -l Iyonke i-28 -rw-r-r--. Ingcambu ye-1 ingcambu 1664 Dec 9 2015 CentOS-Base.repo -rw-r-r--. Ingcambu ye1 yengcambu 1309 Dec 9 2015 CentOS-CR.repo -rw-r-r--. Ingcambu ye-1 ingcambu 649 Dec 9 2015 CentOS-Debuginfo.repo -rw-r-r--. Ingcambu ye1 ingcambu 290 Dec 9 2015 CentOS-fasttrack.repo -rw-r-r--. Ingcambu ye1 ingcambu 630 Dec 9 2015 CentOS-Media.repo -rw-r-r--. Ingcambu ye-1 ingcambu 1331 Dec 9 2015 CentOS-Imithombo.repo -rw-r-r--. Ingcambu ye-1 ingcambu 1952 Dec 9 2015 CentOS-Vault.repo
Kusempilweni ukufunda imixholo yeefayile zoqobo zesibhengezo kwiindawo zokugcina izinto ezicetyiswayo zeCentOS. Utshintsho esilwenzayo apha lubangelwa kukuba asinakho ukufikelela kwi-Intanethi, kwaye sisebenza kunye noovimba bendawo abakhutshelwe kwilali yaseWWW, ngoogxa bethu abenza ubomi bethu bube lula kancinci. 😉
[(Imeyile ikhuselwe) yum.repos.d] # mkdir yoqobo [(Imeyile ikhuselwe) yum.repos.d] # mv CentOS- * yoqobo / [(Imeyile ikhuselwe) yum.repos.d] # nano centos-repos.repo [centos-base] name=CentOS-$releasever baseurl=http://10.10.10.1/repos/centos/7/base/ gpgcheck=0 enabled=1 [centos-updates] name=CentOS-$releasever baseurl=http://10.10.10.1/repos/centos/7/updates/x86_64/ gpgcheck=0 enabled=1 [(Imeyile ikhuselwe) yum.repos.d] # yum zicoce zonke Iiplagi ezilayishiwe: i-fastestmirror, ii-langpacks Ukucoca iindawo zokugcina: i-centos-base-centos-uhlaziyo Ukucoca yonke into [(Imeyile ikhuselwe) yum.repos.d] # yum uhlaziyo Iiplagi ezilayishiwe: i-fastestmirror, i-centos-base langpacks | 3.4 kB 00:00 uhlaziyo lweesenti | 3.4 kB 00:00 (1/2): isiseko-siseko / isiseko_db | 5.3 MB 00:00 (2/2): iisentos-uhlaziyo / i-primary_db | 9.1 MB 00:00 Ukuchonga izibuko ezikhawulezayo Akukho phakheji iphawulwe ngohlaziyo
Umyalezo «Hayi (kukho) iiphakheji eziphawulwe ngohlaziyo» - «Akukho phakheji ziphawulwe ngohlaziyo»Ibonisa ukuba, ngokubhengeza ezona ndawo zokugcina zifikelelekayo ezikhoyo kuthi ngexesha lofakelo, ngokuchanekileyo ezona phakheji zangoku zafakwa.
Malunga nomxholo we-SELinux kunye ne-firewall
Siza kugxila kweli nqaku-ngokusisiseko-ekuphunyezweni kweenkonzo ze-DNS kunye ne-DHCP, eyona njongo yayo iphambili.
Ukuba nawuphi na umfundi ukhethe uMgaqo-nkqubo woKhuseleko ngexesha lenkqubo yofakelo, njengoko kubonisiwe kwifayile ye- 06 umfanekiso yenqaku lesalathiso «I-CentOS 7 Hypervisor I-iiNethiwekhi zeSMB»Isetyenziselwe ukufakwa kwale DNS-iseva ye-DHCP, kwaye ufumanisa ukuba awazi ukuba ungaqwalasela njani i-SELinux kunye ne-CentOS Firewall, sicebisa ukuba usebenzise oku kulandelayo:
Guqula ifayile / njl / sysconfig / selinux notshintsho SELINUX = ukunyanzelisa yi SELINUX = khubaza
[(Imeyile ikhuselwe) ~] # nano / njl / sysconfig / selinux # Le fayile ilawula imeko ye-SELinux kwinkqubo. # SELINUX = ingathatha enye yala maxabiso mathathu: # ukunyanzelisa - umgaqo-nkqubo wezokhuseleko weSELinux unyanzeliswa. # evumayo -I-SELinux iprinta izilumkiso endaweni yokunyanzelisa. # ikhubazekile-Akukho mgaqo-nkqubo we-SELinux ulayishiwe. SELINUX = ikhubazekile # SELINUXTYPE = inokuthatha elinye lamaxabiso amabini: # ekujoliswe kuzo - Iinkqubo ekujoliswe kuzo zikhuselwe, # ubuncinci- Ukulungiswa komgaqo-nkqubo ekujoliswe kuwo. Kuphela ziinkqubo ezikhethiweyo ezixabisa i - $ # mls - Ukhuseleko lweMigangatho emininzi. SELINUXTYPE = ekujoliswe kuko
Emva koko sebenzisa le miyalelo ilandelayo
[(Imeyile ikhuselwe) ~] # iseti 0
[(Imeyile ikhuselwe) ~] inkonzo # yokumisa umlilo Ukuqondisa kwakhona kwi / bin / systemctl yeka firewalld.service [(Imeyile ikhuselwe) ~] # systemctl khubaza i-firewalld Kususwe symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Kususwe i-symlink /etc/systemd/system/basic.target.wants/firewalld.service.
Ukuba umilisela iserver ye-DNS ejongene ne-Intanethi, AKUFANELE wenze oku kungasentla, kodwa uqwalasele imeko ye-SELinux kunye neFirewall ngokuchanekileyo. Yabona Uqwalaselo lweServer ngeGNU / Linux, ngumbhali uJoel Barrios Dueñas " okanye amaxwebhu e-CentOS ngokwawo-iRed Hat
Silungiselela i-BIND-enegama
- El isikhombisi /usr/share/doc/bind-9.9.4/ Inamaxwebhu afanelekileyo esiwacebisayo ukuba ubonane nawo ngaphambi kokuba ungene kukhangelo lwe-Intanethi ngaphandle kokuqala wazi ukuba, ezandleni zakho nakwikhaya lakho, ungayifumana into oyifunayo
Kusasazo oluninzi inkonzo ye-DNS efakwe kwiphakheji ye-BIND ibizwa ngokuba ogama (Igama Daemon). Kwi-CentOS 7 ifakelwe ukukhubazeka ngokungagqibekanga, ngokokukhutshwa komyalelo olandelayo, apho ithi imeko yawo «abakhubazekileyo«, Kwaye eli lizwe lichazwe kwangaphambili« ngumthengisi » Ukuseta kwangaphambili komthengisi. Ukurekhoda, BOPHA yiSoftware yasimahla.
