DNS ati DHCP ni Debian 8 "Jessie" - Awọn nẹtiwọki SMB

Atọka gbogbogbo ti jara: Awọn nẹtiwọọki Kọmputa fun Awọn SME: Ifihan

Kaabo awọn ọrẹ !. Lẹhin tọkọtaya ti tẹlẹ ti awọn nkan lori Orukọ Ilana Orukọ ati awọn Ilana Iṣakoso Gbigbọn Gigun ni Agbara ṣe atẹjade ni «DNS ati DHCP ni openSUSE 13.2 'Harlequin'"ati"DNS ati DHCP lori CentOS 7«, Mejeeji lati jara Awọn nẹtiwọki SME, a ni lati tunto awọn iṣẹ wọnyẹn ni Debian.

A tun ṣe pe ibẹrẹ ibẹrẹ ti o dara lati kọ ẹkọ nipa awọn imọran imọran ti DNS ati DHCP ni Wikipedia.

Fifi ẹrọ ṣiṣe ṣiṣẹ

A yoo bẹrẹ lati ipilẹ fifi sori ẹrọ ti olupin pẹlu ẹrọ ṣiṣe Debian 8 "Jessie" laisi fifi eyikeyi agbegbe ayaworan sii tabi eto miiran. Ẹrọ foju kan pẹlu awọn megabyte 512 ti Ramu ati dirafu lile gigabyte 20 jẹ diẹ sii ju to lọ.

Lakoko ilana fifi sori ẹrọ - ni ipo ọrọ dara julọ- ati atẹle aṣẹ ti awọn iboju, a yan awọn ipele wọnyi:

  • Ede: Sipeeni - Sipaniisi
  • Orilẹ-ede, agbegbe tabi agbegbe: U.S.
  • Kaadi lati lo: Amẹrika Gẹẹsi
  • Ṣe atunto nẹtiwọọki pẹlu ọwọ:
    • IP adirẹsi: 192.168.10.5
    • Ile-iṣẹ Netmask: 255.255.255.0
    • Ẹnubodè: 192.168.10.1
    • Awọn adirẹsi Nameserver: 127.0.0.1
    • Orukọ ẹrọ: dns
    • Orukọ ase: desdelinux.fan
  • Super Ọrọigbaniwọle Olumulo: SuClave (lẹhinna beere fun idaniloju)
  • Orukọ kikun fun olumulo tuntun: Debian Akọkọ OS Buzz
  • Orukọ olumulo fun akọọlẹ naa: ariwo
  • Yan ọrọigbaniwọle fun olumulo tuntun: SuClave (lẹhinna beere fun idaniloju)
  • Yan agbegbe aago rẹ: Ila-oorun
  • Ọna ipin: Itọsọna - lo gbogbo disk
    • Yan disk si ipin: Disk foju disk 1 (vda) - 21.5 GB Virto Block Device
    • Eto ipin: Gbogbo awọn faili ni ipin kan (ti a ṣe iṣeduro fun awọn tuntun).
    • Pari ipin ati kọ awọn ayipada si disk
    • Ṣe o fẹ lati kọ awọn ayipada si awọn disiki naa?
  • Ṣe o fẹ ṣe itupalẹ CD miiran tabi DVD?:
  • Ṣe o fẹ lo ẹda tid?:
  • Ṣe o fẹ mu iwadi ilo package?:
  • Yan awọn eto lati fi sii:
    [] Aaye tabili tabili Debian
    [*] Awọn ohun elo eto boṣewa
  • Ṣe o fẹ fi sori ẹrọ agberu boot GRUB ni igbasilẹ bata akọkọ?
    • / dev / vda
  • "Fifi sori ẹrọ ti pari":

Ninu ero kekere mi, fifi Debian sii jẹ rọrun. O nilo nikan lati dahun awọn ibeere ti awọn aṣayan ti a ti pinnu tẹlẹ ati diẹ ninu alaye miiran. Mo paapaa ni igboya lati sọ pe o rọrun lati tẹle awọn igbesẹ loke ju nipasẹ fidio lọ, fun apẹẹrẹ. Nigbati mo ba ka Emi ko padanu ifọkansi. Ọrọ miiran ni lati wo, ka, tumọ, ati fun fidio ni iwaju ati siwaju, nigbati Mo padanu tabi ko ye mi daradara diẹ ninu itumọ pataki. Iwe ti a fi ọwọ kọ, tabi faili ọrọ lasan ti a daakọ si alagbeka, yoo ṣiṣẹ bi itọsọna to munadoko ni pipe.

Awọn eto ibẹrẹ

Lẹhin ti pari fifi sori ipilẹ ati atunbere akọkọ, a tẹsiwaju lati kede Awọn ibi ipamọ Eto.

Nigbati o ba n ṣatunkọ faili naa awọn orisun.list, a ṣe asọye gbogbo awọn titẹ sii ti o wa tẹlẹ nipasẹ aiyipada nitori a yoo ṣiṣẹ nikan pẹlu awọn ibi ipamọ agbegbe. Akoonu ikẹhin ti faili-pẹlu awọn ila asọye- yoo jẹ:

root @ dns: ~ # nano /etc/apt/sources.list
Debt http://192.168.10.1/repos/jessie/debian/ jessie akọkọ idasi gbese Debt http://192.168.10.1/repos/jessie/debian- aabo

A ṣe imudojuiwọn eto naa

root @ dns: ~ # imotuntun imudojuiwọn
root @ dns: ~ igbesoke aptitude
root @ dns: ~ # atunbere

A fi SSH sori ẹrọ lati wọle si latọna jijin

root @ dns: ~ # aptitude fi sori ẹrọ ssh

Lati gba olumulo laaye lati bẹrẹ igba latọna jijin nipasẹ SSH root - lati LAN Idawọlẹ nikan - a ṣe atunṣe faili iṣeto rẹ:

root @ dns: ~ # nano / ati be be / ssh / sshd_config
.... PermitRootLogin bẹẹni ....

root @ dns: ~ # systemctl tun bẹrẹ ssh.service
root @ dns: ~ # systemctl ipo ssh.service

A bẹrẹ igba latọna jijin nipasẹ SSH ni «dns» lati ẹrọ «sysadmin»:

buzz @ sysadmin: ~ $ rm .ssh / known_hosts buzz @ sysadmin: ~ $ ssh root@192.168.10.5 ... root@192.168.10.5's password: ... root @ dns: ~ #

Awọn faili iṣeto akọkọ

Awọn faili akọkọ ti iṣeto eto yoo jẹ ni ibamu si awọn yiyan wa lakoko fifi sori ẹrọ:

root @ dns: ~ # ologbo / ati be be lo / awọn ogun
127.0.0.1 localhost 192.168.10.5 dns.desdelinux.fan dns # Awọn ila wọnyi jẹ ohun ti o wuni fun awọn olugba agbara IPv6 :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouter

root @ dns: ~ # ologbo /etc/resolv.conf 
wa lati linux.fan nameserver 127.0.0.1

root @ dns: ~ # orukọ olupin
dns

root @ dns: ~ # orukọ ogun -f
dns.fromlinux.fan

root @ dns: ~ # ologbo / ati be be lo / nẹtiwọọki / awọn atọkun
# Faili yii ṣapejuwe awọn atọkun nẹtiwọọki ti o wa lori eto # rẹ ati bii o ṣe le mu wọn ṣiṣẹ. Fun alaye diẹ sii, wo awọn atọkun (5). orisun /etc/network/interfaces.d/* # Ni wiwo nẹtiwọọki loopback idojukọ lo iface lo inet loopback # Ni wiwo nẹtiwọọki akọkọ gba laaye-hotplug eth0 iface eth0 inet aimi adirẹsi 192.168.10.5 netmask 255.255.255.0 nẹtiwọọki 192.168.10.0 igbohunsafefe 192.168.10.255. 192.168.10.1 ẹnu-ọna 127.0.0.1 # dns- * awọn aṣayan ti wa ni imuse nipasẹ package resolvconf, ti o ba fi sori ẹrọ dns-nameservers XNUMX dns-search lati linux.fan

A fi awọn idii iriri nla sii

root @ dns: ~ # aptitude fi sori ẹrọ htop mc deborphan

Ninu awọn idii ti a gbasilẹ, ti eyikeyi

root @ dns: ~ # aptitude install -f root @ dns: ~ # aptitude purge ~ c root @ dns: ~ # aptitude root mimọ @ dns: ~ # aptitude autoclean

A fi sori ẹrọ BIND9

  • Ṣaaju ki o to fifi ẸRỌ sii a ṣe iṣeduro gíga be iwe Awọn iru igbasilẹ DNS lori Wikipedia, mejeeji ni awọn ẹya Spani ati Gẹẹsi rẹ. Awọn iru awọn iforukọsilẹ wọnyi ni awọn eyi ti a yoo lo ni tito leto awọn faili Awọn agbegbe, mejeeji Dari ati Yiyipada. O jẹ ẹkọ pupọ lati mọ ohun ti a nṣe pẹlu.
  • Bakannaa a daba ka atẹle naa Beere fun Comments RFC - Awọn ibeere fun Awọn asọye, eyiti o ni ibatan pẹkipẹki si iṣẹ ilera ti iṣẹ DNS, paapaa pẹlu iyi si Irin-ajo si Awọn olupin Gbongbo:
    • Awọn RFC 1912, 5735, 6303, ati BCP 32: o jọmọ si localhost
    • Awọn RFC 1912, 6303: Agbegbe aṣa fun adirẹsi IPhost agbegbe IPv6
    • Awọn RFC 1912, 5735 ati 6303: Ibatan si Nẹtiwọọki Agbegbe - «Eyi» Nẹtiwọọki
    • Awọn RFC 1918, 5735 ati 6303: Awọn nẹtiwọki Lilo Aladani
    • RFC 6598: Aaye Adirẹsi Pipin
    • Awọn RFC 3927, 5735 ati 6303: Ọna asopọ-agbegbe / APIPA
    • Awọn RFC 5735 ati 5736: Awọn iyansilẹ ilana Agbofinro Imọ-iṣe Intanẹẹti
    • Awọn RFC 5735, 5737 ati 6303: IDANWO-NET- [1-3] fun Akọsilẹ
    • Awọn RFC 3849 ati 6303: IPv6 Apẹẹrẹ Ibiti fun Iwe-ipamọ
    • BCP 32: Awọn orukọ Aṣẹ fun Iwe ati Idanwo
    • Awọn RFC 2544 ati 5735: Igbeyewo tunbo olulana
    • RFC 5735: IANA ti wa ni ipamọ - Kilasi Old E Space
    • RFC 4291: IPv6 Awọn Adirẹsi Ti a ko Fiṣẹ silẹ
    • Awọn RFC 4193 ati 6303: IPv6 ULA
    • RFCs 4291 ati 6303: Ọna asopọ IPv6 Agbegbe
    • RFCs 3879 ati 6303: Awọn adirẹsi Aye-Agbegbe ti IPv6 Ti ko nifẹ
    • RFC 4159: IP6.INT jẹ Idinku

Fifi sori

gbongbo @ dns: ~ # wiwa awari9
p bind9 - Olupin Orukọ Ayelujara Intanẹẹti p bind9-doc - Iwe aṣẹ fun BIND i bind9-host - Ẹya ti 'ogun' ti a ṣepọ pẹlu BIND 9.X p bind9utils - Awọn ohun elo fun BIND p gforge-dns-bind9 - irinṣẹ idagbasoke ajọṣepọ - iṣakoso DNS (nipa lilo Bind9) i A libbind9-90 - Ile-ikawe Pinpin BIND9 ti BIND lo

