Isalathiso ngokubanzi sothotho: Iinethiwekhi zekhompyuter zee-SMEs: Intshayelelo
Molweni zihlobo! Ukuqonda nokulandela ngokuchanekileyo eli nqaku yile kubalulekile kufunda ababengaphambi kwayo:
Bacacisa ithiyori kunye neengcinga ezisebenzayo esingazukubhekisa kuzo kule. Siza kutshintsha ukuhanjiswa kulo nyaka sikuwo siye ku I-Debian 8.6 "uJessie" kwaye siya kuqhubeka ngeeparameter ezifanayo esizisebenzisayo BOPHA kunye ne-Active Directory®.
- Inkqubo echazwe kule post iyasebenza nakwi-CentOS 7. Ifayile yoqwalaselo / njl / dnsmasq iyafana. Ndiyayazisa kuba ndiyithatha njengengafuneki ukwenza inqaku elahlukileyo le-Dnsmasq kunye ne-Active Directory® isekwe kwi-CentOS. Ngethamsanqa, imikhombandlela enxulumene namaxwebhu kunye noqwalaselo ziyafana. 😉
- I-Dnsmaq yindalo ye USimon Kelley
Imida kusetyenziso lwe-Dnsmasq
Ngenxa yokubaluleka kwayo siyaphinda Imida exhasa iDnsmasq -run indoda dnsmasq- ebonisa ngokuchanekileyo Okulandelayo:
Imida
- Amaxabiso asisiseko emida yemithombo ngokubanzi ayalondolozwa, kwaye kufanelekile ukuba asetyenziswe kwizixhobo zohlobo lwe-router. ibambelele kwiiprosesa ezicothayo kunye nememori ephantsi. Kwizixhobo zekhompyutha ngakumbi onako, kunokwenzeka ukuba wandise imida, kwaye axhase uninzi ngakumbi abathengi. Oku kulandelayo kuyasebenza kwi-dnsmasq-2.37: iinguqulelo zangaphambili azenzi njalo benyuka kakuhle kakhulu.
- I-Dnsmasq iyakwazi ukuxhasa i-DNS kunye ne-DHCP ubuncinci iwaka (1,000) abathengi. Amaxesha okuqeshisa akufuneki abemfutshane kakhulu (ngaphantsi kwesinye ixesha). Ixabiso le -dns-phambili-max linokunyuswa: qala nge inani elilinganayo labathengi kunye nokunyusa ukuba ngaba I-DNS. Qaphela ukuba ukusebenza kwe-DNS kuxhomekeke nakwiseva Ukunyuka kwe-DNS. Ubungakanani be-cache ye-DNS bunokunyuswa: umda Ifunwa ngamagama ayi-10,000 kwaye okungagqibekanga (150) kuphantsi kakhulu. Ukuthumela i-SIGUSR1 kwi-dnsmasq kwenza ulwazi nge-bitacore iluncedo kulungelelwaniso lobungakanani becache. Jonga icandelo AMANQAKU iinkcukacha.
- Umncedisi we-TFTP owakhelweyo uyakwazi ukuxhasa ukuhanjiswa okuninzi iifayile ezifanayo ngaxeshanye: umda opheleleyo unxulumene nenani leziphatho zefayile ezivunyelwe kwinkqubo kunye nokubanakho kwe sys‐tem call select () ukuxhasa inani elikhulu lokuphatha iifayile. Ukuba umda ucwangciselwe phezulu kakhulu nge –tftp-max uyakucuthwa kwisikali kwaye owona mda uza kuvalwa ekuqaliseni. Qaphela ukuba ukuhambisa ngakumbi zinokwenzeka xa ifayile enye ithunyelwe ntoni xa kuthunyelwa nganyeI-ferencia ithumela ifayile eyahlukileyo. Kuyenzeka ukuba usebenzise i-dnsmasq ukukhanyela intengiso yeWebhu usebenzisa uluhlu lwe ii-banner ezaziwa kakuhle, zonke zisombulula kwi-127.0.0.1 okanye 0.0.0.0 kwi / njl / yenginginya okanye kwifayile eyongezelelweyo yemikhosi. Uluhlu lunako yinde kakhulu. I-Dnsmasq ihlolwe ngempumelelo ngamagama ayisigidi. Obu bungakanani befayile budinga i-1GHz CPU kunye noqikeleloI-RAM engama-60MB.
- I-Dnsmasq iyakwazi ukuxhasa i-DNS kunye ne-DHCP ubuncinci iwaka (1,000) bathengi.
Masifake kwaye siqwalasele uJessie kunye neDnsmasq
Siza kuqala ngofakelo olutsha nokucocekileyo kweseva esekwe kwi I-Debian 8 "uJessie". Ngamanye amagama, inkqubo yokusebenza ngaphandle kokuboniswa komzobo okanye enye ipakeji efakiweyo. Iiparameter zenethiwekhi ziya kufana nale sizisebenzisileyo kwinqaku BOPHA kunye ne-Active Directory®:
Igama lesizinda mordor.fan LAN Inethiwekhi 10.10.10.0/24 ================================== == ========================================= iseva idilesi ye-IP Injongo (iiseva ezine-OS yeWindows ============================================== == ============================= i-sauron.mordor.fan. 10.10.10.3 Uluhlu olusebenzayo® 2008 SR2 imamba.mordor.fan. 10.10.10.4 Umncedisi weFayile yeWindows dns.mordor.fan 10.10.10.5 I-DnsMasq Server kwiJessie ngqube. 10.10.10.6 Ummeli, isango kunye ne-firewall kwi-Kerios troll.mordor.fan. 10.10.10.7 Ibhlog esekwe kwi ... andikhumbuli i-shadowftp.mordor.fan. 10.10.10.8 iseva ye-FTP emnyama black.mordor.fan. 10.10.10.9 Inkonzo ye-imeyile epheleleyo blackspider.mordor.fan. 10.10.10.10. 10.10.10.11 Ingxoxo kwi-Openfire yeWindows Real CNAME ================================= :: sauron ad-dc mamba fileserver darklord proxyweb troll blog i-shadowftp ftpserver i-imeyile emnyama ye-blackspider www palantir evulekileyo
Useto lweseva yokuqala dns.mordor.fan
(Imeyile ikhuselwe): ~ # nano / njl / igama lenginginya dns ingcambu @ dns: ~ # nano / njl / imikhosi 127.0.0.1 localhost 10.10.10.5 dns.mordor.fan dns # Le migca ilandelayo iyanqweneleka kwi-IPv6 inginginya enamandla: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouters (Imeyile ikhuselwe): ~ # nano / njl / inethiwekhi / ujongano # Le fayile ichaza unxibelelwano lwenethiwekhi olukhoyo kwinkqubo yakho # nendlela yokwenza isebenze. Ngolwazi oluthe kratya, jonga ujongano (5). source /etc/network/interfaces.d/* # I-loopback network interface auto lo iface lo inet loopback # Inethiwekhi ephambili yenethiwekhi ivumela-hotplug eth0 iface eth0 inet static address 10.10.10.5 netmask 255.255.255.0 network 10.10.10.0 usasazo lwe-10.10.10.255. Isango le-10.10.10.1 127.0.0.1 # dns- * iinketho ziyenziwa yipolpvconf package, ukuba ifakiwe i-dns-nameservers XNUMX dns-search mordor.fan
Masifake i-Dnsmasq kunye ne-htop
(Imeyile ikhuselwe): ~ # ukufaneleka ukufaka i-dnsmasq htop
Emva kokufaka iphakheji phezulu sinokujonga i-CPU kunye nokusetyenziswa kwememori yezixhobo. Yayidla kuphela malunga nee-megabytes ezingama-71 ze-RAM. Ukuba sifuna ukunciphisa ukusetyenziswa nangakumbi, sinokufaka iphakheji I-SSMTP -Okulula MTA-iyo yona icoca iphakheji Umzekelo 4 i-Debian ihlala ifaka ngokungagqibekanga kwaye ayifuni ngokwenene ngokokusetyenziswa esiza kukunika kule seva:
(Imeyile ikhuselwe): ~ # ukufaneleka ukufaka ssmtp Iingcambu @ dns: ~ # aptitude purge ~ c Iingcambu @ dns: ~ # aptitude clean (i-imeyile ikhuselwe): ~ # aptitude autoclean (Imeyile ikhuselwe): ~ # systemctl qala kwakhona
Emva kokuqalisa kwakhona ikhompyuter, ukusetyenziswa kulandelayo: 
Phantsi, kunene? Masiqhubeke.