Ukwenza inkonzo inikwe igama
[(Imeyile ikhuselwe) ~] # inkqubo ye-systemctl enegama ● igama lenkonzo- iBerkeley Internet Name Domain (DNS) Ikhutshiwe: ilayishiwe (/usr/lib/systemd/system/named.service; abakhubazekileyo; Ukucwangciswa kwangaphambili komthengisi: kukhubaziweIyasebenza: ayisebenzi (ifile) [(Imeyile ikhuselwe) ~] # inkquboctl vumela igama Yenza i-symlink ukusuka /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service. [root @ dns ~] # systemctl qala igama [(Imeyile ikhuselwe) ~] # inkqubo ye-systemctl enegama ● igama lenkonzo- iBerkeley Internet Name Domain (DNS) Ikhutshiwe: ilayishiwe (/usr/lib/systemd/system/named.service; inikwe amandla; Ukucwangciswa kwangaphambili komthengisi: kukhubaziwe) Esebenzayo: esebenzayo (esebenzayo) ukusukela ngoMgqibelo ngo-2017-01-28 13:22:38 EST; I-5min eyadlulayo Inkqubo: 1990 i-ExecStart = / usr / sbin / enegama -u igama $ OPTIONS (ikhowudi = iphumile, inqanaba = 0 / IMPUMELELO) Inkqubo: 1988 ExecStartPre = / bin / bash -c ukuba [! "$ DISABLE_ZONE_CHECKING" == "ewe"]; emva koko / usr / sbin / named-checkconf -z /etc/named.conf; enye into evakalayo "Ukujongwa kweefayile zommandla kucinyiwe"; fi (ikhowudi = iphumile, inqanaba = 0 / IMPUMELELO) I-PID ephambili: 1993 (ebizwa) Iqela: /system.slice/named.service 1993 / usr / sbin / named -u named Jan 28 13:22:45 dns named [1993]: impazamo (yenethiwekhi ayifikeleleki) ukusonjululwa './NS/IN': 2001: 500: 2f :: f # 53 Jan 28 13:22:47 dns named [1993]: error (network unreachable) resolutioning './ I-DNSKEY / IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns ebizwa [1993]: impazamo (inethiwekhi ayinakufikeleleka) ukusombulula' ./NS/IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 i-dns ebizwa [1993]: impazamo (inethiwekhi ayinakufikeleleka) ukusombulula './DNSKEY/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns ebizwa [1993 ]: Impazamo (yenethiwekhi ayifikeleleki) ukusonjululwa './NS/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns named [1993]: impazamo (inethiwekhi ayinakufikeleleka) ukusombulula './DNSKEY/ KU ': 2001: dc3 :: 35 # 53 Jan 28 13:22:47 dns ebizwa [1993]: impazamo (inethiwekhi ayinakufikeleleka) ukusombulula' ./NS/IN ': 2001: dc3 :: 35 # 53 Jan 28 13: I-22: 47 dns ebizwa [1993]: impazamo (inethiwekhi ayinakufikeleleka) ukusombulula './DNSKEY/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:47 dns ebizwa [1993]: impazamo (inethiwekhi ayinakufikeleleka) res i-olving './NS/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:48 i-dns ibizwa [1993]: izitshixo-ezilawulwayo-indawo: Ayikwazi ukulanda i-DNSKEY iseti '.' [root @ dns ~] # systemctl qala kwakhona igama [(Imeyile ikhuselwe) ~] # inkqubo ye-systemctl enegama ● igama lenkonzo- iBerkeley Internet Name Domain (DNS) ilayishiwe: ilayishiwe (/usr/lib/systemd/system/named.service; yenziwe; umisela kwangaphambili umthengisi: ukhubazekile) Esebenzayo: esebenzayo (esebenzayo) ukusukela Sat 2017-01-28 13:29:41 EST; Inkqubo ye-1 eyadlulayo: 1449 ExecStop = / bin / sh -c / usr / sbin / rndc stop> / dev / null 2> & 1 || / bin / bulala -TERM $ MAINPID (ikhowudi = iphumile, inqanaba = 0 / IMPUMELELO) Inkqubo: 1460 ExecStart = / usr / sbin / ogama lingu -u igama $ OPTIONS (ikhowudi = iphumile, inqanaba = 0 / IMPUMELELO) Inkqubo: 1457 ExecStartPre = / bin / bash -c ukuba [! "$ DISABLE_ZONE_CHECKING" == "ewe"]; emva koko / usr / sbin / named-checkconf -z /etc/named.conf; enye into evakalayo "Ukujongwa kweefayile zommandla kucinyiwe"; fi (ikhowudi = iphumile, inqanaba = 0 / IMPUMELELO) I-PID ephambili: 1463 (ebizwa) Iqela: / inkqubo.slice/igama.inkonzo └─1463 / usr / sbin / ogama lingu-Jan 28 13:29:41 dns [1463]: izitshixo-ezilawulwa-zezitshixo-indawo: ifayili yejenali iphelelwe lixesha: isusa ifayili yejenali ngoJan 28 13:29:41 i-dns enegama [1463]: izitshixo-ezilawulwayo-izowuni: ilayishwe ngokulandelelana kwe-Jan 2 28 13:29:41 dns igama [1463]: indawo 0.in-addr.arpa/IN: ilayishwe uthotho 0 Jan 28 13:29:41 dns ebizwa [1463]: zone localhost.localdomain / IN: serial serial 0 Jan 28 13:29:41 dns ebizwa [1463]: indawo 1.0.0.127.in-addr.arpa/IN: ilayishwe ngokulandelelana 0 Jan 28 13:29:41 dns ebizwa [1463]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .6.ip0.arpa / IN: ilayishwe uthotho 28 Jan 13 29:41:1463 dns ebizwa [0]: zone localhost / IN: ilayishwe ngokulandelelana 28 Jan 13 29 : 41: 1463 i-dns ebizwa [28]: yonke imimandla ilayishwe ngoJan 13 29:41:1463 i-dns ebizwa [28]: isebenza ngoJan 13 29:41:1 dns systemd [XNUMX]: Qalisa iBerkeley Internet Name Domain (DNS).
Emva kokuba sikwazi ukwenza inkonzo ogama kwaye siqala okokuqala, imveliso yomyalelo imeko ye-systemctl enegama ibonisa iimpazamo. Xa siqala inkonzo engezantsi, i ogama yenza zonke iifayile zoqwalaselo ezizenzekelayo ekusebenzeni kwazo ngokuchanekileyo. Ke ngoko, xa siwenza lo myalelo kwakhona imeko ye-systemctl enegama akusekho zimpazamo.
- Mfundi othandekayo, obiza imali eninzi, nofunayo: ukuba uyafuna ukufumanisa- ubuncinci- yeyiphi indlela ekhokelela esiphelweni somngxuma womvundla, nceda, ufunde ngokuzolileyo iziphumo ezineenkcukacha zomyalelo ngamnye. Ngokuqinisekileyo inqaku liya kubonakala lide, kodwa ungaphiki ukuba lifumana inkcazo kunye nokucaca.
Siguqula ifayile /etc/named.conf
Izimvo ezininzi zabafundi zivakalisa-Anditsho- I-mania egcina ulwahlulo olwahlukileyo lweLinux, yokufumana iifayile zoqwalaselo lwenkqubo kwiifolda ezinamagama ahlukeneyo ngokuxhomekeke kwi-distro. Balungile. Kodwa yintoni esinokuyenza, thina basebenzisi balula abasebenzisa olu lwabiwo? Lungisa! 😉
Ngendlela, kwi-FreeBSD, i-UNIX® clone «Imvelaphi», ifayile ikwi /usr/local/etc/namedb/igama.conf; Ngelixa useDebian, ukongeza ekwahlukaneni kwiifayile ezine igama.conf, igama.conf.options, named.conf.default-zones, and named.conf.local, kwifolda / njl / bopha /. Abo bafuna ukwazi apho kuvulwe khona indawo, funda «I-DNS kunye ne-DHCP kwi-OpenSUSE 13.2 Harlequin -Iinethiwekhi ze-SME«. Abafundi banyanisile! 😉
Kwaye njengoko sihlala sisenza: ngaphambi kokuguqula nantoni na, sigcina ifayile yoqwalaselo yoqobo phantsi kwelinye igama.
[(Imeyile ikhuselwe) ~] # cp /etc/igama.conf /etc/igama.conf.
Ukwenza ubomi bube lula, endaweni yokwenza isitshixo TSIG uhlaziyo olunamandla lwe-DNS yi-DHCP, sikopa isitshixo esifanayo rndc.key njengaye dhcp.key.
[(Imeyile ikhuselwe) ~] # cp /etc/rndc.key /etc/dhcp.key
[(Imeyile ikhuselwe) ~] # nano /etc/dhcp.key
Isitshixo "dhcp-key" {algorithm hmac-md5; imfihlo "OI7Vs + TO83L7ghUm2xNVKg =="; };
Ke ukuba ogama unokufunda ifayile ekhutshelweyo, silungisa iqela lomnini:
[(Imeyile ikhuselwe) ~] # ingcambu ekhethiweyo: enegama /etc/dhcp.key [ingcambu @ dns ~] # ls -l /etc/rndc.key /etc/dhcp.key -rw-r -----. Ingcambu e-1 egama lingu-77 uJan 28 16:36 PM /etc/dhcp.key -rw-r -----. Ingcambu e-1 egama lingu-77 uJan 28 13: 22 /etc/rndc.key
Iinkcukacha ezincinci ezinje ngezangaphambili zezinto ezinokusenza siphambane sizama ukufumanisa, ngoku ... iphi ingxaki ...? nezinye izichazi, esingazibhaliyo ngenxa yentlonipho yaBahloniphekileyo.
Ngoku ukuba-ekugqibeleni! -Silungisa ifayile /etc/igama.conf. Utshintsho okanye ukongezwa esikwenzileyo, ngokubhekisele kwinto yoqobo, ku ngesibindi. Jonga kakuhle ukuba zimbalwa kangakanani.