Tun gbiyanju ṣiṣe oye wiwa ~ dbind9

root @ dns: ~ # aptitude fi sori ẹrọ bind9

root @ dns: ~ # systemctl tun bẹrẹ bind9.service

root @ dns: ~ # systemctl ipo abuda9.service
Bind9.service - DID Server Server Name Ti kojọpọ: ti kojọpọ (/lib/systemd/system/bind9.service; ṣiṣẹ) Ju-Ni: /run/systemd/generator/bind9.service.d └─50-insserv.conf- $ named.conf
   Iroyin: lọwọ (nṣiṣẹ) lati Ọjọ Ẹti 2017-02-03 10:33:11 EST; 1s sẹyin Awọn iwe aṣẹ: eniyan: ti a npè ni (8) Ilana: 1460 ExecStop = / usr / sbin / rndc stop (koodu = jade, ipo = 0 / SUCCESS) PID akọkọ: 1465 (ti a npè ni) CGroup: /system.slice/bind9.service └─1465 / usr / sbin / ti a npè ni -f -u bind Feb 03 10:33:11 dns ti a npè ni [1465]: agbegbe ofo otomatiki: 8.BD0.1.0.0.2.IP6.ARPA Feb 03 10:33:11 dns ti a npè ni [1465]: tẹtisi ikanni pipaṣẹ lori 127.0.0.1 # 953 Feb 03 10:33:11 awọn dns ti a npè ni [1465]: tẹtisi ikanni aṣẹ lori :: 1 # 953 Feb 03 10:33:11 dns ti a npè ni [1465]: ti ṣakoso -keys-zone: ti kojọpọ ni tẹlentẹle Feb 2 03 10:33:11 dns ti a npè ni [1465]: agbegbe 0.in-addr.arpa/IN: tẹlentẹle ti kojọpọ Feb 1 03 10:33:11 dns ti a npè ni [1465]: agbegbe localhost / IN: tẹlentẹle ti kojọpọ Feb 2 03 10:33:11 dns ti a npè ni [1465]: agbegbe 127.in-addr.arpa/IN: tẹlentẹle ti kojọpọ Feb 1 03 10:33:11 dns ti a npè ni [1465]: agbegbe 255.in -addr.arpa/IN: tẹlentẹle ti a kojọpọ 1 Feb 03 10: 33: 11 dns ti a npè ni [1465]: gbogbo awọn agbegbe ti kojọpọ Feb 03 10:33:11 dns ti a npè ni [1465]: Itọkasi ti n ṣiṣẹ: Awọn ila kan ni a ti lo, lilo -l lati fihan ni kikun.

Awọn faili iṣeto ni ti BIND9 fi sii

Ni ọna ti o yatọ diẹ si tito leto iṣẹ DNS ni CentOS ati openSUSE, ni Debian awọn faili wọnyi ni a ṣẹda ninu itọsọna naa / ati be be lo / dipọ:

root @ dns: ~ # ls -l / ati be be lo / dipọ /
lapapọ 52 -rw-r - r-- 1 root gbongbo 2389 Jun 30 2015 bind.keys -rw-r - r-- root root 1 Jun 237 30 db.2015 -rw-r - r-- root 0 root 1 Jun 271 30 db.2015 -rw-r - r-- gbongbo gbongbo 127 Jun 1 237 db.30 -rw-r - r-- gbongbo gbongbo 2015 Jun 255 1 db.empty -rw- r - r-- 353 root root 30 Jun 2015 1 db.local -rw-r - r-- root 270 root 30 Jun 2015 1 db.root -rw-r - r-- root root 3048 Jun 30 2015 ti a npè ni.conf -rw-r - r-- root gbongbo 1 Jun 463 30 ti a npè ni.conf. awọn agbegbe aiyipada -rw-r - r - gbongbo 2015 sopọ 1 Jun 490 30 ti a npè ni.conf.local -rw -r - r-- 2015 root sopọ 1 Feb 165 30:2015 ti a npè ni.conf.options -rw-r ----- 1 asopọ asopọ 890 Feb 3 10:32 rndc.key -rw-r - r- - 1 root root 77 Jun 3 10 zones.rfc32

Gbogbo awọn faili ti o wa loke wa ninu ọrọ pẹtẹlẹ. Ti a ba fẹ mọ itumọ ati akoonu ti ọkọọkan wọn, a le ṣe nipa lilo awọn aṣẹ Ti o kere o o nran, eyiti o jẹ iṣe to dara.

Awọn iwe iwọle

Ninu iwe adirẹsi / usr / ipin / doc / bind9 a yoo ni:

root @ dns: ~ # ls -l / usr / share / doc / bind9
lapapọ 56 -rw-r - r-- 1 root root 5927 Jun 30 2015 aṣẹ -rw-r - r-- root 1 19428 30 Jun 2015 1 changelog.Debian.gz -rw-r - r-- 11790 root root 27 Jan 2014 1 FAQ.gz -rw-r - r-- root 396 gbongbo 30 Jun 2015 1 Awọn iroyin.Debian.gz -rw-r - r-- root 3362 gbongbo 30 Jun 2015 1 README.Debian. Gz -rw- r - r-- 5840 gbongbo root 27 Jan 2014 XNUMX README.gz

Ninu iwe ti tẹlẹ wa a yoo rii Ohun elo Ikẹkọ lọpọlọpọ ti a ṣeduro kika Ṣaaju ki o to tunto BIND, ati paapaa Ṣaaju ki o to wa Intanẹẹti fun awọn nkan ti o jọmọ BIND ati DNS ni apapọ.. A yoo ka akoonu ti diẹ ninu awọn faili wọnyẹn:

FAQs o Fni ibeere Asked Qawọn asọtẹlẹ nipa INU 9

  1. Akopo ati Awọn ibeere Fifi sori ẹrọ - Awọn ibeere nipa Ikojọ ati Fifi sori ẹrọ
  2. Iṣeto ati Awọn ibeere Ṣeto - Awọn ibeere nipa iṣeto ati yiyi
  3. Awọn ibeere Awọn isẹ - Awọn ibeere nipa Isẹ naa
  4. Gbogbogbo Ibeere - Gbogbogbo ìgbök .sí
  5. Ṣiṣẹ-Eto Awọn ibeere Specific - Awọn ibeere kan pato nipa Ẹrọ Iṣiṣẹ kọọkan
    1. HPUX
    2. Linux
    3. Windows
    4. FreeBSD
    5. Solaris
    6. Apple Mac OSX

Awọn iroyin.Debian.gz

Awọn iroyin.Debian ni akojọpọ sọ fun wa pe awọn ipilẹ kaṣe-ìbéèrè-kaṣe y gbigba-recursion ti wa ni mu ṣiṣẹ nipasẹ aiyipada fun awọn ACL ti o wa ni ifisi -itumọ-ni- 'awọn okun agbegbeand à '?localhost'. O tun sọ fun wa pe awọn ayipada aiyipada ni a ṣe lati jẹ ki awọn olupin kaṣe kere wuni si ikọlu nipasẹ Idaraya lati awọn nẹtiwọọki ita.

Lati ṣayẹwo ohun ti a kọ sinu paragira ti tẹlẹ, ti o ba jẹ lati ẹrọ lori nẹtiwọọki funrararẹ 192.168.10.0 / 24 eyiti o jẹ ọkan ninu apẹẹrẹ wa, a ṣe ibeere DNS kan lori ìkápá naa lati linux.net, ati ni akoko kanna lori olupin funrararẹ dns.fromlinux.fan a ṣiṣẹ iru -f / var / log / syslog a yoo gba awọn atẹle:

buzz @ sysadmin: ~ $ maalu localhost
.... ;; OPT PSEUDOSECTION :; EDNS: ẹya: 0, awọn asia :; udp: 4096 ;; IPIN SUYERE :; localhost. INU A ;; IPIN IDAHUN: localhost. 604800 INU A 127.0.0.1 ;; AJTH AṢE: localhost. 604800 IN NS localhost. ;; AKIYESI TUN: localhost. 604800 NI AAAA :: 1

buzz @ sysadmin: ~ $ dig lati linux.net
....
;; OPT PSEUDOSECTION :; EDNS: ẹya: 0, awọn asia :; udp: 4096 ;; IPIN SUYERE :; desdelinux.net. NI A
....
root @ dns: ~ # iru -f / var / log / syslog ....
Feb 4 13:04:31 dns ti a npè ni [1602]: aṣiṣe (a ko le de ọdọ nẹtiwọọki) ipinnu ‘desdelinux.net/A/IN ': 2001: 7fd :: 1 # 53 Feb 4 13:04:31 dns ti a npè ni [1602]: aṣiṣe (aisọnu nẹtiwọọki) ṣiṣatunṣe 'desdelinux.net/A/IN': 2001: 503: c27 :: 2:30 # 53
....

O wu ti syslog o ti pẹ pupọ nitori wiwa fun awọn olupin gbongbo nipasẹ DINN. Dajudaju faili naa /etc/resolv.conf ninu egbe sysadmin.fromlinux.fan tọka si DNS 192.168.10.5.

Lati ipaniyan ti awọn ofin iṣaaju a le fa ọpọlọpọ awọn ipinnu a priori:

  • A ti ṣatunṣe BIND nipasẹ aiyipada bi Oluṣe Kaṣe iṣẹ laisi iwulo fun iṣeto siwaju, ati idahun awọn ibeere DNS fun awọn okun agbegbe ati awọn localhost
  • Idapada - Recursion ti wa ni sise fun awọn okun agbegbe ati awọn localhost
  • Ko tii ṣe olupin Alaṣẹ
  • Kii CentOS, nibiti a ni lati kede paramita naa «Tẹtisi-lori ibudo 53 {127.0.0.1; 192.168.10.5; }; » ni gbangba lati tẹtisi awọn ibeere DNS lori wiwo nẹtiwọọki 192.168.10.5 DNS funrararẹ, ni Debian ko ṣe pataki nitori o ṣe atilẹyin awọn ibeere DNS fun awọn okun agbegbe ati awọn localhost aiyipada. Ṣe atunyẹwo awọn akoonu ti faili naa /etc/bind/named.conf.options wọn o si rii pe ko si alaye kankan gbọ-lori.
  • IPv4 ati awọn ibeere IPv6 ti ṣiṣẹ

Ti o ba kan nipa kika ati itumọ -Taini bi a ṣe sọ ni Kuba- ile-iwe pamosi naa Awọn iroyin.Debian.gz A ti de awọn ipinnu ti o nifẹ si ti o gba wa laaye lati mọ diẹ diẹ sii nipa Imọye Iṣeto Iṣeto Aiyipada ti Ẹgbẹ Debian pẹlu ọwọ si BIND, kini awọn abala miiran ti o nifẹ si ti a le mọ lati tẹsiwaju lati ka awọn faili ti Iwe-ipamọ ti N bẹ?.

README.Debian.gz

README.Debian sọ fun wa-laarin ọpọlọpọ awọn aaye miiran- pe Awọn amugbooro Aabo fun Eto Orukọ Aṣẹ - Awọn amugbooro Aabo System Orukọ Agbegbe o DNSSEC, ti wa ni sise; ati tun jẹrisi pe iṣeto aiyipada ṣiṣẹ fun ọpọlọpọ awọn olupin (awọn olupin bunkun - awọn olupin bunkun n tọka si awọn leaves ti igi ìkápá) laisi iwulo fun ilowosi olumulo.

  • DNSSEC gẹgẹ bi Wikipedia: Awọn amugbooro Aabo Eto Orukọ Aṣẹ (DNSSEC) jẹ ipilẹ ti awọn pato ti Agbofinro Imọ-iṣe Intanẹẹti (IETF) lati ni aabo awọn iru alaye kan ti a pese nipasẹ orukọ orukọ eto orukọ (DNS) ti a lo ninu Ilana Ayelujara (IP). O jẹ ipilẹ ti awọn amugbooro si DNS ti o pese awọn alabara DNS (tabi awọn ipinnu) pẹlu ìfàṣẹsí ti orisun data DNS, kiko ojulowo aye ati iduroṣinṣin data, ṣugbọn kii ṣe wiwa tabi asiri.

Nipa Eto iṣeto ni sọ fun wa pe gbogbo Awọn faili iṣeto ni Aimi, Awọn faili Agbegbe fun Awọn olupin Gbongbo, ati Awọn agbegbe Iwaju ati Yiyipada ti localhost wọn wa ninu / ati be be lo / dipọ.