Masibonise ukuba iDnsmasq ikwanxibelelana neMicrosft® DNS
Ukuvavanya ubumbeko olunokwenzeka lwe-Dnsmasq kwikhompyuter yakho dns.mordor.fan, kufuneka sibandakanye ingxelo ebonisa ukuba iMicrosoft DNS yeserver iyaboniswana i-sauron.mordor.fan. Singayenza kubandakanya nomyalelo umncedisi = / mordor.fan / 10.10.10.3 kwindawo yogcino wdmasmasq.conf -njengoko siza kubona kamva- okanye ukongeza umgca nameserver 10.10.10.3 kwindawo yogcino /etc/resolv.conf. Njengangoku asikaqwalaseli iDnsmasq ngokweemfuno zethu, sikhetha indlela yesibini:
(Imeyile ikhuselwe): ~ # nano /etc/resolv.conf
isizinda mordor.fan
nameserver 127.0.0.1
nameserver 10.10.10.3
Ngoku singasombulula imibuzo ye-DNS
Ngoqwalaselo olungagqibekanga lwe-Dnsmasq ebonelelwe yifayile yayo ephambili /etc/dnasmq.conf, kunye nento ebhengezwe kwifayile /etc/resolv.conf kwiserver uqobo «dns«, Nawuphi na umxhasi oxhunyiwe kwi-LAN -kwaye wabhengeza njengeseva ye-DNS dns.mordor.fan-Ungasombulula imibuzo ye-DNS ngenkcitho yeMicrosoft® DNS okwangoku…
- Kubaluleke kakhulu ukujonga isantya sokuphendula se-Dnsmasq xa ubonakalisa imeko yayo njenge Umdlulisi ngokufakwa nje kwe-IP 10.10.10.3 kwifayile yakho /etc/resolv.conf.
Ukusuka kwindawo yam yokusebenza kunye nenkxaso yazo zonke izinto endibhala ngazo, ndibaleka:
buzz @ sysadmin: ~ $ cat /etc/resolv.conf # Yenziwe yiNethiwekhiManager yesizinda mordor.fan nameserver 10.10.10.5 buzz @ sysadmin: ~ $ nslookup > dns Umncedisi: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Igama: dns.mordor.fan Idilesi: 10.10.10.5 > is saonon Umncedisi: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Impendulo engagunyaziswanga: Igama: sauron.mordor.fan Idilesi: 10.10.10.3 > 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan Umncedisi: 10.10.10.5 Idilesi: 10.10.10.5 # 53 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan igama lekoneli = sauron.mordor.fan. Igama: sauron.mordor.fan Idilesi: 10.10.10.3 > 10.10.10.3 Umncedisi: 127.0.0.1 Idilesi: 127.0.0.1 # 53 3.10.10.10.in-addr.arpa name = sauron.mordor.fan. > 10.10.10.9 Umncedisi: 127.0.0.1 Idilesi: 127.0.0.1 # 53 9.10.10.10.in-addr.arpa name = blackelf.mordor.fan. > 10.10.10.5 Umncedisi: 127.0.0.1 Idilesi: 127.0.0.1 # 53 5.10.10.10.in-addr.arpa name = dns.mordor.fan. > imeyile Umncedisi: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Impendulo engagunyaziswanga: mail.mordor.fan igama elingamanyala = blackelf.mordor.fan. Igama: blackelf.mordor.fan Idilesi: 10.10.10.9> exit buzz @ sysadmin: ~ $
Masiqwalasele le miba ilandelayo:
- dns.mordor.fan iphendula ngokuthe ngqo imibuzo ye-DNS enokuthi iyisombulule ngokwezicwangciso zakho zangoku ze-Dnsmasq. Ukuba awukwazi ukuzisombulula, kuyasebenza ngathi Umdlulisi kwaye ubuza i-IP 10.10.10.3 ukuba uyawuphendula umbuzo. Xa ubuzwa i-IP yezixhobo «dns«, Uphendula ngokuthe ngqo. Xa iDnsmasq ibuzwa ngubani «is saonon",?, yenza ukugqithisa la 10.10.10.3 -Awunakho ukuphendula ngokuthe ngqo kuba awukayibhalisi okwangoku- ngubani obuyisela impendulo engeyiyo egunyazisiweyo.
- Xa ubuzwa ukuba ngubani «03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan"?, yenza ukugqithisa kwakhona ngeli xesha ufumana Impendulo enegunya kuMicrosoft® DNS.
- Isantya esiphezulu sempendulo yeDnsmasq kulo naluphi na uhlobo lombuzo.
Zizinto ezincinci ezenza uthando lube lolukhulu ;-).
Umahluko osisiseko phakathi kwe-Dnsmasq kunye ne-BIND edityaniswe ne-Active Directory®
Masisebenzise imibuzo embalwa ye-DNS kwiirekhodi ezibalulekielyo y NS wedomain mordor.fan, kwigama ngalinye lamagama abandakanyekayo:
buzz @ sysadmin: ~ $ umphathi -t SOA mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Izithethi: mordor.fan ine-SOA irekhodi sauron.mordor.fan. umphathi wenkosi.mordor.fan. 56 900 600 86400 3600 XNUMX buzz @ sysadmin: ~ $ umphathi -t SOA mordor.fan 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Izithethi: mordor.fan ine-SOA irekhodi sauron.mordor.fan. umphathi wenkosi.mordor.fan. 56 900 600 86400 3600 XNUMX buzz @ sysadmin: ~ $ umphathi -t NS mordor.fan 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Izithethi: mordor.fan igama leseva sauron.mordor.fan. buzz @ sysadmin: ~ $ umphathi -t NS mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Izithethi: mordor.fan igama leseva sauron.mordor.fan.
Iimpendulo ziyafana - ezisengqiqweni- kuba rhoqo phendula uphendule i-sauron.mordor.fan. phambi kombuzo we-DNS malunga neerekhodi ezibalulekielyo o NS, nangona kunjalo kubonakala Uphendula athini dns.mordor.fan. Nangona kunjalo, yahlukile koko kubonakala kwinqaku Bopha kunye ne-Directory esebenzayo® apho besisuse khona ngokupheleleyo ukusebenza kweMicrosoft® DNS. Kwinqaku YONKE imibuzo ye-DNS malunga ne-Domino Namespace mordor.fan I-BIND ibaphendule, kuba siyilungiselele ngaloo ndlela, kwaye ngenxa yokuba i-BIND iyayiphendula imibuzo ezibalulekielyo y NS ngaphezu kokuvumela isikimu Inkosi-IkhobokaUtshintsho lommandla, njl.njl.