[(Imeyile ikhuselwe) ~] # nano /etc/named.conf
// // named.conf // // Ebonelelwa yiRed Hat yokubopha iphakheji ukumisela i-ISC BIND enegama (8) i-DNS // iseva njenge-caching kuphela nameserver (njenge -hosthost DNS sombulula kuphela). // // Bona / usr / share / doc / bopha * / isampulu / umzekelo umzekelo weefayile zoqwalaselo. //
// Uluhlu lokuFikelela kuLwazi oluchaza ukuba zeziphi iinethiwekhi eziya kuthi zikwazi ukudibana
// iseva yam enamagama
ii-acl ezinxibelelene
Ngo-127.0.0.0/8;
Ngo-192.168.10.0/24;
};
ukhetho {
// Ndibhengeza ukuba i-daemon enegama ikwamamele ujongano
// eth0 ene-IP: 192.168.10.5
mamela-kwizibuko 53 {127.0.0.1; 192.168.10.5; };
mamela-kwi-v6 izibuko 53 {:: 1; }; ulawulo "/ var / named"; dump-file "/var/named/data/cache_dump.db"; iinkcukacha-fayile "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";
// Ingxelo yabaphambili
// abathumeli {
// 0.0.0.0;
// 1.1.1.1;
//};
// phambili kuqala;
// Ndivumela kuphela imibuzo kwi-ACL yam
allow-query { mired; };
// Para comprobar con el comando dig desdelinux.fan axfr
// desde la estación de trabajo del SysAdmin y el localhost solamente
// No tenemos servidores DNS esclavos. No lo necesitamos... hasta ahora.
vumela-ukudlulisa {indawo yangaphakathi; 192.168.10.1; };
/ * - Ukuba wakha i-DNS ESEMAGUNYINI, sukuvumela ukuphinda ubuye. -Ukuba wakha i-RECURSIVE (caching) iseva ye-DNS, kuya kufuneka uyenze kwakhona. -Ukuba iserver yakho ye-DNS ephindaphindayo inedilesi ye-IP kawonke-wonke, KUFUNEKA wenze ulawulo lokufikelela ekunciphiseni imibuzo kubasebenzisi bakho abasemthethweni. Ukusilela ukwenza njalo kuya kubangela ukuba iserver yakho ibe yinxalenye yohlaselo olukhulu lokunyusa i-DNS. Ukuphunyezwa kwe-BCP38 ngaphakathi kwenethiwekhi kuya kunciphisa kakhulu olo hlaselo *
// Sifuna i-AUTHORITY iseva ye-LAN-SME yethu
ukuphindaphinda akukho;
dnssec-yenza ewe; Ukuqinisekiswa kwednssec ewe; / * Indlela eya kwiqhosha le-ISC DLV * / bindkeys-file "/etc/named.iscdlv.key"; Izitshixo ezilawulwayo-ulawulo "/ var / igama / amandla"; Ifayile ye-pid "/run/named/named.pid"; iseshoni-yefayile yesitshixo "/run/named/session.key"; }; ukungena {channel default_debug {file "data / named.run"; ubungqongqo obunamandla; }; }; ummandla "." KU- {uhlobo thsuphe; Ifayile "enegama.ca"; }; zibandakanya "/etc/named.rfc1912.zones"; zibandakanya "/etc/named.root.key";
// Sifaka isitshixo seTSIG kuhlaziyo oluhlaziyiweyo lwe-DNS // ngeDHCP
kubandakanya "/etc/dhcp.key";
// Isibhengezo segama, uhlobo, indawo, kunye nemvume yokuhlaziya
// yeeNdawo zeRekhodi zeDNS // Zombini iZones ziyi-MASTERS
indawo"desdelinux.umlandeli" {
uhlobo lwenkosi;
file "dynamic/db.desdelinux.umlandeli";
vumela uhlaziyo {lweqhosha le-dhcp-isitshixo; };
};
ummandla "10.168.192.in-addr.arpa" {
uhlobo lwenkosi;
Ifayile "eguquguqukayo / db.10.168.192.in-addr.arpa";
vumela uhlaziyo {lweqhosha le-dhcp-isitshixo; };
};
Sijonga is syntax
[(Imeyile ikhuselwe) ~] # ogama lingu-checkconf [iingcambu @ dns ~] #
Kuba lo myalelo ungasentla awubuyisi nto, is syntax ilungile. Nangona kunjalo, ukuba senza umthetho omnye, kodwa ngokhetho -zIziphumo ziya kuba:
[(Imeyile ikhuselwe) ~] # ogama lingu-checkconf -z zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone desdelinux.fan/IN: loading from master file dynamic/db.desdelinux.fan failed: file not found zone desdelinux.fan/IN: not loaded due to errors. _default/desdelinux.fan/IN: file not found zone 10.168.192.in-addr.arpa/IN: loading from master file dynamic/db.10.168.192.in-addr.arpa failed: file not found zone 10.168.192.in-addr.arpa/IN: not loaded due to errors. _default/10.168.192.in-addr.arpa/IN: file not found
Ewe ziziphoso ezithi zenzeke kuba asikawenzi iiNdawo zokuBhaliswa kwe-DNS kwindawo yethu.
- Ngolwazi oluthe kratya kumyalelo igama-lokujonga, baleka Indoda egama lingu-checkconf, ngaphambi kokukhangela nayiphi na enye ingcaciso kwi-Intanethi. Ndiyakuqinisekisa ukuba izakonga ixesha elininzi.
Creamos el archivo de la Zona Directa desdelinux.umlandeli
... hayi ngaphandle kwento ithiyori kuqala. 😉
Njengetemplate yokwenza ifayile yedatha yommandla, singayithatha /var/igama/igama-lizwi, okanye /usr/share/doc/bind-9.9.4/sample/var/named/named.empty. Zombini ziyafana.
[(Imeyile ikhuselwe) ~] # ikati /var/igama/igama-ligama $ TTL 3H @ KWI-SOA @ rname.invalid. (0; serial 1D; hlaziya i-1H; phinda uzame i-1W; phelisa i-3H) Ubuncinci okanye ixesha elingalunganga lokugcina i-NS @ A 127.0.0.1 AAAA :: 1
Ixesha lobomi - Ixesha lokuphila TTL Irekhodi le-SOA
Masithathe ubakaki sicacise I-TTL-Ixesha lokuphila kwirejista I-SOA-Ukuqala kweGunya woMmandla oyiNtloko. Kuyathakazelisa ukwazi intsingiselo yazo xa sifuna ukuguqula naziphi na amaxabiso abo.
I $ TTL: Ixesha lobomi - Ixesha lokuphila Zonke iirekhodi ezikule fayile zilandela isibhengezo (kodwa zilandulele nasiphi na isibhengezo se- $ TTL) kwaye azinaso isibhengezo se-TTL esicacileyo.
i serialInombolo yesiriyeli yedatha yeZowuni. Ngalo lonke ixesha siguqula irekhodi le-DNS ngesandla, kufuneka silonyuse elo nani ngo-1, ngakumbi ukuba sinamakhoboka okanye iiseva eziziisekondari. Ngalo lonke ixesha iseva ye-DNS yesibini okanye yamakhoboka inxibelelana neseva eyintloko, ibuza inombolo yeedatha zenkosi. Ukuba inani lekhoboka lincinci, ke idatha yommandla kwiseva yamakhoboka iphelelwe lixesha, kwaye ikhoboka lenza udluliselo lommandla ukuze lizihlaziye.
hlaziya kwakhona: Ixelela iserver yamakhoboka ixesha lokuphumla ekufuneka liqwalasele kulo ukuba idatha yalo ihlaziyiwe malunga nenkosi.
Phinda uzame: Ukuba i-master server ayifumaneki- kuba igule, masithi-kwikhoboka emva kwexesha lekhefu hlaziya kwakhona, Phinda uzame Ixelela ikhoboka ukuba lilinde ixesha elingakanani ngaphambi kokuzama ukunxibelelana nenkosi yalo kwakhona.
iphelelwa: Ukuba ikhoboka alinakho ukunxibelelana nenkosi yalo kangangexesha elithile iphelelwaKe ukuba ubudlelwane benkosi yamakhoboka bujijekile, kwaye iserver yamakhoboka ayinakho ukukhetha ngaphandle kokuphelisa indawo ekuthethwa ngayo. Ukuphelelwa yisikhathi kwiseva ngamakhoboka e-DNS kuthetha ukuba iya kuyeka ukuphendula imibuzo ye-DNS enxulumene naloo ndawo, kuba idatha ekhoyo indala kakhulu ukuba ingaluncedo.
- Oku kungasentla kungasifundisa ngokungathanga ngqo kwaye kulayishwe ngengqondo eqhelekileyo- ubuncinci obuqhelekileyo bengqondo- ukuba asidingi amakhoboka e-DNS ekusebenzeni kwe-SME yethu, asiyiphumezi, ngaphandle kokuba ziyimfuneko engqongqo. Masihlale sizama ukusuka kwizinto ezilula ziye kwezintsonkothileyo.