Itọsọna Ṣiṣẹ ti ẹmi èṣu ti a npè ni es / var / kaṣe / dipọ ki eyikeyi faili igba diẹ ti ipilẹṣẹ nipasẹ awọn ti a npè ni gẹgẹbi awọn apoti isura data eyiti o ṣe bi Olupin Ẹrú, ni a kọ sinu Eto Faili / var, eyiti o wa nibiti wọn wa.

Kii awọn ẹya ti iṣaaju ti package BIND fun Debian, faili naa lorukọ.conf ati awọn db. * pese, wọn ti wa ni aami bi awọn faili iṣeto. Ni iru ọna ti o ba jẹ pe a nilo olupin DNS kan ti o ṣiṣẹ ni akọkọ bi Oluṣakoso Kaṣe ati pe kii ṣe Alaṣẹ fun ẹnikẹni miiran, a le lo bi o ti fi sii ati tunto nipasẹ aiyipada.

Ti o ba nilo lati ṣe DNS Alaṣẹ, wọn daba lati fi awọn faili ti Awọn agbegbe Titunto si sinu itọsọna kanna / ati be be lo / dipọ. Ti o ba ti awọn idiju ti awọn agbegbe fun eyi ti awọn ti a npè ni yoo jẹ Aṣẹ ti o nilo rẹ, o ni iṣeduro lati ṣẹda ilana agbeka, n tọka si awọn faili agbegbe patapata ni faili naa lorukọ.conf.

Eyikeyi Faili Agbegbe fun eyiti awọn ti a npè ni ṣe bi Server Slave gbọdọ wa ni / var / kaṣe / dipọ.

Awọn faili Agbegbe ti o wa labẹ Awọn imudojuiwọn Yiyi nipasẹ DHCP tabi aṣẹ imudojuiwọn, yẹ ki o wa ni fipamọ ni / var / lib / dipọ.

Ti o ba ti awọn ọna eto nlo ohun ija, profaili ti a fi sori ẹrọ nikan n ṣiṣẹ pẹlu awọn eto BIND aiyipada. Tetele ayipada ninu awọn iṣeto ni ti awọn ti a npè ni Wọn le nilo awọn ayipada si profaili apparmor. Ṣabẹwo https://wiki.ubuntu.com/DebuggingApparmor ṣaaju ki o to fọwọsi ni fọọmu ti o fi ẹsun kan kokoro ni iṣẹ yẹn.

Awọn ọrọ pupọ lo wa ti o ni nkan ṣe pẹlu ṣiṣe Debian BIND ninu Chroot Cage - ewon chroot. Ṣabẹwo http://www.tldp.org/HOWTO/Chroot-BIND-HOWTO.html fun alaye diẹ sii.

Awọn alaye miiran

Eniyan ti a npè ni, eniyan ti a npè ni.conf, eniyan ti a npè ni-checkconf, eniyan ti a npè ni-checkzone, eniyan rndc, ati bẹbẹ lọ

root @ dns: ~ # ti a npè ni -v
Di 9.9.5-9 + deb8u1-Debian (Afikun Atilẹyin Atilẹyin)

root @ dns: ~ # ti a npè ni -V
Di 9.9.5-9 + deb8u1-Debian (Afikun Atilẹyin Atilẹyin) ti a ṣe nipasẹ ṣiṣe pẹlu '--prefix = / usr' '--mandir = / usr / share / man' '-infodir = / usr / share / info' '--sysconfdir = / etc / bind' '' - -localstatedir = / var "-enable-threads '' -enable-largefile '\' - with-libtool '' --enable-shared '' --enable-static '\' --with-openssl = / usr '' -with-gssapi = / usr '' -with-gnu-ld '\' -with-geoip = / usr '' -with-atf = rárá '' -enable-ipv9 '' --enable-rrl '\' --enable-filter-aaaa '\' CFLAGS = -fno-muna-aliasing -fno-delete-null-ijuboluwole-sọwedowo -DDIG_SIGCHASE -O8 'ti a ṣajọ nipasẹ GCC 50 nipa lilo ẹya OpenSSL : OpenSSL 6k 2 Jan 4.9.2 nipa lilo ẹya libxml1.0.1: 8

gbongbo @ dns: ~ # ps -e | grep ti a npè ni
  408? 00:00:00 ti a npè ni

gbongbo @ dns: ~ # ps -e | dipọ grep
  339? 00:00:00 rpcbind

gbongbo @ dns: ~ # ps -e | apo 9
root @ dns: ~ #

root @ dns: ~ # ls / var / run / ti a npè ni /
ti a npè ni.oko igba.koko  
root @ dns: ~ # ls -l /var/run/named/named.pid 
-rw-r - r-- 1 dipọ dipọ 4 Feb 4 13:20 /var/run/named/named.pid

root @ dns: ~ ipo # rndc
ẹya: 9.9.5-9 + deb8u1-Debian A ri awọn Sipiyu: Awọn okun oṣiṣẹ 9: Awọn olutẹtisi UDP 8 fun wiwo: nọmba 50 ti awọn agbegbe: 1 ipele yokokoro: 1 xfers ti n ṣiṣẹ: 1 xfers ti ni idaduro: 100 awọn ibeere soa ni ilọsiwaju: Wiwọle ibeere 0 jẹ Awọn alabara atunkọ: 0/0/0 tcp awọn alabara: olupin 0/0 wa ni ṣiṣiṣẹ
  • O jẹ alaigbagbọ pataki ti imọran iwe-ipamọ ti a fi sii pẹlu package BIND9 ṣaaju eyikeyi miiran.

dè9-doc

root @ dns: ~ # aptitude fi sori ẹrọ awọn ọna asopọ bind9-doc2
root @ dns: ~ # dpkg -L bind9-doc

Akopọ dè9-doc awọn fifi sori ẹrọ, laarin alaye to wulo miiran, Afowoyi Itọkasi Alabojuto BIND 9. Lati wọle si Afowoyi -ni Gẹẹsi- a ṣe:

root @ dns: ~ # faili2 ọna asopọ: ///usr/share/doc/bind9-doc/arm/Bv9ARM.html
BIND 9 Olumulo Itọkasi Itọkasi Afowoyi (c) 2004-2013 Consortium Internet Systems, Inc. ("ISC") Aṣẹ-aṣẹ (c) 2000-2003 Consortium Intanẹẹti Intanẹẹti.

A nireti pe iwọ yoo gbadun kika rẹ.

  • Lai kuro ni ile, a ni Iwe-aṣẹ Ibusọ ti Opo lọpọlọpọ nipa BIND ati nipa iṣẹ DNS ni apapọ.

A tunto BIND ni aṣa Debian

/etc/bind/named.conf "akọkọ"

root @ dns: ~ # nano /etc/bind/named.conf
// Eyi ni faili iṣeto akọkọ fun olupin BIND DNS ti a npè ni.
//
// Jọwọ ka /usr/share/doc/bind9/README.Debian.gz fun alaye lori
// ilana ti awọn faili iṣeto FẸRẸ ni Debian, * Ṣaaju * o ṣe akanṣe
// faili iṣeto yii.
//
// Ti o ba n ṣafikun awọn agbegbe nikan, jọwọ ṣe iyẹn ni /etc/bind/named.conf.local

pẹlu "/etc/bind/named.conf.options";
pẹlu "/etc/bind/named.conf.local";
pẹlu "/etc/bind/named.conf.default-zones";

Ṣe akọle ọrọ asọye nilo itumọ?

/etc/bind/named.conf.options

root @ dns: ~ # cp /etc/bind/named.conf.options /etc/bind/named.conf.options.original

root @ dns: ~ # nano /etc/bind/named.conf.options
awọn aṣayan {itọsọna "/ var / kaṣe / dipọ"; // Ti ogiriina kan ba wa laarin iwọ ati awọn olupin orukọ ti o fẹ // lati ba sọrọ, o le nilo lati ṣatunṣe ogiriina lati gba ọpọ awọn ibudo // laaye lati ba sọrọ. Wo http://www.kb.cert.org/vuls/id/800113 // Ti ISP rẹ ba pese ọkan tabi diẹ sii awọn adirẹsi IP fun iduroṣinṣin // awọn orukọ orukọ, o ṣeeṣe ki o fẹ lati lo wọn bi awọn olugba siwaju. // Uncomment abawọn atẹle, ki o fi sii awọn adirẹsi rirọpo // ipo ibi gbogbo-0. // awọn oludari {// 0.0.0.0; //}; // ================================================== = ===================== $ // Ti BIND ba ṣe akọọlẹ awọn ifiranṣẹ aṣiṣe nipa bọtini root ti pari, // iwọ yoo nilo lati ṣe imudojuiwọn awọn bọtini rẹ. Wo https://www.isc.org/bind-keys // ========================== ================================= $ $

    // A ko fẹ DNSSEC
        dnssec-jeki rara;
        //auto afọwọsi dnssec;

        auth-nxdomain rárá; # ṣe ibamu si RFC1035

 // A ko nilo lati gbọ fun awọn adirẹsi IPv6
        // tẹtisi-lori-v6 {eyikeyi; };
    gbọ-lori-v6 {ko si; };

 // Fun awọn sọwedowo lati localhost ati sysadmin
    // nipasẹ dig desdelinux.fan axfr // A ko ni DNS Slave ... titi di isisiyi
 gba laaye-gbigbe {localhost; 192.168.10.1; };
};

root @ dns: ~ # ti a npè ni-ayẹwo 
root @ dns: ~ #

/etc/bind/named.conf.local

Ninu akọle akọle ti faili yii, wọn ṣeduro pẹlu Awọn agbegbe ti a tọka si ninu RFC-1918 ti a sapejuwe ninu faili naa /etc/bind/zones.rfc1918. Ifisi awọn agbegbe wọnyi ni agbegbe pese pe eyikeyi ibeere nipa wọn ko lọ si ita nẹtiwọọki agbegbe si awọn olupin gbongbo, eyiti o ni awọn anfani pataki meji:

  • Ipinu agbegbe yiyara fun awọn olumulo agbegbe
  • Ko ṣe ṣẹda kobojumu - tabi ayewo - ijabọ si awọn olupin gbongbo.

Tikalararẹ Emi ko ni asopọ si Intanẹẹti lati ṣe idanwo Ilọsi-pada tabi Firanṣẹ siwaju. Sibẹsibẹ, ati pe bi a ko ti ṣe atunṣe Irinajo ni faili ti a npè ni.conf.options -pasẹ ifasẹyin kii ṣe;.

Nigbati o ba nfi BIND 9.9.7 sori ẹrọ ni FreeBSD 10.0 Operating System, eyiti o tun jẹ - ati lairotẹlẹ- Software ọfẹ, faili iṣeto /usr/local/etc/namedb/named.conf.sample o ni gbogbo awọn jara ti awọn agbegbe agbegbe ti o ṣeduro sisin ni agbegbe lati tun-gba awọn anfani ti a ti sọ tẹlẹ.