Mhlawumbi ezo ngumahluko ophambili phakathi kwe-DNS ye-Dnsmasq kunye ne-BIND ... pero Bopha-kunokuhlala kukho enye okanye ezingakumbi kodwa-ayinayo iseva ye-DHCP edibanisa ngaphandle komthungo kunye neseva ye-DNS kwindawo enye idaemond, kwaye ngaphandle kwesidingo sezitshixo ze-TSIG, iifayile zoqwalaselo, iziseko zedatha, njl., Njengoko sibonile kumanqaku angaphambili.
- Ndicinga ukuba okwangoku, Abafundi abathandekayo baya kube beqondile ukuba andikuthiyi ukubopha kwaye andikhethi iDnsmasq kunokuba ndibambe. Iingxoxo ezizayo malunga nayo yinkcitha-xesha, kuba inento yokwenza neemfuno, amabango, ukuthanda izinto, ukhetho kunye .... Isisombululo ngasinye sinomtsalane waso ;-).
- Kwiimeko ezifanayo, nganye nganye ifaka kwaye iqwalasele isoftware abayithandayo kwaye bazi ngakumbi ngayo. kwaye yonke into isebenza njengoko kulindelwe.
Izinto eziluncedo zokudityaniswa kwe-Dnsmasq + i-Active Directory®
Ngolu dibaniso sinoluhlu olupheleleyo lweempendulo kwimibuzo ye-DNS kunye neendlela ezifanelekileyo zokuqeshisa iidilesi ze-IP kwi-SME LAN yethu. Njengoko siza kubona kamva, isebenza ngokuchanekileyo kuyo nayiphi na imeko ngokubhekisele nokuba ikhompyuter ijoyine na kwiMicrosoft® Active Directory® Domain Controller. Ukongeza, sine-DNS kunye ne-DNS server Umdlulisi Ukugqwesa, kunye neserver ekhawulezileyo ye-DHCP. Kwaye zonke zinemfuno encinci yezixhobo. Ngaba ufuna ngaphezulu?
Ngaba kunokwenzeka ukuba i-Dnsmasq + BIND?
Ngokuqinisekileyo ewe. Nangona ndicebisa ukuba zifakwe kwiikhompyuter ezahlukeneyo ukuze kungabikho kungqubana ngenxa yezibuko elithandwayo 53 lenkonzo ye-DNS. Mhlawumbi kwaye siza kubona okuthile malunga nayo xa sifika kwi-Samba 4-based AD-DC. Ngubani owaziyo?
Iingcebiso malunga neDnamasq
- Iifayile zomsebenzi ezibalulekileyo zeDnsmasq ukubonelela ngeenkonzo ze-DHCP kunye ne-DNS kwi-LAN zezi: /etc/dnsmasq.conf, / njl / imikhosi, /var/lib/misc/dnsmasq.leases, kwaye /etc/resolv.conf. Ifayile dnsmasq.leases Yenziwa xa uqeshisa idilesi yakho yokuqala ye-IP.
- Enye ifayile yomsebenzi onokuyisebenzisa yile / njl / njl. Ukuba ifayile enjalo ikhona, isikhokelo iincwadi zokufunda ibhengezwe kwifayile yoqwalaselo, ixelela iDnsmasq ukuba iyifunde. Iluncedo kakhulu xa sibalisa Iidilesi ze-MAC / amagama wokubamba ngeenjongo ezithile.
- Inkonzo ye-DNS inokukhubazeka ngokupheleleyo kusetyenziswa lo myalelo izibuko = 0 kwi wdmasmasq.conf.
- Inkonzo ye-DHCP yomnatha omnye okanye nangaphezulu inokukhubazeka ngemiyalelo -enye kumgca ngamnye- akukho-dhcp-interface = eth0, akukho-dhcp-interface = eth1, kwaye nangokunjalo. Iluncedo kakhulu xa siphambi kweqela eline-2 okanye ngaphezulu- uthungelwano lwenethiwekhi kwaye sifuna ukuba inkonzo ye-DHCP ibonelelwe ngomnye wabo okanye kungabikho namnye. Ewe kunjalo, ukuba sikhubaza inkonzo ye-DHCP kulo lonke ujongano, siya kushiya kuphela inkonzo ye-DNS. Ukuba sikhubaza zombini iinkonzo, kutheni le nto sifuna iDnsmasq? 😉
- Ukubhengeza kwezinye iiseva zeDomain Domain Name oko hayi esidlangalaleni okanye sangaphandle kwi-LAN -kwimeko yeMicrosoft DNS- siyenza ngokomyalelo umncedisi = / igama lesizinda / IP ye-DNS kwindawo yogcino /etc/dnsmasq.conf. Umzekelo: umncedisi = / mordor.fan / 10.10.10.3.
- Ukuxelela iDnsmasq ukuba imibuzo malunga nemimandla yendawo iphendulwa kuphela kwifayile / njl / imikhosi okanye nge-DHCP yakho, kufuneka songeze lo myalelo yengingqi = / yendawonet / kwifayile ephambili yoqwalaselo lwakho. Umzekelo: yendawo = / mordor.fan /.
- Ukuqwalasela ngokufanelekileyo ifayile /etc/resolv.conf - gqibezela Sicebisa ukuba ufunde incwadana yayo usebenzisa lo myalelo Isisombululo somntu. Ukuba ufaka i-Debian 8.6 "Jessie" uyakufumanisa ukuba ibhalwe kakuhle ngeSpanish.
- I-Dnsmasq ayisebenzisi iifayile zeZowuni ukuphendula ngqo okanye ukubuyisela umva imibuzo.
- Ukwazi intsingiselo yentsimi nganye «ezizodwa»Oko kusetyenziswa kwisibhengezo seRekhodi yeZibonelelo ze-SRV, kuya kufuneka ubonisane BOPHA kunye ne-Active Directory®. I-syntax yeerekhodi ze-SRV kwifayile /etc/dnsmasq.conf Inje ngolu hlobo lulandelayo:
umphathi we-srv = , , , ,
Abafundi abafuna ukwazi ngakumbi, nceda ufunde ifayile yoqobo ngocoselelo /etc/dnsmasq.conf okanye amaxwebhu akhoyo kulawulo / usr / share / doc / dnsmasq-siseko.
(Imeyile ikhuselwe): ~ # ls -l / usr / share / doc / dnsmasq-base / Iyonke i-128 -rw-r-r-- 1 ingcambu yeengcambu 883 ngoMeyi 5 2015 copyright -rw-r - r-- 1 ingcambu ingcambu 36261 5 Meyi 2015 1 changelog.archive.gz -rw-r - r-- 11297 ingcambu 5 Meyi 2015 1 changelog.Debian.gz -rw-r-r-- 26014 ingcambu 5 Meyi 2015 1 changelog.gz -rw-r-r-- 2084 ingcambu ingcambu 5 Meyi 2015 1 DBus-interface. Gz -rw- r-r-- 4297 ingcambu ingcambu 5 Meyi 2015 2 doc.html drwxr-xr-x 4096 ingcambu ingcambu 19 Feb 17 52:1 imizekelo -rw-r-r-- 9721 ingcambu ingcambu 5 Meyi 2015 1 FAQ.gz -rw -r-r- 4180 ingcambu yeengcambu 5 ngoMeyi 2015 1 README.Debian -rw-r-r-- 12019 ingcambu yeengcambu 5 ngoMeyi 2015 XNUMX setup.html
Makhe siqwalasele iDnsmasq kunye Resolver
Siza kuthatha njengesikhokelo sokuqala-ukutshintsha amagama kunye nabanye, ewe- ifayile yoqwalaselo esetyenziswe kwinqaku «I-Dnsmasq kwi-CentOS 7.3«.
