Dnsmasq ati Ilana Itọsọna - Awọn nẹtiwọọki SME

Atọka gbogbogbo ti jara: Awọn nẹtiwọọki Kọmputa fun Awọn SME: Ifihan

Kaabo awọn ọrẹ !. Lati ni oye ati tẹle tọ nkan yii jẹ pataki kika awọn ti o ti ṣaju rẹ:

Wọn ṣalaye ti imọran ati imọran ti o wulo eyiti a ko ni tọka si ninu eyi. A yoo yipada pinpin ni ọdun lọwọlọwọ si Debian 8.6 "Jessie" ati pe a yoo tẹsiwaju pẹlu awọn ipele kanna ti a lo ninu DIN ati Itọsọna Iroyin ®.

  • Ilana ti a ṣalaye ninu ifiweranṣẹ yii tun wulo fun CentOS 7. Faili iṣeto / / ati be be / dnsmasq jẹ kanna. Mo kede rẹ nitori Mo ṣe akiyesi pe ko ṣe pataki lati ṣe nkan lọtọ fun Dnsmasq ati Itọsọna Iroyin® da lori CentOS. O da, awọn ilana ilana ti o ni ibatan si iwe ati iṣeto ni kanna. .
  • Dnsmaq jẹ ẹda ti Simon Kelley

Awọn idiwọn lori lilo Dnsmasq

Nitori pataki rẹ a tun ṣe awọn OPIN ti o ṣe atilẹyin Dnsmasq -run ọkunrin dnsmasq- eyiti o tan imọlẹ gangan atẹle:

OPIN

  • Awọn iye aiyipada fun awọn opin orisun orisun ni gbogbogbo Konsafetifu, ati pe o yẹ fun lilo lori awọn iru ẹrọ olulana. di pẹlu awọn onilọra lọra ati iranti kekere. Ni hardware diẹ sii  agbara, o ṣee ṣe lati mu awọn ifilelẹ lọ, ati atilẹyin ọpọlọpọ diẹ sii awon onibara. Awọn atẹle kan si dnsmasq-2.37: awọn ẹya ti tẹlẹ ko ṣe wọn gun bẹ daradara.
  • Dnsmasq lagbara lati ṣe atilẹyin DNS ati DHCP o kere ju ẹgbẹrun kan (1,000) awon onibara. Awọn akoko yiyalo ko yẹ ki o kuru ju (kere ju ọkan lọ aago). Iye ti -dns-forward-max le pọ si: bẹrẹ pẹlu deede ti nọmba awọn alabara ati mu alekun ti o ba ti awọn DNS. Akiyesi pe iṣẹ DNS tun da lori awọn olupin DNS igbesoke. Iwọn kaṣe DNS le pọ si: opin Ti beere fun ni awọn orukọ 10,000 ati pe aiyipada (150) jẹ gidigidi. Fifiranṣẹ SIGUSR1 si dnsmasq ṣe alaye bitacore ti o jẹ wulo fun iwọn kaṣe-yiyi itanran. Wo AKIYESI apakan fun awọn alaye.
  • Olupin TFTP ti a ṣe sinu rẹ lagbara lati ṣe atilẹyin awọn gbigbe lọpọlọpọ awọn faili nigbakanna: opin to ni ibatan si nọmba awọn kapa faili ti o gba laaye si ilana kan ati agbara ti sys‐tem ipe yan () lati ṣe atilẹyin awọn nọmba nla ti awọn kapa faili. Ti a ba ṣeto iye to ga julọ pẹlu –tftp-max o yoo jẹ ti iwọn ati pe opin gangan yoo di ni ibẹrẹ. Ṣe akiyesi pe awọn gbigbe diẹ sii ṣee ṣe nigbati a ba fi faili kanna ranṣẹ kini nigba igbasilẹ kọọkanferencia firanṣẹ faili miiran. O ṣee ṣe lati lo dnsmasq lati sẹ ipolowo wẹẹbu nipa lilo atokọ ti awọn olupin asia ti o mọ daradara, gbogbo ipinnu si 127.0.0.1 tabi 0.0.0.0 ni / ati be be lo / awọn ogun tabi ni faili awọn ọmọ-ogun afikun. Atokọ naa le jẹ gigun pupọ. Dnsmasq ti ni idanwo ni aṣeyọri pẹlu awọn orukọ miliọnu kan. Iwọn faili yẹn nilo Sipiyu 1GHz ati isunmọ60MB Ramu.
  • Dnsmasq lagbara lati ṣe atilẹyin DNS ati DHCP o kere ju ẹgbẹrun kan (1,000) awọn onibara.

Jẹ ki a fi sori ẹrọ ati tunto Jessie ati Dnsmasq

A yoo bẹrẹ pẹlu fifi sori tuntun ati mimọ ti olupin da lori Debian 8 "Jessie". Iyẹn ni, ẹrọ ṣiṣe laisi eyikeyi wiwo ayaworan tabi package miiran ti a fi sii. Awọn ipele nẹtiwọọki yoo jẹ kanna bii awọn ti a lo ninu nkan naa DIN ati Itọsọna Iroyin ®:

Orukọ ase mordor.fan Nẹtiwọọki LAN 10.10.10.0/24 ================================== == ========================================= Adirẹsi IP Awọn olupin Idi (Awọn olupin pẹlu OS Windows ) ============================================== = ==============================
sauron.mordor.fan. 10.10.10.3 Ilana Itọsọna® 2008 SR2
mamba.mordor.fan. 10.10.10.4 Oluṣakoso faili Windows
dns.mordor.fan 10.10.10.5 DnsMasq Server lori Jessie
òkunkun.mordor.fan. 10.10.10.6 Aṣoju, ẹnu-ọna ati ogiriina lori Kerios troll.mordor.fan. 10.10.10.7 Blog ti o da lori ... ko le ranti shadowftp.mordor.fan. 10.10.10.8 FTP olupin blackelf.mordor.fan. 10.10.10.9 Iṣẹ i-meeli ni kikun blackspider.mordor.fan. 10.10.10.10 WWW iṣẹ palantir.mordor.fan. 10.10.10.11 Iwiregbe lori Openfire fun Windows Real CNAME ============================== sauron ad-dc mamba fileserver darklord proxyweb troll bulọọgi shadowftp ftpserver blackelf mail blackspider www palantir openfire

Awọn eto olupin dns.mordor.fan akọkọ

root @ dns: ~ # nano / ati be be lo / orukọ olupin
dns

root @ dns: ~ # nano / ati be be / awọn ogun
127.0.0.1 localhost 10.10.10.5 dns.mordor.fan dns # Awọn ila wọnyi ni o wuni fun awọn ogun to lagbara IPv6 :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouter

root @ dns: ~ # nano / ati be be lo / nẹtiwọọki / awọn atọkun
# Faili yii ṣapejuwe awọn atọkun nẹtiwọọki ti o wa lori eto # rẹ ati bii o ṣe le mu wọn ṣiṣẹ. Fun alaye diẹ sii, wo awọn atọkun (5). orisun /etc/network/interfaces.d/* # Ni wiwo nẹtiwọọki loopback idojukọ lo iface lo inet loopback # Ni wiwo nẹtiwọọki akọkọ gba laaye-hotplug eth0 iface eth0 inet static address 10.10.10.5 netmask 255.255.255.0 network 10.10.10.0 broadcast 10.10.10.255. 10.10.10.1 ẹnu-ọna 127.0.0.1 # dns- * awọn aṣayan ti wa ni imuse nipasẹ package ipinnu, ti o ba fi sori ẹrọ dns-nameservers XNUMX dns-search mordor.fan

Jẹ ki a fi sori ẹrọ Dnsmasq ati htop

root @ dns: ~ # aptitude fi sori ẹrọ dnsmasq htop

Lẹhin fifi package sii Htop a le ṣayẹwo Sipiyu ati agbara iranti ti awọn ẹrọ. O n gba to bii megabiti 71 ti Ramu nikan. Ti a ba fẹ dinku agbara paapaa diẹ sii, a le fi package sii SSMTP -apẹẹrẹ MTA- eyiti o jẹ ki o sọ dipo package naa Eksim4 pe Debian n fi sii nigbagbogbo nipasẹ aiyipada ati pe a ko nilo ni deede ni ibamu si lilo ti a yoo fun olupin yii:

root @ dns: ~ # aptitude fi sori ẹrọ ssmtp
gbongbo @ dns: ~ # imukuro imọra ~ c
root @ dns: ~ # oye ti o mọ
gbongbo @ dns: ~ # autoclean aptitude
root @ dns: ~ # atunbere systemctl

Lẹhin ti tun bẹrẹ kọmputa naa, agbara jẹ bii atẹle: Dnsmasq ati Ilana Itọsọna

 

Kekere, otun? Jẹ ki a tẹsiwaju.