Ni ibere ki o ma ṣe yi atunto iṣeto BIND akọkọ ni Debian, a daba daba ṣiṣẹda faili naa /etc/bind/zones.rfcFreeBSD ati pẹlu rẹ ninu /etc/bind/named.conf.local pẹlu akoonu ti a tọka si isalẹ, ati pẹlu awọn ọna - awọn ọna si awọn faili ti o ti ṣe deede si Debian:

root @ dns: ~ # nano /etc/bind/zones.rfcFreeBSD
// Aaye Adirẹsi Pipin (RFC 6598)
zone "64.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "65.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "66.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "67.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "68.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "69.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "70.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "71.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "72.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "73.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "74.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "75.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "76.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "77.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "78.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "79.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "80.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "81.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "82.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "83.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "84.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "85.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "86.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "87.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "88.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "89.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "90.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "91.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "92.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "93.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "94.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "95.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "96.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "97.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "98.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "99.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "100.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "101.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "102.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "103.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "104.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "105.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "106.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "107.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "108.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "109.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "110.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "111.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "112.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "113.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "114.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "115.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "116.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "117.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "118.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "119.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "120.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "121.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "122.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "123.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "124.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "125.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "126.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "127.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };

// Ọna asopọ-agbegbe / APIPA (Awọn RFC 3927, 5735 ati 6303)
agbegbe "254.169.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

Awọn iṣẹ iyansilẹ Ilana IETF (Awọn RFC 5735 ati 5736)
agbegbe "0.0.192.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// TEST-NET- [1-3] fun Akọsilẹ (Awọn RFC 5735, 5737 ati 6303)
agbegbe "2.0.192.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "100.51.198.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "113.0.203.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// IPv6 Apẹẹrẹ Ibiti fun Documentation (RFCs 3849 ati 6303)
agbegbe "8.bd0.1.0.0.2.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// Awọn Orukọ Aṣẹ fun Iwe ati Idanwo (BCP 32)
agbegbe "idanwo" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "apẹẹrẹ" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "ko wulo" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "example.com" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "apẹẹrẹ.net" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "example.org" {iru oluwa; faili "/etc/bind/db.empty"; };

// Idanwo Ifiweranṣẹ Olulana (Awọn RFC 2544 ati 5735)
agbegbe "18.198.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "19.198.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// IANA Ti wa ni ipamọ - Aaye Kilasi E E atijọ (RFC 5735)
agbegbe "240.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "241.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "242.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "243.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "244.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "245.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "246.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "247.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "248.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "249.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "250.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "251.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "252.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "253.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "254.in-addr.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// IPv6 Awọn Adirẹsi Ainisiṣẹ (RFC 4291)
agbegbe "1.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "3.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "4.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "5.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "6.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "7.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "8.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "9.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "a.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "b.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "c.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "d.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "e.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "0.f.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "1.f.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "2.f.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "3.f.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "4.f.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "5.f.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "6.f.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "7.f.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "8.f.ip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; }; agbegbe "9.f.ip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "afip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "bfip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "0.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "1.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "2.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "3.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "4.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "5.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "6.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "7.efip6.arpa" {oriṣi iru; faili "/etc/bind/db.empty"; };

// IPv6 ULA (Awọn RFCs 4193 ati 6303)
agbegbe "cfip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "dfip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// IPv6 Ọna asopọ Agbegbe (Awọn RFCs 4291 ati 6303)
agbegbe "8.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "9.efip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "aefip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "befip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// IPv6 Awọn adirẹsi Aye-Agbegbe Ti dinku (Awọn RFC 3879 ati 6303)
agbegbe "cefip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "defip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "eefip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; }; agbegbe "fefip6.arpa" {iru oluwa; faili "/etc/bind/db.empty"; };

// IP6.INT jẹ Idinku (RFC 4159)
agbegbe "ip6.int" {iru oluwa; faili "/etc/bind/db.empty"; };

Botilẹjẹpe a ti yọkuro iṣeeṣe lati tẹtisi awọn ibeere IPv6 ninu apẹẹrẹ wa, o tọ pẹlu awọn agbegbe IPv6 ni faili ti tẹlẹ fun awọn ti o nilo wọn.

Ik akoonu ti /etc/bind/named.conf.local Es:

root @ dns: ~ # nano /etc/bind/named.conf.local
// // Ṣe iṣeto agbegbe eyikeyi nibi // // Ro fifi kun awọn agbegbe 1918 nibi, ti wọn ko ba lo wọn ninu agbari // rẹ
pẹlu "/etc/bind/zones.rfc1918"; pẹlu "/etc/bind/zones.rfcFreeBSD";

// Ikede ti orukọ, iru, ipo, ati igbanilaaye imudojuiwọn
// ti Awọn agbegbe Awọn igbasilẹ Igbasilẹ DNS // Awọn agbegbe mejeeji jẹ TITUNTO
agbegbe "desdelinux.fan" {
 oriṣi oriṣi;
 faili "/var/lib/bind/db.desdelinux.fan";
};

agbegbe "10.168.192.in-addr.arpa" {
 oriṣi oriṣi;
 faili "/var/lib/bind/db.10.168.192.in-addr.arpa";
};

root @ dns: ~ # root-checkconf root @ dns: ~ #

A ṣẹda awọn faili fun Agbegbe kọọkan

Akoonu ti awọn faili ni agbegbe kọọkan le ṣe dakọ ni itumọ ọrọ gangan lati nkan naa «DNS ati DHCP lori CentOS 7«, Niwọn igba ti a ba ṣọra lati yi itọsọna itọsọna si / var / lib / dipọ:

[gbongbo @ dns ~] # nano /var/lib/bind/db.fromlinux.fan
$ TTL 3H @ NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. (1; tẹlentẹle 1D; tù 1H; tun gbiyanju 1W; pari 3H); o kere ju tabi; Akoko caching odi lati gbe; @ IN NS dns.fromlinux.fan. @ IN MX 10 mail.fromlinux.fan. @ IN TXT "FromLinux, Blog rẹ ti yasọtọ si Software ọfẹ"; sysadmin IN A 192.168.10.1 ad-dc IN A 192.168.10.3 fileverver IN A 192.168.10.4 dns IN A 192.168.10.5 proxyweb IN A 192.168.10.6 blog IN A 192.168.10.7 ftpserver IN A 192.168.10.8 mail IN A 192.168.10.9

[root @ dns ~] # nano /var/lib/bind/db.10.168.192.in-addr.arpa
$ TTL 3H @ NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. (1; tẹlentẹle 1D; tù 1H; tun gbiyanju 1W; pari 3H); o kere ju tabi; Akoko caching odi lati gbe; @ IN NS dns.fromlinux.fan. ; 1 IN PTR sysadmin.fromlinux.fan. 3 IN PTR ad-dc.fromlinux.fan. 4 INU faili faili PTR.fromlinux.fan. 5 NI PTR dns.fromlinux.fan. 6 IN aṣoju protinweb.desdelinux.fan. 7 NI PTR bulọọgi.desdelinux.fan. 8 IN PTR ftpserver.fromlinux.fan. 9 INU PTR mail.fromlinux.fan.

A ṣayẹwo sintasi ti agbegbe kọọkan

root @ dns: ~ # ti a darukọ-ayẹwo lati linux.fan / var / lib / bind / db.lati linux.fan 
agbegbe lati linux.fan/IN: tẹlentẹle ti kojọpọ 1 O DARA

root @ dns: ~ # ibi-ayẹwo-orukọ 10.168.192.in-addr.arpa /var/lib/bind/db.10.168.192.in-addr.arpa 
agbegbe 10.168.192.in-addr.arpa/IN: ti kojọpọ ni tẹlentẹle 1 O dara

Ṣiṣayẹwo awọn eto BIND gbogbogbo

root @ dns: ~ # ti a npè ni-checkconf -zp
  • Ni atẹle ilana ti iyipada awọn lorukọ.conf Gẹgẹbi awọn iwulo wa ati ṣayẹwo, ati ṣẹda faili agbegbe kọọkan ki o ṣayẹwo rẹ, a ṣiyemeji pe a ni lati dojuko awọn iṣoro iṣeto pataki. Ni ipari a mọ pe ere ti ọmọkunrin ni, pẹlu ọpọlọpọ awọn imọran ati iṣọpọ fussy. .

Awọn sọwedowo pada awọn esi itẹlọrun pada, nitorinaa a le tun bẹrẹ BIND - ti a npè ni.

A tun bẹrẹ BIND ati ṣayẹwo ipo rẹ

[root @ dns ~] # systemctl tun bẹrẹ bind9.service
[gbongbo @ dns ~] ipo ipo # systemctl bind9.service
Bind9.service - DID Server Server Name Ti kojọpọ: ti kojọpọ (/lib/systemd/system/bind9.service; mu ṣiṣẹ) Ju-Ni: /run/systemd/generator/bind9.service.d └─50-insserv.conf- $ named.conf Ti nṣiṣe lọwọ: lọwọ (nṣiṣẹ) lati ọjọ Sun 2017-02-05 07:45:03 EST; 5s sẹyin Awọn iwe aṣẹ: eniyan: ti a npè ni (8) Ilana: 1345 ExecStop = / usr / sbin / rndc stop (koodu = jade, ipo = 0 / SUCCESS) PID akọkọ: 1350 (ti a npè ni) CGroup: /system.slice/bind9.service └─1350 / usr / sbin / ti a npè ni -f -u bind Feb 05 07:45:03 dns ti a npè ni [1350]: zone 1.f.ip6.arpa/IN: serial serial 1 Feb 05 07:45:03 dns ti a n pe ni [1350]: zone afip6.arpa/IN: serial serial 1 Feb 05 07:45:03 dns ti a npè ni [1350]: zone localhost / IN: serial serial 2 Feb 05 07:45:03 dns ti a npè ni [1350]: idanwo agbegbe / IN: tẹlentẹle ti kojọpọ 1 Feb 05 07:45:03 dns ti a npè ni [1350]: apẹẹrẹ agbegbe / IN: tẹlentẹle ti kojọpọ 1 Feb 05 07:45:03 dns ti a npè ni [1350]: agbegbe 5.efip6.arpa/IN: kojọpọ serial 1 Feb 05 07:45:03 dns ti a npè ni [1350]: zone bfip6.arpa/IN: serial serial 1 Feb 05 07:45:03 dns ti a npè ni [1350]: ip6.int/IN: serial serial 1 Feb 05 07:45:03 dns ti a npè ni [1350]: gbogbo awọn agbegbe ti kojọpọ Feb 05 07:45:03 dns ti a npè ni [1350]: nṣiṣẹ

Ti a ba gba iru aṣiṣe eyikeyi ninu iṣẹ aṣẹ ti o kẹhin, a gbọdọ tun bẹrẹ naa ti a npè ni .iṣẹ ati ki o ṣayẹwo rẹ ipo. Ti awọn aṣiṣe ba parẹ, iṣẹ naa bẹrẹ ni aṣeyọri. Bibẹẹkọ, a gbọdọ ṣe atunyẹwo pipeye ti gbogbo awọn faili ti a ti yipada ati ti ṣẹda, ati tun ṣe ilana naa.

Awọn ayẹwo

Awọn sọwedowo le ṣee ṣiṣẹ lori olupin kanna tabi lori ẹrọ ti o sopọ si LAN. A fẹ lati ṣe wọn lati ẹgbẹ sysadmin.fromlinux.fan si eyiti a fun ni igbanilaaye kiakia lati ṣe Awọn Gbigbe Agbegbe. Faili naa /etc/resolv.conf ti ẹgbẹ naa ni atẹle:

buzz @ sysadmin: ~ $ ologbo /etc/resolv.conf 
# Ti ipilẹṣẹ nipasẹ wiwa NetworkManager lati linux.fan olupin orukọ 192.168.10.5

buzz @ sysadmin: ~ $ dig lati linux.fan axfr
; << >> DiG 9.9.5-9 + deb8u1-Debian << >> desdelinux.fan axfr ;; awọn aṣayan agbaye: + cmd lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 1 86400 3600 604800 10800 lati linux.fan. 10800 IN NS dns.fromlinux.fan. lati linux.fan. 10800 IN MX 10 mail.fromlinux.fan. lati linux.fan. 10800 IN TXT "FromLinux, Blog rẹ ti ya sọtọ si Software ọfẹ" ad-dc.desdelinux.fan. 10800 IN A 192.168.10.3 blog.desdelinux.fan. 10800 INU 192.168.10.7 dns.fromlinux.fan. 10800 IN A 192.168.10.5 fileserver.fromlinux.fan. 10800 IN A 192.168.10.4 ftpserver.fromlinux.fan. 10800 IN A 192.168.10.8 mail.fromlinux.fan. 10800 IN A 192.168.10.9 proxyweb.fromlinux.fan. 10800 IN A 192.168.10.6 sysadmin.fromlinux.fan. 10800 IN Lati 192.168.10.1 lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 1 86400 3600 604800 10800 ;; Akoko ibeere: 1 msec ;; Olupin: 192.168.10.5 # 53 (192.168.10.5) ;; NIGBATI: Oorun Feb 05 07: 49: 01 EST 2017
;; Iwọn XFR: awọn igbasilẹ 13 (awọn ifiranṣẹ 1, awọn baiti 385)