Masingalibali inyathelo elilandelayo:
[(Imeyile ikhuselwe) ~] # mv /etc/dnsmasq.conf /etc/dnsmasq.conf.
Iidilesi ze-IP ezizinzileyo
Iidilesi zeseva okanye izixhobo ezifuna i-IP emiselweyo -ezimbini IPv4 njengaye IPv6- zibhengezwe kwifayile / njl / imikhosi:
[(Imeyile ikhuselwe) ~] # nano / njl / imikhosi 127.0.0.1 localhost # Le migca ilandelayo iyanqweneleka kwi-IPv6 inginginya enamandla: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouters # Iiseva kunye neekhompyuter ezinee-IPs ezizinzileyo. 10.10.10.1 sysadmin.mordor. 10.10.10.3.
Masenze ifayile /etc/dnsmasq.conf
[(Imeyile ikhuselwe) ~] # nano /etc/dnsmasq.conf
# ------------------------------------------------- ------------------ # IINKETHO JIKELELE # ---------------------------- - -------------------------------------- indawo efunekayo # Musa ukugqithisa amagama ngaphandle kwesizinda Inxalenye ye-bogus-priv # Musa ukudlulisa iidilesi kwindawo engafakwanga yokwandisa-inginginya # Yongeza ngokuzenzekelayo i-domain kwisikhombisi esibonakalayo = eth0 # Ujongano. QAPHELA ujongano # ngaphandle-ujongano = eth1 # SUKUYIMAMELE le NIC-odolo engqongqo # Umyalelo apho ubonisana /etc/resolv.conf ifayile # Bandakanya ezinye iindlela ezininzi zokumisela # kwifayile okanye ngokufumana ubumbeko # iifayile ezongezwe kulawulo # conf-file = / etc / dnsmasq.more.conf conf-dir = / etc / dnsmasq.d # Inxulumene negama leDomain Domain = mordor.fan # Igama leDomain # Iseva yexesha li-10.10.10.1. Idilesi = / ixesha.windows.com / 10.10.10.1 # Ithumela ukhetho olungenanto lwexabiso leWPAD. Ifunelwa i- # Windos 7 kunye nabathengi kamva ukuba baziphathe kakuhle. ;-) dhcp-option = 252, "\ n" # Ifayile apho siza kubhengeza iiHOSTS eziza "kuthintelwa" addn-hosts = / etc / banner_add_hosts # Jonga i-Microsoft® DNS server "sauron" ukuba siyayivumela run server = / mordor.fan / 10.10.10.3 # Imibuzo malunga nemimandla yendawo iya kuphendulwa # ukusuka / njl / imikhosi okanye nge-DHCP yasekhaya = / mordor.fan / # Imibuzo malunga ne-PTR okanye iirekhodi eziGuquliweyo ziya kuphendulwa # ziiseva " dns "kunye ne" sauron "kulolo hlobo server = / 10.10.10.in-addr.arpa / 10.10.10.5 server = / 10.10.10.in-addr.arpa / 10.10.10.3 # ------- - --------------------------------------------------- --------- # BHALISO LOKUBHALWA KWAMANQAKU # ------------------ ----------------------------- # Olu hlobo lobhaliso lufuna ungeno # kwi / njl / imikhosi # ifayile umz. 10.10.0.7. 10 troll.mordor.fan troll # cname = ALIAS, REAL_NAME cname = ad-dc.mordor.fan, sauron.mordor.fan cname = fileserver.mordor.fan, mamba.mordor.fan cname = proxyweb.mordor.fan, mnyama .mordor.fan cname = blog.mordor .fan, troll.mordor.fan cname = ftpserver.mordor.fan, shadowftp.mordor.fan cname = mail.mordor.fan, blackelf.mordor.fan cname = www.mordor.fan, blackspider.mordor.fan igama = opendire .mordor.fan, palantir.mordor.fan # MX RECORDS # Returns MX record with the name "mordor.fan" destined # for the blackelf.mordor.fan team and priority of 10 mx-host = mordor.fan, imeyile. mordor.fan, XNUMX # Indawo engagqibekanga yeerekhodi ze-MX ezenziwe # zisebenzisa i-localmx khetho iya kuba: mx-target = mail.mordor.fan # Ibuyisa irekhodi le-MX elalatha ekujoliswe kuyo mx kubo BONKE # oomatshini bendawo localmx # Iirekhodi zeTXT.
dhcp-ukuqeshisa-max = 222 # Elona nani liphezulu leedilesi zokuqeshisa
# ngokungagqibekanga yi-150
# IPV6 Uluhlu # dhcp-range = 1234 ::, ra-only # Iinketho zoluhlu # OPTIONS dhcp-option = 1,255.255.255.0 # NETMASK dhcp-option = 3,10.10.10.253 # ROUTER GATEWAY dhcp-option = 6,10.10.10.5. 15 # Iiseva ze-DNS dhcp-option = 19,1, mordor.fan # I-Domain Domain Name dhcp-option = 28,10.10.10.255 # option ip-phambili ON dhcp-option = 42,10.10.10.1 # BROADCAST dhcp-option = 40. # NTP # dhcp-option = 41,10.10.10.3, MORDOR # NIS Domain Name # dhcp-option = 44,10.10.10.3 # NIS Server # dhcp-option = 45,10.10.10.3 # WINS # dhcp-option = 73,10.10.10.3 # Idatha yeNetBIOS # dhcp-option = 46,8 # Iseva yeminwe # dhcp-option = XNUMX # NetBIOS node dhcp -gunya # Igunya le-DHCP kwi-subnet # ------------- - --------------------------------------------------- --- # ----------------------------------------------- ------------------ --------------------------------------------------- ---- Imibuzo yelog # ------------------------------------------- -------------------------- # Re A kunye neerekhodi ze-SRV ezingqinelana nesikhombisi esisebenzayo # ----------------------------------------- --------------------------