Jẹ ki a fihan pe Dnsmasq tun kan si Microsft® DNS naa

Lati ṣe idanwo awọn atunto Dnsmasq ṣee ṣe lori kọnputa rẹ dns.mordor.àìpẹ, a gbọdọ ṣafikun alaye ti o tọka pe Microsoft DNS ti olupin ti wa ni imọran sauron.mordor.fan. A le ṣe pẹlu itọsọna naa olupin = / mordor.fan / 10.10.10.3 ni ile ifi nkan pamosi dnsmasq.conf -bi a yoo rii nigbamii- tabi fifi ila kun nameserver 10.10.10.3 ni ile ifi nkan pamosi /etc/resolv.conf. Bi a ko ti ṣe tunto Dnsmasq gẹgẹbi awọn aini wa, a yan ọna keji:

root @ dns: ~ # nano /etc/resolv.conf
ašẹ mordor.fan
nameserver 127.0.0.1
nameserver 10.10.10.3

A le yanju awọn ibeere DNS bayi

Pẹlu iṣeto aiyipada ti Dnsmasq ti a pese nipasẹ faili akọkọ rẹ /etc/dnasmq.conf, ati pẹlu ohun ti a kede ni faili naa /etc/resolv.conf lati ọdọ olupin naa funrararẹ «dns«, Eyikeyi alabara ti o sopọ mọ LAN -ati eyiti o ti ṣalaye bi olupin DNS dns.mordor.àìpẹ- o le yanju awọn ibeere DNS ni laibikita fun Microsoft® DNS ni bayi…

  • O ṣe pataki pupọ lati ṣayẹwo iyara idahun Dnsmasq nigbati o n ṣe afihan ipo rẹ bi Olugbeja nipa ifisi IP ti o wa 10.10.10.3 ninu faili rẹ /etc/resolv.conf.

Lati ibi iṣẹ iṣakoso mi ati atilẹyin ti gbogbo awọn ohun elo nipasẹ eyiti Mo kọ, Mo ṣiṣe:

buzz @ sysadmin: ~ $ ologbo /etc/resolv.conf 
# Ti ipilẹṣẹ nipasẹ NetworkManager ašẹ mordor.fan nameserver 10.10.10.5

buzz @ sysadmin: ~ $ nslookup
> dns
Olupin: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Orukọ: dns.mordor.fan Adirẹsi: 10.10.10.5

> sauron
Olupin: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53

Idahun ti kii ṣe aṣẹ:
Orukọ: sauron.mordor.fan Adirẹsi: 10.10.10.3

> 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan
Olupin: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan canonical name = sauron.mordor.fan. Orukọ: sauron.mordor.fan Adirẹsi: 10.10.10.3

> 10.10.10.3
Olupin: 127.0.0.1 Adirẹsi: 127.0.0.1 # 53 3.10.10.10.in-addr.arpa orukọ = sauron.mordor.fan.

> 10.10.10.9
Olupin: 127.0.0.1 Adirẹsi: 127.0.0.1 # 53 9.10.10.10.in-addr.arpa orukọ = blackelf.mordor.fan.

> 10.10.10.5
Olupin: 127.0.0.1 Adirẹsi: 127.0.0.1 # 53 5.10.10.10.in-addr.arpa orukọ = dns.mordor.fan.

> meeli
Olupin: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Idahun ti kii ṣe aṣẹ: mail.mordor.fan orukọ canonical = blackelf.mordor.fan. Orukọ: blackelf.mordor.fan Adirẹsi: 10.10.10.9> ijade

aruwo @ sysadmin: ~ $

Jẹ ki a wo sunmọ awọn aaye wọnyi:

  • dns.mordor.àìpẹ taara dahun awọn ibeere DNS ti o le yanju ni ibamu si awọn eto Dnsmasq lọwọlọwọ rẹ. Ti o ko ba le yanju wọn, o ṣiṣẹ bi Olugbeja o beere IP 10.10.10.3 ti o ba le dahun ibeere naa. Nigbati o beere fun IP ti ohun elo naa «dns«, O dahun taara. Nigbati a beere Dnsmasq tani o jẹ «sauron",?, ṣe Ndari awọn a la 10.10.10.3 -O ko le dahun taara nitori o ko tii forukọsilẹ rẹ sibẹsibẹ- tani o da Idahun Aisi-Aṣẹ ti o tọ pada.
  • Nigbati o beere lọwọ tani «03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan"?, ṣe Ndari awọn lẹẹkansi ati ni akoko yii o gba Idahun Alaṣẹ lati Microsoft® DNS.
  • Iyara idahun giga ti Dnsmasq fun eyikeyi iru ibeere.

Wọn jẹ awọn alaye kekere ti o ṣe ifẹ nla ;-).

Awọn iyatọ ipilẹ laarin Dnsmasq ati BIND ti o ṣepọ pẹlu Itọsọna Iroyin ®

Jẹ ki a ṣiṣe awọn ibeere DNS meji kan lori awọn igbasilẹ soa y NS ti ìkápá naa mordor.àìpẹ, si ọkọọkan awọn orukọ olupin ti o kan:

buzz @ sysadmin: ~ $ gbalejo -t SOA mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliagi: 
mordor.fan ni igbasilẹ SOA sauron.mordor.fan. oluṣakoso ile-iṣẹ.mordor.fan. 56 900 600 86400 3600 XNUMX

buzz @ sysadmin: ~ $ gbalejo -t SOA mordor.fan 10.10.10.5
Lilo olupin ìkápá: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliagi: 
mordor.fan ni igbasilẹ SOA sauron.mordor.fan. oluṣakoso ile-iṣẹ.mordor.fan. 56 900 600 86400 3600 XNUMX

buzz @ sysadmin: ~ $ ogun -t NS mordor.fan 10.10.10.5
Lilo olupin ìkápá: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliagi: 
olupin mordor.fan olupin sauron.mordor.fan.

buzz @ sysadmin: ~ $ ogun -t NS mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliagi: 
olupin mordor.fan olupin sauron.mordor.fan.

Awọn idahun jẹ aami kanna - eyiti o jẹ ọgbọngbọn - nitori nigbagbogbo dahun pada sauron.mordor.fan. ṣaaju ibeere DNS nipa awọn igbasilẹ soa o NS, biotilejepe dabi kini o dahun dns.mordor.àìpẹ. Sibẹsibẹ, o yatọ si ohun ti a rii ninu nkan naa DIN ati Itọsọna Iroyin® nibiti a ti yọ iṣẹ Microsoft® DNS kuro patapata. Ninu nkan yẹn GBOGBO awọn ibeere DNS nipa Orukọ Orukọ Domino mordor.àìpẹ ẸRỌ naa da wọn lohun, nitori a tunto rẹ ni ọna naa, ati pe BIND ṣe idahun awọn ibeere soa y NS ni afikun si gbigba eto naa laaye Titunto si - Ẹrú, Gbigbe agbegbe, ati bẹbẹ lọ, ati nitorinaa o jẹ olupin DNS ti o pari diẹ sii - eka.

Boya awọn ni awọn iyatọ akọkọ laarin DNS ti Dnsmasq ati BIND ... pero BIND -n nigbagbogbo le jẹ ọkan tabi diẹ ẹ sii buts- ko ni olupin DHCP ti o ṣepọ laisiyonu pẹlu olupin DNS ni ẹyọkan daemond, ati laisi iwulo fun awọn bọtini TSIG, awọn faili iṣeto, Awọn apoti isura data Agbegbe, ati bẹbẹ lọ, bi a ti rii ninu awọn nkan ti tẹlẹ.

