Inkomba ejwayelekile yochungechunge: Ama-Computer Networks ama-SME: Isingeniso
Sanibonani zihlobo !. Sizobona kule ndatshana ukuthi singawenza kanjani umsebenzi obalulekile wamanethiwekhi enziwe yi I-DNS ne-DHCP ku-CentOS - I-Linux, ikakhulukazi enguqulweni yayo engu-7.2.
- Ezinye izindatshana ezimayelana ne-DNS zibhekise eqinisweni lokuthi ukusetshenziswa kwale sevisi kucacile futhi kunzima. Angihambisani kakhulu nalesi sitatimende. Ngingathanda ukusho ukuthi kungumqondo omncane nokuthi amafayela amaningi wokumisa ane-syntax ye-fussy. Ngenhlanhla, sinamathuluzi wokuhlola, igxathu negxathu, i-syntax yefayela ngalinye lokumisa esilishintshayo. Ngakho-ke, sizozama ukwenza ukufunda lokhu okuthunyelwe kube mnandi futhi kujabulise ngangokunokwenzeka..
Kulabo abafuna izisekelo zalezi zinsizakalo zombili, sincoma ngokuqinile ukuqala usesho lwakho ku-Wikipedia, zombili ngezinguqulo zayo zaseSpain nezesiNgisi. Kuliqiniso elincane ukuthi izindatshana zesiNgisi cishe zihlala ziphelele kakhulu futhi ziyahambelana. Noma kunjalo, i-Wikipedia iyisiqalo esihle kakhulu.
Kulabo kini abafuna ngempela ukufunda nge-DNS ne-BIND, sincoma ukufunda incwadi «I-OReilly - i-DNS ne-BIND 4ed"ebhalwe ngu UPaul albitz y Ikhilikithi Liu, noma uhlelo lwakamuva olukhona ngempela.
Sesivele sishicilele i-athikili ngesihloko esithi «I-DNS ne-DHCP kuvuliweSUSE 13.2 Harlequin - SME Networks»Kubathandi bemvelo yengcaca. Kodwa-ke, kusukela manje kuqhubeke bazobhekana nezindatshana ezikulesi sihloko - hhayi kwezinye- ezibhalwe ukusetshenziswa okuningi kwe-emulator ye-terminal noma i-console. Wow, ngesitayela sakudala esisetshenziswa yi-UNIX® / Linux System Administrators.
Uma ufuna ukwazi kabanzi ngesibongo sesihloko salesi sihloko «Amanethiwekhi we-SME»Ungavakashela ikhasi kule blog«Amanethiwekhi we-SME: ukusika kokuqala kokubonakalayo«. Kuyo uzothola izixhumanisi zezinye izindatshana eziningi ezishicilelwe.
- Ngemuva kokufakwa kweCentOS 7 Operating System kuqediwe ngamaphakeji esiwancomayo, el isiqondisi /usr/share/doc/bind-9.9.4/ iqukethe inani elihle lemibhalo esincoma ukuthi ubonane nayo ngaphambi kokuya ocwaningweni lwe-Intanethi ngaphandle kokuqala wazi ukuthi, ezandleni zakho nasekhaya lakho, ungakuthola okudingayo.
Inkomba
- 1 Ukufakwa kwesistimu eyisisekelo
- 2 Silungiselela ISIBOPHO - esinegama
- 3 Sifaka futhi silungiselela i-DHCP
- 4 Yini okusamele kwenziwe?
- 5 Ukuguqulwa okwenziwa ngesandla kwamafayela weZones
- 6 Isifingqo
- 7 Ukulethwa okulandelayo
Ukufakwa kwesistimu eyisisekelo
Imininingwane ejwayelekile yesizinda ne-DNS server
Igama lesizinda: fromlinux.fan Igama leseva ye-DNS: dns.fromlinux.fan Ikheli le-IP: 192.168.10.5 Imaski ye-Subnet: 255.255.255.0
Ukufakwa
Siqala ngokufakwa okusha noma okuhlanzekile kohlelo lokusebenza lweCentOS 7 njengoba kukhonjisiwe ku-athikili edlule «I-CentOS 7 Hypervisor I - Amanethiwekhi we-SMB«. Sidinga kuphela ukwenza lezi zinguquko ezilandelayo:
- Ku Isithombe se-22 «UKUKHETHWA KWE-SOFTWARE«, Sincoma ukukhetha kukholamu yesobunxele«Imvelo Eyisisekelo»Inketho ehambelana ne-«Ingqalasizinda yengqalasizinda«, Ngenkathi ikukholamu yesokudla«Ama-plugins Wendawo Ekhethiwe»Khetha ibhokisi lokuhlola«Iseva yegama le-DNS«. Sizofaka iseva ye-DHCP ngokuhamba kwesikhathi.
- Masikhumbule ukumenyezelwa kwamakhosombe angeziwe njengoba kukhonjisiwe kufayela le- Isithombe se-23, ngemuva kokusetha i- «INETWORK NEGAMA LEQEMBU".
- Izithombe ezibhekisa ezingxenyeni esizokwakha kwi-hard drive yethu zinikezwa kuphela njengeziqondiso. Zizwe ukhululekile ukukhetha ukwahlukanisa ngokuthanda kwakho, ukwenza kwakho, nokwahlulela okuhle.
- Ekugcineni, kufayela le- Isithombe 13 «INETWORK NEGAMA LETHIMBA», kufanele siguqule amanani ngokuya ngamapharamitha ajwayelekile wesizinda esimenyezelwe neseva ye-DNS, ngaphandle kokukhohlwa ukucacisa igama lomsingathi -kulesi simo «dns«- ngemuva kokuthi ukucushwa kwenethiwekhi kuqediwe. Kuhle ukwenza ping -kusuka komunye umphathi- kuya kukheli le-IP elicacisiwe ngemuva kokuthi inethiwekhi isebenze:
Kunezinguquko ezimbalwa futhi ezisobala impela okumele sizenze maqondana nendatshana edlule.
Ukuhlolwa kokuqala nokulungiswa
Ngemuva kokufaka uhlelo lokusebenza kufanele sibuyekeze amafayela alandelayo okungenani, futhi kulokhu siqala iseshini ngeSSH kusuka kwikhompyutha yethu sysadmin.fromlinux.fan:
buzz @ sysadmin: ~ $ ssh 192.168.10.5 buzz@192.168.10.5's password: Ukungena ngemvume kokugcina: Sat Jan 28 09:48:05 2017 from 192.168.10.1 [buzz @ dns ~] $
Umsebenzi ongenhla ungathatha isikhathi eside kunokujwayelekile, futhi ikakhulu kungenxa yokuthi asikabi nayo i-DNS ku-LAN. Hlola futhi kamuva ukuthi i-DNS iyasebenza yini.
[buzz @ dns ~] $ ikati / njll / abaphathi 127.0.0.1 i-localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1 i-localhost localhost.localdomain localhost6 i-localhost6.localdomain6 [buzz @ dns ~] $ ikati / njll / igama lomethuleli dns [buzz @ dns ~] $ ikati / njll / sysconfig / imibhalo yenethiwekhi / ifcfg-eth0 TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=eth0 UUID=946f5ac9-238a-4a94-9acb-9e3458c680fe DEVICE=eth0 ONBOOT=yes IPADDR=192.168.10.5 PREFIX=24 GATEWAY=192.168.10.1 DNS1=127.0.0.1 DOMAIN=desdelinux.fan [buzz @ dns ~] $ ikati /etc/resolv.conf # Kwenziwe ukusesha kwe-NetworkManager kusuka ku-linux.fan nameserver 127.0.0.1
Ukulungiswa okuyinhloko kuphendula ekukhetheni kwethu. Qaphela ukuthi noma kuseva Isigqoko Esibomvu 7 - CentOS 7, ilungiselelwe ngokuzenzakalela lapho InethiwekhiManager ukuze kube nguyena ophatha izixhumi zenethiwekhi, kungaba izintambo noma i-wireless (i-WiFi), ukuxhumana kwe-VPN, ukuxhumana kwe-PPPoE, nokunye ukuxhumana kwenethiwekhi.
[buzz @ dns ~] $ sudo systemctl isimo senethiwekhi umphathi [Sudo] password for buzz: ● networkmanager.service Loaded: not-found (Reason: No such file or directory) Iyasebenza: ayisebenzi (ifile) [buzz @ dns ~] $ sudo systemctl isimo NetworkManager ● INethiwekhiManager.service - Imenenja yeNethiwekhi ilayishiwe: ilayishiwe (/usr/lib/systemd/system/NetworkManager.service; inikwe amandla; ukusetha kabusha umthengisi: kunikwe amandlaKuyasebenza: kuyasebenza (kuyasebenza) kusukela ngo-Sat 2017-01-28 12:23:59 EST; 12min edlule i-Main PID: 705 (NetworkManager) CGroup: /system.slice/NetworkManager.service └─705 / usr / sbin / NetworkManager --no-daemon
I-Red Hat - I-CentOS futhi ikuvumela ukuthi uxhume futhi unqamule ukuxhumana kwenethiwekhi usebenzisa imiyalo yakudala uma e uma phansi. Masigijime kukhonsoli yeseva:
[izimpande @ dns ~] # ifdown eth0 Idivayisi 'eth0' inqanyulwe ngempumelelo. [izimpande @ dns ~] # ifup eth0 Ukuxhuma kusebenze ngempumelelo (indlela esebenzayo ye-D-Bus: / org / freedesktop / NetworkManager / ActiveConnection / 1)
- Siphakamisa ungashintshi izilungiselelo ezizenzakalelayo ezinikezwa yiCentOS 7 maqondana noku InethiwekhiManager.