Ubuncinci: Kwiinguqulelo zangaphambili BAMBA 8.2, irekhodi lokugqibela ezibalulekielyo Ikwabonisa uBomi obuNgapheliyo Ixesha elingagqibekanga lokuphila, kunye neNgcaciso yeCache yoBomi - Ixesha elingalunganga lokugcina ixesha lokuphila yoMmandla. Eli xesha libhekisa kuzo zonke iimpendulo ezingalunganga ezinikezwe ngumncedisi onegunya kuMmandla.
Archivo de zona /var/named/dynamic/db.desdelinux.umlandeli
[root@dns ~]# nano /var/named/dynamic/db.desdelinux.umlandeli $TTL 3H @ IN SOA dns.desdelinux.umlandeli. ingcambu.dns.desdelinux.umlandeli. ( 1 ; uthotho 1D ; hlaziya 1H ; zama kwakhona 1W ; iphelelwa 3H); ubuncinane okanye ; Ixesha le-caching elibi lokuphila; @ IN NS dns.desdelinux.umlandeli. @ IN MX 10 email.desdelinux.umlandeli. @ INTXT "DesdeLinux, ibhlog yakhe ezinikele kwisoftware yasimahla "; iSysadmin kwi-A 192.168.10.1 AD-DC IN A 192.168.10.3 FILESERVER IN A 192.168.10.4 DNS KWI-192.168.10.5 PROXYWEB KWI-A 192.168.10.6 BVERLOGN 192.168.10.7. KU-A 192.168.10.8 imeyile KWI-A 192.168.10.9
Comprobamos /var/named/dynamic/db.desdelinux.umlandeli
[root@dns ~]# named-checkzone desdelinux.fan /var/named/dynamic/db.desdelinux.umlandeli izowuni desdelinux.fan/IN: ilayishiwe uthotho 1 Kulungile
Senza ifayile yeReverse Zone 10.168.192.in-addr.arpa
- Ingxelo ye-SOA yeli Ziko iyafana naleyo yeZowuni ngqo ngaphandle kokujonga irekhodi le-MX..
[(Imeyile ikhuselwe) ~] # nano /var/named/dynamic/db.10.168.192.in-addr.arpa $TTL 3H @ IN SOA dns.desdelinux.umlandeli. ingcambu.dns.desdelinux.umlandeli. ( 1 ; uthotho 1D ; hlaziya 1H ; zama kwakhona 1W ; iphelelwa 3H); ubuncinane okanye ; Ixesha le-caching elibi lokuphila; @ IN NS dns.desdelinux.umlandeli. ; 1 KWI-PTR sysadmin.desdelinux.umlandeli. 3 KWI-PTR ad-dc.desdelinux.umlandeli. 4 IN PTR iseva yefayile.desdelinux.umlandeli. 5 KWI-PTR dns.desdelinux.umlandeli. 6 KWI-PTR yewebhu yommeli.desdelinux.umlandeli. 7 KWI-PTR blog.desdelinux.umlandeli. 8 IN PTR ftpserver.desdelinux.umlandeli. 9 KWI-imeyile ye-PTR.desdelinux.umlandeli. [(Imeyile ikhuselwe) ~] # igama-lokujonga i-10.168.192.in-addr.arpa /var/named/dynamic/db.10.168.192.in-addr.arpa ummandla 10.168.192.in-addr.arpa/IN: ilayishwe uthotho 1 Kulungile
Ngaphambi kokuqalisa kwakhona igama elijongiweyo sijonga ubumbeko lwayo
- Kude kube siqinisekile ukuba iifayile zoqwalaselo zegama elinamagama.conf, kunye neefayile zommandla wazo azimiselwanga kakuhle, sicebisa ukuba singayiqalisi kwakhona idemon. Ukuba senza oku kwaye kamva siguqula ifayile yefowuni, kufuneka sonyuse inani le-serial yendawo eguqulweyo ngo-1.
- Masijonge "." Ekupheleni kwesizinda kunye namagama wokubamba.
[(Imeyile ikhuselwe) ~] # ogama lingu-checkconf [(Imeyile ikhuselwe) ~] # ogama lingu-checkconf -z zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone desdelinux.fan/IN: loaded serial 1 zone 10.168.192.in-addr.arpa/IN: loaded serial 1
Lonke uqwalaselo lwangoku olunamagama
Ukufumana ukucaca, kwaye nangona inqaku lide, sinika iziphumo zomyalelo igama-lokukhangela-zp:
[(Imeyile ikhuselwe) ~] # ogama lingu-checkconf -zp
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone desdelinux.fan/IN: loaded serial 1
zone 10.168.192.in-addr.arpa/IN: loaded serial 1
options {
bindkeys-file "/etc/named.iscdlv.key";
session-keyfile "/run/named/session.key";
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
listen-on port 53 {
127.0.0.1/32;
192.168.10.5/32;
};
listen-on-v6 port 53 {
::1/128;
};
managed-keys-directory "/var/named/dynamic";
memstatistics-file "/var/named/data/named_mem_stats.txt";
pid-file "/run/named/named.pid";
statistics-file "/var/named/data/named_stats.txt";
dnssec-enable yes;
dnssec-validation yes;
recursion no;
allow-query {
"mired";
};
allow-transfer {
192.168.10.1/32;
};
};
acl "mired" {
127.0.0.0/8;
192.168.10.0/24;
};
logging {
channel "default_debug" {
file "data/named.run";
severity dynamic;
};
};
key "dhcp-key" {
algorithm "hmac-md5";
secret "OI7Vs+TO83L7ghUm2xNVKg==";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update {
"none";
};
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update {
"none";
};
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update {
"none";
};
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update {
"none";
};
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update {
"none";
};
};
zone "desdelinux.fan" {
type master;
file "dynamic/db.desdelinux.fan";
allow-update {
key "dhcp-key";
};
};
zone "10.168.192.in-addr.arpa" {
type master;
file "dynamic/db.10.168.192.in-addr.arpa";
allow-update {
key "dhcp-key";
};
};
managed-keys {
"." initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq QxA+Uk1ihz0=";
};
- Ukulandela inkqubo yokulungisa i igama.conf Ngokweemfuno zethu kwaye ujonge, kwaye wenze ifayile nganye yommandla kwaye uyiqwalasele, sithandabuza ukuba kuya kufuneka sijongane neengxaki ezinkulu zokumisela. Ekugqibeleni siyaqonda ukuba ngumdlalo wenkwenkwe, onamaqondo amaninzi kunye nesintaksi yokuxabana. 😉
Ukutshekishwa kubuyise iziphumo ezonelisayo, ke ngoko sinokuyiqala kwakhona i-BIND- ogama.
Siqala kwakhona igama eligunyazisiweyo kwaye sijonge imeko yalo
[root @ dns ~] # systemctl qala kwakhona igama lenkonzo [(Imeyile ikhuselwe) ~] # inkqubo ye -ctctl enegama lenkonzo
Ukuba sifumana naluphi na uhlobo lwempazamo kwimveliso yomyalelo wokugqibela, kufuneka siqale kwakhona igama lenkonzo kwaye uphinde ukhangele eyakho isimo. Ukuba iimpazamo zanyamalala, inkonzo iqale ngempumelelo. Ngaphandle koko, kufuneka senze uphononongo olucokisekileyo lwazo zonke iifayile eziguqulweyo kunye nezenziweyo, kwaye siphinda inkqubo.