# Iirekhodi A.
Idilesi = / gc._msdcs.mordor.fan / 10.10.10.3 idilesi = / DomainDnsZones.mordor.fan / 10.10.10.3 idilesi = / ForestDnsZones.mordor.fan / 10.10.10.3
# Imicrosoft DNS Zone CNAME irekhodi _msdcs.mordor.fan
cname=03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan,sauron.mordor.fan
# Iirekhodi ze-SRV
# umphathi we-srv = , , , ,
# Ikhathalogu yeHlabathi # Indawo ye-Microsoft DNS _msdcs.mordor.fan
srv-host = _ldap._tcp.gc._msdcs.mordor.fan, sauron.mordor.fan, 3268,0,0 srv-host = _ldap._tcp.I-Default-yokuqala-iSiza-Igama._sites.gc._msdcs.mordor .fan, nesisa.mordor.fan, 3268,0,0
# Indawo ye-Microsoft DNS mordor.fan
srv-host = _gc._tcp.mordor. .3268,0,0
# I-LDAP eguqulweyo neyimfihlo ye-Active Directory
# IMicrosoft DNS zone _msdcs.mordor.fan
srv-host=_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.pdc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
# IMicrosoft DNS zone mordor.fan
srv-host=_ldap._tcp.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
#
# I-KERBEROS iguqulwe kwaye yabucala kulawulo olusebenzayo
srv-host=_kerberos._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kerberos._tcp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._tcp.mordor.fan,sauron.mordor.fan,464,0,0
srv-host=_kerberos._udp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._udp.mordor.fan,sauron.mordor.fan,464,0,0
# ISIPHELO sefayile /etc/dnsmasq.conf
# ------------------------------------------------- ------------------
Masenze ifayile / etc / banner_add_host
[iingcambu @ dns ~] # nano / njl /ibhanile_yongeza_inginginya 127.0.0.1 windowsupdate.com 127.0.0.1 ctldl.windowsupdate.com 127.0.0.1 ocsp.verisign.com 127.0.0.1 csc3-2010-crl.verisign.com 127.0.0.1 www.msftncsi.com 127.0.0.1 ipv6.msftncsi.com 127.0.0.1 teredo.ipv6.microsoft.com 127.0.0.1 ds.download.windowsupdate.com 127.0.0.1 khuphela.microsoft.com 127.0.0.1 fe2.update.microsoft.com 127.0.0.1 crl.microsoft.com 127.0.0.1 www .download.windowsupdate.com 127.0.0.1 win8.ipv6.microsoft.com 127.0.0.1 spynet.microsoft.com 127.0.0.1 spynet1.microsoft.com 127.0.0.1 spynet2.microsoft.com 127.0.0.1 spynet3.microsoft.com 127.0.0.1. 4 spynet127.0.0.1.microsoft.com 5 spynet127.0.0.1.microsoft.com 15 office127.0.0.1client.microsoft.com 127.0.0.1 addons.mozilla.org XNUMX crl.verisign.com [(Imeyile ikhuselwe) ~] # dnsmasq -ukuvavanya dnsmasq: ujonge syntax KULUNGILE. [(Imeyile ikhuselwe) ~] # systemctl qala kwakhona dnsmasq.service [(Imeyile ikhuselwe) ~] # inkquboctl ubume dnsmasq.service
Masiguqule ifayile /etc/resolv.conf-Resolver
(Imeyile ikhuselwe): ~ # nano /etc/resolv.conf
domain mordor.fan khangela mordor.fan
Kutheni singenayo imigca yesiqhelo ebhengezwe kwifayile isisombululo? Kungenxa yokuba sibhengeza kwi wdmasmasq.conf le miyalelo ilandelayo:
# Jonga i-Microsoft® DNS server "sauron" ukuba siyayiyeka iqhubeke umncedisi = / mordor.fan / 10.10.10.3 # Imibuzo malunga nemimandla yendawo iya kuphendulwa # ukusuka / njl / kwimikhosi okanye nge-DHCP yendawo = / mordor.fan / # Imibuzo malunga ne-PTR okanye iirekhodi eziGuquliweyo ziya kuphendulwa # yi "dns" kunye ne "sauron" iiseva ngokulandelelana umncedisi = / 10.10.10.in-addr.arpa / 10.10.10.5 umncedisi = / 10.10.10.in-addr.arpa / 10.10.10.3
Imibuzo evela sysadmin.mordor.fan
Ifayile /etc/resolv.conf kweli qela:
buzz @ sysadmin: ~ $ cat /etc/resolv.conf # Yenziwe yiNethiwekhiManager yokukhangela mordor.fan nameserver 10.10.10.5
buzz @ sysadmin: ~ $ host -t Ku-spynet4.microsoft.com ispynet4.microsoft.com ineedilesi 127.0.0.1 buzz @ sysadmin: ~ $ host -t Ku www.download.windowsupdate.com Ukukhuphela, iiwindowsupdate.com zineedilesi 127.0.0.1 buzz@sysadmin: ~ $ dig dns buzz @ sysadmin: ~ $ dig dns.mordor.fan ;; ICANDELO LOMBUZO :; dns.mordor.fan. KWI ;; ICANDELO LEMPENDULO: dns.mordor.fan. 0 KWI-10.10.10.5 buzz @ sysadmin: ~ $ umphathi -t SRV _ldap._tcp.gc._msdcs buzz @ sysadmin: ~ $ umphathi -t SRV _ldap._tcp.gc._msdcs.mordor.fan _ldap._tcp.gc._msdcs.mordor.fan inerekhodi ye-SRV 0 0 3268 sauron.mordor.fan. buzz @ sysadmin: ~ $ dig _ldap._tcp.gc._msdcs.mordor.fan ;; ICANDELO LOMBUZO :; _ldap._tcp.gc._msdcs.mordor.fan. KWI ;; ICANDELO LEMPENDULO: _ldap._tcp.gc._msdcs.mordor.fan. 0 KWI-10.10.10.3 buzz @ sysadmin: ~ $ dig mordor.fan axfr buzz @ sysadmin: ~ $ dig 10.10.10.in-addr.arpa axfr
Kwaye ngaloo ndlela, zingaphi iindibano zokubonisana esizifunayo
Dnsmasq + Active Directory® + Microsoft® Windows abaXhasi
Qamba kabusha iKlayenti yeMicrosoft® yeWindows
isixhenxe uqeshise idilesi ye-IP:
(Imeyile ikhuselwe): ~ # ikati /var/lib/misc/dnsmasq.leases 1488006009 00:0c:29:d6:14:36 10.10.10.115 seven 01:00:0c:29:d6:14:36
Masinike igama kwakhona «Sixhenxe»-Yintoni engadityaniswanga kuLawulo lweDomain olusebenzayo- ngu«igamusi«. Emva kotshintsho kunye nokuqala kwakhona sijonga:
(Imeyile ikhuselwe): ~ # ikati /var/lib/misc/dnsmasq.leases 1488006633 00:0c:29:d6:14:36 10.10.10.115 eucaliptus 01:00:0c:29:d6:14:36
Imbali yotshintsho inokubonwa kwi- "sysadmin":
buzz @ sysadmin: ~ $ host -t Ezisixhenxe isixhenxe.mordor.fan idilesi ye-10.10.10.115
Emva kokutshintsha kwegama
buzz @ sysadmin: ~ $ host -t Ezisixhenxe Isixhenxe asinayo irekhodi engu-A buzz @ sysadmin: ~ $ host -t I-eucaliptus eucaliptus.mordor.fan idilesi ye-10.10.10.115
Imibuzo evela kumthengi eucaliptus.mordor.fan
I-Microsoft Windows [Inguqulelo 6.1.7601] Ilungelo lokushicilela (c) 2009 Microsoft Corporation. Onke amalungelo agciniwe. C: \ Abasebenzisi \ buzz> nslookup Iseva emiselweyo: dns.mordor.fan Idilesi: 10.10.10.5 > isaron Umncedisi: dns.mordor.fan Idilesi: 10.10.10.5 Igama: sauron.mordor.fan Idilesi: 10.10.10.3 > mordor.fan Umncedisi: dns.mordor.fan Idilesi: 10.10.10.5 Igama: mordor.fan Idilesi: 10.10.10.3 > I-eucalyptus Umncedisi: dns.mordor.fan Idilesi: 10.10.10.5 Igama: eucaliptus.mordor.fan Idilesi: 10.10.10.115 > 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan Umncedisi: dns.mordor.fan Idilesi: 10.10.10.5 Igama: sauron.mordor.fan Idilesi: 10.10.10.3 Izivumelwano: 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan > uhlobo lokuseta = i-SRV > _kerberos._udp.mordor.fan Umncedisi: dns.mordor.fan Idilesi: 10.10.10.5 _kerberos._udp.mordor.fan Indawo yeenkonzo ze-SRV: kuqala = 0 ubunzima = 0 port = 88 svr hostname = sauron.mordor.fan sauron.mordor.fan idilesi ye-intanethi = 10.10.10.3. XNUMX > _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan Umncedisi: dns.mordor.fan Idilesi: 10.10.10.5 _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan Indawo yeenkonzo ze-SRV: kuqala = 0 weight = 0 port = 389 svr hostname = sauron Mordor.fan sauron.mordor.fan idilesi ye-intanethi = 10.10.10.3 > phuma C: \ Abasebenzisi \ buzz>
Ubhaliso lwabaxhasi lweWindows kwiMicrosoft® DNS
Abaxhasi beWindows abangajoyinanga kwi-Domain Directory
Kuya kufuneka sijonge ukuba ngaba iidilesi ze-IP eziqeshiswe ngabaxumi abahlukeneyo beWindows abavela eDnsmasq babhaliswe ngokuchanekileyo kwiMicrosoft® DNS. Inokuba nefuthe indlela esivula ngayo uHlaziyo lweDynamic- Uhlaziyo lwamandla KwiMicrosoft® DNS Zones ze-Active Directory®. Siqala kulungelelwaniso olungagqibekanga lweMicrosoft DNS evumela kuphela uHlaziyo oluKhuselekileyo lweDynamic- Uhlaziyo lweDynamic-> Khusela kuphela, kuZowuni nganye.