Simemezela ngokusobala amakhosombe esizowasebenzisa futhi sibuyekeze uhlelo lokusebenza uma kunesidingo:
[buzz @ dns ~] $ su Iphasiwedi: [root @ dns buzz] # cd /etc/yum.repos.d/ [izimpande @ dns yum.repos.d] # ls -l ingqikithi yama-28 -rw-r-r--. Impande eyi-1 impande 1664 Dec 9 2015 CentOS-Base.repo -rw-r - r--. Impande eyi-1 impande 1309 Dec 9 2015 CentOS-CR.repo -rw-r - r--. Impande eyi-1 impande 649 Dec 9 2015 CentOS-Debuginfo.repo -rw-r - r--. Impande eyi-1 impande 290 Dec 9 2015 CentOS-fasttrack.repo -rw-r - r--. Impande eyi-1 impande 630 Dec 9 2015 CentOS-Media.repo -rw-r - r--. Impande eyi-1 impande 1331 Dec 9 2015 CentOS-Sources.repo -rw-r - r--. Impande eyi-1 impande 1952 Dec 9 2015 CentOS-Vault.repo
Kuphilile ukufunda okuqukethwe amafayili wesimemezelo woqobo kusuka kumakhosombe anconyelwe yi-CentOS. Izinguquko esizenzayo lapha zidalwa ukuthi asinakho ukufinyelela kwe-Intanethi, futhi sisebenza nezinqolobane zasendaweni ezilandwe eWWW Village, ngozakwethu abenza izimpilo zethu zibe lula kancane. 😉
[izimpande @ dns yum.repos.d] # mkdir yoqobo [izimpande @ dns yum.repos.d] # mv CentOS- * koqobo / [izimpande @ dns yum.repos.d] # nano centos-repos.repo [centos-base] name=CentOS-$releasever baseurl=http://10.10.10.1/repos/centos/7/base/ gpgcheck=0 enabled=1 [centos-updates] name=CentOS-$releasever baseurl=http://10.10.10.1/repos/centos/7/updates/x86_64/ gpgcheck=0 enabled=1 [root @ dns yum.repos.d] # yum hlanza konke Ama-plugins alayishiwe: i-fastestmirror, ama-langpacks Ama-repositories wokuhlanza: ama-centos-base centos-updates Ukuhlanza konke [root @ dns yum.repos.d] # yum isibuyekezo Ama-plugins alayishiwe: i-fastestmirror, i-centos-base langpacks | 3.4 kB 00:00 izibuyekezo zama-centos | 3.4 kB 00:00 (1/2): centos-base / primary_db | 5.3 MB 00:00 (2/2): centos-updates / primary_db | 9.1 MB 00:00 Ukunquma izibuko ezisheshayo Awekho amaphakheji amakwe ukuthi angavuselelwa
Umlayezo othi "Cha (kukhona) amaphakheji amakwe ukuvuselelwa» - «Awekho amaphakheji amakwe ukuze abuyekezwe»Ikhombisa ukuthi, ngokumemezela amakhosombe akamuva kakhulu atholakalayo kithi ngesikhathi sokufakwa, ngqo amaphakheji amanje kakhulu afakiwe.
Mayelana nomongo we-SELinux kanye ne-firewall
Sizogxila kule ndatshana - ngokuyisisekelo - ekusetshenzisweni kwezinsizakalo ze-DNS ne-DHCP, okuyiNhloso yayo enkulu.
Uma noma yimuphi umfundi ekhethe Inqubomgomo Yezokuphepha ngesikhathi senqubo yokufaka, njengoba kukhonjisiwe kufayela le- Isithombe se-06 kwe-athikili yokubhekisela «I-CentOS 7 Hypervisor I - Amanethiwekhi we-SMB»Isetshenziselwe ukufakwa kwale DNS - iseva ye-DHCP, futhi uthola ukuthi awazi ukuthi ungayilungiselela kanjani kahle i-SELinux ne-CentOS Firewall, siphakamisa ukuthi usebenzise okulandelayo:
Shintsha ifayela / njll / sysconfig / selinux futhi ushintshe SELINUX = ukuphoqelela por SELINUX = khubaza
[izimpande @ dns ~] # nano / njll / sysconfig / selinux # Leli fayela lilawula isimo se-SELinux ohlelweni. # SELINUX = ingathatha elilodwa lalawa manani amathathu: # ukuphoqelela - Inqubomgomo yezokuphepha ye-SELinux iyaphoqelelwa. # evumelayo - I-SELinux iphrinta izexwayiso esikhundleni sokuphoqelela. # ikhutshaziwe - Ayikho inqubomgomo elayishiwe ye-SELinux. U-SELINUX = ukhutshaziwe # SELINUXTYPE = ingathatha inani elilodwa kwamathathu amabili: # okubhekiswe - Izinqubo ezihlosiwe zivikelwe, # ubuncane - Ukuguqulwa kwenqubomgomo ekhonjiwe. Izinqubo ezikhethiwe kuphela ezingama- $ # mls - Ukuvikelwa Kwezinga Eliningi Lokuvikela. SELINUXTYPE = okubhekiswe
Ngemuva kwalokho sebenzisa imiyalo elandelayo
[izimpande @ dns ~] # isetheforce 0
[izimpande @ dns ~] # service firewalld stop Iqondisa kabusha ku- / bin / systemctl stop firewalld.service [izimpande @ dns ~] # systemctl khubaza i-firewalld Kususwe i-symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Kususwe i-symlink /etc/systemd/system/basic.target.wants/firewalld.service.
Uma usebenzisa iseva ye-DNS ebheke i-Intanethi, AKUFANELE wenze okungenhla, kepha lungiselela umongo weSELinux ne-Firewall kahle. Bheka "Ukuhlelwa Kweseva nge-GNU / Linux, ngumbhali uJoel Barrios Dueñas" noma imibhalo ye-CentOS uqobo - iRed Hat
Silungiselela ISIBOPHO - esinegama
- El isiqondisi /usr/share/doc/bind-9.9.4/ Iqukethe inani elihle lemibhalo esincomela ukubonisana nayo ngaphambi kokuya ocwaningweni lwe-Intanethi ngaphandle kokuqala wazi ukuthi, ezandleni zakho nasekhaya lakho, ungakuthola okudingayo
Ekusatshalalisweni okuningi insizakalo ye-DNS efakwe ngephakethe le-BIND ibizwa ngokuthi okuthiwa (Qamba igama elithi Daemon). Ku-CentOS 7 ifakiwe ikhutshaziwe ngokuzenzakalela, ngokuya ngokukhishwa komyalo olandelayo, lapho ithi khona isimo sayo «ukhutshaziwe«, Nokuthi lesi simo sichazwe ngaphambili« ngumthengisi »waso - ukusetha kabusha komthengisi. Kwirekhodi, Bopha yi-Free Software.