Iziphumo ezichanekileyo zenqanaba kufuneka zibe:
[(Imeyile ikhuselwe) ~] # inkqubo ye -ctctl enegama lenkonzo
● igama lenkonzo- iBerkeley Internet Name Domain (DNS) ilayishiwe: ilayishiwe (/usr/lib/systemd/system/named.service; yenziwe; umisela kwangaphambili umthengisi: ukhubazekile) Uyasebenza: iyasebenza (iyasebenza) since dom 2017-01-29 10:05:32 EST; 2min 57s ago
Process: 1777 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 1788 ExecStart=/usr/sbin/named -u named $OPTIONS (code=exited, status=0/SUCCESS)
Process: 1786 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1791 (named)
CGroup: /system.slice/named.service
└─1791 /usr/sbin/named -u named
ene 29 10:05:32 dns named[1791]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: zone 10.168.192.in-addr.arpa/IN: loaded serial 1
ene 29 10:05:32 dns named[1791]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: zone desdelinux.fan/IN: loaded serial 1
ene 29 10:05:32 dns named[1791]: zone localhost.localdomain/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: zone localhost/IN: loaded serial 0
ene 29 10:05:32 dns named[1791]: yonke imimandla ilayishiwe
UJan 29 10:05:32 i-dns ebizwa [1791]: ukubaleka
Jan 29 10:05:32 dns systemd [1]: Qalisa iBerkeley Internet Name Domain (DNS). UJan 29 10:05:32 i-dns ebizwa [1791]: indawo ye-10.168.192.in-addr.arpa/IN: ukuthumela izaziso (i-serial 1)
Itshekhi
Iitsheki zinokuqhutywa kwiseva enye okanye kumatshini oxhunywe kwi-LAN. Sikhetha ukuzenza kwiqela sysadmin.desdelinux.umlandeli esinike imvume yokubonisa ukuze ikwazi ukuTshintshela iZowuni. Ifayile /etc/resolv.conf Kweli qela kukho oku kulandelayo:
buzz @ sysadmin: ~ $ cat /etc/resolv.conf # Yenziwe kukhangelo lweNethiwekhi yomphathi desdelinux.iseva yegama lomlandeli 192.168.10.5 buzz@sysadmin:~$ dig desdelinux.umlandeli axfr ; <<>> DiG 9.9.5-9 + deb8u1-Debian <<>> desdelinux.umlandeli axfr ;; iinketho zehlabathi: +cmd desdelinux.umlandeli. 10800 KWI-SOA dns.desdelinux.umlandeli. ingcambu.dns.desdelinux.umlandeli. 1 86400 3600 604800 10800 desdelinux.umlandeli. 10800 KWI-NS dns.desdelinux.umlandeli. desdelinux.umlandeli. 10800 IN MX 10 email.desdelinux.umlandeli. desdelinux.umlandeli. 10800 KWI-TXT"DesdeLinux, iBlog yakho enikezelwe kwiSoftware yaSimahla" ad-dc.desdelinux.umlandeli. 10800 IN A 192.168.10.3 blog.desdelinux.umlandeli. 10800 IN A 192.168.10.7 dns.desdelinux.umlandeli. 10800 UKUYA 192.168.10.5 iseva yefayile.desdelinux.umlandeli. 10800 IN A 192.168.10.4 ftpserver.desdelinux.umlandeli. 10800 IN A 192.168.10.8 imeyile.desdelinux.umlandeli. 10800 IN A 192.168.10.9 proxyweb.desdelinux.umlandeli. 10800 IN A 192.168.10.6 sysadmin.desdelinux.umlandeli. 10800 UKUYA KU-192.168.10.1 desdelinux.umlandeli. 10800 KWI-SOA dns.desdelinux.umlandeli. ingcambu.dns.desdelinux.fan. 1 86400 3600 604800 10800 ;; Query time: 0 msec ;; SERVER: 192.168.10.5#53(192.168.10.5) ;; WHEN: Sun Jan 29 11:44:18 EST 2017 ;; XFR size: 13 records (messages 1, bytes 385) buzz @ sysadmin: ~ $ dig 10.168.192.in-addr.arpa axfr ; <<>> DiG 9.9.5-9+deb8u1-Debian <<>> 10.168.192.in-addr.arpa axfr ;; iinketho zehlabathi: +cmd 10.168.192.in-addr.arpa. 10800 KWI-SOA dns.desdelinux.fan.10.168.192.in-addr.arpa. root.dns.desdelinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800 10.168.192.in-addr.arpa. 10800 IN NS dns.desdelinux.umlandeli. 1.10.168.192.in-addr.arpa. 10800 KWI-PTR sysadmin.desdelinux.umlandeli. 3.10.168.192.in-addr.arpa. 10800 KWI-PTR ad-dc.desdelinux.umlandeli. 4.10.168.192.in-addr.arpa. 10800 IN PTR iseva yefayile.desdelinux.umlandeli. 5.10.168.192.in-addr.arpa. 10800 KWI-PTR dns.desdelinux.umlandeli. 6.10.168.192.in-addr.arpa. 10800 IN PTR proxyweb.desdelinux.umlandeli. 7.10.168.192.in-addr.arpa. 10800 IN PTR blog.desdelinux.umlandeli. 8.10.168.192.in-addr.arpa. 10800 IN PTR ftpserver.desdelinux.umlandeli. 9.10.168.192.in-addr.arpa. 10800 IN PTR imeyile.desdelinux.umlandeli. 10.168.192.in-addr.arpa. 10800 KWI-SOA dns.desdelinux.fan.10.168.192.in-addr.arpa. root.dns.desdelinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800 ;; Query time: 0 msec ;; SERVER: 192.168.10.5#53(192.168.10.5) ;; WHEN: Sun Jan 29 11:44:57 EST 2017 ;; XFR size: 11 records (messages 1, bytes 352) buzz@sysadmin:~$ dig IN SOA desdelinux.umlandeli buzz@sysadmin:~$ dig IN MX desdelinux.fan buzz@sysadmin:~$ dig IN TXT desdelinux.umlandeli buzz @ sysadmin: ~ $ umgcini dns dns.desdelinux.fan inedilesi 192.168.10.5 buzz @ sysadmin: ~ $ umncedisi sysadmin sysadmin.desdelinux.fan has address 192.168.10.1 ... Y cualquier otra comprobación que necesitemos
- Ukuza kuthi ga ngoku, sinesiseko somncedisi we-DNS kwinethiwekhi yethu ye-SME. Siyathemba ukuba uyonwabele yonke le nkqubo, ebiyinto elula, akunjalo? 😉
Sifaka kwaye simisela i-DHCP
[(Imeyile ikhuselwe) ~] # yum fakela i-dhcp
Iiplagi ezilayishiwe: i-fastestmirror, i-centos-base langpacks | 3.4 kB 00: 00: 00 centos-uhlaziyo | 3.4 kB 00:00:00 Ifaka isantya esipilini kwifayile egciniweyo yokusombulula Ukusombulula ukuxhomekeka-> Uvavanyo lwentengiselwano ebalekayo ---> Iphakheji dhcp.x86_64 12: 4.2.5-42.el7.centos kufuneka ifakwe-> Ukusombulula ukuxhomekeka ukupheliswa koXhomekeke kuXhomekeke ============================================= ================================================= =================================== Iphakheji yoyilo lobungakanani boGcino =========== ================================================= ================================================= ====================== Ukufaka: dhcp x86_64 12: 4.2.5-42.el7.centos-base 511k Isishwankathelo sentengiselwano ==== ================================================= ================================================= ============================ Faka iPhakheji enye yobungakanani bokukhuphela: 1k Ubungakanani obumiselweyo: 511 M Ngaba oku kulungile [y / d / N]: y Ukhuphelo lweephakeji: dhcp-1.4-4.2.5.el42.centos.x7_86.rpm | I-64 kB 511:00:00 Uvavanyo lwentengiselwano oluqhubayo Uvavanyo lwentengiselwano oluqhubayo Uvavanyo lwentengiselwano oluqhubayo Lufakela ukuthengiselana: 00: dhcp-12-4.2.5.el42.centos.x7_86 64/1 Ukujonga: 1: dhcp-12-4.2.5. el42.centos.x7_86 64/1 Ifakiwe: dhcp.x1_86 64: 12-4.2.5.el42.centos Yenziwe!