  • Mo ro pe nisinsinyi, Awọn onkawe wa Olufẹ yoo ti mọ pe Emi ko korira IKỌ tabi fẹran Dnsmasq ju BIND. Awọn ijiroro ọjọ iwaju nipa rẹ jẹ asan egbin lapapọ, nitori o ni ọpọlọpọ lati ṣe pẹlu awọn aini, awọn ibeere, awọn ohun itọwo, awọn ayanfẹ ati .... ojutu kọọkan ni ifaya rẹ ;-).
  • Ni awọn oju iṣẹlẹ ti o jọra, jẹ ki gbogbo eniyan fi sori ẹrọ ati tunto sọfitiwia ti o fẹ ati pe wọn mọ diẹ sii nipa. ati pe ohun gbogbo n ṣiṣẹ bi o ti ṣe yẹ.

Awọn anfani ti idapọ Dnsmasq + Ilana Itọsọna ®

Pẹlu apapo yii a ni ibiti awọn idahun pipe si awọn ibeere DNS ati ọna ti o munadoko ti yiya awọn adirẹsi IP fun SME LAN wa. Bii a yoo rii nigbamii, o ṣiṣẹ ni deede fun eyikeyi ipo nipa boya tabi kii ṣe kọnputa kọnputa si Microsoft® Active Directory® Adarí Aṣẹ. Ni afikun, a ni DNS ati olupin DNS Olugbeja Nipasẹ didara, pẹlu olupin DHCP ti o yara pupọ. Ati gbogbo wọn pẹlu ibeere kekere fun awọn orisun. Ṣe o fẹ diẹ sii?

Ṣe o ṣee ṣe Dnsmasq + DIN?

Dajudaju bẹẹni. Botilẹjẹpe Mo ṣeduro pe ki wọn fi sori ẹrọ lori awọn kọnputa oriṣiriṣi ki ko si awọn ijamba nitori ibudo ti o fẹran pupọ ti 53 ti iṣẹ DNS. Boya a yoo rii nkankan nipa rẹ nigbati a ba de si AD-DC ti o da lori Samba 4 Tani o mọ?

Awọn imọran nipa Dnamasq

  • Awọn faili iṣẹ pataki fun Dnsmasq lati pese DHCP ati awọn iṣẹ DNS lori LAN ni: /ati be be/dnsmasq.conf, / Ati be be / ogun, /var/lib/misc/dnsmasq.leasesati /etc/resolv.conf. Faili naa dnsmasq.fun awọn o ṣẹda nigbati o ya adirẹsi IP akọkọ rẹ.
  • Faili iṣẹ miiran ti o le lo ni / ati be be lo / ether. Ti iru faili bẹẹ ba wa, itọsọna naa ka-ethers ṣalaye ninu faili atunto, sọ fun Dnsmasq lati ka. O wulo pupọ nigbati a ba jọmọ Awọn adirẹsi MAC / awọn orukọ agbalejo fun awọn idi kan.
  • Iṣẹ DNS le jẹ alaabo patapata nipa lilo itọsọna naa ibudo = 0 ni dnsmasq.conf.
  • Iṣẹ DHCP fun ọkan tabi diẹ sii awọn atọkun nẹtiwọọki le jẹ alaabo nipasẹ awọn itọsọna -kan fun laini kọọkan- ko si-dhcp-interface = eth0, ko si-dhcp-interface = eth1, ati bẹbẹ lọ. O wulo pupọ nigba ti a ba wa niwaju ẹgbẹ kan pẹlu awọn atọkun nẹtiwọọki 2-tabi diẹ sii ati pe a fẹ ki a pese iṣẹ DHCP nikan nipasẹ ọkan ninu wọn tabi ẹnikẹni. Nitoribẹẹ, ti a ba mu iṣẹ DHCP ṣiṣẹ fun gbogbo awọn atọkun, a yoo fi iṣẹ DNS silẹ nikan. Ti a ba mu awọn iṣẹ mejeeji ṣiṣẹ, lẹhinna kilode ti a nilo Dnsmasq? 😉
  • Lati sọ si Awọn olupin Orukọ Aṣayan DNS miiran rara wa ni gbangba tabi ita si LAN-gẹgẹ bi ọran ti Microsoft DNS- a ṣe nipasẹ itọsọna naa olupin = / orukọ ìkápá / olupin DNS IP ni ile ifi nkan pamosi /ati be be/dnsmasq.conf. Apẹẹrẹ: olupin = / mordor.fan / 10.10.10.3.
  • Lati sọ fun Dnsmasq pe awọn ibeere nipa awọn ibugbe agbegbe ni idahun nikan lati faili naa / Ati be be / ogun tabi nipasẹ DHCP rẹ, a gbọdọ ṣafikun itọsọna naa agbegbe = / localnet / ninu faili akọkọ ti iṣeto rẹ. Apẹẹrẹ: agbegbe = / mordor.fan /.
  • Lati ṣatunṣe faili naa daradara /etc/resolv.conf - yanju a daba pe kika kika itọnisọna rẹ nipa lilo pipaṣẹ ọkunrin resolv.conf. Ti o ba fi Debian 8.6 "Jessie" sori ẹrọ iwọ yoo rii pe o ti kọ daradara ni ede Sipeeni.
  • Dnsmasq ko lo awọn faili Awọn agbegbe lati dahun taara tabi yiyipada awọn ibeere.
  • Lati mọ itumọ aaye kọọkan «pataki»Iyẹn ni a lo ninu ikede ti SRV Resource Record, o yẹ ki o kan si alagbawo DIN ati Itọsọna Iroyin ®. Ilana ti awọn igbasilẹ SRV ninu faili naa /ati be be/dnsmasq.conf O ti wa ni bi wọnyi:
    srv-ogun = , , , ,

Awọn onkawe ti o fẹ lati mọ diẹ sii, jọwọ ka faili atilẹba daradara /ati be be/dnsmasq.conf tabi awọn iwe ti o wa tẹlẹ ninu itọsọna naa / usr / pin / doc / dnsmasq-ipilẹ.

root @ dns: ~ # ls -l / usr / share / doc / dnsmasq-base /
lapapọ 128 -rw-r - r-- gbongbo gbongbo 1 May 883 5 aṣẹ -rw-r - r - gbongbo root 2015 1 36261 May 5 2015 changelog.archive.gz -rw-r - r-- root 1 root 11297 May 5 2015 changelog.Debian.gz -rw-r - r-- 1 root root 26014 May 5 2015 changelog.gz -rw-r - r - 1 root root 2084 May 5 2015 DBus-interface. Gz -rw- r - r-- root 1 root 4297 May 5 2015 doc.html drwxr-xr-x 2 root gbongbo 4096 Feb 19 17:52 apeere -rw-r - r- root 1 gbongbo 9721 May 5 2015 FAQ.gz -rw -r - r-- gbongbo gbongbo 1 May 4180 5 README.Debian -rw-r - r-- root root 2015 May 1 12019 setup.html

Jẹ ki a tunto Dnsmasq ati Resolver

A yoo gba bi itọsọna akọkọ - yiyipada awọn orukọ ati awọn miiran, nitorinaa - faili iṣeto ti a lo ninu nkan naa «Dnsmasq lori CentOS 7.3".