Inika amandla isevisi eqanjwe igama
[izimpande @ dns ~] # isimo se-systemctl esinegama ● named.service - IBerkeley Internet Name Domain (DNS) Elayishiwe: ilayishiwe (/usr/lib/systemd/system/named.service; ukhutshaziwe; Ukusetha kabusha umthengisi: kukhutshaziweKuyasebenza: akusebenzi (kufile) [izimpande @ dns ~] # systemctl vumela igama Kudalwe i-symlink kusuka ku /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service. [izimpande @ dns ~] # systemctl isiqalile ukuqanjwa [izimpande @ dns ~] # isimo se-systemctl esinegama ● named.service - IBerkeley Internet Name Domain (DNS) Elayishiwe: ilayishiwe (/usr/lib/systemd/system/named.service; inikwe amandla; Ukusetha kabusha umthengisi: kukhutshaziwe) Isebenza: isebenza (isebenza) kusukela Sat 2017-01-28 13:22:38 EST; 5min edlule Inqubo: 1990 ExecStart = / usr / sbin / named -u named $ OPTIONS (code = exited, status = 0 / SUCCESS) Inqubo: 1988 ExecStartPre = / bin / bash -c if [! "$ DISABLE_ZONE_CHECKING" == "yebo"]; bese / usr / sbin / named-checkconf -z /etc/named.conf; enye i-echo "Ukuhlola amafayela endawo kukhutshaziwe"; fi (code = exited, status = 0 / SUCCESS) Main PID: 1993 (named) CGroup: /system.slice/named.service └─1993 / usr / sbin / named -u named Jan 28 13:22:45 dns named [1993]: iphutha (inethiwekhi ayifinyeleleki) ukuxazululwa './NS/IN': 2001: 500: 2f :: f # 53 Jan 28 13:22:47 dns named [1993]: error (network unreachable) resolutionving './ I-DNSKEY / IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns eqanjwe ngo- [1993]: iphutha (inethiwekhi ayifinyeleleki) ukuxazululwa' ./NS/IN ': 2001: 500: 3 :: 42 # 53 Jan 28 13:22:47 dns named [1993]: error (network unreachable) resolutioning './DNSKEY/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns named [1993 ]: iphutha (inethiwekhi ayifinyeleleki) ukuxazululwa './NS/IN': 2001: 500: 2d :: d # 53 Jan 28 13:22:47 dns named [1993]: error (network unreachable) resolutioning './DNSKEY/ IN ': 2001: dc3 :: 35 # 53 Jan 28 13:22:47 dns named [1993]: iphutha (network unreachable) resolutioning' ./NS/IN ': 2001: dc3 :: 35 # 53 Jan 28 13: I-22: 47 dns eqanjwe ngo- [1993]: iphutha (inethiwekhi ayifinyeleleki) iyaxazululwa './DNSKEY/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:47 dns named [1993]: error (network unreachable) res olving './NS/IN': 2001: 7fe :: 53 # 53 Jan 28 13:22:48 dns eqanjwe ngo- [1993]: zone-keys-zone: Ayikwazi ukulanda i-DNSKEY set '.': kuphelelwe yisikhathi [root @ dns ~] # systemctl restart named [izimpande @ dns ~] # isimo se-systemctl esinegama ● i-named.service - iBerkeley Internet Name Domain (DNS) Elayishiwe: ilayishiwe (/usr/lib/systemd/system/named.service; inikwe amandla; ukusethwa kabusha komthengisi: kukhutshaziwe) Isebenza: isebenza (isebenza) kusukela Sat 2017-01-28 13:29:41 EST; Inqubo engu-1 edlule: I-1449 ExecStop = / bin / sh -c / usr / sbin / rndc stop> / dev / null 2> & 1 || / bin / kill -TERM $ MAINPID (code = exited, status = 0 / SUCCESS) Process: 1460 ExecStart = / usr / sbin / named -u named $ OPTIONS (code = exited, status = 0 / SUCCESS) Inqubo: 1457 ExecStartPre = / bin / bash -c uma [! "$ DISABLE_ZONE_CHECKING" == "yebo"]; bese / usr / sbin / named-checkconf -z /etc/named.conf; enye i-echo "Ukuhlola amafayela endawo kukhutshaziwe"; fi (ikhodi = ukuphuma, isimo = 0 / IMPUMELELO) I-PID enkulu: 1463 (eqanjwe igama) CGroup: /system.slice/named.service └─1463 / usr / sbin / named -u named Jan 28 13:29:41 dns named [1463]: okhiye-abaphethwe-indawo: ifayili lejenali liphelelwe yisikhathi: kususwa ifayili lephephabhuku uJan 28 13:29:41 i-dns eqanjwe ngo- [1463]: izikhiye-eziphethwe-indawo: i-serial elayishiwe Jan 2 28 13:29:41 dns iqanjwe [1463]: zone 0.in-addr.arpa/IN: serial serial 0 Jan 28 13:29:41 dns named [1463]: zone localhost.localdomain / IN: serial serial 0 Jan 28 13:29:41 dns iqanjwe [1463]: zone 1.0.0.127.in-addr.arpa/IN: serial serial 0 Jan 28 13:29:41 dns named [1463]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 6. : 0: 28 dns eqanjwe [13]: zonke izingxenye zilayishwe uJan 29 41:1463:0 dns aqanjwe [28]: egijima ngoJan 13 29:41:1463 dns systemd [28]: Started Berkeley Internet Name Domain (DNS).
Ngemuva kokunika amandla insiza okuthiwa futhi siyiqala okokuqala, ukukhishwa komyalo isimo se-systemctl esinegama ikhombisa amaphutha. Lapho siqala kabusha insizakalo engezansi, i- okuthiwa kwakha wonke amafayela wokumisa, ngokuzenzakalela, adingekayo ekusebenzeni kwawo okulungile. Ngakho-ke, lapho senza umyalo futhi isimo se-systemctl esinegama awekho amaphutha akhonjiswayo.
- Mfundi othandekayo, obizayo futhi ofuna ngenkani: uma ufuna ukuthola okungenani - iyiphi indlela eholela ekugcineni komgodi wonogwaja, ngicela ufunde ngokuthula imiphumela enemininingwane yomyalo ngamunye. 😉 Impela i-athikili izobukeka yinde kancane, kepha ungaphiki ukuthi izuza ekuchazeni nasekucaciseni.
Siguqula ifayela /etc/named.conf
Ukuphawula okuningi kwabafundi kuveza -Angikusho- I-mania abagcini bokusabalalisa okuhlukile kwe-Linux abanakho, yokubeka amafayela wokumiswa kohlelo kumafolda anamagama ahlukile ngokuya nge-distro. Baqinisile. Kepha yini thina, abasebenzisi abalula abasebenzisa lokhu kusatshalaliswa, esingakwenza? Shintsha! 😉
Ngendlela, ku-FreeBSD, i-UNIX® clone «Umsuka», ifayili liku- /usr/local/etc/namedb/named.conf; ngenkathi useDebian, ngaphezu kokuhlukanisa amafayela amane iqanjwe.conf, iqanjwe.conf.options, iqanjwe.conf.default-zones, futhi yaqanjwa.conf.local, ikufolda / njll / bopha /. Labo abafuna ukwazi ukuthi i-openSUSE ikubeka kuphi, funda «I-DNS ne-DHCP kuvuliweSUSE 13.2 Harlequin - SME Networks«. Abafundi baqinisile! 😉
Futhi njengoba sihlala senza: ngaphambi kokushintsha noma yini, sigcina ifayili lokumiswa langempela ngaphansi kwelinye igama.
[izimpande @ dns ~] # cp /etc/named.conf /etc/named.conf.original
Ukwenza impilo ibe lula, esikhundleni sokwenza ukhiye I-TSIG ngezibuyekezo ezinamandla ze-DNS nge-DHCP, sikopisha ukhiye ofanayo rndc.key njengoba dhcp.key.
[izimpande @ dns ~] # cp /etc/rndc.key /etc/dhcp.key
[izimpande @ dns ~] # nano /etc/dhcp.key
ukhiye "dhcp-key" {algorithm hmac-md5; imfihlo "OI7Vs + TO83L7ghUm2xNVKg =="; };
Ngakho ukuthi okuthiwa ingafunda ifayili elisanda kukopishwa, siguqula iqembu lomnikazi walo:
[izimpande @ dns ~] # impande ekhethiwe: iqanjwe /etc/dhcp.key [impande @ dns ~] # ls -l /etc/rndc.key /etc/dhcp.key -rw-r -----. Impande eyi-1 eqanjwe ngo-77 Jan 28 16:36 PM /etc/dhcp.key -rw-r -----. Impande eyi-1 eqanjwe ngo-77 Jan 28 13:22 /etc/rndc.key
Imininingwane emincane njengale eyedlule yiyona engasihlanyisa sizama ukuthola, manje ... ikuphi inkinga ...? nezinye izichasiso, esingazibhali ngenxa yokuhlonipha ohloniphekile.
Manje uma - ekugcineni! - siguqula ifayela /etc/igama.conf. Izinguquko noma okungeziwe esikwenzile, maqondana nokwasekuqaleni, ku- ngesibindi. Bheka kahle ukuthi zimbalwa kangakanani.