buzz @ sysadmin: ~ $ digi 10.168.192.in-addr.arpa axfr
; << >> DiG 9.9.5-9 + deb8u1-Debian << >> 10.168.192.in-addr.arpa axfr ;; awọn aṣayan agbaye: + cmd 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 1 86400 3600 604800 10800 10.168.192.in-addr.arpa. 10800 IN NS dns.fromlinux.fan. 1.10.168.192.in-addr.arpa. 10800 NI PTR sysadmin.fromlinux.fan. 3.10.168.192.in-addr.arpa. 10800 IN PTR ad-dc.fromlinux.fan. 4.10.168.192.in-addr.arpa. 10800 NI PTR fileserver.fromlinux.fan. 5.10.168.192.in-addr.arpa. 10800 NI PTR dns.fromlinux.fan. 6.10.168.192.in-addr.arpa. 10800 NI proxyweb.fromlinux.fan PTR IN PTR. 7.10.168.192.in-addr.arpa. 10800 INU PTR bulọọgi.desdelinux.fan. 8.10.168.192.in-addr.arpa. 10800 IN PTR ftpserver.fromlinux.fan. 9.10.168.192.in-addr.arpa. 10800 INU PTR mail.fromlinux.fan. 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 1 86400 3600 604800 10800 ;; Akoko ibeere: 1 msec ;; Olupin: 192.168.10.5 # 53 (192.168.10.5) ;; NIGBATI: Oorun Feb 05 07: 49: 47 EST 2017
;; Iwọn XFR: awọn igbasilẹ 11 (awọn ifiranṣẹ 1, awọn baiti 333)

buzz @ sysadmin: ~ $ ma wà IN SOA lati linux.fan
buzz @ sysadmin: ~ $ maaki IN MX lati linux.fan buzz @ sysadmin: ~ $ dig IN INTXT lati linux.fan

buzz @ sysadmin: ~ $ proxyweb gbalejo
proxyweb.desdelinux.fan ni adirẹsi 192.168.10.6

buzz @ sysadmin: ~ $ ogun ftpserver
ftpserver.desdelinux.fan ni adirẹsi 192.168.10.8

aruwo @ sysadmin: ~ $ gbalejo 192.168.10.9
9.10.168.192.in-addr.arpa orukọ ìkápá ijuboluwole mail.fromlinux.fan.

… Ati awọn sọwedowo miiran ti a nilo.

A fi sori ẹrọ ati tunto DHCP

Lori Debian, a pese iṣẹ DHCP nipasẹ package olupin isc-dhcp:

root @ dns: ~ # iṣawari ist-dhcp
i isc-dhcp-client - alabara DHCP fun gbigba adiresi IP laifọwọyi kan is isc-dhcp-client-dbg - olupin ISC DHCP fun ipinnu adirẹsi adarọ IP adaṣe (ṣatunṣe alabara) i isc-dhcp-wọpọ - awọn faili ti o wọpọ lo gbogbo awọn ti awọn idii isc-dhcp p isc-dhcp-dbg - ISC DHCP olupin fun iṣẹ adirẹsi adiresi IP laifọwọyi (aṣiṣe aṣiṣe p isc-dhcp-dev - API fun iraye si ati yiyipada olupin DHCP ati ipo alabara p isc-dhcp-relay - ISC DHCP relay daemon p isc-dhcp-relay-dbg - olupin ISC DHCP fun iṣẹ adirẹsi adarọ IP laifọwọyi (n ṣatunṣe aṣiṣe) p isc-dhcp-olupin - ISC DHCP olupin fun iṣẹ iyansilẹ adirẹsi IP laifọwọyi p isc-dhcp-server-dbg - ISC DHCP olupin fun iṣẹ iyansilẹ adarọ IP laifọwọyi (n ṣatunṣe aṣiṣe olupin) p isc-dhcp-server-ldap - olupin DHCP ti o lo LDAP bi ẹhin rẹ

root @ dns: ~ # aptitude fi sori ẹrọ olupin isc-dhcp

Lẹhin fifi sori ẹrọ ti package, awọn -omnipresent- eto eto kerora pe ko le bẹrẹ iṣẹ naa. Ni Debian, a ni lati sọ ni gbangba lori eyiti iwoye nẹtiwọọki wo ni yoo ya awọn adirẹsi IP ati idahun si awọn ibeere, awọn olupin isc-dhcp:

root @ dns: ~ # nano / ati be be lo / aiyipada / isc-dhcp-server
.... # Lori awọn wiwo wo ni o yẹ ki olupin DHCP (dhcpd) sin awọn ibeere DHCP? # Ya awọn atọkun lọtọ kuro pẹlu awọn alafo, fun apẹẹrẹ "eth0 eth1".
Awọn ibaraẹnisọrọ = "eth0"

Awọn iwe ti a fi sii

root @ dns: ~ # ls -l / usr / share / doc / isc-dhcp-server /
lapapọ 44 -rw-r - r-- gbongbo gbongbo 1 Dec 1235 14 aṣẹ -rw-r - r - 2014 root root 1 Feb 26031 13 changelog.Debian.gz drwxr-xr-x 2015 root root 2 Feb 4096 5 : Awọn apẹẹrẹ 08 -rw-r - r-- 10 root root 1 Dec 592 14 Awọn iroyin.Debian.gz -rw-r - r-- 2014 root root 1 Dec 1099 14 README.Debian

Bọtini TSIG "bọtini-dhcp"

Iran ti bọtini ni a ṣe iṣeduro TSIG Ibuwọlu Idunadura - Tṣiṣe SIGiseda, fun ìfàṣẹsí ti ìmúdàgba awọn imudojuiwọn DNS nipasẹ DHCP. Gẹgẹbi a ti rii ninu nkan ti tẹlẹ «DNS ati DHCP lori CentOS 7«, A ṣe akiyesi pe iran ti bọtini yẹn ko ṣe pataki, paapaa nigbati a ba fi awọn iṣẹ mejeeji sori olupin kanna. Sibẹsibẹ, a funni ni ilana gbogbogbo fun iran adase rẹ:

root @ dns: ~ # dnssec-keygen -a HMAC-MD5 -b 128 -r / dev / urandom -n OLUMULO dhcp-key
Kdhcp-botini. + 157 + 11088

root @ dns: ~ # cat Kdhcp-key. +157 + 11088. ikọkọ 
Ọna-ọna kika-ikọkọ: v1.3 Alugoridimu: 157 (HMAC_MD5) Bọtini: TEqfcx2FUMYBQ1hA1ZGelA == Awọn ege: AAA = Ti ṣẹda: 20170205121618 Ṣe atẹjade: 20170205121618 Mu ṣiṣẹ: 20170205121618

root @ dns: ~ # nano dhcp.key
bọtini dhcp-bọtini {
        alugoridimu hmac-md5;
        aṣiri "TEqfcx2FUMYBQ1hA1ZGelA ==";
};

root @ dns: ~ # fi sori ẹrọ -o root -g bind -m 0640 dhcp.key /etc/bind/dhcp.key root @ dns: ~ # fi sori ẹrọ -o root -g root -m 0640 dhcp.key / etc / dhcp /dhcp.key root @ dns: ~ # ls -l /etc/bind/*.key
-rw-r ----- root gbongbo 1 Feb 78 5:08 /etc/bind/dhcp.key -rw-r ----- 21 sopọ asopọ 1 Feb 77 4:11 / etc / bind / rndc .okun
root @ dns: ~ # ls -l /etc/dhcp/dhcp.key 
-rw-r ----- gbongbo gbongbo 1 Feb 78 5:08 /etc/dhcp/dhcp.key

Nmu awọn agbegbe BIND dojuiwọn nipa lilo bọtini-dhcp

root @ dns: ~ # nano /etc/bind/named.conf.local
// // Ṣe iṣeto ni agbegbe eyikeyi nibi // // Ro fifi kun awọn agbegbe 1918 nibi, ti wọn ko ba lo ninu rẹ // agbari pẹlu "/etc/bind/zones.rfc1918"; pẹlu "/etc/bind/zones.rfcFreeBSD"; pẹlu "/etc/bind/dhcp.key"; // Ikede ti orukọ, iru, ipo, ati igbanilaaye imudojuiwọn // ti Awọn agbegbe Awọn Igbasilẹ DNS // Awọn agbegbe Mejeeji jẹ agbegbe MASTER "desdelinux.fan" {iru oluwa; faili "/var/lib/bind/db.desdelinux.fan";
 gba-imudojuiwọn {bọtini dhcp-key; };
}; agbegbe "10.168.192.in-addr.arpa" {iru oluwa; faili "/var/lib/bind/db.10.168.192.in-addr.arpa";
 gba-imudojuiwọn {bọtini dhcp-key; };
};
root @ dns: ~ # ti a npè ni-ayẹwo 
root @ dns: ~ #

A tunto olupin isc-dhcp

root @ dns: ~ # mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.original
root @ dns: ~ # nano /etc/dhcp/dhcpd.conf
ddns-imudojuiwọn-adele adele; ddns-awọn imudojuiwọn lori; ddns-ašẹ orukọ "desdelinux.fan."; ddns-rev-domainname "in-addr.arpa."; foju awọn imudojuiwọn alabara; aṣẹ; aṣayan ip-firanšẹ siwaju; aṣayan orukọ-ašẹ "desdelinux.fan"; pẹlu "/etc/dhcp/dhcp.key"; agbegbe lati linux.fan. {akọkọ 127.0.0.1; bọtini dhcp-key; } agbegbe 10.168.192.in-addr.arpa. {akọkọ 127.0.0.1; bọtini dhcp-key; } redlocal nẹtiwọọki-pinpin {subnet 192.168.10.0 netmask 255.255.255.0 {awọn olulana aṣayan 192.168.10.1; aṣayan subnet-boju 255.255.255.0; aṣayan igbohunsafefe-adirẹsi 192.168.10.255; aṣayan awọn olupin-orukọ-apèsè 192.168.10.5; aṣayan netbios-orukọ-apèsè 192.168.10.5; sakani 192.168.10.30 192.168.10.250; }} # PARI dhcpd.conf

A ṣayẹwo faili dhcpd.conf naa

root @ dns: ~ # dhcpd -t
Consortium Internet Systems Consortium Server Server DHCP 4.3.1 Aṣẹ-aṣẹ 2004-2014 Consortium Awọn ọna Intanẹẹti. Gbogbo awọn Ẹtọ wa ni ipamọ. Fun alaye, jọwọ ṣabẹwo https://www.isc.org/software/dhcp/ Config file: /etc/dhcp/dhcpd.conf Faili data: /var/lib/dhcp/dhcpd.leases PID file: / var / run /dhcpd.fid

A tun bẹrẹ BIND ati bẹrẹ olupin isc-dhcp

root @ dns: ~ # systemctl tun bẹrẹ bind9.service 
root @ dns: ~ # systemctl ipo abuda9.service 

root @ dns: ~ # systemctl ibere isc-dhcp-server.service
root @ dns: ~ # ipo systemctl isc-dhcp-server.service 
Isc-dhcp-server.service - LSB: olupin DHCP Ti kojọpọ: ti kojọpọ (/etc/init.d/isc-dhcp-server) Ti nṣiṣe lọwọ: nṣiṣe lọwọ (nṣiṣẹ) lati Sun 2017-02-05 08:41:45 EST; Ilana 6s sẹhin: 2039 ExecStop = / ati be be lo / init.d / isc-dhcp-server stop (koodu = jade, ipo = 0 / SUCCESS) Ilana: 2049 ExecStart = / etc / init.d / isc-dhcp-server bẹrẹ ( koodu = jade, ipo = 0 / SUCCESS) CGroup: /system.slice/isc-dhcp-server.service └─2057 / usr / sbin / dhcpd -q -cf /etc/dhcp/dhcpd.conf -pf / var / run / dhcpd.pid eth0 Feb 05 08: 41: 43 dns dhcpd [2056]: Kọ awọn iyalo 0 si faili yiyalo. Feb 05 08: 41: 43 dns dhcpd [2057]: Iṣẹ ibẹrẹ olupin. Feb 05 08: 41: 45 dns isc-dhcp-server [2049]: Bibẹrẹ olupin ISC DHCP: dhcpd.