Jẹ ki a ma gbagbe igbesẹ ti n tẹle:

[root @ dns ~] # mv /etc/dnsmasq.conf /etc/dnsmasq.conf.original

Awọn adirẹsi IP ti o wa titi

Awọn adirẹsi ti awọn olupin tabi ẹrọ ti o nilo IP -boti ti o wa titi IPv4 bi IPv6- ti ṣalaye ninu faili naa / Ati be be / ogun:

[root @ dns ~] # nano / ati be be / awọn ogun
127.0.0.1 localhost # Awọn ila wọnyi ni o wuni fun awọn ogun to lagbara IPv6 :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouter # Awọn olupin ati awọn kọnputa pẹlu awọn IP ti o wa titi. 10.10.10.1 sysadmin.mordor.fan 10.10.10.3 sauron.mordor.fan 10.10.10.4 mamba.mordor.fan 10.10.10.5 dns.mordor.fan 10.10.10.6 darklord.mordor.fan 10.10.10.7 troll.mordor.fan 10.10.10.8. 10.10.10.9 shadowftp.mordor.fan 10.10.10.10 blackelf.mordor.fan 10.10.10.11 blackspider.mordor.fan XNUMX palantir.mordor.fan

Jẹ ki a ṣẹda faili /etc/dnsmasq.conf

[root @ dns ~] # nano /etc/dnsmasq.conf
# --------------------------------------------------------- ------------------ # Awọn aṣayan GENERAL # ---------------------------- - -------------------------------------- nilo-ašẹ # Maṣe ṣe awọn orukọ laisi ìkápá naa apakan bogus-priv # Maṣe ṣe awọn adirẹsi ni aaye ti ko gbooro faagun-awọn ogun # Ṣafikun ibugbe ni adaṣe lati gbalejo wiwo = eth0 # Ni wiwo  Ṣọra ti Ọlọpọọmídíà # ayafi-ni wiwo = eth1 # MAA ṢE tẹtisi fun aṣẹ-aṣẹ NIC ti o muna yii # Bere fun ninu eyiti o ṣe ayẹwo faili /etc/resolv.conf # Pẹlu ọpọlọpọ awọn aṣayan iṣeto diẹ sii # nipasẹ faili kan tabi nipa wiwa iṣeto # awọn faili ni afikun ninu itọsọna # conf-file = / etc / dnsmasq.more.conf conf-dir = / etc / dnsmasq.d # Ti o ni ibatan si orukọ Orukọ Aṣẹ = mordor.fan # Orukọ Aṣẹ # Olupin Aago jẹ 10.10.10.1. adirẹsi = / time.windows.com / 10.10.10.1 # Rán aṣayan ofo ti iye WPAD.  Beere fun # Windos 7 ati awọn alabara nigbamii lati huwa daradara.  ;-) dhcp-option = 252, "\ n" # Faili nibi ti a yoo sọ awọn HOSTS ti yoo "gbesele" addn-host = / etc / banner_add_hosts # Kan si olupin Microsoft® DNS "sauron" ti a ba # jẹ ki a ṣiṣe olupin = / mordor.fan / 10.10.10.3 # Awọn ibeere nipa awọn ibugbe agbegbe ni yoo dahun # lati / ati be be lo / awọn ogun tabi nipasẹ DHCP agbegbe = / mordor.fan / # Awọn ibeere nipa PTR tabi Awọn igbasilẹ Yiyipada yoo dahun # nipasẹ awọn olupin ” dns "ati" sauron "ni olupin aṣẹ naa = / 10.10.10.in-addr.arpa / olupin 10.10.10.5 = / 10.10.10.in-addr.arpa / 10.10.10.3 # ------- - --------------------------------------------------------- --------- # REGISTROSCNAMEMXTXT # ------------------------------------ - - ----------------------------- # Iru iforukọsilẹ yii nilo titẹsi # ninu / ati be be lo / awọn ogun # faili fun apẹẹrẹ: 10.10.0.7. 10 troll.mordor.fan troll # cname = ALIAS, REAL_NAME cname = ad-dc.mordor.fan, sauron.mordor.fan cname = fileserver.mordor.fan, mamba.mordor.fan cname = proxyweb.mordor.fan, darklord .mordor.fan cname = blog.mordor .fan, troll.mordor.fan cname = ftpserver.mordor.fan, shadowftp.mordor.fan cname = mail.mordor.fan, blackelf.mordor.fan cname = www.mordor.fan, blackspider.mordor.fan cname = opendire .mordor.fan, palantir.mordor.fan # MX Awọn igbasilẹ # Pada igbasilẹ MX pẹlu orukọ "mordor.fan" ti pinnu fun ẹgbẹ blackelf.mordor.fan ati pataki ti 10 mx-host = mordor.fan, meeli. mordor.fan, XNUMX # Ibi-afẹde aiyipada fun awọn igbasilẹ MX ti a ṣẹda # nipa lilo aṣayan agbegbe ni yoo jẹ: mx-target = mail.mordor.fan # Pada igbasilẹ MX kan ti o tọka si mx-afojusun fun GBOGBO # awọn ẹrọ agbegbe agbegbe agbegbe # Awọn igbasilẹ TXT. 

dhcp-lease-max = 222 # Nọmba ti o pọju awọn adirẹsi lati yalo
                        # nipasẹ aiyipada jẹ 150
# IPV6 Range # dhcp-range = 1234 ::, ra-only # Awọn aṣayan fun RANGE # OPTIONS dhcp-option = 1,255.255.255.0 # NETMASK dhcp-option = 3,10.10.10.253 # ROUTER GATEWAY aṣayan dhcp = 6,10.10.10.5. 15 # Awọn olupin DNS dhcp-aṣayan = 19,1, mordor.fan # DNS Orukọ orukọ dhcp-aṣayan = 28,10.10.10.255 # aṣayan ip-firanšẹ ON dhcp-aṣayan = 42,10.10.10.1 # BROADCAST dhcp-option = 40. 41,10.10.10.3 # NTP # dhcp-option = 44,10.10.10.3, MORDOR # NIS Orukọ Orukọ # dhcp-aṣayan = 45,10.10.10.3 # NIS Server # dhcp-option = 73,10.10.10.3 # WINS # dhcp-option = 46,8 # Awọn data data NetBIOS # dhcp-option = XNUMX # Server Server # dhcp-option = XNUMX # NetBIOS node dhcp-authoritative # DHCP Aṣẹ ninu subnet # ------------- --------------------------------------------------------- --- # -------------------------------------------- - - - --------------------- # IWADI iru -f / var / log / syslog tabi journalctl -f # ------------ - --------------------------------------------------------- ---- log-queries # -------------------------------------------- - ------------------------- # Re Awọn igbasilẹ A ati SRV ti o baamu si Itọsọna Iroyin # ----------------------------------------- ----------------------------
# Awọn igbasilẹ A
adirẹsi = / gc._msdcs.mordor.fan / 10.10.10.3 adirẹsi = / DomainDnsZones.mordor.fan / 10.10.10.3 adirẹsi = / ForestDnsZones.mordor.fan / 10.10.10.3

# Igbasilẹ CNAME Agbegbe Microsoft DNS _msdcs.mordor.fan
cname=03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan,sauron.mordor.fan

Awọn igbasilẹ # SRV
# srv-ogun = , , , ,

# Iwe agbaye # Agbegbe Microsoft DNS _msdcs.mordor.fan
srv-host = _ldap._tcp.gc._msdcs.mordor.fan, sauron.mordor.fan, 3268,0,0 srv-host = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mordor .fan, sauron.mordor.fan, 3268,0,0
# Agbegbe Microsoft DNS mordor.fan
srv-host = _gc._tcp.mordor.fan, sauron.mordor.fan, 3268,0,0 srv-host = _gc._tcp.Default-First-Site-Name._sites.mordor.fan, sauron.mordor.fan .3268,0,0

# Ti tunṣe ati ikọkọ LDAP ti Itọsọna Iroyin
# Agbegbe Microsoft DNS _msdcs.mordor.fan
srv-host=_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.pdc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
# Agbegbe Microsoft DNS mordor.fan
srv-host=_ldap._tcp.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0

#
# KERBEROS ti yipada ati ikọkọ lati Itọsọna Iroyin
srv-host=_kerberos._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kerberos._tcp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._tcp.mordor.fan,sauron.mordor.fan,464,0,0
srv-host=_kerberos._udp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._udp.mordor.fan,sauron.mordor.fan,464,0,0

# OPIN ti faili /etc/dnsmasq.conf
# --------------------------------------------------------- --------------------

Jẹ ki a ṣẹda faili / ati be be / banner_add_host

[gbongbo @ dns ~] # nano / ati be be lo /banner_add_hosts
127.0.0.1 windowsupdate.com 127.0.0.1 ctldl.windowsupdate.com 127.0.0.1 ocsp.verisign.com 127.0.0.1 csc3-2010-crl.verisign.com 127.0.0.1 www.msftncsi.com 127.0.0.1 ipv6.msftncsi.com 127.0.0.1 teredo.ipv6.microsoft.com 127.0.0.1 ds.download.windowsupdate.com 127.0.0.1 download.microsoft.com 127.0.0.1 fe2.update.microsoft.com 127.0.0.1 crl.microsoft.com 127.0.0.1 www .download.windowsupdate.com 127.0.0.1 win8.ipv6.microsoft.com 127.0.0.1 spynet.microsoft.com 127.0.0.1 spynet1.microsoft.com 127.0.0.1 spynet2.microsoft.com 127.0.0.1 spynet3.microsoft.com 127.0.0.1. 4 spynet127.0.0.1.microsoft.com 5 spynet127.0.0.1.microsoft.com 15 office127.0.0.1client.microsoft.com 127.0.0.1 addons.mozilla.org XNUMX crl.verisign.com

[gbongbo @ dns ~] # dnsmasq - idanwo
dnsmasq: sintasi ṣayẹwo O dara.