[izimpande @ dns ~] # nano /etc/named.conf
// // named.conf // // Inikezwe yiRed Hat bind package ukulungisa i-ISC BIND eqanjwe (8) DNS // server njenge-caching only nameserver (njenge-localhost DNS resolver kuphela). // // See / usr / share / doc / bind * / sample / ngokwesibonelo okuthiwa amafayela wokumisa. //
// Uhlu Lokulawula Ukufinyelela lumemezela ukuthi imaphi amanethiwekhi azokwazi ukuxhumana nawo
// iseva yami eqanjwe igama
i-acl mired {
I-127.0.0.0 / 8;
I-192.168.10.0 / 24;
};
izinketho {
// Ngimemezela ukuthi i-daemon eqanjwe igama nayo iyalalela i-interface
// eth0 ene-IP: 192.168.10.5
lalela-ethekwini 53 {127.0.0.1; 192.168.10.5; };
lalela-on-v6 port 53 {:: 1; }; umkhombandlela "/ var / named"; dump-file "/var/named/data/cache_dump.db"; izibalo-ifayela "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt";
// Isitatimende Sabahambisi
// phambili
// 0.0.0.0;
// 1.1.1.1;
//};
// phambili kuqala;
// Ngivumela kuphela imibuzo ku-ACL yami enodaka
vumela umbuzo {mired; }; // Ukubheka ngomyalo wokumba kusuka ku-linux.fan axfr // kusuka esiteshini sokusebenzela seSysAdmin nasendaweni yasendaweni kuphela // Asinawo amaseva we-DNS wesigqila. Asiyidingi ... kuze kube manje.
vumela-dlulisa i- {localhost; 192.168.10.1; };
/ * - Uma wakha i-AUTHORITATIVE DNS server, UNGAVUMELI ukuphinda usebenzise. - Uma wakha i-RECURSIVE (caching) DNS server, udinga ukunika amandla ukuphinda kwenzeke. - Uma iseva yakho ye-DNS ephindaphindwayo inekheli le-IP elisesidlangalaleni, KUFANELE unike amandla ukulawula ukufinyelela ukuze unqande imibuzo kubasebenzisi bakho abasemthethweni. Ukwehluleka ukwenza kanjalo kuzodala ukuthi iseva yakho ibe yingxenye yokuhlaselwa okukhulu kwe-DNS yokukhulisa. Ukusebenzisa i-BCP38 ngaphakathi kwenethiwekhi yakho kungakunciphisa kakhulu ukuhlaselwa okunjalo * /
// Sifuna i-AUTHORITY server ye-LAN yethu - i-SME
ukuphindisela cha;
dnssec-sikwazi yebo; ukuqinisekiswa kwe-dnssec yebo; / * Indlela eya kukhiye we-ISC DLV * / bindkeys-file "/etc/named.iscdlv.key"; okhiye abaphethwe-umkhombandlela "/ var / named / dynamic"; ifayela le-pid "/run/named/named.pid"; iseshini-ukhiye wefayela "/run/named/session.key"; }; ukungena ngemvume {channel default_debug {file "data / named.run"; ukuqina kobungqabavu; }; }; indawo "." KUSIZO sohlobo lwe-; ifayela "okuthiwa.ca"; }; faka phakathi "/etc/named.rfc1912.zones"; faka i - "/etc/named.root.key";
// Sifaka ukhiye we-TSIG wezibuyekezo ezinamandla ze-DNS // nge-DHCP
faka "/etc/dhcp.key";
// Isimemezelo segama, uhlobo, indawo kanye nemvume yokuvuselela
// yezindawo zamarekhodi e-DNS // zombili lezi zindawo zingamakhosi
indawo "desdelinux.fan" {
uhlobo lokubhala;
ifayela "dynamic / db.fromlinux.fan";
vumela-ukubuyekeza {key dhcp-key; };
};
indawo "10.168.192.in-addr.arpa" {
uhlobo lokubhala;
ifayela "dynamic / db.10.168.192.in-addr.arpa";
vumela-ukubuyekeza {key dhcp-key; };
};
Sihlola i-syntax
[izimpande @ dns ~] # okuthiwa-checkconf [izimpande @ dns ~] #
Njengoba umyalo ongenhla ungabuyisi lutho, i-syntax ilungile. Kodwa-ke, uma senza umyalo ofanayo, kepha ngenketho -z, umphumela uzoba:
[izimpande @ dns ~] # okuthiwa-checkconf -z zone localhost.localdomain / IN: serial elayishiwe 0 zone localhost / IN: serial serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .ip6.arpa / IN: ilayishwe i-serial 0 zone 1.0.0.127.in-addr.arpa/IN: serial serial 0 zone 0.in-addr.arpa/IN: serial serial 0 zone from linux.fan/IN: loading from master file Dynamic / db.fromlinux.fan yehlulekile: ifayela alitholakali zone fromlinux.fan/IN: ayilayishiwe ngenxa yamaphutha. _default / desdelinux.fan / IN: file not found zone 10.168.192.in-addr.arpa/IN: loading from master file dynamic / db.10.168.192.in-addr.arpa yehlulekile: ifayela alitholakali zone 10.168.192 .in-addr.arpa / IN: ayilayishiwe ngenxa yamaphutha. _default / 10.168.192.in-addr.arpa / IN: ifayela alitholakalanga
Vele kungamaphutha enzeka ngoba asikenzi izindawo zokubhalisa ze-DNS kusizinda sethu.
- Ngeminye imininingwane mayelana nomyalo okuthiwa-checkconf, gijima indoda egama lingu-checkconf, ngaphambi kokufuna eminye imininingwane ku-Intanethi. Ngiyakuqinisekisa ukuthi kuzokonga isikhathi esiningi.
Sakha ifayela le-Direct Zone kusuka ku-linux.fan
... hhayi ngaphandle kwemfundiso ethile kuqala. 😉
Njengesifanekiso sokwakha ifayili ledatha yendawo, singathatha ifayela le- /var/named/named.empty, noma /usr/share/doc/bind-9.9.4/sample/var/named/named.empty. Zombili ziyefana.
[izimpande @ dns ~] # ikati /var/named/named.empty $ TTL 3H @ IN SOA @ rname.invalid. (0; i-serial 1D; vuselela i-1H; zama kabusha i-1W; iphelelwa yisikhathi i-3H); Isikhathi esincane noma esingalondoloziwe sokugcina isikhashana ukuze siphile NS @ A 127.0.0.1 AAAA :: 1
Isikhathi sempilo - Isikhathi sokuphila i-TTL Irekhodi le-SOA
Ake sithathe ubakaki ukuze sichaze ifayela le- I-TTL - Isikhathi sokuphila kusuka kwirejista I-SOA - Ukuqala Kwesiphathimandla we-Master Zone. Kuyathakazelisa ukwazi izincazelo zabo lapho sifuna ukuguqula noma yimaphi amanani abo.
$ TTL: Isikhathi sokuphila - Isikhathi sokuphila yawo wonke amarekhodi efayeleni alandela isimemezelo (kodwa andulela noma isiphi esinye isimemezelo se- $ TTL) futhi angenaso isimemezelo se-TTL esicacile.
serialInombolo yomkhiqizo yedatha yeZone. Njalo lapho siguqula ngesandla irekhodi le-DNS endaweni, kufanele sikhuphule leyo nombolo ngo-1, ikakhulukazi uma sinezigqila noma iziphakeli zesibili. Njalo lapho iseva ye-DNS yesibili noma yesigqila ixhumana ne-master server yayo, icela inombolo ye-serial yedatha yenkosi. Uma inombolo ye-serial yesigqila ingaphansi, khona-ke idatha yaleyo ndawo kuseva yesigqila iphelelwe yisikhathi, futhi isigqila senza ukudluliswa kwendawo ukuze izibuyekeze.
ukuvuselela: Itshela iseva yesigqila isikhawu sesikhathi okufanele ibheke ngaso ukuthi idatha yayo isesikhathini maqondana nenkosi.
zama futhi: Uma i-master server ingatholakali - ngoba igule, ake sithi - encekwini ngemuva kwesikhathi esithile ukuvuselela, zama futhi Itshela isigqila ukuthi kufanele silinde isikhathi esingakanani ngaphambi kokuzama ukuxhumana nenkosi yaso futhi.
Iphelelwa yisikhathi: Uma isigqila singakwazi ukuxhumana nenkosi yaso isikhathi esithile Iphelelwa yisikhathiLapho-ke uma ubudlelwano be-slave-master zone buqinisiwe, futhi iseva yesigqila ayikho enye indlela ngaphandle kokuphelelwa yisikhathi kwendawo okukhulunywa ngayo. Ukuphelelwa yisikhathi kwendawo yiseva ye-DNS yesigqila kusho ukuthi kuzoyeka ukuphendula imibuzo ye-DNS ehlobene naleyo ndawo, ngoba idatha etholakalayo indala kakhulu ukuthi ingasizakala.
- Lokhu okungenhla kusifundisa ngokungaqondile futhi kulayishwe ngomqondo omkhulu ovamile - okungajwayelekile kakhulu kwezinzwa- ukuthi uma singadingi amaseva we-DNS wezigqila ekusebenzeni kwe-SME yethu, asikusebenzisi, ngaphandle uma kudingeka ngokuqinile. Ake sizame njalo ukusuka kokulula kuye kokuyinkimbinkimbi.
ubuncane: Ezinguqulweni ezandulela i- Bopha 8.2, irekhodi lokugcina SOA Iphinde ikhombise i-Default Lifetime - Isikhathi esizenzakalelayo sokuphila, Nesikhathi Sokugcina Isilondolozi Esingesihle - Isikhathi sokulondoloza isikhashana esingesihle sokuphila okweZone. Lesi sikhathi sibhekisa kuzo zonke izimpendulo ezingezinhle ezinikezwe iseva egunyaziwe yeZone.