Awọn sọwedowo pẹlu awọn alabara

A bẹrẹ alabara kan pẹlu ẹrọ ṣiṣe Windows 7, pẹlu orukọ “LAGER”.

buzz @ sysadmin: ~ $ alejo lager
LAGER.desdelinux.fan ni adirẹsi 192.168.10.30

buzz @ sysadmin: ~ $ ma wà ninu txt lager.fromlinux.fan

A yi orukọ ti alabara yẹn pada si "meje" ati tun bẹrẹ alabara naa

buzz @ sysadmin: ~ $ alejo lager
;; asopọ ti pari; ko si awọn olupin ti o le de

Buzz@sysadmin: ~ $ gbalejo meje
meje.fromlinux.fan ni adirẹsi 192.168.10.30
aruwo @ sysadmin: ~ $ gbalejo 192.168.10.30
30.10.168.192.in-addr.arpa orukọ ìkápá ijuboluwole meje.fromlinux.fan.

buzz @ sysadmin: ~ $ ma wà ninu txt seven.fromlinux.fan

A yipada orukọ ti alabara Windows 7 pada si "win7"

buzz @ sysadmin: ~ $ gbalejo meje
;; asopọ ti pari; ko si awọn olupin ti o le de

buzz @ sysadmin: ~ $ gbalejo win7
win7.fromlinux.fan ni adirẹsi 192.168.10.30
aruwo @ sysadmin: ~ $ gbalejo 192.168.10.30
30.10.168.192.in-addr.arpa orukọ ìkápá ijuboluwole win7.fromlinux.fan.

buzz @ sysadmin: ~ $ ma wà ninu txt win7.fromlinux.fan
; << >> DiG 9.9.5-9 + deb8u1-Debian << >> ni txt win7.fromlinux.fan ;; awọn aṣayan agbaye: + cmd ;; Ni idahun: ;; - >> HEADER << - opcode: QUERY, status: NOERROR, id: 11218 ;; awọn asia: qr aa rd ra; ÌB: :R:: 1, ÌD AUHTHN: 1, Aṣẹ: 1, Fikun-un: 2 ;; OPT PSUUDOSECTION :; EDNS: ẹya: 0, awọn asia :; udp: 4096 ;; IPIN TI SUYERE :; win7.fromlinux.fan. IN TXT ;; IPIN IDAHUN: win7.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" ;; AGBARA Aṣẹ: desdelinux.fan. 10800 IN NS dns.fromlinux.fan. ;; AKIYESI TUN: dns.fromlinux.fan. 10800 INU A 192.168.10.5 ;; Akoko ibeere: 0 msec ;; Olupin: 192.168.10.5 # 53 (192.168.10.5) ;; NIGBATI: Oorun Feb 05 09: 13: 20 EST 2017 ;; MSG SIZE rcvd: 129

buzz @ sysadmin: ~ $ dig lati linux.fan axfr
; << >> DiG 9.9.5-9 + deb8u1-Debian << >> lati linux.fan axfr ;; awọn aṣayan agbaye: + cmd lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 8 86400 3600 604800 10800 lati linux.fan. 10800 IN NS dns.fromlinux.fan. lati linux.fan. 10800 IN MX 10 mail.fromlinux.fan. lati linux.fan. 10800 IN TXT "FromLinux, Blog rẹ ti ya sọtọ si Software ọfẹ" ad-dc.desdelinux.fan. 10800 IN A 192.168.10.3 blog.desdelinux.fan. 10800 INU 192.168.10.7 dns.fromlinux.fan. 10800 IN A 192.168.10.5 fileserver.fromlinux.fan. 10800 IN A 192.168.10.4 ftpserver.fromlinux.fan. 10800 IN A 192.168.10.8 mail.fromlinux.fan. 10800 IN A 192.168.10.9 proxyweb.fromlinux.fan. 10800 IN A 192.168.10.6 sysadmin.fromlinux.fan. 10800 INU 192.168.10.1
win7.fromlinux.fan. 3600 IN  TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"
win7.fromlinux.fan. 3600 NI A 192.168.10.30
lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 8 86400 3600 604800 10800 ;; Akoko ibeere: 2 msec ;; Olupin: 192.168.10.5 # 53 (192.168.10.5) ;; NIGBATI: Oorun Feb 05 09: 15: 13 EST 2017 ;; Iwọn XFR: awọn igbasilẹ 15 (awọn ifiranṣẹ 1, awọn baiti 453)

Ninu iṣẹjade loke, a ṣe afihan lori igboya awọn TTL -ni awọn aaya- fun awọn kọnputa pẹlu awọn adirẹsi IP ti a fun ni nipasẹ iṣẹ DHCP awọn ti o ni ikede ti o han kedere ti TTL 3600 ti DHCP fun. Awọn IP ti o wa titi jẹ itọsọna nipasẹ $ TTL ti awọn wakati 3H -3 = awọn aaya 10800- ṣalaye ni igbasilẹ SOA ti faili agbegbe kọọkan.

Wọn le ṣayẹwo agbegbe idakeji ni ọna kanna.

[gbongbo @ dns ~] # dig 10.168.192.in-addr.arpa axfr

Awọn ofin miiran ti o nifẹ pupọ julọ ni:

[root @ dns ~] # ti a npè ni-journalprint /var/lib/bind/db.desdelinux.fan.jnl
lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 1 86400 3600 604800 10800 fikun desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 2 86400 3600 604800 10800 ṣafikun LAGER.fromlinux.fan. 3600 INU 192.168.10.30 ṣafikun LAGER.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 2 86400 3600 604800 10800 lati LAGER.fromlinux.fan. 3600 INU 192.168.10.30 ṣafikun lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 3 86400 3600 604800 10800 lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 3 86400 3600 604800 10800 lati LAGER.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" ṣafikun desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 4 86400 3600 604800 10800 lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 4 86400 3600 604800 10800 fikun desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 5 86400 3600 604800 10800 ṣafikun meje.fromlinux.fan. 3600 INU 192.168.10.30 ṣafikun meje.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 5 86400 3600 604800 10800 lati meje.fromlinux.fan. 3600 INU 192.168.10.30 ṣafikun lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 6 86400 3600 604800 10800 lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 6 86400 3600 604800 10800 lati meje.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" ṣafikun desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 7 86400 3600 604800 10800 lati desdelinux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 7 86400 3600 604800 10800 ṣafikun lati linux.fan. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 8 86400 3600 604800 10800 ṣafikun win7.fromlinux.fan. 3600 INU 192.168.10.30 ṣafikun win7.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"

[root @ dns ~] # ti a npè ni-journalprint /var/lib/bind/db.10.168.192.in-addr.arpa.jnl
lati 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 1 86400 3600 604800 10800 ṣafikun 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 2 86400 3600 604800 10800 ṣafikun 30.10.168.192.in-addr.arpa. 3600 NI PTR LAGER.fromlinux.fan. lati 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 2 86400 3600 604800 10800 ti 30.10.168.192.in-addr.arpa. 3600 NI PTR LAGER.fromlinux.fan. ṣafikun 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 3 86400 3600 604800 10800 del 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 3 86400 3600 604800 10800 ṣafikun 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 4 86400 3600 604800 10800 ṣafikun 30.10.168.192.in-addr.arpa. 3600 NI PTR meje.fromlinux.fan. lati 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 4 86400 3600 604800 10800 ti 30.10.168.192.in-addr.arpa. 3600 NI PTR meje.fromlinux.fan. ṣafikun 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 5 86400 3600 604800 10800 del 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 5 86400 3600 604800 10800 ṣafikun 10.168.192.in-addr.arpa. 10800 NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. 6 86400 3600 604800 10800 ṣafikun 30.10.168.192.in-addr.arpa. 3600 INU PTR win7.fromlinux.fan.

[gbongbo @ dns ~] # journalctl -f

Iyipada Afowoyi ti awọn faili Awọn agbegbe

Lẹhin DHCP ti wọ inu ere ti mimu agbara awọn imudojuiwọn awọn faili agbegbe DARI, ti a ba nilo lati ṣe atunṣe faili agbegbe ni ọwọ, a gbọdọ ṣe ilana atẹle, ṣugbọn kii ṣe ṣaaju mọ diẹ diẹ sii nipa iṣẹ ti agbegbe naa. rdc -eniyan rndc- fun idari ti ti a npè ni.

  • di rndc [agbegbe [kilasi [wiwo]]], da idaduro imudojuiwọn ti agbegbe kan duro. Ti ẹnikan ko ba pato, gbogbo rẹ yoo di. Aṣẹ naa ngbanilaaye ṣiṣatunṣe ọwọ ti agbegbe tutunini tabi ti gbogbo awọn agbegbe. Imudojuiwọn eyikeyi ti o ni agbara yoo sẹ lakoko didi.
  • rndc yo [agbegbe [kilasi [wiwo]]], n jẹ ki awọn imudojuiwọn agbara lori agbegbe ti o tutu tẹlẹ. Olupin DNS tun ṣe igbasilẹ faili agbegbe lati disiki, ati pe awọn imudojuiwọn ti o ni agbara ni a tun mu ṣiṣẹ lẹhin igbati ikojọpọ ti pari.

Awọn iṣọra lati mu nigba ti a ba ṣatunkọ faili faili agbegbe pẹlu ọwọ? Kanna bi ẹni pe a n ṣẹda rẹ, laisi gbagbe lati mu nọmba ni tẹlentẹle pọ si nipasẹ 1 tabi ni tẹlentẹle ṣaaju fifipamọ faili pẹlu awọn ayipada ipari.

A di awọn agbegbe naa di

Bi a ṣe n ṣe awọn ayipada si Awọn agbegbe Dari ati yiyipada lakoko ti DNS ati DHCP nṣiṣẹ, ohun ti o dara julọ lati ṣe ni lati di Awọn agbegbe DNS di:

[gbongbo @ dns ~] didi # rndc

Agbegbe latilinux.fan ni awọn igbasilẹ wọnyi:

[root @ dns ~] # ologbo /var/lib/bind/db.fromlinux.fan
$ ORILE. $ TTL 10800; Awọn wakati 3 lati linux.fan NI INA dns.from linux.fan. root.dns.fromlinux.fan. (
                                8; tẹlentẹle
                                86400; sọji (ọjọ 1) 3600; tun gbiyanju (wakati 1) 604800; pari (ọsẹ 1) 10800; o kere (wakati 3)) NS dns.fromlinux.fan. MX 10 mail.fromlinux.fan. TXT "FromLinux, Blog rẹ ti ya sọtọ si Software ọfẹ" $ ORIGIN fromlinux.fan. ad-dc Si 192.168.10.3 bulọọgi Si 192.168.10.7 dns Si 192.168.10.5 fileverver Si 192.168.10.4 ftpserver Lati 192.168.10.8 mail Si 192.168.10.9 proxyweb Lati 192.168.10.6 sysadmin Si 192.168.10.1 $ TTL 3600; 1 wakati win7 A 192.168.10.30 TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"

Jẹ ki a ṣafikun olupin «ile igbona»Pẹlu IP 192.168.10.10:

root @ dns: ~ # nano /var/lib/bind/db.fromlinux.fan
$ ORILE. $ TTL 10800; Awọn wakati 3 lati linux.fan NI INA dns.from linux.fan. root.dns.fromlinux.fan. (
                9; tẹlentẹle
                86400; sọji (ọjọ 1) 3600; tun gbiyanju (wakati 1) 604800; pari (ọsẹ 1) 10800; o kere (wakati 3)) NS dns.fromlinux.fan. MX 10 mail.fromlinux.fan. TXT "FromLinux, Blog rẹ ti yasọtọ si Software ọfẹ" $ ORIGIN fromlinux.fan ad-dc Si 192.168.10.3 bulọọgi Si 192.168.10.7 dns Si 192.168.10.5 fileverver Lati 192.168.10.4 ftpserver Lati 192.168.10.8 mail Si 192.168.10.9 proxyweb Si 192.168.10.6
shorewall A 192.168.10.10
sysadmin A 192.168.10.1 $ TTL 3600; 1 wakati win7 A 192.168.10.30 TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"

O yẹ ki a tun ṣe iyipada agbegbe idakeji:

root @ dns: ~ # nano /var/lib/bind/db.10.168.192.in-addr.arpa
$ ORILE. $ TTL 10800; Awọn wakati 3 10.168.192.in-addr.arpa NI SOA dns.fromlinux.fan. root.dns.fromlinux.fan. (
                                7; tẹlentẹle
                                86400; sọji (ọjọ 1) 3600; tun gbiyanju (wakati 1) 604800; pari (ọsẹ 1) 10800; o kere (wakati 3)) NS dns.fromlinux.fan. $ ORIGIN 10.168.192.in-addr.arpa. 1 PTR sysadmin.fromlinux.fan. 3 PTR ad-dc.fromlinux.fan. $ TTL 3600; 1 wakati 30 PTR win7.fromlinux.fan. $ TTL 10800; 3 wakati 4 PTR fileerver.fromlinux.fan. 5 PTR dns.fromlinux.fan. 6 proxyweb.fromlinux.fan. 7 PTR bulọọgi.desdelinux.fan. 8 PTR ftpserver.fromlinux.fan. 9 PTR mail.fromlinux.fan.
10 PTR shorewall.fromlinux.fan.