[root @ dns ~] # systemctl tun bẹrẹ dnsmasq.service 
[gbongbo @ dns ~] # systemctl ipo dnsmasq.service

Jẹ ki a ṣe atunṣe faili /etc/resolv.conf - Resolver

root @ dns: ~ # nano /etc/resolv.conf 
ibugbe mordor.fan wiwa mordor.fan

Kilode ti a ko ni awọn ila lasan ti a ṣalaye ninu faili naa resolv.conf? Nitori awa kede ninu dnsmasq.conf awọn itọsọna wọnyi:

# Kan si olupin Microsoft® "sauron" ti a ba # fi silẹ ni ṣiṣiṣẹ
olupin = / mordor.fan / 10.10.10.3

# Awọn ibeere nipa awọn ibugbe agbegbe ni yoo dahun # lati / ati be be lo / awọn ogun tabi nipasẹ DHCP
agbegbe = / mordor.fan /

# Awọn ibeere nipa PTR tabi Awọn igbasilẹ yiyipada yoo dahun # nipasẹ awọn olupin “dns” ati “sauron” ni ilana yẹn
olupin = / 10.10.10.in-addr.arpa / 10.10.10.5 olupin = / 10.10.10.in-addr.arpa / 10.10.10.3

Awọn ibeere lati sysadmin.mordor.fan

Faili naa /etc/resolv.conf ti egbe yii ni:

buzz @ sysadmin: ~ $ ologbo /etc/resolv.conf
# Ti ipilẹṣẹ nipasẹ wiwa kiri NetworkManager mordor.fan nameserver 10.10.10.5
buzz @ sysadmin: ~ $ ogun -t Lati spynet4.microsoft.com
spynet4.microsoft.com ni adirẹsi 127.0.0.1

buzz @ sysadmin: ~ $ ogun -t Lati www.download.windowsupdate.com
www.download.windowsupdate.com ni adirẹsi 127.0.0.1

Buzz@sysadmin: ~ $ dig dns
buzz @ sysadmin: ~ $ dig dns.mordor.fan
;; IPIN IBERE :; dns.mordor.fan. INU A ;; IPIN IDAHUN: dns.mordor.fan. 0 NI INU 10.10.10.5

buzz @ sysadmin: ~ $ ogun -t SRV _ldap._tcp.gc._msdcs
buzz @ sysadmin: ~ $ ogun -t SRV _ldap._tcp.gc._msdcs.mordor.fan
_ldap._tcp.gc._msdcs.mordor.fan ni igbasilẹ SRV 0 0 3268 sauron.mordor.fan.

buzz @ sysadmin: ~ $ dig _ldap._tcp.gc._msdcs.mordor.fan
;; IPIN IBEERE :; _ldap._tcp.gc._msdcs.mordor.fan. INU A ;; IPIN IDAHUN: _ldap._tcp.gc._msdcs.mordor.fan. 0 NI INU 10.10.10.3

buzz @ sysadmin: ~ $ ma wà mordor.fan axfr
buzz @ sysadmin: ~ $ digi 10.10.10.in-addr.arpa axfr

Ati ni ọna yii, ọpọlọpọ awọn ijumọsọrọ ti a nilo

Dnsmasq + Active Directory® + Microsoft® Awọn alabara Windows

Lorukọ Olumulo Windows® Microsoft® kan

meje.mordor.fan adani IP adiresi:

root @ dns: ~ # ologbo /var/lib/misc/dnsmasq.leases 
1488006009 00:0c:29:d6:14:36 10.10.10.115 seven 01:00:0c:29:d6:14:36

Jẹ ki a fun lorukọ mii «meje»-Ewo ni ko darapọ mọ Aṣẹ Itọsọna Iroyin - nipasẹ«eucalyptus«. Lẹhin iyipada ati atunbere a ṣayẹwo:

root @ dns: ~ # ologbo /var/lib/misc/dnsmasq.leases 
1488006633 00:0c:29:d6:14:36 10.10.10.115 eucaliptus 01:00:0c:29:d6:14:36

A le rii itan awọn ayipada lati “sysadmin”:

buzz @ sysadmin: ~ $ ogun -t A meje
meje.mordor.fan ni adirẹsi 10.10.10.115

Lẹhin iyipada orukọ

buzz @ sysadmin: ~ $ ogun -t A meje
meje ko ni igbasilẹ A

buzz @ sysadmin: ~ $ ogun -t A eucaliptus
eucaliptus.mordor.fan ni adirẹsi 10.10.10.115

Awọn ibeere lati ọdọ alabara eucaliptus.mordor.fan

Microsoft Windows [Ẹya 6.1.7601]
Aṣẹ-lori-ara (c) Microsoft Corporation. Gbogbo awọn Ẹtọ wa ni ipamọ.

C: \ Awọn olumulo \ buzz> nslookup
Olupin aiyipada: dns.mordor.fan Adirẹsi: 10.10.10.5

> sauron
Olupin: dns.mordor.fan Adirẹsi: 10.10.10.5 Orukọ: sauron.mordor.fan Adirẹsi: 10.10.10.3

> mordor.fan
Olupin: dns.mordor.fan Adirẹsi: 10.10.10.5 Orukọ: mordor.fan Adirẹsi: 10.10.10.3

> eucalyptus
Olupin: dns.mordor.fan Adirẹsi: 10.10.10.5 Orukọ: eucaliptus.mordor.fan Adirẹsi: 10.10.10.115

> 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan
Olupin: dns.mordor.fan Adirẹsi: 10.10.10.5 Orukọ: sauron.mordor.fan Adirẹsi: 10.10.10.3 Awọn aliasi: 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan

> ṣeto iru = SRV
> _kerberos._udp.mordor.fan
Olupin: dns.mordor.fan Adirẹsi: 10.10.10.5 _kerberos._udp.mordor.fan SRV ipo iṣẹ: ayo = 0 iwuwo = 0 ibudo = 88 svr hostname = sauron.mordor.fan sauron.mordor.fan adirẹsi ayelujara = 10.10.10.3. XNUMX

> _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan
Olupin: dns.mordor.fan Adirẹsi: 10.10.10.5 _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan SRV ipo iṣẹ: ayo = 0 iwuwo = ibudo 0 = 389 svr hostname = sauron .mordor.fan sauron.mordor.fan adirẹsi ayelujara = 10.10.10.3

> jade

C: \ Awọn olumulo \ buzz>

Iforukọsilẹ awọn alabara Windows ni Microsoft® DNS

Awọn alabara Windows Ko Darapọ mọ Active Directory® Aṣẹ

A gbọdọ ṣayẹwo ti awọn adirẹsi IP yiyalo nipasẹ awọn oriṣiriṣi awọn alabara Windows lati Dnsmasq ti wa ni aami ti o tọ ni Microsoft® DNS. O le ni ipa ọna ti a tan Awọn Imudojuiwọn Dynamic - Awọn imudojuiwọn dainamiki ninu Microsoft® Awọn agbegbe DNS® ti Itọsọna Iroyin®. A bẹrẹ lati iṣeto aiyipada ti Microsoft DNS eyiti ngbanilaaye Awọn imudojuiwọn Yiyi to ni aabo nikan - Awọn imudojuiwọn dainamiki -> Ni aabo nikan, ninu ọkọọkan Awọn agbegbe rẹ.