Ifayela lendawo /var/named/dynamic/db.fromlinux.fan
[izimpande @ dns ~] # nano /var/named/dynamic/db.fromlinux.fan $ TTL 3H @ IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. (1; i-serial 1D; vuselela i-1H; zama kabusha i-1W; iphela ngo-3H) ubuncane noma; Isikhathi sokugcina isikhashana sokuphila; @ IN NS dns. @ IN MX 10 imeyili.fromlinux.fan. @ IN TXT "FromLinux, Ibhulogi yakho inikezelwe ku-Free Software"; sysadmin IN A 192.168.10.1 ad-dc IN A 192.168.10.3 fileserver IN A 192.168.10.4 dns IN A 192.168.10.5 proxyweb IN A 192.168.10.6 blog KU-192.168.10.7 ftpserver KU-A 192.168.10.8 imeyili KU-A A 192.168.10.9
Sihlola i- /var/named/dynamic/db.fromlinux.fan
[root @ dns ~] # named-checkzone from linux.fan / var / named / dynamic / db. fromlinux.fan zone kusuka linux.fan/IN: serial elayishiwe 1 KULUNGILE
Sakha ifayili leReverse Zone 10.168.192.in-addr.arpa
- Irekhodi le-SOA lale Zoni liyafana nele-Direct Zone ngaphandle kokubheka irekhodi le-MX..
[izimpande @ dns ~] # nano /var/named/dynamic/db.10.168.192.in-addr.arpa $ TTL 3H @ IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. (1; i-serial 1D; vuselela i-1H; zama i-1W; iphelelwa yisikhathi i-3H); ubuncane noma; Isikhathi sokugcina isikhashana sokuphila; @ IN NS dns.fromlinux.fan. ; 1 KU-PTR sysadmin.fromlinux.fan. 3 KU-PTR ad-dc.fromlinux.fan. 4 KWI-PTR fileserver.fromlinux.fan. 5 KU-PTR dns.fromlinux.fan. 6 KU-PTR prowebweb.desdelinux.fan. 7 KU-PTR blog.desdelinux.fan. 8 KU-PTR ftpserver.fromlinux.fan. 9 KWE-PTR mail.fromlinux.fan. [izimpande @ dns ~] # okuthiwa-ishekezone 10.168.192.in-addr.arpa /var/named/dynamic/db.10.168.192.in-addr.arpa indawo engu-10.168.192.in-addr.arpa/IN: i-serial elayishiwe engu-1 KULUNGILE
Ngaphambi kokuqalisa kabusha okuqanjwe igama sihlola ukumiswa kwayo
- Kuze kube yilapho sesiqiniseka ukuthi amafayela wokumisa wegama okuthiwa i-named.conf, namafayela alo endawo awalungiselelwe kahle, siphakamisa ukuthi singayiqali kabusha i-daemon enegama. Uma senza lokhu futhi kamuva siguqula ifayela lendawo, kufanele sikhuphule inombolo ye-serial yendawo eguquliwe ngo-1.
- Ake sibheke "." ekupheleni kwesizinda nokusingathwa kwamagama.
[izimpande @ dns ~] # okuthiwa-checkconf [izimpande @ dns ~] # okuthiwa-checkconf -z zone localhost.localdomain / IN: serial elayishiwe 0 zone localhost / IN: serial serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .ip6.arpa / IN: ilayishwe i-serial 0 zone 1.0.0.127.in-addr.arpa/IN: serial serial 0 zone 0.in-addr.arpa/IN: serial serial 0 zone from linux.fan/IN: serial serial 1 indawo engu-10.168.192.in-addr.arpa/IN: ilayishwe i-serial 1
Konke ukumiswa okwenziwe njengamanje
Ukuthola ukucaciseleka, futhi noma i-athikili iba yinde, sinikeza umphumela ophelele womyalo okuthiwa-checkconf -zp:
[izimpande @ dns ~] # okuthiwa-checkconf -zp
zone localhost.localdomain / IN: serial elayishiwe 0 zone localhost / IN: serial serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 .ip6.arpa / IN: ilayishwe serial 0 zone 1.0.0.127.in-addr.arpa/IN: serial serial 0 zone 0.in-addr.arpa/IN: serial serial 0 zone from linux.fan/IN: serial serial 1 indawo engu-10.168.192.in-addr.arpa/IN: izinketho ezilayishiwe ezilandelwayo ezi-1 {bindkeys-file "/etc/named.iscdlv.key"; iseshini-ukhiye wefayela "/run/named/session.key"; umkhombandlela "/ var / named"; dump-file "/var/named/data/cache_dump.db"; lalela-ethekwini 53 {127.0.0.1/32; 192.168.10.5/32; }; lalela-ku-v6 port 53 {:: 1/128; }; okhiye abaphethwe-umkhombandlela "/ var / named / dynamic"; memstatistics-file "/var/named/data/named_mem_stats.txt"; ifayela le-pid "/run/named/named.pid"; izibalo-ifayela "/var/named/data/named_stats.txt"; dnssec-sikwazi yebo; ukuqinisekiswa kwe-dnssec yebo; ukuphindisela cha; vumela umbuzo {"mired"; }; vumela-ukudlulisa {192.168.10.1/32; }; }; i-acl "igcwele" {127.0.0.0/8; 192.168.10.0/24; }; ukungena ngemvume {channel "default_debug" {file "data / named.run"; ukuqina kobungqabavu; }; }; ukhiye "dhcp-key" {algorithm "hmac-md5"; imfihlo "OI7Vs + TO83L7ghUm2xNVKg =="; }; indawo "." KUSIZO sohlobo lwe-; ifayela "okuthiwa.ca"; }; indawo "localhost.localdomain" IN {type master; ifayela "okuthiwa.localhost"; vumela-ukubuyekeza {"none"; }; }; indawo "i-localhost" IN {type master; ifayela "okuthiwa.localhost"; vumela-ukubuyekeza {"none"; }; }; indawo "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {type master; ifayela "okuthiwa.loopback"; vumela-ukubuyekeza {"none"; }; }; indawo "1.0.0.127.in-addr.arpa" IN {type master; ifayela "okuthiwa.loopback"; vumela-ukubuyekeza {"none"; }; }; indawo "0.in-addr.arpa" IN {type master; ifayela "elinamagama. vumela-ukubuyekeza {"none"; }; }; indawo "desdelinux.fan" {type master; ifayela "dynamic / db.fromlinux.fan"; vumela ukuvuselelwa {key "dhcp-key"; }; }; indawo "10.168.192.in-addr.arpa" {type master; ifayela "dynamic / db.10.168.192.in-addr.arpa"; vumela ukuvuselelwa {key "dhcp-key"; }; }; okhiye abaphethwe {"." ukhiye kokuqala-257 ngoMashi 3 "AwEAAagAIKlVZrpC8Ia6gEzahOR + 7W9euxhJhVVLOyQbSEW29O0gcCjF FVQUTf8v6fLjwBd58YI0EzrAcQqBGCzh / RStIoO0g8NfnfL0MTJRkxoX bfDaUeVPQuYEhg2NZWAJQ37VnMVDxP / VHL9M / QZxkjf496 / Efucp5gaD X2RS6CXpoY6LsvPVjR68ZSwzz0apAzvN1dlzEheX9ICJBBtuA7G6LQpz W3hOA5hzCTMjJPJ2LbqF8dsV6DoBQzgul6sGIcGOYl0OyQdXfZ7relS Qageu + ipAdTTJ57AsRTAoub25ONGcLmqrAmRLKBP8dfwhYB1N4knNnulq QXA + Uk7ihz1 ="; };
- Ukulandela inqubo yokuguqula i- igama.conf Ngokuya ngezidingo zethu kanye nokuhlola, nokwakha ifayili lendawo ngayinye bese ulihlola, siyangabaza ukuthi kuzodingeka sibhekane nezinkinga ezinkulu zokumiswa. Ekugcineni siyabona ukuthi ngumdlalo womfana, onemiqondo eminingi ne-syntax yokuxabana. 😉
Amasheke abuyise imiphumela egculisayo, ngakho-ke singaqala kabusha ISIBOPHO - okuthiwa.
Siqala kabusha igama futhi sihlole isimo salo
[root @ dns ~] # systemctl restart named.sevisi [izimpande @ dns ~] # isimo se-systemctl okuthiwa isevisi
Uma sithola noma yiluphi uhlobo lwephutha ekukhipheni komyalo wokugcina, kufanele siqale kabusha ifayela le- igama.inkonzo bese uphinde uhlole i- Isimo. Uma amaphutha engasekho, insiza iqalwe ngempumelelo. Ngaphandle kwalokho, kufanele senze ukubuyekeza okuphelele kwawo wonke amafayela aguquliwe nadaliwe, bese siphinda inqubo.