[(Imeyile ikhuselwe) ~] # nano /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
ddns-update-style interim;
ddns-updates on;
ddns-domainname "desdelinux.fan."; ddns-rev-domainname "in-addr.arpa."; ungahoyi uhlaziyo lwabaxhasi; igunya; ukhetho lwe-ip-forwarding off; option domain-name "desdelinux.fan";
# option ntp-servers 0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org, 3.pool.ntp.org;
include "/etc/dhcp.key";
zone desdelinux.fan. {
primary 127.0.0.1;
key dhcp-key;
}
zone 10.168.192.in-addr.arpa. {
primary 127.0.0.1;
key dhcp-key;
}
shared-network redlocal {
subnet 192.168.10.0 netmask 255.255.255.0 {
option routers 192.168.10.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.10.255;
option domain-name-servers 192.168.10.5;
option netbios-name-servers 192.168.10.5;
range 192.168.10.30 192.168.10.250;
}
}
# FIN dhcpd.conf
[(Imeyile ikhuselwe) ~] # dhcpd -t
IiNkqubo zeIntanethi I-Consortium DHCP Server 4.2.5 Ilungelo lokushicilela 2004-2013 IiNkqubo zeIntanethi zeKhonkco. Onke amalungelo agciniwe. Ngolwazi, nceda undwendwele i-https: //www.isc.org/software/dhcp/ Awukhangeli i-LDAP okoko i-ldap-server, ldap-port kunye ne-ldap-base-dn khange zichazwe kwifayile yoqwalaselo
[(Imeyile ikhuselwe) ~] # systemctl vumela dhcpd
Yenza i-symlink ukusuka /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
[(Imeyile ikhuselwe) ~] # systemctl qala dhcpd
[(Imeyile ikhuselwe) ~] # inkquboctl ubume be-dhcpd
● dhcpd.service - DHCPv4 Server Daemon Layisha: ilayishiwe (/usr/lib/systemd/system/dhcpd.service; yenziwe; umisela kwangaphambili umthengisi: ukhubazekile) Iyasebenza: iyasebenza (iyasebenza) ukusukela kwi-dom 2017-01-29 12:04:59 ITS YAYO; I-23s eyadlulayo Amaxwebhu: indoda: dhcpd (8) indoda: dhcpd.conf (5) Eyona PID: 2381 (dhcpd) Isimo: "Ukuhambisa iipakethi ..." Iqela: /system.slice/dhcpd.service ser2381 / usr / sbin / dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd -no-pid Jan 29 12:04:59 dns dhcpd [2381]: Iinkqubo zeIntanethi I-Consortium DHCP Server 4.2.5 Jan 29 12 : 04: 59 dns dhcpd [2381]: Ilungelo lokushicilela le-2004-2013 yeeNkqubo zeIntanethi. Jan 29 12:04:59 dns dhcpd [2381]: Onke amalungelo agciniwe. Jan 29 12:04:59 dns dhcpd [2381]: Ngolwazi, nceda undwendwele https://www.isc.org/software/dhcp/ Jan 29 12:04:59 dns dhcpd [2381]: Awukhangeli i-LDAP ukusukela ldap -server, ldap-port kunye ne-ldap-base-dn khange zichazwe kwifayile yoqwalaselo ngoJan 29 12:04:59 dns dhcpd [2381]: Ubhale ii-0 zokuqeshisa ukuqeshisa ifayile. Jan 29 12:04:59 dns dhcpd [2381]: Ukumamela kwi-LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: Ukuthumela kwi-LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: Ithumela kwiSocket / fallback / fallback-net Jan 29 12:04:59 dns systemd [1]: Qalile I-DHCPv4 Umncedisi weDemon.
Yintoni ekusafuneka yenziwe?
Elula. Qala iWindows 7 okanye omnye umthengi onesoftware yasimahla kwaye uqalise ukuvavanya kunye nokujonga. Sikwenzile nabathengi ababini: Sixhengxe.desdelinux.umlandeli y suse-desktop.desdelinux.umlandeli. Iitsheki bezimi ngolu hlobo lulandelayo:
buzz @ sysadmin: ~ $ umkhosi ezisixhenxe Sixhengxe.desdelinux.fan inedilesi 192.168.10.30 buzz@sysadmin:~$ host seven.desdelinux.umlandeli Sixhengxe.desdelinux.fan inedilesi 192.168.10.30 buzz@sysadmin:~$ dig IN TXT seven.desdelinux.umlandeli .... ;; QUESTION SECTION: ;seven.desdelinux.fan. IN TXT ;; ANSWER SECTION: seven.desdelinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"....
Sithiya iqela "ezisixhenxe" ukuya ku "LAGER" kwaye siqalise kwakhona. Emva kokuqalisa kwakhona i-LAGER entsha, sijonga:
buzz @ sysadmin: ~ $ umkhosi ezisixhenxe Umkhosi kasixhenxe akafumaneki: 5 (WALA) buzz@sysadmin:~$ host seven.desdelinux.umlandeli Host seven.desdelinux.fan not found: 3(NXDOMAIN) buzz@sysadmin: ~ $ umgcini wokubamba lager.desdelinux.fan inedilesi 192.168.10.30 buzz@sysadmin:~$ host lager.desdelinux.umlandeli lager.desdelinux.fan inedilesi 192.168.10.30 buzz@sysadmin:~$ dig IN TXT lager.desdelinux.umlandeli .... ;; QUESTION SECTION: ;lager.desdelinux.fan. IN TXT ;; ANSWER SECTION: lager.desdelinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"....
Ngokumalunga nomxhasi we-suse-desktop:
buzz @ sysadmin: ~ $ host suse-dektop I-suse-dektop yokubamba ayifumanekanga: 5 (YALAWA) buzz @ sysadmin: ~ $ host suse-desktop suse-desktop.desdelinux.fan inedilesi 192.168.10.33 buzz@sysadmin:~$ host suse-desktop.desdelinux.umlandeli suse-desktop.desdelinux.fan inedilesi 192.168.10.33 buzz @ sysadmin: ~ $ umkhosi 192.168.10.33 33.10.168.192.in-addr.arpa domain name pointer suse-desktop.desdelinux.umlandeli. buzz @ sysadmin: ~ $ umkhosi 192.168.10.30 30.10.168.192.in-addr.arpa domain name pointer LAGER.desdelinux.umlandeli.
buzz @ sysadmin: ~ $ ukumba -x 192.168.10.33 .... ;; QUESTION SECTION: ;33.10.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 33.10.168.192.in-addr.arpa. 3600 IN PTR suse-desktop.desdelinux.fan. ;; AUTHORITY SECTION: 10.168.192.in-addr.arpa. 10800 IN NS dns.desdelinux.umlandeli. ; ICANDELO OLONGEZELELWEYO: dns.desdelinux.fan. 10800 IN A 192.168.10.5 .... buzz@sysadmin:~$ dig IN TXT suse-desktop.desdelinux.fan .... ;suse-desktop.desdelinux.fan. IN TXT ;; ANSWER SECTION: suse-desktop.desdelinux.fan. 3600 IN TXT "31b78d287769160c93e6dca472e9b46d73" ; ICANDELO LEGUNYA: desdelinux.umlandeli. 10800 KWI-NS dns.desdelinux.umlandeli. ; ICANDELO OLONGEZELELWEYO: dns.desdelinux.fan. 10800 IN A 192.168.10.5 ....
Masisebenzise le miyalelo ilandelayo
[root@dns ~]# dig desdelinux.umlandeli axfr ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> desdelinux.umlandeli axfr ;; iinketho zehlabathi: +cmd desdelinux.umlandeli. 10800 KWI-SOA dns.desdelinux.umlandeli. ingcambu.dns.desdelinux.umlandeli. 6 86400 3600 604800 10800 desdelinux.umlandeli. 10800 KWI-NS dns.desdelinux.umlandeli. desdelinux.umlandeli. 10800 IN MX 10 email.desdelinux.umlandeli. desdelinux.umlandeli. 10800 KWI-TXT"DesdeLinux, iBlog yakho enikezelwe kwiSoftware yaSimahla" ad-dc.desdelinux.umlandeli. 10800 IN A 192.168.10.3 blog.desdelinux.umlandeli. 10800 IN A 192.168.10.7 dns.desdelinux.umlandeli. 10800 UKUYA 192.168.10.5 iseva yefayile.desdelinux.umlandeli. 10800 IN A 192.168.10.4 ftpserver.desdelinux.fan. 10800 IN A 192.168.10.8 LAGER.desdelinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" LAGER.desdelinux.umlandeli. 3600 IN A 192.168.10.30 mail.desdelinux.umlandeli. 10800 IN A 192.168.10.9 proxyweb.desdelinux.fan. 10800 IN A 192.168.10.6 suse-desktop.desdelinux.fan. 3600 IN TXT "31b78d287769160c93e6dca472e9b46d73" suse-desktop.desdelinux.umlandeli. 3600 IN A 192.168.10.33 sysadmin.desdelinux.umlandeli. 10800 UKUYA KU-192.168.10.1 desdelinux.umlandeli. 10800 KWI-SOA dns.desdelinux.umlandeli. ingcambu.dns.desdelinux.umlandeli. 6 86400 3600 604800 10800
Kwimveliso engentla, saqaqambisa kwi ngesibindi Los I-TTL -imizuzwana- yeekhompyuter ezineedilesi ze-IP ezinikezwe yinkonzo ye-DHCP abo banesibhengezo esicacileyo se-TTL 3600 enikezwe yi-DHCP. Ii-IPs ezisisigxina zikhokelwa yi- $ TTL yeeyure ezi-3H -3 = 10800 imizuzwana- ibhengezwe kwirekhodi ye-SOA yefayile nganye yommandla.
Banokujonga indawo ebuyela umva ngendlela efanayo.
[(Imeyile ikhuselwe) ~] # dig 10.168.192.in-addr.arpa axfr
Eminye imiyalelo enomdla kakhulu yile:
[root@dns ~]# named-journalprint /var/named/dynamic/db.desdelinux.fan.jnl [(Imeyile ikhuselwe) ~] # igama-lephepha-ndaba /var/igama/dynamic/db.10.168.192.in-addr.arpa.jnl [(Imeyile ikhuselwe) ~] # ijenali -f
Uhlengahlengiso olwenziweyo lweefayile zeMimandla
Emva kokuba i-DHCP iqale ukusebenza ngokuhlaziya ngamandla iifayile zommandla weefayile ze ogamaUkuba sikhe safuna ukuyiguqula ngesandla ifayile yefayile, kufuneka senze le nkqubo ilandelayo, kodwa hayi ngaphambi kokwazi okungakumbi malunga nokusebenza koncedo. rndc kulawulo lwegama lomncedisi.