Akiyesi pe alabara pẹlu lọwọlọwọ FQDN eucalyptus.mordor.fan rara ti wa ni asopọ si Aṣẹ Itọsọna Iroyin (tabi Samba4 AD-DC kan), ati pe o jẹ iyatọ si ofin Microsoft pe «Awọn alabara ti o forukọsilẹ ni Aṣẹ Mi nikan ni yoo ni igbanilaaye nipasẹ Ilana Imudojuiwọn Mi - eyiti Mo mọ nikan- lati forukọsilẹ ni DNS Mi«. Ohun rere ti Samba4 AD-DC kọ wa nkankan nipa rẹ.

eucaliptus.mordor.àìpẹ yiyalo IP 10.10.10.115:

buzz @ sysadmin: ~ $ ogun -t A eucaliptus
eucaliptus.mordor.fan ni adirẹsi 10.10.10.115

Jẹ ki a yi orukọ rẹ pada si «mahogany«, Jẹ ki a tun Windows 7 bẹrẹ, ki o wo ohun ti o ṣẹlẹ nigbati a beere fun awọn orukọ«eucalyptus"Y"mahogany»Si kọọkan ti DNS, akọkọ si Microsoft DNS ati lẹhinna si Dnsmasq:

buzz @ sysadmin: ~ $ ogun -t A eucaliptus.mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliagi: 

Ko gbalejo eucaliptus.mordor.fan: 3 (NXDOMAIN)

buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliagi: 

Ko gbalejo mahogany.mordor.fan: 3 (NXDOMAIN)

buzz @ sysadmin: ~ $ ogun -t A eucaliptus.mordor.fan 10.10.10.5
Lilo olupin ìkápá: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliagi: 

Ko gbalejo eucaliptus.mordor.fan: 3 (NXDOMAIN)

buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.5
Lilo olupin ìkápá: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliagi: 

mahogany.mordor.fan ni adirẹsi 10.10.10.115

A le yi orukọ ti alabara Windows 7 naa pada rara ti wa ni asopọ si Ašẹ mordor.àìpẹ ti Itọsọna Iroyin® ni ọpọlọpọ igba bi a ṣe fẹ, pe Microsoft® DNS ko wa nipa awọn ayipada wọnyi tabi pe iru alabara kan wa. Ṣe o ṣee ṣe pe o jẹ nikan nitori a ti yan aṣayan  Awọn imudojuiwọn dainamiki -> Ni aabo nikan ni Agbegbe kọọkan ti DNS Micorosft?.

Ni ibere fun Ọgbẹni Microsoft® DNS lati mọ nipa awọn ayipada, a gbọdọ yan Awọn imudojuiwọn dainamiki -> Ailẹsẹkẹsẹ ati aabo. Aṣayan yii, Awọn onkawe Olufẹ, tumọ si ailagbara pataki ti aabo ti eyikeyi olupin Orukọ Aṣẹ ti o bọwọ, boya Microsft® tabi UNIX® / Linux Microsoft® DNS kilọ nipa ailagbara nitori ni opin o kii ṣe nkan diẹ sii ju BẸDẸ ti o yipada ati ti ikọkọ lọ lati fun wa «Aabo fun Okunkun«. Bi kii ba ṣe bẹ, kilode ti o fi ṣeduro fifipamọ lori olokiki rẹ registration gbogbo awọn eto DNS ati awọn igbasilẹ ti DNS® Microsoft® rẹ nigba ti a ba n ṣe ilana Itọsọna Iroyin®?. Ni afikun si atilẹyin awọn imudojuiwọn ti ko ni aabo si Microsoft® DNS, o nilo iyipada wọnyi ni iṣeto kaadi kaadi alabara Windows 7:

 

Jẹ ki a ṣayẹwo:

buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.3
Lilo olupin olupin: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliases: caoba.mordor.fan ni adirẹsi 10.10.10.115

aruwo @ sysadmin: ~ $ gbalejo 10.10.10.115 10.10.10.3
Lilo olupin olupin: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliases: 115.10.10.10.in-addr.arpa ašẹ orukọ ijuboluwole mahogany.mordor.fan.

buzz @ sysadmin: ~ $ ogun -t A mahogany 10.10.10.5
Lilo olupin olupin: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliases: caoba.mordor.fan ni adirẹsi 10.10.10.115

aruwo @ sysadmin: ~ $ gbalejo 10.10.10.115 10.10.10.5
Lilo olupin olupin: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliases: 115.10.10.10.in-addr.arpa ašẹ orukọ ijuboluwole mahogany.mordor.fan.

Bẹẹni bayi. Kini amuṣiṣẹpọ dara julọ fun awọn olupin DNS meji ti ko ṣiṣẹpọ nipasẹ ọna eyikeyi!

Awọn alabara Windows darapọ mọ Directory Direct Active® Domain

Jẹ ki a ṣọkan alabara mahogany.mordor.fan si Aṣẹ, ṣugbọn kii ṣe ṣaaju yiyọ iyipada ti a ṣe ni iṣeto ti kaadi nẹtiwọọki rẹ, ti o ba jẹ nigbakugba ti a ṣe lati rii daju aaye ti ipin ti tẹlẹ. Tun pa titẹ sii rẹ fun «mahogany»Ninu Microsoft® DNS, ki o da Awọn imudojuiwọn Dynamic pada si aaye wọn ti ipilẹṣẹ ti «Ni aabo nikan«. Ni ọna, o wulo lati tun bẹrẹ iṣẹ Microsoft® DNS.

Lẹhin ti o darapọ mọ Ašẹ, ati pelu gbogbo awọn ipa wa, alabara naa «mahogany»Ko forukọsilẹ ni Microsoft® DNS. A paapaa polongo ninu dnsmasq.conf -igba-pe olupin DNS akọkọ jẹ 10.10.10.3.

Microsoft Windows [Ẹya 6.1.7601]
Aṣẹ-lori-ara (c) Microsoft Corporation. Gbogbo awọn Ẹtọ wa ni ipamọ.

C: \ Awọn olumulo \ saruman> ipconfig / gbogbo

Windows IP iṣeto ni Orukọ Ogun. . . . . . . . . . . . : MAHOGANY Primary Dns Suffix. . . . . . . : mordor.fan Node Iru. . . . . . . . . . . . : Agbara ipa ọna IP arabara ṣiṣẹ. . . . . . . . : Ko si WINS aṣoju Igbaalaaye. . . . . . . . : Ko si Akojọ Wiwa Suffix DNS. . . . . . : ohun ti nmu badọgba Ethernet mordor.fan Asopọ Agbegbe Agbegbe: Asopọ-pato DNS Suffix. : mordor.fan Apejuwe. . . . . . . . . . . : Intel (R) PRO / 1000 MT Isopọ Asopọ Nẹtiwọọki Ti ara. . . . . . . . . : 00-0C-29-D6-14-36 Igbaalaaye DHCP. . . . . . . . . . . : Bẹẹni A ṣe atunto Aifọwọyi. . . . : Bẹẹni Ọna asopọ-agbegbe IPv6 Adirẹsi. . . . . : fe80 :: 352a: b954: 7eba: 963e% 12 (Ayanfẹ) IPv4 Adirẹsi. . . . . . . . . . . : 10.10.10.115 (Ti o fẹ) Iboju Subnet. . . . . . . . . . . : 255.255.255.0 Ti Gba Ọya. . . . . . . . . . : Ọjọ Satidee, Kínní 25, 2017 8:19:05 AM Yiyalo pari. . . . . . . . . . : Ọjọ Satidee, Kínní 25, 2017 4: 20: 36PM Ẹnu-ọna Aiyipada. . . . . . . . . : 10.10.10.253 Olupin DHCP. . . . . . . . . . . : 10.10.10.5 DHCPv6 IAID. . . . . . . . . . . : 251661353 DHCPv6 Onibara DUID. . . . . . . . : 00-01-00-01-20-3B-69-81-00-0C-29-D6-14-36