Ukukhishwa okulungile kwesimo kufanele kube:
[izimpande @ dns ~] # isimo se-systemctl okuthiwa isevisi ● i-named.service - iBerkeley Internet Name Domain (DNS) Elayishiwe: ilayishiwe (/usr/lib/systemd/system/named.service; inikwe amandla; ukusetha kabusha komthengisi: kukhutshaziwe) Kuyasebenza: iyasebenza (iyasebenza) kusukela ngeLanga 2017-01-29 10:05:32 EST; 2min 57s edlule Inqubo: 1777 ExecStop = / bin / sh -c / usr / sbin / rndc stop> / dev / null 2> & 1 || / bin / kill -TERM $ MAINPID (code = exited, status = 0 / SUCCESS) Process: 1788 ExecStart = / usr / sbin / named -u named $ OPTIONS (code = exited, status = 0 / SUCCESS) Inqubo: 1786 ExecStartPre = / bin / bash -c uma [! "$ DISABLE_ZONE_CHECKING" == "yebo"]; bese / usr / sbin / named-checkconf -z /etc/named.conf; enye i-echo "Ukuhlola amafayela endawo kukhutshaziwe"; fi (ikhodi = ukuphuma, isimo = 0 / IMPUMELELO) I-PID enkulu: 1791 (eqanjwe igama) CGroup: /system.slice/named.service └─1791 / usr / sbin / named -u named Jan 29 10:05:32 dns named [1791]: zone 1.0.0.127.in-addr.arpa/IN: serial serial 0 Jan 29 10:05:32 dns named [1791]: zone 10.168.192.in-addr.arpa/IN: serial serial 1 Jan I-29 10: 05: 32 dns eqanjwe [1791]: indawo engu-1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN : serial serial 0 Jan 29 10:05:32 dns named [1791]: zone desdelinux.fan/IN: serial serial 1 Jan 29 10:05:32 dns named [1791]: zone localhost.localdomain / IN: serial elayishiwe 0 UJan 29 10:05:32 ama-dns aqanjwe ngo- [1791]: zone localhost / IN: serial serial 0 Jan 29 10:05:32 dns named [1791]: yonke indawo ilayishiwe UJan 29 10:05:32 i-dns eqanjwe ngo- [1791]: nokugijima Jan 29 10:05:32 dns systemd [1]: Iqale iBerkeley Internet Name Domain (DNS). UJan 29 10:05:32 ama-dns aqanjwe [1791]: indawo engu-10.168.192.in-addr.arpa/IN: ukuthumela izaziso (i-serial 1)
Amasheke
Amasheke angaqhutshwa kuseva efanayo noma emshinini oxhunywe kwi-LAN. Sincamela ukukwenza kusuka eqenjini sysadmin.fromlinux.fan esinikeze imvume ebonakalayo yokwenza iZones Transfers. Ifayela /etc/resolv.conf walelo qembu yilokhu okulandelayo:
buzz @ sysadmin: ~ $ cat /etc/resolv.conf # Kwenziwe ukusesha kwe-NetworkManager kusuka ku-linux.fan nameserver 192.168.10.5 buzz @ sysadmin: ~ $ dig kusuka ku-linux.fan axfr ; << >> I-DiG 9.9.5-9 + deb8u1-Debian << >> desdelinux.fan axfr ;; izinketho zomhlaba wonke: + cmd kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 kusuka ku-linux.fan. 10800 IN NS dns.fromlinux.fan. kusuka ku-linux.fan. 10800 IN MX 10 imeyili.fromlinux.fan. kusuka ku-linux.fan. I-10800 IN TXT "FromLinux, i-Blog yakho inikezelwe ku-Free Software" ad-dc.desdelinux.fan. I-10800 KU-blog 192.168.10.3 blog.desdelinux.fan. I-10800 KU-192.168.10.7 dns.fromlinux.fan. I-10800 IN A 192.168.10.5 fileserver.fromlinux.fan. I-10800 IN A 192.168.10.4 ftpserver.fromlinux.fan. 10800 KU-192.168.10.8 mail.fromlinux.fan. 10800 IN A proxyweb.fromlinux.fan ngu-192.168.10.9 proxyweb. I-10800 KU-192.168.10.6 sysadmin.fromlinux.fan. I-10800 IN Kuya ku-192.168.10.1 kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 ;; Isikhathi sombuzo: 0 msec ;; ISERVER: 192.168.10.5 # 53 (192.168.10.5) ;; NINI: ILanga Jan 29 11:44:18 EST 2017 ;; Usayizi we-XFR: amarekhodi ayi-13 (imiyalezo 1, amabhayithi 385) buzz @ sysadmin: ~ $ bamba 10.168.192.in-addr.arpa axfr ; << >> I-DiG 9.9.5-9 + deb8u1-Debian << >> 10.168.192.in-addr.arpa axfr ;; izinketho zomhlaba wonke: + cmd 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan.10.168.192.in-addr.arpa. izimpande.dns.fromlinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800 10.168.192.in-addr.arpa. 10800 IN NS dns.fromlinux.fan. 1.10.168.192.in-addr.arpa. 10800 KU-PTR sysadmin.fromlinux.fan. 3.10.168.192.in-addr.arpa. 10800 KWE-PTR ad-dc.fromlinux.fan. 4.10.168.192.in-addr.arpa. I-10800 IN PTR fileserver.fromlinux.fan. 5.10.168.192.in-addr.arpa. 10800 KWE-PTR dns.fromlinux.fan. 6.10.168.192.in-addr.arpa. I-10800 IN PTR proxyweb.fromlinux.fan. 7.10.168.192.in-addr.arpa. I-10800 KU-PTR blog.desdelinux.fan. 8.10.168.192.in-addr.arpa. I-10800 IN PTR ftpserver.fromlinux.fan. 9.10.168.192.in-addr.arpa. 10800 KWE-PTR mail.fromlinux.fan. 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan.10.168.192.in-addr.arpa. izimpande.dns.fromlinux.fan.10.168.192.in-addr.arpa. 1 86400 3600 604800 10800 ;; Isikhathi sombuzo: 0 msec ;; ISERVER: 192.168.10.5 # 53 (192.168.10.5) ;; NINI: ILanga Jan 29 11:44:57 EST 2017 ;; Usayizi we-XFR: amarekhodi ayi-11 (imiyalezo 1, amabhayithi 352) buzz @ sysadmin: ~ $ dig IN SOA kusuka ku-linux.fan buzz @ sysadmin: ~ $ dig IN MX from linux.fan buzz @ sysadmin: ~ $ dig IN TXT from linux.fan buzz @ sysadmin: ~ $ umphathi we-dns dns.fromlinux.fan inekheli 192.168.10.5 buzz @ sysadmin: ~ $ host sysadmin sysadmin.desdelinux.fan inekheli 192.168.10.1 ... Futhi noma yikuphi okunye ukuhlolwa okudingayo
- Kuze kube manje, sinesisekelo seseva ye-DNS kunethiwekhi yethu ye-SME. Sithemba ukuthi uyijabulele yonke inqubo, ebiyinto elula impela, akunjalo? 😉
Sifaka futhi silungiselela i-DHCP
[izimpande @ dns ~] # yum ukufaka i-dhcp
Ama-plugins alayishiwe: i-fastestmirror, i-centos-base langpacks | 3.4 kB 00:00:00 centos-updates | 3.4 kB 00:00:00 Ukulayisha isivinini sesibuko kusuka kufayela eligcinwe ngesinye isibuko Ukuxazulula ukuncika -> Ukuhlolwa kokuthengiselana -> Iphakheji dhcp.x86_64 12: 4.2.5-42.el7.centos kumele ifakwe -> Ukuxazulula ukuncika kunqanyulwe ukuxazululwa okuxazululiwe ============================================= =================================== Iphakethe Lokwakha Uhlobo Lokugcina =========== ============================================= ============================================= ====================== Ukufaka: dhcp x86_64 12: 4.2.5-42.el7.centos centos-base 511 k Isifinyezo sokwenziwe ==== ============================================= ============================================= ============================ Faka iphakheji eli-1 Usayizi wokulanda ophelele: 511k Usayizi ofakiwe: 1.4 M Ingabe lokhu kulungile [y / d / N]: y Ukulanda amaphakheji: dhcp-4.2.5-42.el7.centos.x86_64.rpm | I-511 kB 00:00:00 Isheke lokuthengiselana lokuqalisa Ukuhlola okwenziwayo kokuqalisa Ukuhlolwa kokuthengiselana kuphumelele Ukuqalisa ukuthengiselana: 12: dhcp-4.2.5-42.el7.centos.x86_64 1/1 Ukuhlola: 12: dhcp-4.2.5-42. el7.centos.x86_64 1/1 Kufakiwe: dhcp.x86_64 12: 4.2.5-42.el7.centos Kwenziwe!