Qaphela ukuba umxhasi okwangoku I-FQDN eucaliptus.mordor.fan hayi iqhotyoshelwe kwi Domain Directory Esebenzayo (okanye iSamba4 AD-DC), kwaye ikwahlukileyo kumthetho kaMicrosoft othi «Ngabathengi ababhaliswe kwi-My Domain kuphela abaya kuba nemvume ngoHlaziyo lweMechanism-endiyaziyo-ukubhalisa kwi-DNS yam kuphela«. Into entle i-Samba4 AD-DC isifundisa okuthile ngayo.
eucalyptus.mordor.fan uqeshise i-IP 10.10.10.115:
buzz @ sysadmin: ~ $ host -t I-eucaliptus eucaliptus.mordor.fan idilesi ye-10.10.10.115
Masitshintshe igama libe ngu «mahogany«, Masiqale kwakhona kwiWindows 7, kwaye ubone ukuba kwenzeka ntoni xa sicela amagama«igamusi"Y"mahogany»Kwi-DNS nganye, kuqala kwi-Microsoft DNS emva koko kwi-Dnsmasq:
buzz @ sysadmin: ~ $ host -t I-eucaliptus.mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Izithethi: Umgcini weeucaliptus.mordor.fan akafumanekanga: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Izithethi: Umamkeli mahogany.mordor.fan akafumanekanga: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t I-eucaliptus.mordor.fan 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Izithethi: Umgcini weeucaliptus.mordor.fan akafumanekanga: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Izithethi: mahogany.mordor.fan ineedilesi 10.10.10.115
Singalitshintsha igama lomxhasi weWindows 7 hayi iqhotyoshelwe kwi-Domain mordor.fan ye-Active Directory® amaxesha ngamaxesha njengoko sifuna, ukuba iMicrosoft® DNS ayifumani malunga nolu tshintsho okanye ukuba umxhasi ukhona. Ngaba kunokwenzeka ukuba kungenxa yokuba sikhethe ukhetho Uhlaziyo lweDynamic-> Khusela kuphela Kwindawo nganye ye-Micorosft DNS?.
Ukuze uMnu.Microsoft® DNS yazi ngotshintsho, kufuneka sikhethe Uhlaziyo lweDynamic-> Ukungaqiniseki kwaye ukhuselekile. Olu khetho, bafundi abathandekayo, lubeka emngciphekweni omkhulu wokhuseleko lwayo nayiphi na i-Domain Name Server ehlonitshwayo, nokuba yiMicrosft® okanye i-UNIX® / Linux. IMicrosoft® DNS ilumkisa malunga nokuba semngciphekweni kuba ekugqibeleni ayisiyonto ingaphaya kokubanjwa okulungisiweyo nokwenziwe ngasese ukusinikaUkhuseleko lobumnyama«. Ukuba akunjalo, kutheni ucebisa ukuba wonge owaziwayo ukubhalisa Zonke iisetingi ze-DNS kunye neerekhodi zeMicrosoft® DNS yakho xa sisebenzisa i-Active Directory®?. Ukongeza ekuxhaseni uhlaziyo olungakhuselekanga kwiMicrosoft® DNS, olu hlengahlengiso lulandelayo luyafuneka kulungiselelo lwekhadi lenethiwekhi yomthengi weWindows 7:
Makhe sijonge:
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Amagama: caoba.mordor.fan unedilesi 10.10.10.115 buzz @ sysadmin: ~ $ umgcini 10.10.10.115 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Amagama: 115.10.10.10.in-addr.arpa igama lesizinda isikhombisi mahogany.mordor.fan. buzz @ sysadmin: ~ $ host -t I-mahogany 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Amagama: caoba.mordor.fan unedilesi 10.10.10.115 buzz @ sysadmin: ~ $ umgcini 10.10.10.115 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Amagama: 115.10.10.10.in-addr.arpa igama lesizinda isikhombisi mahogany.mordor.fan.
Ewe ngoku. Isiphatho esimnandi solungelelwaniso lweeseva ezimbini ze-DNS ezingangqinelaniyo nangayiphi na indlela!
Abaxhasi beWindows bajoyine i-Domain Directory
Masimanyanise umxhasi mahogany.mordor.fan ukuya kwi-Domain, kodwa hayi ngaphambi kokuphelisa uguquko ebesilwenzile kuqwalaselo lwekhadi lakho lenethiwekhi, ukuba ngaxa lithile sikwenzile ukuqinisekisa indawo yesahluko esedlule. Cima kwakhona ungeniso lwe «mahogany»KwiMicrosoft® I-DNS, kwaye ubuyisele uHlaziyo oluHlaziyiweyo kwindawo yabo yemvelaphi ye «Khusela kuphela«. Ngendlela, kuvumelekile ukuqala kwakhona inkonzo yeMicrosoft® DNS.
Emva kokujoyina iDomain, kwaye ngaphandle kwayo yonke imizamo, umxhasi «mahogany»Ayibhaliswanga kwi-Microsoft® DNS. Side sabhengeza kwi wdmasmasq.conf okwethutyana- ukuba iserver yokuqala ye-DNS yi-10.10.10.3.
I-Microsoft Windows [Inguqulelo 6.1.7601]
Ilungelo lokushicilela (c) 2009 Microsoft Corporation. Onke amalungelo agciniwe.