   Awọn olupin DNS. . . . . . . . . . . : 10.10.10.3
                                       10.10.10.5
   NetBIOS lori Tcpip. . . . . . . . : Ohun ti nmu badọgba Eefin ti a muu ṣiṣẹ isatap.mordor.fan: Ipinle Media. . . . . . . . . . . : Media ti ge asopọ Asopọ-kan pato DNS Suffix. : mordor.fan Apejuwe. . . . . . . . . . . : Adirẹsi Adaṣe Microsoft ISATAP Adapter. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Igbaalaaye. . . . . . . . . . . : Ko si Idojukọ Aifọwọyi. . . . : Bẹẹni Ohun ti nmu badọgba Eefin Eepọ Asopọ Agbegbe Agbegbe * 9: Ipinle Media. . . . . . . . . . . : Media ti ge asopọ Asopọ-kan pato DNS Suffix. : Apejuwe. . . . . . . . . . . : Adirẹsi Adaṣe Microsoft Adapter Tunneling Tunneling. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Igbaalaaye. . . . . . . . . . . : Ko si Idojukọ Aifọwọyi. . . . : Ati pe o jẹ

C: \ Awọn olumulo \ saruman>

buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn orukọ aliasi: Gbalejo caoba.mordor.fan ko rii: 3 (NXDOMAIN)

Buzz@sysadmin: ~ $ gbalejo -t Lati mahogany.mordor.fan
mahogany.mordor.fan ni adirẹsi 10.10.10.115
  • Ọna kan ṣoṣo ti alabara fi forukọsilẹ «mahogany»Ninu Microsft® DNS n ṣe atunṣe kaadi nẹtiwọọki rẹ bi itọkasió ni aworan ti tẹlẹ, iyẹn ni, sisọ ni gbangba pe:.
buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.3
Lilo olupin olupin: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliases: caoba.mordor.fan ni adirẹsi 10.10.10.115

buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan
mahogany.mordor.fan ni adirẹsi 10.10.10.115
Jẹ ki a yi orukọ pada lati "mahogany" si "kedari"
buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn orukọ aliasi: Gbalejo caoba.mordor.fan ko rii: 3 (NXDOMAIN)

buzz @ sysadmin: ~ $ ogun -t Lati kedari.mordor.fan 10.10.10.3
Lilo olupin ìkápá: Orukọ: 10.10.10.3 Adirẹsi: 10.10.10.3 # 53 Awọn aliases: cedro.mordor.fan ni adirẹsi 10.10.10.115

buzz @ sysadmin: ~ $ ogun -t A mahogany.mordor.fan 10.10.10.5
Lilo olupin ìkápá: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn orukọ aliasi: Gbalejo caoba.mordor.fan ko rii: 3 (NXDOMAIN)

buzz @ sysadmin: ~ $ ogun -t Lati kedari.mordor.fan 10.10.10.5
Lilo olupin ìkápá: Orukọ: 10.10.10.5 Adirẹsi: 10.10.10.5 # 53 Awọn aliases: cedro.mordor.fan ni adirẹsi 10.10.10.115

Ati gbogbo deede, bi awọn alabara Microsoft® ati Microsoft® DNS bi awọn nkan lati jẹ.

Jẹ ki a ṣiṣẹ pẹlu Microsoft® DHCP ati Microsoft® DNS

Eyin onkawe, ipin yii ti jade ni ipo ti bulọọgi ti a ṣe igbẹhin si Software ọfẹ. Wo iranlọwọ Microsoft®. Nwpn ko gbagbp ?. 😉

Awọn ipinnu

Awọn ọna pupọ lo wa lati ṣiṣẹ pẹlu Microsoft® DNS nigbati a ba jẹ ki o wa ni ajọṣepọ ni Nẹtiwọọki SME pẹlu Dnsmasq. Ninu wọn a yoo darukọ nikan ni atẹle:

  • Pari iṣẹ Microsoft® DNS patapata lori kọnputa nibiti o ti n ṣiṣẹ, o tọka lẹhinna pe ibẹrẹ iṣẹ naa jẹ alaabo. Ṣayẹwo ni iṣeto ti kaadi nẹtiwọọki ti alabara Microsoft® kọọkan aṣayan lati Forukọsilẹ adirẹsi ti asopọ ni DNS. Yọ kuro lati faili /ati be be/dnsmasq.conf Itọsọna olupin = / mordor.fan / 10.10.10.3. Awọn akọsilẹ:
    • Paapa ti awọn ibeere nipa awọn igbasilẹ ko ba dahun soa y NS, nẹtiwọọki yoo ṣiṣẹ ni deede, bii iṣọkan ti awọn alabara oriṣiriṣi -Microsoft® ati Lainos- si Active Directory® Domain.
    • O ni anfani pe ninu SME LAN yoo wa nikan Server Server Name kan - ọkunrin kan - ati pe yoo jẹ Dnsmasq. ;-). Ni apa keji, o ṣee ṣe awọn aiṣedeede laarin awọn igbasilẹ DNS ti o fipamọ ni Microsoft® DNS ati awọn ti o wa nipasẹ Dnsmasq ti parẹ.
  • Fi Microsoft® DNS silẹ lati dahun nikan awọn ibeere DNS nipa awọn igbasilẹ SOA ati NS. Akọsilẹs:
    • Ṣe atunṣe iṣeto ti kaadi nẹtiwọọki ti alabara Windows kọọkan, ṣiṣayan aṣayan lati Forukọsilẹ adirẹsi asopọ ni DNS.
    • A ro pe ojutu yii jẹ egbin ti awọn orisun.
  • Tunto awọn iṣẹ naa bi a ti rii jakejado nkan naa, eyiti o fihan ipinnu diẹ sii si fẹran ti imoye Microsoft®-kii ṣe FreeBSD / Linux- Ok?.

Akopọ

  • Awọn imọran Microsoft® DNS ti wa ni pipade pupọ. Ko fi aye silẹ fun awọn iṣeduro miiran ti ko wa ni ibamu pẹlu imọ-imọ-imọ-imọ-imọ-imọ-imọ rẹ.
  • Iseda Iya kọ wa pe a wa ninu agbaye ti o yatọ. Ohun deede ni lati ni LAN adalu, gbigbe si sọfitiwia ọfẹ, ati ọlọrọ ni igbesi aye ati oriṣiriṣi.
  • O dabi pe fun Microsoft®, awọn alabara ti ko Darapọ mọ Imọye-ọrọ Rẹ jẹ Awọn Aṣeju, ati nitorinaa ko yẹ ki o daamu lati mu wọn sinu ero.
  • Bawo ni o ṣe ṣoro lati ṣiṣẹ pẹlu Sọfitiwia Aladani! Emi yoo kuku lo diẹ ninu iṣẹ ṣiṣe siseto Software ọfẹ ki o jẹ Ofe ni otitọ, eewu!

"Idiwọn ti o dara julọ ti Otitọ jẹ Iwaṣe."


Awọn akoonu ti nkan naa faramọ awọn ilana wa ti awọn ilana olootu. Lati jabo aṣiṣe kan tẹ nibi.

Awọn asọye 11, fi tirẹ silẹ

Fi ọrọ rẹ silẹ

Adirẹsi imeeli rẹ yoo ko le ṣe atejade. O beere aaye ti wa ni samisi pẹlu *

*

*

  1. Lodidi fun data naa: Miguel Ángel Gatón
  2. Idi ti data naa: SPAM Iṣakoso, iṣakoso ọrọ asọye.
  3. Ofin: Iyọọda rẹ
  4. Ibaraẹnisọrọ data: Awọn data kii yoo ni ifọrọhan si awọn ẹgbẹ kẹta ayafi nipasẹ ọranyan ofin.
  5. Ibi ipamọ data: Alaye data ti o gbalejo nipasẹ Awọn nẹtiwọọki Occentus (EU)
  6. Awọn ẹtọ: Ni eyikeyi akoko o le ni opin, gba pada ki o paarẹ alaye rẹ.