[izimpande @ dns ~] # nano /etc/dhcp/dhcpd.conf
# # Ifayela Lokumiswa Kweseva ye-DHCP. # see /usr/share/doc/dhcp*/dhcpd.conf.example # see dhcpd.conf (5) man page # ddns-update-style interim; izibuyekezo ze-ddns ku; i-ddns-domainname "desdelinux.fan."; ddns-rev-domainname "in-addr.arpa."; unganaki izibuyekezo zamakhasimende; onegunya ukudlulisa inketho kuvaliwe; igama lesizinda legama "desdelinux.fan"; # inketho ntp-server 0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org, 3.pool.ntp.org; faka "/etc/dhcp.key"; zone kusuka linux.fan. {okuyinhloko 127.0.0.1; ukhiye we-dhcp-ukhiye; } indawo engu-10.168.192.in-addr.arpa. {okuyinhloko 127.0.0.1; ukhiye we-dhcp-key; } i-redlocal eyabiwe-inethiwekhi {subnet 192.168.10.0 netmask 255.255.255.0 {option routers 192.168.10.1; inketho ye-subnet-mask 255.255.255.0; ikheli lokusakaza lekheli 192.168.10.255; inketho yesizinda-igama-amaseva 192.168.10.5; izinketho ze-netbios-name-server 192.168.10.5; ububanzi 192.168.10.30 192.168.10.250; }} # END Dhcpd.conf
[izimpande @ dns ~] # dhcpd -t
I-Internet Systems Consortium DHCP Server 4.2.5 Ilungelo lokushicilela 2004-2013 Internet Systems Consortium. Wonke Amalungelo Agodliwe. Ngemininingwane, sicela uvakashele ku-https: //www.isc.org/software/dhcp/ Ungacingi i-LDAP njengoba i-ldap-server, i-ldap-port kanye ne-ldap-base-dn zingacaciswanga kufayela lokumisa
[izimpande @ dns ~] # systemctl vumela i-dhcpd
Kudalwe i-symlink kusuka ku /etc/systemd/system/multi-user.target.wants/dhcpd.service to / usr/lib/systemd/system/dhcpd.service.
[izimpande @ dns ~] # systemctl qala dhcpd
[izimpande @ dns ~] # systemctl isimo dhcpd
● dhcpd.service - DHCPv4 Server Daemon Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; inikwe amandla; ukusethwa kabusha komthengisi: kukhutshaziwe) Kuyasebenza: kuyasebenza (kuyasebenza) kusukela ku-dom 2017-01-29 12:04:59 ITS T; 23s ago Docs: man: dhcpd (8) man: dhcpd.conf (5) Main PID: 2381 (dhcpd) Status: "Dispatching packets ..." CGroup: /system.slice/dhcpd.service └─2381 / usr / sbin / dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid Jan 29 12:04:59 dns dhcpd [2381]: I-Internet Systems Consortium DHCP Server 4.2.5 uJan 29 12 : 04: 59 dns dhcpd [2381]: Ilungelo lobunikazi ngo-2004-2013 Internet Systems Consortium. UJan 29 12:04:59 dns dhcpd [2381]: Wonke amalungelo agodliwe. Jan 29 12:04:59 dns dhcpd [2381]: Ngemininingwane, sicela uvakashele ku-https: //www.isc.org/software/dhcp/ Jan 29 12:04:59 dns dhcpd [2381]: Akuseshwanga i-LDAP kusukela nge-ldap -server, ldap-port kanye ldap-base-dn azange zicaciswe kufayela lokumiswa ngoJan 29 12:04:59 dns dhcpd [2381]: Wabhala izivumelwano eziyi-0 zokuqashisa ifayili. UJan 29 12:04:59 dns dhcpd [2381]: Ukulalela i-LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: Ithumela i-LPF / eth0 / 52: 54: 00: 12: 17: 04 / redlocal Jan 29 12:04:59 dns dhcpd [2381]: Ithumela kuSocket / fallback / fallback-net Jan 29 12:04:59 dns systemd [1]: Iqalile I-Daemon Yeseva ye-DHCPv4.
Yini okusamele kwenziwe?
Okulula. Qala iWindows 7 noma elinye iklayenti ngeFree Software bese uqala ukuhlola nokuhlola. Sikwenze namakhasimende amabili: eziyisikhombisa y suse-desktop.fromlinux.fan. Amasheke abenje:
buzz @ sysadmin: ~ $ host eziyisikhombisa seven.fromlinux.fan inekheli 192.168.10.30 buzz @ sysadmin: ~ $ host seven.fromlinux.fan seven.fromlinux.fan inekheli 192.168.10.30 buzz @ sysadmin: ~ $ dig IN TXT seven.fromlinux.fan .... ;; ISIQEPHU SOMBUZO :; seven.fromlinux.fan. KU-TXT ;; ISIGABA SEMPENDULO: seven.desdelinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"....
Siqamba kabusha iqembu "ayisikhombisa" libe "LAGER" bese siqala kabusha. Ngemuva kokuqalisa kabusha i-LAGER entsha, sihlola:
buzz @ sysadmin: ~ $ host eziyisikhombisa Umsingathi wesikhombisa akatholakalanga: 5 (WALAWE) buzz @ sysadmin: ~ $ host seven.fromlinux.fan Ukusingathwa kwe- seven.desdelinux.fan akutholakali: 3 (NXDOMAIN) buzz@sysadmin: ~ $ umphathi we-lager lager.desdelinux.fan inekheli 192.168.10.30 buzz@sysadmin: ~ $ umphathi we-lager.fromlinux.fan lager.desdelinux.fan inekheli 192.168.10.30 buzz @ sysadmin: ~ $ dig IN TXT lager.fromlinux.fan .... ;; ISIQEPHU SOMBUZO :; lager.fromlinux.fan. KU-TXT ;; ISIGABA SEMPENDULO: lager.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"....
Ngokuphathelene neklayenti le-suse-desktop:
buzz @ sysadmin: ~ $ host suse-dektop I-host suse-dektop ayitholakali: 5 (YALAWA) buzz @ sysadmin: ~ $ host suse-desktop suse-desktop.desdelinux.fan inekheli 192.168.10.33 buzz @ sysadmin: ~ $ host suse-desktop.fromlinux.fan suse-desktop.desdelinux.fan inekheli 192.168.10.33 buzz @ sysadmin: ~ $ umsingathi 192.168.10.33 33.10.168.192.in-addr.arpa igama lesizinda isikhombi suse-desktop.desdelinux.fan. buzz @ sysadmin: ~ $ umsingathi 192.168.10.30 30.10.168.192.in-addr.arpa isizinda segama lesikhombi LAGER.desdelinux.fan.
buzz @ sysadmin: ~ $ bamba -x 192.168.10.33 .... ;; ISIQEPHU SOMBUZO :; 33.10.168.192.in-addr.arpa. KU-PTR ;; IMPENDULO ISIQEPHU: 33.10.168.192.in-addr.arpa. 3600 IN PTR suse-desktop.fromlinux.fan. ;; ISIGUNYA SOKUGUNYAZA: 10.168.192.in-addr.arpa. 10800 IN NS dns.fromlinux.fan. ;; ISIGABA ESINGEZIWE: dns.fromlinux.fan. 10800 KU-192.168.10.5 .... buzz @ sysadmin: ~ $ dig IN TXT suse-desktop.fromlinux.fan .... ; suse-desktop.desdelinux.fan. KU-TXT ;; ISIGABA SEMPENDULO: suse-desktop.desdelinux.fan. 3600 IN TXT "31b78d287769160c93e6dca472e9b46d73" ;; ISIGUNYA SOKUGUNYAZA: desdelinux.fan. 10800 IN NS dns.fromlinux.fan. ;; ISIGABA ESINGEZIWE: dns.fromlinux.fan. I-10800 KU-192.168.10.5 ....
Masisebenzise futhi imiyalo elandelayo
[root @ dns ~] # dig kusuka ku-linux.fan axfr ; << >> I-DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 << >> desdelinux.fan axfr ;; izinketho zomhlaba wonke: + cmd kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 6 86400 3600 604800 10800 kusuka ku-linux.fan. 10800 IN NS dns.fromlinux.fan. kusuka ku-linux.fan. 10800 IN MX 10 imeyili.fromlinux.fan. kusuka ku-linux.fan. I-10800 IN TXT "FromLinux, i-Blog yakho inikezelwe ku-Free Software" ad-dc.desdelinux.fan. I-10800 KU-blog 192.168.10.3 blog.desdelinux.fan. I-10800 KU-192.168.10.7 dns.fromlinux.fan. I-10800 IN A 192.168.10.5 fileserver.fromlinux.fan. I-10800 IN A 192.168.10.4 ftpserver.fromlinux.fan. I-10800 KU-192.168.10.8 LAGER.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"LAGER.fromlinux.fan. 3600 KU-192.168.10.30 mail.fromlinux.fan. 10800 IN A proxyweb.fromlinux.fan ngu-192.168.10.9 proxyweb. I-10800 IN A 192.168.10.6 suse-desktop.fromlinux.fan. 3600 IN TXT "31b78d287769160c93e6dca472e9b46d73"suse-desktop.desdelinux.fan. 3600 KU-192.168.10.33 sysadmin.fromlinux.fan. I-10800 IN Kuya ku-192.168.10.1 kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 6 86400 3600 604800 10800
Ekukhishweni okungenhla, sigqamise ku ngesibindi Los I-TTL -imizuzwana- yamakhompyutha anamakheli e-IP anikezwe insizakalo ye-DHCP lawo anesimemezelo esicacile se-TTL 3600 esinikezwe yi-DHCP. Ama-IP alungisiwe aqondiswa yi- $ TTL yamahora ama-3H -3 = 10800 amasekhondi- amenyezelwe kwirekhodi le-SOA lefayela ngalinye lendawo.