A ṣe itọlẹ ati gba agbara awọn agbegbe naa

[gbongbo @ dns ~] # rndc yo

root @ dns: ~ # journalctl -f
- Awọn akọọlẹ bẹrẹ ni Sun 2017-02-05 06:27:10 WA. - Feb 05 12:00:29 dns ti a npè ni [1996]: gba aṣẹ ikanni iṣakoso 'thaw' Feb 05 12:00:29 dns ti a npè ni [1996]: yo gbogbo awọn agbegbe: aṣeyọri Feb 05 12:00:29 dns ti a npè ni [1996 ]: zone 10.168.192.in-addr.arpa/IN: faili akọọlẹ ko ti de ọjọ: yiyọ faili iwe iroyin Feb 05 12:00:29 dns ti a npè ni [1996]: agbegbe 10.168.192.in-addr.arpa/ IN : ti kojọpọ ni tẹlentẹle 7 Feb 05 12:00:29 dns ti a npè ni [1996]: zone desdelinux.fan/IN: faili akọọlẹ ko ti ni ọjọ: yiyọ faili iwe iroyin Feb 05 12:00:29 dns ti a npè ni [1996]: zone desdelinux. àìpẹ / IN: ti kojọpọ ni tẹlentẹle 9

buzz @ sysadmin: ~ $ gbalejo shorewall
shorewall.fromlinux.fan ni adirẹsi 192.168.10.10

aruwo @ sysadmin: ~ $ gbalejo 192.168.10.10
10.10.168.192.in-addr.arpa orukọ ìkápá ijuboluwole shorewall.fromlinux.fan.

buzz @ sysadmin: ~ $ dig lati linux.fan axfr

buzz @ sysadmin: ~ $ digi 10.168.192.in-addr.arpa axfr

root @ dns: ~ # journalctl -f
.... Feb 05 12:03:05 dns ti a npè ni [1996]: alabara 192.168.10.1 # 37835 (desdelinux.fan): gbigbe ti 'desdelinux.fan/IN': AXFR bẹrẹ Feb 05 12:03:05 dns ti a npè ni [1996]: alabara 192.168.10.1 # 37835 (desdelinux.fan): gbigbe ti 'desdelinux.fan/IN': AXFR pari Feb 05 12:03:20 dns ti a npè ni [1996]: alabara 192.168.10.1 # 46905 (10.168.192. 10.168.192.in-addr.arpa): gbigbe ti '05 .12.in-addr.arpa / IN ': AXFR bẹrẹ Feb 03 20:1996:192.168.10.1 dns ti a npè ni [46905]: alabara 10.168.192 # 10.168.192 (XNUMX .in-addr.arpa): gbigbe ti 'XNUMX .XNUMX.in-addr.arpa / IN ': AXFR pari

Akopọ

Nitorinaa a ni olupin Caché DNS kan ti n ṣiṣẹ, eyiti o ṣe atilẹyin Ikọja, eyiti o jẹ Aṣẹfun fun Agbegbe naa latilinux.fan, ati pe o gba DHCP laaye lati ṣe imudojuiwọn Awọn agbegbe Dari ati Yiyipada pẹlu awọn orukọ awọn kọnputa ati IP ti o funni.

Nkan yii ati awọn meji ti tẹlẹDNS ati DHCP ni openSUSE 13.2 'Harlequin'"ati"DNS ati DHCP lori CentOS 7»Ni o wa Oba ọkan. Iwọ yoo wa awọn imọran gbogbogbo nipa DNS ati DHCP, ati awọn alaye ti pinpin kọọkan ni ọkọọkan wọn. Wọn jẹ a Akọsilẹ titẹsi si koko-ọrọ, ati ipilẹ fun awọn idagbasoke ti o nira sii.

A ko ni ṣiyemeji lati tẹnumọ - lẹẹkansii - lori pataki ti kika iwe imọ-ẹrọ ti o ti fi sori ẹrọ nipasẹ aiyipada pẹlu package kọọkan, NI Ṣaaju atunto eyikeyi alaye. A sọ ọ lati iriri ti ara wa.

Next ifijiṣẹ

O ṣee ṣe "Ilana Itọsọna Microsoft® + DIN"


Awọn akoonu ti nkan naa faramọ awọn ilana wa ti awọn ilana olootu. Lati jabo aṣiṣe kan tẹ nibi.

Awọn asọye 23, fi tirẹ silẹ

Fi ọrọ rẹ silẹ

Adirẹsi imeeli rẹ yoo ko le ṣe atejade. O beere aaye ti wa ni samisi pẹlu *

*

*

  1. Lodidi fun data naa: Miguel Ángel Gatón
  2. Idi ti data naa: SPAM Iṣakoso, iṣakoso ọrọ asọye.
  3. Ofin: Iyọọda rẹ
  4. Ibaraẹnisọrọ data: Awọn data kii yoo ni ifọrọhan si awọn ẹgbẹ kẹta ayafi nipasẹ ọranyan ofin.
  5. Ibi ipamọ data: Alaye data ti o gbalejo nipasẹ Awọn nẹtiwọọki Occentus (EU)
  6. Awọn ẹtọ: Ni eyikeyi akoko o le ni opin, gba pada ki o paarẹ alaye rẹ.

  1.   alangba wi

    Kini apakan ti Tutorial ti o ti firanṣẹ alabaṣepọ, Emi ko mọ ibiti agbara pupọ fun alaye ati aṣẹ ni awọn akọle bi eka ti iyẹn ti wa.

    Oriire mi ti o tọ julọ, ọlá lati ni anfani lati ka ọ

  2.   bafo wi

    Mo ni lati sọ fun ọ pe awọn itọnisọna ti o gbejade ni HOSTIA, Mo nifẹ wọn.
    Mo n nigbagbogbo nduro fun rẹ tókàn ipin.
    Nigbati o ba ti pari, iwọ yoo fi sii ni pdf kan bi? O jẹ iwe pe ni ero mi jẹ ohun ti o niyelori pupọ, eyiti o tọ si lati tọju daradara.
    O ṣeun pupọ ati ikini nla kan.
    Bafo.

  3.   Frederick wi

    Bafo: O ṣeun pupọ fun igbelewọn ati asọye rẹ. Ere ti o dara julọ fun akoko, iṣẹ, ati ipa ti Mo ya sọtọ si olukọ kọọkan ni asọye naa. Jẹ rere tabi odi, ṣugbọn o jẹ ami ti o ko ni akiyesi. Mo gboju ọpọlọpọ awọn onkawe kan gba lati ayelujara ati fipamọ, tabi bukumaaki rẹ. Ṣugbọn Mo le ro pe ni ibamu si nọmba awọn ọdọọdun. O jẹ aanu ti kii ṣe asọye pupọ, botilẹjẹpe Mo mọ pe awọn akọle ti Mo ba pẹlu jẹ pataki fun Sysadmins. Ikini fun ọ paapaa emi yoo duro de ọ ninu awọn nkan mi ti n bọ.

  4.   Frederick wi

    Lizard: O ṣeun fun igbelewọn otitọ rẹ ti Emi yoo ma ranti nigbagbogbo.

  5.   aworan wi

    Bawo ni iṣeto le jẹ ti Mo ni awọn atọkun nẹtiwọọki meji ninu ọran ti dipọ
    O ṣeun ati oriire lori ohun elo naa.

  6.   Frederick wi

    Artus: O ṣeun fun ọrọ rẹ ati oriire.
    Idahun si ibeere rẹ yẹ nkan ti o lọtọ lori lilo Awọn iwo - wiwo ni DINN.

    Ni ọran ti o ni Agbegbe Aṣoju labẹ iṣẹ rẹ, ati pe o fẹ lati ni ẸRỌ kan lati lọ si awọn ibeere inu lati LAN rẹ ati awọn ibeere ita lati Intanẹẹti-pẹlu BIND ti o ni aabo nipasẹ Ogiriina dajudaju- o ni iṣeduro lati lo Awọn iwo .

    Awọn Wiwo, fun apẹẹrẹ, gba ọ laaye lati ṣafihan iṣeto kan fun Nẹtiwọọki SME rẹ ati omiiran fun Intanẹẹti. Nigbati a ko ba tunto Wiwo kan ni kedere, BIND naa daada ṣẹda ọkan kan ti o fihan gbogbo awọn kọnputa ti o kan si.

    Bi lilo Awọn iwo Mo ṣe akiyesi ọrọ ti o ni ilọsiwaju le ki o kọ nkan nipa rẹ, ṣaaju tabi lẹhin ifiweranṣẹ ileri ti a kede ni opin rẹ.

    Bayi, ti o ba ni awọn atọkun nẹtiwọọki meji ti nkọju si Nẹtiwọọki SME rẹ-ti a ṣe nipasẹ Awọn Nẹtiwọọki Aladani meji- fun idiyele eyikeyi ti apẹrẹ, iwọntunwọnsi fifuye, nọmba ohun elo tabi omiiran, ati pe o fẹ ṣe afihan gbogbo awọn agbegbe rẹ si awọn nẹtiwọọki mejeeji, o le yanju pẹlu alaye:

    gbo-gbo {
    127.0.0.1;
    IP-Aladani-Ọlọpọọmídíà1;
    IP-ni wiwo-Ikọkọ2;
    };

    Ni ọna yii, BIND n tẹtisi awọn ibeere lori awọn atọkun mejeeji.

    Ti gbogbo awọn kọnputa rẹ ba wa lori Nẹtiwọọki Aladani Kilasi C 192.168.10.0/255.255.240.0 -up si awọn ogun 4094- fun apẹẹrẹ, o tun le lo alaye naa:

    gbọ-lori {127.0.0.1; 192.168.10.0/20; };

    Ati pe o n ṣe afihan wiwo kan si gbogbo awọn kọnputa ti o sopọ si LAN Aladani rẹ.

    Mo nireti pe idahun kukuru mi ṣe iranlọwọ fun ọ. Ẹ ati aṣeyọri.

    1.    aworan wi

      O ṣeun fun idahun ni kete. Ṣe o rii pe Mo n gbe olupin Debian kan pẹlu ẹya 9 (Strech), o ni DNS, dhcp ati squid bi aṣoju, fun awọn asẹ akoonu Emi yoo lo e2guardian.