C: Abasebenzisi sumanuman> ipconfig / all
Uqwalaselo lweWindows IP yoGama. . . . . . . . . . . . : IMAGOGANY yamabanga aphantsi eDns Isimamva. . . . . . . Uhlobo lweNode yeNode. . . . . . . . . . . . Umzila weHybrid IP unikwe amandla. . . . . . . . : Akukho Mmeli we-WINS uvumelekileyo. . . . . . . . : Akukho luhlu lokuKhangela kwiSimamva se-DNS. . . . . . : mordor.fan i-Ethernet iadaptha yeNgingqi yoQhagamshelo: Uqhagamshelo olukhethekileyo lwe-DNS Isimamva. : mordor.fan Inkcazo. . . . . . . . . . . I-Intel (R) PRO / 1000 MT yeNxibelelwano lweNethiwekhi Idilesi yendawo. . . . . . . . . : 00-0C-29-D6-14-36 DHCP Yenziwe ukuba isebenze. . . . . . . . . . . : Ulungelelwaniso oluzenzekelayo lwenziwe lwasebenza. . . . : Ewe Idilesi ye-IPv6 yendawo. . . . . : fe80 :: 352a: b954: 7eba: 963e% 12 (Kukhethwe) Idilesi ye-IPv4. . . . . . . . . . . : 10.10.10.115 (Kukhethwa) Subnet Mask. . . . . . . . . . . : 255.255.255.0 Uqeshiso lufunyenwe. . . . . . . . . . : NgoMgqibelo, ngoFebruwari 25, 2017 8: 19: 05 AM Ukuqeshisa kuyaphelelwa. . . . . . . . . . : NgoMgqibelo, ngoFebruwari 25, 2017 4: 20: 36 PM Isango elimiselweyo. . . . . . . . . : 10.10.10.253 Umncedisi we-DHCP. . . . . . . . . . . : 10.10.10.5 DHCPv6 IAID. . . . . . . . . . . : 251661353 DHCPv6 Umxhasi DUID. . . . . . . . : 00-01-00-01-20-3B-69-81-00-0C-29-D6-14-36
Iiseva ze-DNS. . . . . . . . . . . : 10.10.10.3
10.10.10.5
I-NetBIOS ngaphezulu kweTcpip. . . . . . . . : Iadaptha yetonela evunyelweyo isatap.mordor.fan: Media State. . . . . . . . . . . Imidiya ayiqhagamshelekanga Isinxibelelanisi esithile seDNS. : mordor.fan Inkcazo. . . . . . . . . . . Idilesi yendawo eyiMicrosoft ISATAP. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Inikwe amandla. . . . . . . . . . . Akukho luqwalaselo oluzenzekelayo lwenziweyo. . . . : Ewe I-adapter yeTunnel yoQhagamshelo lweNdawo yeNgingqi * 9: Media State. . . . . . . . . . . Imidiya ayiqhagamshelekanga Isinxibelelanisi esithile seDNS. : Inkcazo. . . . . . . . . . . : Iadaptha yeTeredo Tunneling ye-Microsoft Idilesi yendawo. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Inikwe amandla. . . . . . . . . . . Akukho luqwalaselo oluzenzekelayo lwenziweyo. . . . : Kwaye kunjalo
C: Abasebenzisi sumanuman>
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3
Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # Ama-Aliases: Umgcini we-caoba.mordor.fan akafumaneki: 53 (NXDOMAIN)
buzz@sysadmin: ~ $ host -t Kwi-mahogany.mordor.fan
mahogany.mordor.fan ineedilesi 10.10.10.115
- Ekuphela kwendlela umthengi abhaliswe ngayo «mahogany»KwiMicrosft® DNS iguqula ikhadi lakho lenethiwekhi njengoko kubonisiweó kumfanekiso ongaphambiliOko kukuthi, icacisa gca ukuba: isimamva se-DNS soqhagamshelo yi-mordor.fan, ukuba ibhalisa idilesi yoqhagamshelo kwi-DNS, kwaye isebenzisa isimamva esibhengeziweyo se-DNS xa ubhalisa unxibelelwano.
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Amagama: caoba.mordor.fan unedilesi 10.10.10.115 buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan mahogany.mordor.fan ineedilesi 10.10.10.115
Masitshintshe igama lisuke kwi "mahogany" liye "kumsedare"
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # Ama-Aliases: Umgcini we-caoba.mordor.fan akafumaneki: 53 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t Kumsedare.mordor.fan 10.10.10.3 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.3 Idilesi: 10.10.10.3 # 53 Iziteketiso: cedro.mordor.fan inedilesi 10.10.10.115 buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # Ama-Aliases: Umgcini we-caoba.mordor.fan akafumaneki: 53 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t Kumsedare.mordor.fan 10.10.10.5 Sebenzisa idomeyini yesizinda: Igama: 10.10.10.5 Idilesi: 10.10.10.5 # 53 Iziteketiso: cedro.mordor.fan inedilesi 10.10.10.115
Kwaye konke okuqhelekileyo, njengabaxhasi beMicrosoft® kunye neMicrosoft® DNS njengezinto eziza kubakho.
Masisebenze neMicrosoft® DHCP kunye neMicrosoft® DNS
Bafundi bafundi, esi sahluko singaphandle komxholo webhlog enikezelwe kwiSoftware yasimahla. Jonga uncedo lukaMicrosoft®. Abakholelwa?. 😉
Izigqibo
Zininzi iindlela zokwenza iMicrosoft® DNS xa siyenza ngokudibeneyo kwinethiwekhi ye-SME kunye ne-Dnsmasq. Phakathi kwabo siza kukhankanya kuphela oku kulandelayo:
- Yiyeke ngokupheleleyo inkonzo yeMicrosoft® ye-DNS kwikhompyuter apho isebenza khona, ibonisa emva kokuba ukuqala kwenkonzo kukhubazekile. Sukukhangela kuqwalaselo lwekhadi lenethiwekhi lomthengi ngamnye weMicrosoft® ukhetho lokubhalisa idilesi yonxibelelwano kwi-DNS. Susa kwifayile /etc/dnsmasq.conf Isikhokelo umncedisi = / mordor.fan / 10.10.10.3. Amanqaku:
- Nokuba imibuzo malunga neerekhodi ayiphendulwa ezibalulekielyo y NSUthungelwano luzakusebenza ngokuchanekileyo, kunye nokudibana kwabathengi abahlukeneyo -Microsoft® kunye neLinux- kwi-Active Directory® Domain.
- Inenzuzo yokuba kwi-SME LAN kuya kubakho igama elinye leSizinda segama -machote- kwaye iya kuba yi-Dnsmasq. ;-). Kwelinye icala, ukubakho kokungangqinelani phakathi kweerekhodi ze-DNS ezigcinwe kwi-Microsoft® DNS kunye nezo zifumaneka kwi-Dnsmasq kuyasuswa.
- Shiya iMicrosoft® DNS isebenza ukuphendula kuphela imibuzo ye-DNS malunga neerekhodi ze-SOA kunye ne-NS. Qaphelas:
- Guqula ubumbeko lwekhadi lenethiwekhi lomthengi ngamnye weWindows, ungakhangeli ukhetho lokubhalisa idilesi yoqhagamshelo kwi-DNS.
- Sicinga ukuba esi sisombululo yinkcitho yezixhobo.
- Qwalasela iinkonzo njengoko sibonile kulo lonke inqaku, elibonisa isisombululo ngakumbi ekuthandeni ifilosofi yeMicrosoft®- ayisiFreeBSD / Linux- Kulungile?
Isishwankathelo
- Isindululo seMicrosoft® DNS sivaliwe kakhulu. Ishiya indawo yezinye izisombululo ezingahambelaniyo nefilosofi yayo.
- UMama weNdalo usifundisa ukuba sikho kwindalo eyahlukeneyo. Into eqhelekileyo kukuba ube ne-LAN edibeneyo, usiya kwisoftware yasimahla, kwaye usisityebi ebomini kunye nokwahluka.
- Kubonakala ngathi kwiMicrosoft®, abathengi abangazibandakanyi neFilosofi yakhe baGxothiwe, kwaye ngenxa yoko akufuneki bazikhathaze ngokubathathela ingqalelo.