  1.   Zodiac Carburus wi

    Nla nkan ti o ti kọ, Federico!

  2.   Julio Leon wi

    Nla pupọ nkan olufẹ mi. Ati akopọ ni XD ti o dara julọ
    Awọn iwọntunwọnsi;

  3.   alangba wi

    Emi ko ro pe Mo ti rii itọsọna pipe ati alaye diẹ sii fun sysadmin lori intanẹẹti (ni ede Spani), iṣẹ ti o n ṣe ni Awọn nẹtiwọọki fun awọn SME ni lati ṣe fireemu.

    Botilẹjẹpe iṣẹ naa nira ati de ipele ti alaye ni ọrọ ti awọn wakati pupọ, Mo gbagbọ pe o ṣẹda aaye itọkasi kan ti yoo ṣee lo bi o ti di mimọ nipasẹ nọmba nla ti SysAdmin ti o ni bọtini ninu olukọ awọn nkan rẹ fun ọpọlọpọ awọn iṣẹ ti o kọju si ni gbogbo ọjọ.

    Bi o ṣe jẹ fun dnsmasq ati itọsọna ti nṣiṣe lọwọ, Mo ro pe Emi ko ni aye lati ṣiṣẹ pẹlu awọn mejeeji, ṣugbọn ninu yàrá iwadii mi laisi alabara Windows kan, ohun gbogbo dabi pe o ti dara, ati pe kii ṣe fun kere pẹlu igbesẹ ti o tayọ yii nipasẹ igbese.

    Gba igbala rẹ silẹ «Bawo ni o ṣe ṣoro lati ṣiṣẹ pẹlu Sọfitiwia Aladani!. Emi yoo kuku lo diẹ ninu iṣẹ ti n ṣatunṣe Sọfitiwia Ọfẹ ati jẹ Ominira ni otitọ, eebu!! humanization igbagbogbo ti sọfitiwia ọfẹ.

    Oriire FIco… A n tẹsiwaju.

  4.   Frederick wi

    Zodiac: Awọn ọrọ rẹ jẹ iwuri lati tọju kikọ. Ma ṣe ṣiyemeji, ọpọlọpọ awọn wakati to dara - awọn apẹrẹ jẹ pataki lati kọ nkan ti o niwọnwọn bi eleyi.

    Julio León: Mo ki yin paapaa, olufẹ Julio. Ni ireti ati pe o tẹsiwaju pẹlu wa lori ọna ti imọ diẹ diẹ sii nipa Software ọfẹ.

    Lagarto: Awọn ọjọ ati awọn wakati ti a lo ni o tọsi daradara nigbati Mo ka awọn asọye bii awọn ti o wa ni ipo yii. Wọn jẹ ere ti o dara julọ fun iṣẹ wa. Mo kọja ọna asopọ si nkan si Simon Kelley funrararẹ o si ni aanu to lati fesi si mi.

    Mo fẹ lati lo anfani aaye yii lati sọ pe ninu ọrọ DNS ati DHCP ti a bẹrẹ - nipasẹ igbimọ - lati eka si irọrun. Dnsmasq jẹ ojutu to wulo pupọ fun Awọn nẹtiwọọki SME, ati pe o rọrun pupọ lati ṣe ju BIND + Isc-Dhcp-Server duo lọ. Koko-ọrọ naa le dabi imọ-ẹrọ diẹ si ọpọlọpọ awọn onkawe. Pẹlu akoko ati adaṣe wọn yoo mọ pe eyi kii ṣe ọran naa. O tọ si daradara keko Awọn Agbekale ti Oluṣeto Amayederun, akọle ti yoo ka awọn nkan 6 ti a kọ nipa awọn iṣẹ DNS ati DHCP, laisi gbagbe NTP.

    Oriire fun gbogbo eniyan… A n tẹsiwaju!

  5.   IWO wi

    O ṣeun Federico fun nkan nla miiran pẹlu awọn alaye ti o tobi pupọ ati ilana ti o gbooro nipa Dnsmasq, ọpa kan ti a ti rii tẹlẹ wulo pupọ fun awọn sysadmins.

    GREAT ohun gbogbo ti o ni ibatan si ifibọ ninu faili iṣeto rẹ /etc/dnsmasq.conf rẹ ti Agbegbe Microsoft DNS "_msdcs.mordor.fan" nipasẹ awọn igbasilẹ SRV rẹ ti o lo awọn iṣẹ: _gc, _ldap, _kerberos ati _kpasswd pẹlu ibi-afẹde ti lilo Microsoft DNS (aṣẹ "olupin = / mordor.fan / 10.10.10.3") ni afikun si Dnsmasq (aṣẹ "agbegbe = / mordor.fan /") lati yanju awọn ibeere DNS.

    GREAT tun jẹ apẹẹrẹ ti o dagbasoke pe fun Microsoft DNS lati forukọsilẹ awọn alabara Windows pẹlu awọn ayipada IP lori LAN, o ni lati yan ninu iṣeto DNS, awọn “Awọn imudojuiwọn Yiyi” bi “Nonsecure and safe” ati ohun ti iyẹn tumọ si ailagbara ti aabo eyikeyi olupin Orukọ Aṣẹ ti o bọwọ fun, boya o jẹ Microsoft tabi UNIX / Linux. Yato si pataki lati ṣe atunṣe iṣeto ti kaadi nẹtiwọọki alabara Windows.
    Ko si ohunkan pẹlu ifiweranṣẹ tuntun kọọkan o gbe iduro naa duro! Ni itara duro de awọn nkan ti o tẹle!

    1.    Frederick wi

      O ṣeun pupọ fun igbelewọn ati asọye rẹ, IWO. Ninu gbogbo nkan ti Mo gbejade, Mo duro nigbagbogbo fun ero rẹ, bi o ti ṣe atilẹyin nipasẹ iṣẹ rẹ, imọ ati adaṣe. Oriire IWO. A yoo rii ọ ni nkan ti o tẹle

  6.   agbere wi

    Iṣẹ ti o dara pupọ, bi fifiranṣẹ awọn okuta iyebiye wọnyi nigbagbogbo fun awọn sysadmins. O ṣeun ẹgbẹrun kan!

  7.   ilorun 88 wi

    Fun DNS ti Microsoft ni aye, iwọ ko paapaa jẹ ki o fihan. A ko mọ boya o wa laaye tabi paapaa ti o ni itiju kankan ti o ku. Ohun elo ti o dara julọ.

  8.   HO2Gi wi

    Iyebiye bi ko si ẹlomiran, ti o fipamọ ni awọn ayanfẹ fun ijumọsọrọ. Ohun elo ti o dara julọ.

  9.   Frederick wi

    O ṣeun HO2Gi fun imọran rẹ. Mo ṣeduro fun ọ -ati ni apapọ si GBOGBO- ṣe abẹwo https://blog.desdelinux.net/redes-computadoras-las-pymes-introduccion/. O ti ṣatunkọ lẹẹkansii pẹlu itọka ti gbogbo awọn ifiweranṣẹ ti a gbejade ati awọn akọle lati jiroro. Ikini ki o tẹsiwaju pẹlu wa.

  10.   Paul Andrew Flemmer wi

    Iwe ti o dara julọ bii ọkan ti o wa ninu https://blog.desdelinux.net/bind-active-directory/
    Mo kan fẹ ṣe iṣeduro kan, ati jọwọ gba o bi ibawi to ṣe; Lati jẹ apẹẹrẹ iṣeto naa, yoo ti dara julọ ti dipo lilo nẹtiwọọki 10.10.10.0/24 o ti lo ọkan nibiti bulọọki kọọkan ni awọn nọmba oriṣiriṣi, gẹgẹbi nẹtiwọọki 192.168.1.0/24
    Eyi yoo jẹ ki o ṣalaye awọn aaye nibiti awọn adirẹsi nẹtiwọọki lọ ni idakeji, fun apẹẹrẹ nigba ti o ni lati ṣafikun awọn iye ti iru “.in-addr.arpa”
    O ṣeun fun pinpin pupọ imọ didara to dara.
    Oye ti o dara julọ