[(Imeyile ikhuselwe) ~] # indoda rndc
....
-misa [ummandla [udidi [jonga]]]
Misa uhlaziyo kummandla onamandla. Ukuba akukho ndawo ichaziweyo, yonke loo mimandla inqunyanyisiwe. Oku kuvumela ukuhlelwa kwemanyuwali ukuba kwenziwe kummandla oqhele ukuhlaziywa ngohlaziyo olunamandla. Ikwabangela utshintsho kwifayile yejenali ukuba ivumelaniswe kwifayile eyintloko. Zonke iinzame zokuhlaziya ezinamandla ziya kunqatshwa ngelixa ummandla ungumkhenkce.
nyibilika [indawo [iklasi [jonga]]]
Yenza uhlaziyo lwendawo eguqukayo enomkhenkce. Ukuba akukho ndawo ichaziweyo, yonke loo mimandla iqabileyo iyenziwa isebenze. Oku kubangela ukuba iserver iphinde ilayishe kwakhona indawo kwidiski, kwaye iphinde yenze ukuba kuhlaziywe amandla emva kokuba umthwalo ugqityiwe. Emva kokuba indawo inyibilikisiwe, uhlaziyo olunamandla alusayi kuphinda lwaliwe. Ukuba ummandla utshintshile kwaye ukhetho lwe-ixfr-ukusuka-umahluko luyasetyenziswa, ifayile yefayile iya kuhlaziywa ukubonisa utshintsho kummandla. Ngaphandle koko, ukuba ummandla utshintshile, nayiphi na ifayile yejenali ekhoyo iya kususwa. ....
Yintoni, ubucinga ukuba ndiza kuyikhuphela yonke incwadana? ... isiqwenga kwaye bahamba ngemoto. Okushiyekileyo ndiyishiya kuwe. 😉
Ngokusisiseko:
- rndc nqabela [indawo [iklasi [jonga]]], unqumamisa uhlaziyo olunamandla lwendawo. Ukuba enye ayichazwanga, zonke ziya kubanda. Umyalelo uvumela ukuhlelwa kwencwadana yendawo enomkhenkce okanye yonke imimandla. Naluphi na uhlaziyo olunamandla luya kukhatywa ngelixa liqabile.
- rndc unyibilik [ummandla [udidi [jonga]]], Yenza uhlaziyo olutshintshayo kummandla owawukhenkcekile ngaphambili. Iseva ye-DNS iphinda ilayishe kwakhona ifayile yendawo kwiidiski, kwaye uhlaziyo olunamandla lwenziwa amandla emva kokuba ulayisho luphelile.
Izilumkiso emazithathwe xa sihlela ngesandla ifayile yefayile? Kuyafana nokuba besiyenza, ngaphandle kokulibala ukunyusa inani le-serial ngo-1 okanye i serial ngaphambi kokugcina ifayile kunye notshintsho lokugqibela.
Umzekelo:
[ingcambu@dns ~]# rndc umkhenkce desdelinux.umlandeli
[root@dns ~]# nano /var/named/dynamic/db.desdelinux.umlandeli
Ndiyiguqula ifayile yendawo ngenxa yaso nasiphi na isizathu, siyimfuneko okanye akunjalo. Ndigcina utshintsho
[ingcambu@dns ~]# rndc nyibilika desdelinux.umlandeli
Ukulayishwa kwakhona kwendawo kunye nokunyibilika kwaqalwa. Jonga iinkuni ukubona iziphumo.
[(Imeyile ikhuselwe) ~] # ijenali -f
ene 29 14:06:46 dns named[2257]: thawing zone 'desdelinux.fan/IN': success
ene 29 14:06:46 dns named[2257]: zone desdelinux.fan/IN: zone serial (6) unchanged. zone may fail to transfer to slaves.
ene 29 14:06:46 dns named[2257]: zone desdelinux.fan/IN: ilayishiwe uthotho 6
Impazamo kwimveliso edlulileyo, eboniswe ngombala obomvu kwikhonsoli, kungenxa yokuba "ndilibele" ukunyusa inani le-serial ngo-1. Ukuba bendiyilandele kakuhle le nkqubo, iziphumo bezizakuba zezi:
[(Imeyile ikhuselwe) ~] # ijenali -f -- Logs begin at dom 2017-01-29 08:31:32 EST. -- ene 29 14:06:46 dns named[2257]: zone desdelinux.fan/IN: loaded serial 6 ene 29 14:10:01 dns systemd[1]: Started Session 43 of user root. ene 29 14:10:01 dns systemd[1]: Starting Session 43 of user root. ene 29 14:10:01 dns CROND[2693]: (root) CMD (/usr/lib64/sa/sa1 1 1) ene 29 14:10:45 dns named[2257]: received control channel command 'freeze desdelinux.fan' ene 29 14:10:45 dns named[2257]: freezing zone 'desdelinux.fan/IN': success ene 29 14:10:58 dns named[2257]: received control channel command 'thaw desdelinux.fan' ene 29 14:10:58 dns named[2257]: thawing zone 'desdelinux.fan/IN': success ene 29 14:10:58 dns named[2257]: zone desdelinux.fan/IN: journal file is out of date: removing journal file ene 29 14:10:58 dns named[2257]: zone desdelinux.fan/IN: ilayishiwe uthotho 7
- Mfundi mfundi, ndiyaphinda ukuba kufuneka ufunde ngononophelo iziphumo zemiyalelo. Kwinto ethile abaphuhlisi bayo bachitha umsebenzi omninzi besenza umthetho ngamnye, nokuba kulula kangakanani.
Isishwankathelo
Ukuza kuthi ga ngoku sithethe ngokufezekiswa kwesibini se-DNS-DHCP, iinkonzo ezibalulekileyo nezibalulekileyo ekusebenzeni kakuhle kwenethiwekhi yethu ye-SME, ibhekisa ekunikezelweni kweedilesi ezinamandla nge-DHCP kunye nokusonjululwa kwamagama ekhompyuter kunye nesizinda nge-DNS.
Sinethemba lokuba uyonwabele yonke le nkqubo njengoko besenzile. Nangona kunokubonakala kunzima ngakumbi ukusebenzisa ikhonsoli, kulula kakhulu kwaye kufundisa ngakumbi ukwenza inkonzo kwi-UNIX® / Linux ngoncedo lwayo.
Bayandixolela nakuphi na ukutolikwa okungalunganga kweengcinga, ukuyilwa, ukubhalwa, ukuhlaziywa, ukubhala ngokutsha, kunye nokupapashwa ngolwimi lweShakespeare, hayi iCervantes. 😉
Ukuhanjiswa okulandelayo
Ndicinga kancinci kancinci ngokufanayo- kunye nezongezo zethiyori kwiirekhodi ze-DNS- kodwa kwi-Debian. Asinakulibala ukuba usasazo, akunjalo?
Enkosi kakhulu ngomsebenzi wakho oncomekayo wokubhala amanqaku anesiqhamo. Iya kuba luncedo kakhulu kum
Ndiyabulela kakhulu, Cristian, ngokundilandela kunye nokuvavanya kwakho le post. Impumelelo!
Emva kokwenza ukujonga okokuqala kule post intsha nguFederico, ubuchwephesha obukhulu obubonwe kuyo yonke le «PYMES» uthotho luyabonakala kwakhona; ukongeza kwiinkcukacha ezinkulu ezibonisa indawo yakho kwiinkonzo ezimbini ezibalulekileyo (i-DNS kunye ne-DHCP) yayo nayiphi na inethiwekhi. Ngesi sihlandlo kwaye ngokungafaniyo nezimvo zam zangaphambili, ndinezimvo zesibini ndisalinde emva kokuba ndikwenzile oko ndikuthethileyo kwesi sithuba.
Akukho zimvo, pa '400 !!! UFico uyabulela kuba uyazi kakuhle ukuba ndizifundile iiposti zakho kwaye asinakho ukubuza ngaphezulu. Uqala ngombutho olunge kakhulu, ukusuka kwindlela yokufaka kunye nokuseta i-desktop yomsebenzisi, indawo yokusebenza sisiseko, sisimo sengqondo sokuba zezi nkonzo zenethiwekhi uzichaza kakuhle. Ubusonyuka kwaye nangona kuyinyani ukuba inqanaba liyenyuka, kuyinyani ukuba ubhalile kwaye wapapasha abo bangaphantsi kunabo baqala, kwabo banam njengam ixesha elithile kunye nabona baphambili.