- Kunzima kangakanani ukusebenza neSoftware yabucala! Ndingathanda ukuchitha kancinci umsebenzi ndiseta isoftware yasimahla kwaye ndikhululeke ngokwenyani, damn!
"Eyona Khrayitheriya yeNyaniso kukuziqhelanisa."
Inqaku elikhulu olibhalileyo, uFederico!
Inqaku elimangalisayo sithandwa sam. Isishwankathelo yeyona XD ibalaseleyo
ISldos;
Andicingi ukuba ndibone isikhokelo esigqibeleleyo nesineenkcukacha ze-sysadmin kwi-intanethi (ngolwimi lwaseSpain), umsebenzi owenzayo kwiiNethiwekhi zeeSMEs kukuma.
Nangona umsebenzi unzima kwaye ufikelela kwinqanaba leenkcukacha ngumcimbi weeyure ezininzi, ndicinga ukuba wenza indawo ekubhekiswa kuyo eza kusetyenziswa njengoko isaziwa ngenani elikhulu leSysAdmin enesitshixo kumanqaku akho utitshala yemisebenzi ajongene nayo yonke imihla.
Ngokubhekisele kwi-dnsmasq kunye nolawulo olusebenzayo, ndicinga ukuba andikaze ndibenalo ithuba lokusebenza nabo bobabini, kodwa kwilabhoratri yam, xa kungekho mxhasi wewindows, yonke into ibonakala ngathi ilungile, kwaye ayimangalisi ngeli nyathelo libalaseleyo inyathelo.
Sindisa ibinzana lakho «Kunzima kangakanani ukusebenza neSoftware yabucala!. Kungcono ndichithe kancinci umsebenzi wokumisela iSoftware yasimahla kwaye ndikhululeke ngokwenyani, yenze loo nto! ukwenziwa kwabantu rhoqo kwesoftware yasimahla.
Siyavuyisana neFIco… Siyaqhubeka.
Zodiac: Amagama akho anomdla wokuqhubeka ubhala. Ungathandabuzi, uninzi lweeyure ezilungileyo - iimpundu ziyafuneka ukubhala inqaku elithobekileyo elinje.
UJulio León: Ndiyabulisa nakuwe, sithandwa sikaJulio. Ngethemba kwaye uyaqhubeka nathi kwindlela yokwazi okungakumbi malunga neSoftware yasimahla.
ILagarto: Iintsuku kunye neeyure ezichithwe kufanelekile xa ndifunda amagqabantshintshi afana nala akule post. Bangowona mvuzo mhle ngomsebenzi wethu. Ndidlulise ikhonkco kwinqaku kuSimon Kelley ngokwakhe kwaye wayenobubele ngokwaneleyo ukuba andiphendule.
Ndifuna ukuthatha ithuba ngeli thuba nditsho ukuba kwimicimbi ye-DNS kunye ne-DHCP siqala-ngesicwangciso-esisuka kwinkimbinkimbi ukuya ekulula. I-Dnsmasq sisisombululo esisebenzayo kwiiNethiwekhi ze-SME, kwaye kulula kakhulu ukuyiphumeza kune-BIND + Isc-Dhcp-Server duo. Isifundo sinokubonakala ngathi sinobuchwephesha kubafundi abaninzi. Ngexesha kunye nokuzilolonga bayakuqonda ukuba oku akunjalo. Kufanelekile ukuba ufunde ngeMigaqo yeServer yeZiseko zoPhuhliso, isihloko esiza kugubungela amanqaku ama-6 abhalwe malunga ne-DNS kunye neenkonzo ze-DHCP, ngaphandle kokulibala i-NTP.
Siyavuyisana nabo bonke… Siyaqhubeka!
Enkosi uFederico ngelinye inqaku elikhulu elinenkcukacha ezinkulu kunye nethiyori ebanzi malunga ne-Dnsmasq, isixhobo esele sisibonile siluncedo kakhulu kwii-sysadmins.
ENKULU yonke into enxulumene nokufaka iMicrosoft DNS Zone "_msdcs.mordor.fan" kwi /etc/dnsmasq.conf yefayile yoqwalaselo ngokusebenzisa iirekhodi zayo ze-SRV ezisebenzisa iinkonzo: _gc, _ldap, _kerberos kunye _kpasswd ngenjongo yokusebenzisa iMicrosoft DNS ( command "server = / mordor.fan / 10.10.10.3") ukongeza kwi-Dnsmasq (command "local = / mordor.fan /") ukusombulula imibuzo ye-DNS.
OKUKHULU ngumzekelo ophuhlisiwe wokuba iMicrosoft DNS ibhalise abathengi beWindows ngotshintsho lwe-IP kwi-LAN, kuya kufuneka ukhethe kuqwalaselo lwe-DNS, "Uhlaziyo lweDynamic" njengo "Ukungaqiniseki kunye nokukhuseleka" kwaye oko kuthetha ukuba sesichengeni Ukhuseleko lwayo nayiphi na i-Domain Name Server ehlonishwayo, nokuba yiMicrosoft okanye i-UNIX / Linux. Ngaphandle kokufuneka ukulungiswa nje kuqwalaselo lwekhadi lenethiwekhi yomthengi weWindows.
Akukho nto ithi ngeposi nganye entsha uphakamise ukuma kwayo! Silindele ngolangazelelo amanqaku alandelayo!
Enkosi kakhulu kuvavanyo lwakho kunye nezimvo, IWO. Kwinqaku ngalinye endilipapashayo, ndihlala ndilindele uluvo lwakho, njengoko ixhaswa ngumsebenzi wakho, ulwazi kunye nokusebenza. Ndiyakuvuyela i-IWO. Siza kukubona kwinqaku elilandelayo
Umsebenzi olunge kakhulu, njengoko uhlala uthumela ezi zinto zinqabileyo kwii-sysadmins. Enkosi kwiwaka!
Nika iMicrosoft DNS ithuba, awukayivumeli ukuba ibonise. Asazi ukuba usaphila na nokuba sele eneentloni. Inqaku elihle.
Ilitye elinqabileyo elingafani nelinye, eligcinwe kwiintandokazi zokubonisana. Inqaku elihle.
HO2Gi enkosi ngovavanyo lwakho. Ndikucebisa-kwaye ngokubanzi kuye WONKE UMNTU- undwendwele https://blog.desdelinux.net/redes-computadoras-las-pymes-introduccion/. Yahlelwa kwakhona ngesalathiso sazo zonke izithuba ezipapashiweyo kunye nezihloko ekuza kuxoxwa ngazo. Ukubulisa kwaye uqhubeke nathi.
Uxwebhu olugqwesileyo njengolo lufumaneka kwi https://blog.desdelinux.net/bind-active-directory/
Ndifuna nje ukwenza ingcebiso, kwaye nceda uyithathe njengokugxeka okwakhayo; Ukwenza umzekelo kuqwalaselo, ngekungcono ukuba endaweni yokusebenzisa uthungelwano lwe-10.10.10.0 / 24, belusebenzise enye apho ibhlokhi nganye inamanani ahlukeneyo, njengenethiwekhi ye-192.168.1.0/24.
Oku kuyakwenza ukuba icace ngakumbi indawo apho iidilesi zomnatha zingena umva, umzekelo xa kufuneka udibanise amaxabiso ohlobo ".in-addr.arpa"
Enkosi ngokwabelana ngolwazi olukumgangatho ophezulu kakhulu.
Ukugqithisa kakhulu