I-Master Master ye-Primary ye-LAN kwi-Debian 6.0 (III)

Ngumzamo omkhulu wokunciphisa kumanqaku ama-5 amancinci uLwazi lwangaphambili, ukuFakelwa, ukuCwangciswa, kunye nokuDalwa kweMimandla kunye nokuKhangelwa kweBOP, ukuze iqondwe lelona nani likhulu labafundi eliyinjongo yethu ephambili.

Abo banomonde wokufunda ngononophelo i 1 y 2da Icandelo leli nqaku, bakulungele ukuqhubeka nokucwangciswa kunye nokuseta i-Domain Name Server ye-LAN.

Entsha, kunye nabo bangacacanga ncam malunga neekhonsepthi ezishwankathelweyo ezinikwe kwiindawo ezingaphambili, sicebisa ukuba uzifunde kwaye uzifunde ngaphambi kokuba uqhubeke. Okuqhelekileyo ukurhanelwa kokuphelelwa lithemba! buyela ukuba awufundanga ngononophelo.

Siza kubona ngezantsi:

  • Idatha ephambili ye-LAN
  • Ubuncinci bokuqwalaselwa komgcini
  • Uhlengahlengiso kwifayile /etc/resolv.conf
  • Uhlengahlengiso kwifayile /etc/bind/named.conf
  • Uhlengahlengiso kwifayile /etc/bind/named.conf.option
  • Uhlengahlengiso kwifayile /etc/bind/named.conf.local

 Idatha ephambili ye-LAN

Igama leDomain ye-LAN: amigos.cu LAN Subnet: 192.168.10.0/255.255.255.0 BOPHELA Iseva ye-IP: 192.168.10.10 Igama leNetBIOS Igama leSeva: ns

Nangona icacile, khumbula ukutshintsha idatha yangaphambili eyakho.

Ubuncinci bokuqwalaselwa komgcini

Kubaluleke kakhulu ukuba iifayile ziqwalaselwe ngokuchanekileyo / njl / inethiwekhi / ujongano y/ njl / imikhosi ukufumana ukusebenza kakuhle kwe-DNS. Ukuba yonke idatha ibhengeziwe ngexesha lofakelo, akukho lutshintsho luya kubakho. Imixholo nganye nganye mayibe zezi zilandelayo:

# imixholo ye / etc / network / interfaces fayile # Le fayile ichaza uthungelwano olunxibelelanayo olukhoyo kwinkqubo yakho # kunye nendlela yokwenza isebenze. Ngolwazi oluthe kratya, jonga ujongano (5). # I-loopback network interface auto lo loaceace inet loopback # Inethiwekhi ephambili yenethiwekhi vumela-hotplug eth0 iface eth0 inet static address 192.168.10.10 netmask 255.255.255.0 network 192.168.10.0 Broadcast 192.168.10.255 gateway 192.168.10.2 # dns- * options are iphunyezwe yiphakheji ye-resolutionvconf, ukuba ifakiwe i-dns-nameservers 192.168.10.10 dns-search amigos.cu # umxholo we / etc / hosts 127.0.0.1 localhost 192.168.10.10 ns.amigos.cu ns # Le migca ilandelayo iyanqweneleka kwi-IPv6 :: 1 ip6-localhost ip6-loopback fe00 :: 0 ip6-localnet ff00 :: 0 ip6-mcastprefix ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouters

Uhlengahlengiso kwifayile /etc/resolv.conf

Kwimibuzo yethu kunye nokutshekishwa ukuze sisebenze ngokuchanekileyo, kufuneka sibhengeze kuqwalaselo lwasekhaya lomamkeli, oya kuba yindawo yethu yokukhangela eya kuthi ibe yi-DNS yendawo yethu. Ngaphandle kwezi paramitha zingasentla ubuncinci, nawuphi na umbuzo we-DNS uya kusilela. Kwaye le yimpazamo eyenziwa ngabaqalayo abaninzi. Ke masihlele ifayile /etc/resolv.conf kwaye siyishiya nomxholo olandelayo:

# Umxholo we /etc/resolv.conf khangela abahlobo.cu nameserver 192.168.10.10

Kwikhompyuter apho sineserver ye-DNS efakiweyo sinokubhala:

khangela amigos.cu nameserver 127.0.0.1

Umxholo ongentla, ingxelo nameserver 127.0.0.1, ibonisa ukuba imibuzo iya kwenziwa localhost.