Ngokuhamba kwexesha ndiye ndafika kwisigqibo sokuba ndiyazi ukuba uninzi sele lufikile, ithiyori, ethi ixabise kakhulu ukufumana ulwazi olulula lokungafuni ukufunda, kuba ukuphumeza sele kulula kakhulu xa sisazi into esiyenzayo, kutheni ???, imibuzo, ukuba ungayifumana phi kwaye uphume njani kwimpazamo enika iintlungu ezingaka xa singazi nokuba zivela phi, kufanelekile ukungafuneki.
Ngesi sizathu, andifuni ukuba ushiye ngasemva ezo zinto zethiyori uzakuzibandakanya malunga neerekhodi ze-DNS kupapasho olulandelayo njengoko ubhengezile, kungasathethwa kangako xa kufikwa kwi-DEBIAN ethandekayo neyintanda.
ENKOSI KAKHULU kwaye silindile.
Ukugqwesa njengesiqhelo uFico! Ndilinde uguqulelo lweDebian, bendidlala yonke into nge-distro iminyaka.
Wong: Uluvo lwakho emva kokufunda lufanele kakhulu. Ndilindele amagqabantshintshi akho xa uvavanya umxholo, kuba ndiyazi ukuba yindlela othanda ukuyenza ngayo. 😉
ICrespo: Njengamaxesha onke, izimvo zakho zamkelwe kakuhle kakhulu. Ndiyabona ukuba uwuthimbile umgca ngokubanzi endiwuphakamisileyo kulwakhiwo lolu ngcelele. Ndiyathemba ukuba, njengawe, abaninzi sele beqaphele. Enkosi ngengcaciso yakho.
Dhunter: Kulungile ukukufunda kwakhona! Awuyi kulinda ixesha elide. NgoMvulo kutshanje -okanye phambi kokuba kugqitywe ukupapashwa. Ungacingi ukuba kulula kum ukugubungela i-distros ezintathu ezahlukeneyo, kodwa iRespectable Reader, iyayicela. Ayisiyiyo iDebian kunye no-Ubuntu kuphela, kodwa eziThathu ezijolise kwii-SME.
Ukuba upapashe, kungenxa yokuba unako, siyakuxhasa kwaye siyazi ukuba uya kuwulandela loo mgca.
Njengothuko ndilinde ukukhutshwa kweDebian ngamazinyo abukhali. Kuya kuba kuhle ukuba ugqume kancinci malunga ne-NTP. I-Sl2 kunye nokuwola okukhulu. Ukuba ootitshala bam bebendifundise yonke into enjalo, HAHAJJA, Platinum Degree, HAHAJJA.
Inqanaba leenkcukacha kwiziphumo zomyalelo ziyimfuneko ukubonisa ukubaluleka kwayo. Bathetha kakhulu. Kuyinyani ukuba manqaku ambalwa athetha ngeli nqanaba leenkcukacha, kuba bacinga ukuba angamanqaku amade kwaye anzima ukuba afundwe. Ewe, inxenye yomsebenzi we-SysAdmin kukufunda ezo ziphumo zinzima kunye neenkcukacha, hayi ebusweni beengxaki, kodwa nasebusweni bokukhangelwa.
Molo uFederico, bendithembisile ngaphambili, ukuba ndibhale ezinye izimvo emva kokuba ndifunde ngocoselelo lo mbuzo ubuzwayo; Ewe, nantsi into elandelayo:
Inkqubo entle endaweni yokuvelisa isitshixo se-TSIG kuhlaziyo lwe-DNS olunamandla yi-DHCP, ukukopa isitshixo esifanayo se-rndc.key njenge-dhcp.key, oku kubonakala ngathi "kulula" kubonisa ukuba injongo ayisiyiyo ubuchwepheshe kuphela ye-INDLELA YOKUFAKA-I-DNS-kunye-ne-DHCP kodwa isifundisa ukucinga, IINKWENKWE ezi-5 ZOMBHALI.
– Muy interesante en el archivo de configuración del DNS, named.conf, la presencia de la linea «allow-transfer { localhost; 192.168.10.1; };» para realizar test el Dominio «desdelinux.fan» solamente desde la estación de trabajo del SysAdmin y el localhost (el propio server DNS), y además de la inserción de la clave TSIG para la actualización del DNS desde el DHCP.
Kulunge kakhulu ukuyilwa kwemimandla ethe ngqo neguqukayo ye-DNS kunye nenkcazo "eneenkcukacha" zeentlobo zazo zeerekhodi, ukongeza ekuphunyezweni komyalelo "# ogama lingu-checkconf -zp" ukukhangela yonke is syntax enegama ngaphambi kwayo ukuseta ngokutsha nzima, kunye nemizekelo yokusebenzisa "dig" ukuyalela ukungqinisisa iintlobo ezahlukeneyo zeerekhodi ze-DNS.
. Kuqwalaselo lwe-DHCP (usebenzisa ifayile /etc/dhcp/dhcpd.conf):
-Uyongeza njani inethiwekhi yethu yangaphakathi kunye noluhlu lwayo kwiidilesi ezinamandla ze-IP ukwabela, inkcazo yegama-lomncedisi, njl. kunye nendlela yokuxelela iDHCP ukuba ihlaziye iirekhodi zeDNS ngokusebenzisa i "ddns- ..." imigca kulungelelwaniso lwayo.
. Cuando todo ya esta operativo, 5 ESTRELLAS PARA EL AUTOR, en la ejecucion del comando «# dig desdelinux.fan axfr» para comprobar el TTL de los equipos de la LAN que tienen IP static de los que tienen IP dinámicas asignadas.
. Por ultimo, GENIAL, la modificación manual de archivos de Zonas congelándolas primero con «# rndc freeze desdelinux.fan», realizando a continuación la modificación y descongelándolas finalmente con «# rndc thaw desdelinux.umlandeli"
. KUNYE OKUQHELEKILEYO, YONKE INTO YENZEKA KWI-TERMINAL.
Yigcine Fico.
hello,
Ik kom net kijken, dit omdat ik probeer ach achthalen hoe het kan dat alles gedeeld en verwijderd wordt op mijn computer zelfs mijn foto's. Ik heb totaal geen control meer over mijn eigen khompyuter kwi-mobiel.
Het zit m dus ook kwi-het dns kwi-dhcp. Ik weet echt niet hoe ik dit moet oplossen en het kan verwijderen. Misschien dat iemand mij ufuna uncedo? I-Dit ngamelijk buiten mij om geinstalleerd. Walgelijk gedrag vind ik het.
Wong: amagqabantshintshi akho ayaligcwalisa eli nqaku. Ngokukrakra, kubonisa ukuba uyifunde ngokupheleleyo. Ngaphandle koko, awungekhe uphawule ngenqanaba leenkcukacha ozenzayo. Yongeza nje loo nto vumela-ukudlulisa Isetyenziswa ikakhulu xa sinekhoboka le-DNS kwaye sivumela ukuhanjiswa kwemimandla ukusuka kwinkosi kuye. Ndiyisebenzisa ngaloo ndlela kuba yindlela elula yokufezekisa ukwenza iitsheki ezingeyongozi kwikhompyuter enye. Ndiyabulela kakhulu kuvavanyo lwakho lwe-5. Ndiyabulisa! kwaye ndiza kuhlala ndikulindile kumanqaku am alandelayo.
Molo uFederico. Ndiyazi ukuba ndishiywe lixesha, kodwa ndingathanda ukukubuza umbuzo.
Ngaba le nkqubo inokundinceda ukuba ndifuna ukukhomba idomeyini kwiseva yam ye-vps?
Yonke imizuzu eli-15 ndifumana le miyalezo yenkqubo:
I-DHCPREQUEST kwi-eth0 ukuya kwizibuko 67 (xid =…)
I-DHCPACK ukusuka (xid =…)
ukubophelela ukuvuselelwa kwimizuzwana engama-970.
Kwaye kwinto endiyiqondayo kufuneka ndenze irekhodi elinendawo yam kunye ne-ip yeserver yam enikezelweyo.
* Ndiyavuyisana kwaye ndiyabulela ngale nqaku, andazi nokuba yile nto bendiyifuna na kodwa ndiyifumene inomdla kwaye ichazwe kakuhle. Ukongeza ndithatha isindululo se "DNS kunye NOKUBOPHA" esele ndihleba kancinci kwaye kubonakala kunomdla kakhulu.
Imibuliso evela eArgentina!
Nceda unxibelelane nam ngoku valdestoujague@yandex.com