      Kọmputa naa ni awọn atọkun nẹtiwọọki meji, eyiti yoo gba awọn kọnputa lori LAN lati jade si Intanẹẹti.
      olulana: 192.168.1.1
      eth0: 192.168.1.55 (nipasẹ wiwo yii yoo lọ si Intanẹẹti)
      eth1: 192.168.100.1 (LAN)

      Ero naa ni pe awọn kọnputa le lọ si Intanẹẹti nipasẹ olupin aṣoju yii, eyiti yoo tun pese awọn ips ati dns si awọn kọnputa lori nẹtiwọọki inu.

      Ni ọran yii, Emi ko nilo olupin lati tẹtisi awọn ibeere dns nipasẹ wiwo eth0 (Emi ko fẹ lati mu awọn agbegbe mi wa si awọn nẹtiwọọki mejeeji, nikan si LAN mi); nitorinaa ti Mo ba yọ IP-ikọkọ-interface1, ṣe iyẹn yoo to?

      O ṣeun lẹẹkansi ati ṣakiyesi.

  7.   Edward Claus wi

    Gan ti o dara article ore mi
    O ni ẸRẸ ninu awọn iṣọn ara rẹ, paapaa ti o ba sọ ati ronu bibẹkọ 🙂
    Felicidades

  8.   Frederick wi

    Artus: Yọ atọkun 192.168.1.55 lati inu ọrọ ifetisilẹ ki o lọ. Tabi ṣe ikede kan gbọ-lori {127.0.0.1; 192.168.100.1; }; ati pe iyẹn ni. BIND naa yoo gbọ nikan lori awọn atọkun wọnyẹn.

    1.    aworan wi

      O dara o ṣeun.

  9.   Frederick wi

    Eduardo: ọrẹ mi, Mo tun fẹ dnsmasq fun awọn nẹtiwọọki “kekere”, ati pe a ni lati rii bii “nla” wọn le jẹ. 😉 Biotilẹjẹpe Mo mọ pe olupin BIND + isc-dhcp jẹ olupin BIND + isc-dhcp. 😉

  10.   Frederick wi

    Eduardo: Mo ti gbagbe lati sọ fun ọ pe Onimọnran NIPA, iwọ ni, Ọga.

  11.   agbere wi

    Awọn ọdun ni lilo BIND ati pe Mo tẹsiwaju lati kọ ẹkọ lati kikọ rẹ, o ṣeun pupọ Federico, pẹlu jara awọn itọnisọna yii a ti yọ sysadmin kuro. Mo pada wa Mo tun tun sọ, imọran ti yika gbogbo imọ yii ni ọna kika alabara osise ko buru rara, fun ni ori pe ohun ti o dara pupọ le jade. Ikini kan.

  12.   Frederick wi

    Ọrẹ Dhunter: Awọn ọrọ rẹ nigbagbogbo gba daradara. Pipin ohun gbogbo nira ati pe o ṣeeṣe soro, nitori pe koko tuntun nigbagbogbo wa. Nipasẹ awọn ori, o lọ ati pe o ṣee ṣe. Diẹ ninu nkan yoo ni lati tun kọwe lati ni ibamu ni awọn atunto. Emi ko ṣe ileri ohunkohun, ṣugbọn awa yoo rii.

  13.   Ismail Alvarez Wong wi

    hello federico, eyi ni awọn ọrọ mi:
    1) Itọkasi ti o gbe sori «... ka ṣaaju tito leto BIND ati paapaa Ṣaaju ki o to wa Intanẹẹti fun awọn nkan ti o jọmọ BIND ati DNS ...» n wa wọn lori kọnputa tiwa ati gbogbo eyi “... laisi nlọ ile ... »lati lo awọn ọrọ tirẹ.
    2) Ninu ifiweranṣẹ yii a wa imọ-jinlẹ diẹ sii nipa DNS ti o ṣe afikun eyi ti a pese ni awọn ifiweranṣẹ meji ti tẹlẹ ati pe o ni imọran nigbagbogbo; fun apẹẹrẹ: awọn DNSSEC (Awọn amugbooro Aabo System Orukọ Aṣẹ) ati ohun ti a lo fun; bakanna Eto Iṣeto BIND pẹlu awọn faili iṣeto Aimi rẹ, Awọn faili Agbegbe fun Awọn olupin Gbongbo, ati Awọn agbegbe Iwaju ati Yiyipada ti localhost ni Debian.
    3) GREAT awọn sample ti ko disabling recursion (lilo awọn ila "recursion ko si;") ki o si ni ninu awọn iṣeto ni faili /etc/bind/named.conf.local, awọn agbegbe awọn faili / ati be be lo / dè / ita. Rfc1918 ati / ati be be /bind/zones.rfcFreeBSD lati ṣe idiwọ eyikeyi awọn ibeere ti o jọmọ wọn lati kuro ni nẹtiwọọki agbegbe si awọn olupin gbongbo.
    4) Ni idakeji ifiweranṣẹ ti tẹlẹ nipa CentOS 7, ni ipo yii ti o ba jẹ ipilẹṣẹ TSIG “dhcp-key” fun awọn imudojuiwọn DNS agbara lati DHCP; lati gba laaye ninu faili /etc/bind/named.conf.local, pẹlu "imudojuiwọn-igbesoke {bọtini dhcp-key; }; » ni iṣeto ti awọn agbegbe taara ati yiyipada ti agbegbe wa.
    5) Apejuwe nla (dogba si ifiweranṣẹ ti tẹlẹ ni CentOS 7) ti ohun gbogbo ti o ni ibatan si awọn iṣayẹwo ti iṣẹ ti DNS, DHCP ati pẹlu awọn alabara.
    6) ṢAKA ipari ti lilo pipaṣẹ "fi sori ẹrọ" (ti o ba jẹ pe o kọ ọ, Emi ko tumọ si aṣayan ti orukọ kanna ti o lo ninu awọn ofin miiran), Emi ko mọ, nitori o jẹ otitọ " 3 ni 1 "nitori awọn ẹgbẹ daakọ (cp), idasile awọn oniwun (gige) ati awọn igbanilaaye (chmod).
    . Lakotan, idahun rẹ si Artus nipa lilo Awọn iwo ni BIND dara dara julọ, ọkan fun LAN (nẹtiwọọki aladani) ati ekeji fun Intanẹẹti ki awọn iṣẹ ilu nikan ni a le gbimọran. Ni ireti nigbamii o ni akoko lati ṣeto ifiweranṣẹ bi o ti jẹ ọrọ elo to wulo pupọ fun ọpọlọpọ awọn sysadmins.
    Ko si ohun ti Federico ti Mo tẹsiwaju lati ni itara siwaju ati siwaju sii nipa jara PYMES ati pe Mo nreti si ifiweranṣẹ ti nbọ "Itọsọna Iroyin Microsoft + BIND"

  14.   Frederick wi

    Wong: Ẹlẹgbẹ ati ọrẹ, awọn asọye rẹ ṣe iranlowo awọn nkan mi ati ṣe afihan pe wọn ni oye. Aṣẹ "fi sori ẹrọ" ni ọpọlọpọ awọn aṣayan diẹ sii. Ibeere ọkunrin fi sori ẹrọ. O ṣeun ẹgbẹrun fun asọye !!!

  15.   ilorun 88 wi

    Emi ko ka awọn asọye sibẹsibẹ, Emi yoo ṣe bẹ lẹhin sisọ awọn ilana mi.
    O ti ṣe ati pe o ti ṣaṣeyọri pupọ, o ti fun wa ni ina ṣugbọn kii ṣe eyi ti a rii ni “ipari oju eefin” nigbati ko si ireti diẹ sii bi a ṣe n sọ nigbagbogbo; kii ṣe pe kii ṣe fun ohunkohun, o ti fun ni imọlẹ pipe lati ni anfani lati sọ “Ni ipari a mọ pe ere ti ọmọkunrin ni, pẹlu ọpọlọpọ awọn imọran ati sisọ ọrọ fussy” bi o ṣe ṣalaye ninu ifiweranṣẹ.
    POST TRUNK ati pẹlu awọn iṣaaju fun tọkọtaya ti awọn distros olokiki julọ. O ṣe ibamu pẹlu imugboroosi ti awọn imọran ati imọran pe ni ọpọlọpọ awọn ayeye ti o ni ipa lori wa. Mo ti ka ni alaye, ni idakẹjẹ ati pe ko ṣee ṣe lati ma ṣe asọye ki o ni itara PẸPẸ ỌPẸ fun iru ifisilẹ ati ifisilẹ.
    Laisi idunnu siwaju, a fẹ ki gbogbo yin ni ilera ati pe ki o tẹsiwaju lati ṣe alabapin; A dupẹ lọwọ rẹ ati pe o le ni orire, eto-ọrọ-aje, ilera (a fẹ ki o ni ilọpo meji) ati ifẹ yoo tẹle ọ (pẹlu Sandra ki diẹ sii, hahaha).
    Mo mọ pe asọye naa lọ diẹ diẹ sii ju akoonu ti ifiweranṣẹ lọ, o lọ si ti ara ẹni nitori a jẹ ọrẹ ati pe Mo ṣe inudidun si ifijiṣẹ alai-rubọ rẹ. Ko si ẹnikan ti o ṣe ohun ti o ṣe fun awọn ti wa ti o fẹ lati ni imọ siwaju ati siwaju sii ati pe a ni ojuse ti iṣakoso awọn nẹtiwọọki SME lori awọn ejika wa, kii ṣe iṣẹ ti o rọrun.
    Sl2 gbogbo eniyan.

  16.   Frederick wi

    crespo88: O ṣeun pupọ fun awọn igbelewọn rẹ nipa eyi ati awọn nkan atẹjade miiran. Diẹ ninu awọn onkawe le ro pe Mo fun ni gbogbo mi, nigbati ko jẹ otitọ. Mo nigbagbogbo tọka si Akọsilẹ titẹsi, paapaa ti awọn apẹẹrẹ ba ṣiṣẹ ni kikun. DID ni Ile-iṣẹ Itanna ati DHCP ko jinna sẹhin. Lati mọ wọn loke apapọ, o ni lati kọja alefa ile-iwe giga ni University of Helsinki, 😉

  17.   Aworan ipo Miguel Guaramato wi

    Mo rii koko yii ti o nifẹ ati pataki pupọ. Mo nifẹ ninu iwadi yii ti kini gbogbo nipa iṣakoso ti awọn nẹtiwọọki Linux ati paapaa awọn olupin: dns, ìmúdàgba ati dhcp aimi ati awọn nẹtiwọọki foju, bin9, samba, awọn olupin atẹjade, ldap, abojuto nẹtiwọọki pẹlu awọn ohun elo, gbeko awọn apoti isura infomesonu fun awọn olutẹpa eto ' ohun elo ati vlan, ati be be lo. Ti o ni idi ti o ṣe pataki ati pe awọn imọran wọnyi dara julọ ati pẹlu awọn iṣe ati awọn apẹẹrẹ.

  18.   Frederick wi

    Kaabo Miguel !!!
    O ṣeun fun asọye ati pe Mo nireti pe lẹsẹsẹ naa ṣe iranlọwọ fun ọ ninu kini o nifẹ si. Ẹ kí.

  19.   Jorge wi

    O ṣeun pupọ fun nkan Federico, o fihan pe o mọ nipa debian. Famọra.

  20.   Frederick wi

    O ṣeun pupọ Jorge, fun asọye rẹ. Ireti pe awọn nkan mi ran ọ lọwọ.

  21.   Pablo Raúl Vargas Hall wi

    O ṣeun pupọ fun ifiweranṣẹ eyiti o jẹ akọsilẹ daradara ati pe o rọ wa lati ka, ka ati ka lẹẹkansi. Bayi pẹlu ifiweranṣẹ atẹle ti o yoo tẹjade, Emi yoo fẹ ki o ṣe akiyesi awọn aaye ti isọdọkan ti yoo ni:
    Iwe Iroyin Microsoft pẹlu Samba4 bi Itọsọna Iroyin

    Yato si, Mo fẹ lati kan si awọn atẹle:
    Bawo ni yoo ṣe jẹ imuse ti Bind + Isc-dhcp ninu FW ni dmz nibiti oludari aṣẹ yoo wa ni dmz pẹlu samba 4 AD