Emva kokuba i-BIND yethu iqulunqwe ngokuchanekileyo sinokwenza nawuphi na umbuzo we-DNS kumamkeli wethu, nokuba kungumncedisi uqobo bopha9 okanye enye iqhagamshelwe kwinethiwekhi kwaye yeyese-subnet efanayo kwaye inemaski efanayo yenethiwekhi. Ukuze ufunde okungakumbi malunga nefayile, sebenzisa Isisombululo somntu.

Uhlengahlengiso kwifayile /etc/bind/named.conf

Ukunciphisa umda kwimibuzo yethu ukuze baphendule kuphela kwi-subnet yethu kwaye bathintele uhlaselo Ukufafaza, sibhengeza kwifayile igama.conf Uluhlu loLawulo lokuFikelela okanye i-ACL (uLuhlu loLawulo lokuFikelela) kwaye siyibiza njalo udaka. Ifayileigama.conf Kufuneka kube ngolu hlobo lulandelayo:

// /etc/bind/named.conf // Le yeyona fayile yoqwalaselo iphambili kwisakhelo se-BIND DNS esigama. // // Nceda ufunde / usr/share/doc/bind9/README.Debian.gz ngolwazi kwi // isakhiwo seefayile zoqwalaselo ze-BIND kwi-Debian, * NGAPHAMBI kokuba wenze ngokwezifiso // le fayile yoqwalaselo. // // Ukuba ukongeza nje imimandla, nceda wenze oko kwi /etc/bind/named.conf.local // // Amagqabantshintshi ngeSpanish ngawethu // Sishiya ezokuqala ngesiNgesi // QAPHELA ukukopa kunye uncamathisele // SUKUYEKA IZIKHUNDLA EZINAMANYE EGQIBELENI KOLUHLU NGAMNYE // // Uluhlu lokuFikelela: // Iya kuvumela imibuzo evela kummandla wasekhaya nakwi-subnet yethu // Kwifayile ebandakanyiweyo enegama.conf. . ii-acl ezinxibeleleneyo 127.0.0.0/8; }; zibandakanya "/etc/bind/named.conf.options"; zibandakanya "/etc/bind/named.conf.local"; zibandakanya "/etc/bind/named.conf.default-zones"; // ukuphela kwefayile /etc/bind/named.conf

Makhe sijonge ubumbeko lwe-BIND ukuza kuthi ga ngoku kwaye siqale inkonzo kwakhona:

ebizwa-itshekconf -z inkonzo bind9 ukuqala kwakhona

Uhlengahlengiso kwifayile /etc/bind/named.conf.options

Kwicandelo lokuqala "iinketho"Siza kubhengeza kuphela i Abaphambili, kwaye ngoobani abaya kuba nakho ukujongana NOKUBOPHA kwethu. Emva koko sibhengeza iSitshixo okanye isitshixo apho sinokulawula khona bopha9, kwaye okokugqibela yeyiphi umphathi sinokuthi siyilawule. Ukwazi ukuba leliphi iqhosha okanye isitshixo, kufuneka sikwenze ikati /etc/bind/rndc.key. Sikopa imveliso kwaye siyincamathisela kwifayile ukhetho.conf. Ekugqibeleni, ifayile yethu kufuneka ijongeke ngolu hlobo:

// /etc/bind/named.conf.options ongakhetha kuzo {// QAPHELA UKUKOPISHA NOKUGCINA, NCEDA ... // Isikhombisi esingagqibekanga ukufumana ulawulo lweefayile zeZowuni "/ var / cache / bind"; // Ukuba kukho i-firewall phakathi kwakho kunye ne-nameservers ofuna // ukuthetha nayo, unokufuna ukulungisa i-firewall ukuvumela amaninzi // amazibuko ukuba athethe. Bona http://www.kb.cert.org/vuls/id/800113 // Ukuba i-ISP yakho ibonelele ngedilesi enye okanye ezingaphezulu ze-IP ze-nameservers ezinzileyo, mhlawumbi ufuna ukuzisebenzisa njengabathumeli. // Uncomment kule bhloko ilandelayo, kwaye faka iidilesi endaweni ye- // yonke indawo yokubamba engu-0. // abathumeli {// 0.0.0.0; // 0.0.0.0; //} // Abathumeli. Andinayo inguqulelo engcono // Iidilesi zivela kwiiseva ze-ceniai.net.cu // Ukuba ayinayo i-Intanethi, AKUFUNEKI // ukuyichaza, ngaphandle kokuba uneLAN // entsonkothileyo kunye neeseva ze-DNS ezisebenza njengabathumeli ngaphandle // koluhlu lweedilesi ze-IP zestnet. Kwimeko apho // kuya kufuneka ubhengeze i-IP (s) yezo seva. // Imibuzo yokuhambisa phambili yiCascade. abathumeli {169.158.128.136; 169.158.128.88; }; // Kwi-LAN emiswe kakuhle, YONKE imibuzo ye-DNS // kufuneka yenziwe kwiseva ye-DNS yendawo kwi-LAN, // HAYI kwiiseva ezingaphandle kwe-LAN. // Ngokukodwa xa unokufikelela kwi-Intanethi, // makube nguZwelonke okanye owamazwe aphesheya. Okokuba // sibhengeza abaDlulisi kwi-auth-nxdomain hayi; # yangqinelana ne-RFC1035 mamela-kwi-v6 {nayiphi na; }; // Khusela ekuchaseni umbuzo-mvume {mired; }; }; // Imixholo yefayile / etc / bind / rndc-key // found through cat / etc / bind / rndc-key // Khumbula ukuyitshintsha ukuba siphinda senze isitshixo "rndc-key" {algorithm hmac-md5; Imfihlo "dlOFESXTp2wYLa86vQNU6w =="; }; // Ukusuka kuliphi ihostele esiza kulawula kwaye ngalo lawulo oluphambili {inet 127.0.0.1 vumela {localhost; } amaqhosha {rndc-key; }; }; // ifayile yokugqibela /etc/bind/named.conf.options

Makhe sijonge ubumbeko lwe-BIND ukuza kuthi ga ngoku kwaye siqale inkonzo kwakhona:

ebizwa-itshekconf -z inkonzo bind9 ukuqala kwakhona

Sithathe isigqibo sokubandakanya njenge // Izimvo Imiba esisiseko enokuthi isebenze njengesalathiso sokubonisana okuzayo.

Inyani yokubhengeza abaDlulisi, ijika i-BIND server yethu ibe yiseva yeCaché, igcina ukusebenza kwayo njenge-Master Master. Xa sicela umamkeli okanye idomeyini yangaphandle, impendulo -ukuba ilungile- iya kugcinwa kwindawo yayo yokugcina izinto, ukuze xa siyibuza kwakhona kumamkeli omnye okanye kwithambeka elifanayo langaphandle, sifumana impendulo ekhawulezileyo ngokungabonisi. buyela kwii-DNS zangaphandle.

Uhlengahlengiso kwifayile /etc/bind/named.conf.local

Kule fayile sibhengeza imimandla yendawo yethu. Kuya kufuneka sibandakanye iMimandla yokuPhambili kunye nokuGuqula ubuncinci. Khumbula ukuba kwifayile yoqwalaselo/etc/bind/named.conf.options Sazisa ukuba loluphi ulawulo esiza kubamba ngalo iiFayile zemimandla sisebenzisa isikhombisi somkhombandlela. Ekugqibeleni, ifayile kufuneka ibe yile ilandelayo:

// /etc/bind/named.conf.local // // Yenza naluphi na ubumbeko lwasekhaya apha // // Cinga ukongeza imimandla ye-1918 apha, ukuba ayisetyenziswanga kumbutho wakho // // // "/ etc / bind /zone.rfc1918 "; // Amagama eefayile kwindawo nganye ngu // incasa yomthengi. Sikhethe amigos.cu.hosts // kunye 192.168.10.rev kuba basinika ukucaciswa kwimixholo yabo //. Akusekho mfihlakalo // uhlobo lwenkosi; ifayile "amigos.cu.hosts"; }; // Indawo eyiNtloko eyiNtloko: chwetheza "Inverse" zone "10.168.192.in-addr.arpa" {type master; ifayile "192.168.10.rev"; }; // Ukuphela kwegama.conf.local file

Ukujonga ubumbeko lwe-BIND ukuza kuthi ga ngoku:

igama-itshekconf -z

Umyalelo odlulileyo uya kubuyisa impazamo kude kube akukho fayile zommandla. Eyona nto iphambili kukuba iyasilumkisa ukuba iZones zibhengezwe kwi-name.conf.local aziyi kulayishwa, kuba iifayile zeerekhodi ze-DNS azikho, ziyinyani okwangoku. Singadlulela phambili.

Masiqale kwakhona inkonzo ukuze utshintsho luqwalaselwe:

service bind9 ukuqala kwakhona

Njengoko asifuni ukwenza isithuba ngasinye side kakhulu, siza kujongana nomba wokudala iifayile zeMimandla yeNgingqi kwindawo elandelayo ye-4. Kude kube ngoko zihlobo!


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.

  1.   wmdmsi sitsho

    Enkosi ndoda!

    Namhlanje kunzima ukubona iiposti zalo mgangatho kwi-intanethi!

    Nibuliso!

    1.    phico sitsho

      Enkosi kakhulu ngengcaciso yakho .. Kuluyolo ukufunda izinto ezinjalo .. 😉

  2.   isishwankathelo sitsho

    Inqaku elihle!
    Enkosi fico, Elov, KZ, kunjalo... DesdeLinux kuba zikhona

    Ngokudibeneyo, iplagi inokumiliselwa evumela ukukhuphela amanqaku njenge-pdf (isitayile seHumanOS)
    Phendula nge quote
    Utshintsho

    1.    UFrederick sitsho

      Ndiyabulela nonke ngezimvo zenu. Sifunda ZONKE.
      Ukukhutshelwa kwamanqaku kwiPDF akubandakanyi izimvo zabahlobo kunye noogxa bakho, abaxhasa isithuba kwaye baluncedo olukhulu. Ukunika isikhokelo ngaphandle kwezimvo akunakwenzeka ngokunikwa ububanzi besifundo. I-UNIX / i-Linux ibanzi kakhulu ukuhambisa amava omntu wonke.

      1.    isishwankathelo sitsho

        Amanqaku afanelekileyo!
        Kucacile ukuba amagqabantshintshi ayahambelana nolwazi lwamanqaku, ade acebise ngezinto ezinokuhlala okanye ezinokongezwa, kodwa ndigcina umbono wam wokuba kufanelekile ukuba inqaku lingagcinwa njenge-pdf, ubuncinci kum
        Ukwanga okuvela eCuba kwaye uqhubeke ujonge phambili

  3.   elpapineo sitsho

    Ukubaleka:
    igama-itshekconf -z
    Ndiziva njenge:
    /etc/bind/named.conf.options 30: ukhetho olungaziwayo 'ulawulo'

    1.    elpapineo sitsho

      Ndiziphendula ngokwam: kuya kufuneka ubeke icandelo lolawulo ngaphandle kwecandelo lokukhetha.

      Ndingathanda ukufaka isandla kwinto: ukuba endaweni yokukhuphela kunye nokuncamathisela kwifayile enegama.conf

      iqhosha "rndc-key" {
      I-algorithm hmac-md5;
      Imfihlo "dlOFESXTp2wYLa86vQNU6w ==";
      };

      Senza:

      kubandakanya "/etc/bind/rndc.key";

      in file.conf Ndicinga ukuba iyasebenza nayo.

      Ukubulisa