Bangabheka indawo ebuyela emuva ngendlela efanayo.
[izimpande @ dns ~] # bamba i-10.168.192.in-addr.arpa axfr
Eminye imiyalo ethakazelisa kakhulu yile:
[izimpande @ dns ~] # igama-le-journalprint /var/named/dynamic/db.desdelinux.fan.jnl [izimpande @ dns ~] # enegama-le-journalprint /var/named/dynamic/db.10.168.192.in-addr.arpa.jnl [izimpande @ dns ~] # iphephabhuku -f
Ukuguqulwa okwenziwa ngesandla kwamafayela weZones
Ngemuva kokuthi i-DHCP ingene ekuvuseleleni ngamandla amafayela wendawo we okuthiwaUma kwenzeka sidinga ukuguqula ifayili lendawo ngesandla, kufanele senze inqubo elandelayo, kepha hhayi ngaphambi kokwazi okwengeziwe ngokusebenza kwensiza. rndc yokulawulwa kweseva yamagama.
[izimpande @ dns ~] # indoda rndc
....
nqabela [indawo [isigaba [ukubuka]]]
Misa okwesikhashana izibuyekezo kundawo enamandla. Uma kungekho ndawo eshiwo, khona-ke zonke izingxenye ziyamiswa. Lokhu kuvumela ukuhlelwa okwenziwa ngesandla ukuze kwenziwe endaweni evuselelwa ngokuvuselelwa okunamandla. Futhi kubangela ukuthi ushintsho kufayela lejenali livumelaniswe kufayela eliyinhloko. Yonke imizamo yokuvuselela okunamandla izokwaliwa ngenkathi indawo iqandisiwe.
ncibilikisa [indawo [isigaba [ukubuka]]]
Nika amandla izibuyekezo kundawo enamandla efriziwe. Uma kungekho ndawo eshiwo, khona-ke zonke izingxenye ezifriziwe zinikwe amandla. Lokhu kubangela ukuthi iseva ilayishe kabusha indawo kusuka kudiski, iphinde inike amandla izibuyekezo ezinamandla ngemuva kokuthi umthwalo usuqedile. Ngemuva kokuthi indawo incibilikisiwe, izibuyekezo ezinamandla ngeke zisenqatshwa. Uma indawo ishintshile futhi inketho ye-ixfr-from-umehluko isetshenziswa, khona-ke ifayili lejenali lizovuselelwa ukukhombisa ushintsho endaweni. Ngaphandle kwalokho, uma indawo ishintshile, noma yiliphi ifayela lejenali elikhona lizosuswa. ....
Yini, ubucabanga ukuthi ngizokopisha yonke imanuwali? ... ucezu bese behamba ngemoto. Okusele ngikushiya kuwe. 😉
Ngokuyinhloko:
- i-rndc iqhwa [indawo [isigaba [ukubuka []]]], imisa isikhashana ukuvuselelwa okunamandla kwendawo. Uma eyodwa ingacacisiwe, konke kuzomisa. Umyalo uvumela ukuhlelwa okwenziwa ngesandla kwendawo efriziwe noma zonke izingxenye. Noma yikuphi ukubuyekeza okunamandla kuzokwenqatshwa ngenkathi kumisiwe.
- rndc uncibilike [zone [isigaba [buka]]], inika amandla ukuvuselelwa okunamandla kundawo efriziwe ngaphambilini. Iseva ye-DNS iphinda ilayishe ifayela lendawo kusuka kudiski, futhi izibuyekezo ezinamandla zinikwa amandla kabusha ngemuva kokuphinda kulayishwe.
Ukuqapha okufanele kuthathwe lapho sihlela ngesandla ifayili lendawo? Kuyafana nokuthi siyayakha, ngaphandle kokukhohlwa ukukhulisa inombolo ye-serial ngo-1 noma serial ngaphambi kokugcina ifayili nezinguquko zokugcina.
Isibonelo:
[root @ dns ~] # rndc iqhwa kusuka ku-linux.fan
[izimpande @ dns ~] # nano /var/named/dynamic/db.fromlinux.fan
Ngiguqula ifayela lendawo nganoma yisiphi isizathu, esidingekayo noma cha. Ngigcina izinguquko
[root @ dns ~] # rndc ncibilika kusuka ku-linux.fan
Ukulayishwa kabusha kwendawo nokuncibilikisa kwaqalwa. Bheka izingodo ukubona umphumela.
[izimpande @ dns ~] # iphephabhuku -f
Jan 29 14:06:46 dns named [2257]: thawing zone 'desdelinux.fan/IN': impumelelo
UJan 29 14:06:46 i-dns eqanjwe i- [2257]: zone from linux.fan/IN: zone serial (6) ingashintshiwe. indawo ingahluleka ukudlulisela ezigqilazweni.
Jan 29 14:06:46 dns named [2257]: zone desdelinux.fan/IN: serial serial 6
Iphutha kokukhiphayo kwangaphambilini, okuboniswa ngokubomvu kukhonsoli, kungenxa yokuthi "ngikhohliwe" ukukhulisa inombolo ye-serial ngo-1. Ukube bengilandele inqubo ngokufanele, umphumela ngabe:
[izimpande @ dns ~] # iphephabhuku -f - Izingodo ziqala eSun 2017-01-29 08:31:32 EST. - Jan 29 14:06:46 i-dns eqanjwe ngo- [2257]: zone desdelinux.fan/IN: serial serial 6 Jan 29 14:10:01 dns systemd [1]: Iseshini Eqaliwe 43 yezimpande zomsebenzisi. Jan 29 14:10:01 dns systemd [1]: Iqala iSeshini 43 yezimpande zomsebenzisi. UJan 29 14: 10: 01 dns CROND [2693]: (impande) i-CMD (/ usr / lib64 / sa / sa1 1 1) uJan 29 14:10:45 i-dns eqanjwe ngo- [2257]: ithole umyalo wesiteshi sokulawula 'iqhwa ku-linux. fan 'Jan 29 14:10:45 dns named [2257]: zonezing zone' desdelinux.fan/IN ': success Jan 29 14:10:58 dns named [2257]: wathola isilawuli sesiteshi sokulawula' thaw desdelinux.fan 'Jan 29 14:10:58 dns named [2257]: thawing zone 'desdelinux.fan/IN': success Jan 29 14:10:58 dns named [2257]: zone desdelinux.fan/IN: journal file is out of date: kususwa ifayili lephephabhuku iJan 29 14:10:58 i-dns ebizwa nge- [2257]: zone desdelinux.fan/IN: serial serial 7
- Mfundi mfundi, ngiyaphinda ngithi kufanele ufunde ngokucophelela imiphumela yemiyalo. Kokuthize onjiniyela bayo basebenzise umsebenzi omningi kangaka behlela umyalo ngamunye, noma ngabe kulula kangakanani.
Isifingqo
Kuze kube manje sikhulume ngokuqaliswa kokubhangiswa kwe-DNS - DHCP, izinsizakalo ezibalulekile nezibalulekile zokwenza kahle kwe-SME Network yethu, kubhekiswe ekunikezelweni kwamakheli ashukumisayo nge-DHCP kanye nokuxazululwa kwamagama ekhompyutha nawesizinda nge-DNS.
Sithemba ukuthi uyijabulele yonke inqubo njengoba senze. Yize kungabonakala kunzima kakhulu ukusebenzisa ikhonsoli, kulula kakhulu futhi kufundisa kakhulu ukusebenzisa insiza ku-UNIX® / Linux ngosizo lwayo.
Bayangixolela nganoma yikuphi ukuhumusha okungaqondakali kwemicabango, eyakhiwe, ebhaliwe, ebukezwayo, ebhalwe kabusha, futhi yashicilelwa ngolimi lweShakespeare, hhayi iCervantes. 😉
Ukulethwa okulandelayo
Ngicabanga okuthe xaxa ngokufanayo - ngezengezo zethiyori kumarekhodi e-DNS - kepha eDebian. Asikwazi ukukhohlwa lokho kusatshalaliswa, akunjalo?
Amazwana ayi-15, shiya okwakho
Ngibonga kakhulu ngomsebenzi wenu oncomekayo wokubhala izindatshana ezinjalo ezinezithelo. Kuzoba wusizo olukhulu kimi
Futhi ngiyabonga kakhulu, Cristian, ngokungilandela nangokuhlola kwakho lokhu okuthunyelwe. Impumelelo!
Ngemuva kokubheka okokuqala kulokhu okuthunyelwe okusha nguFederico, ubuchwepheshe obuhle obubonwe kulo lonke uchungechunge lwe- «PYMES» buyaqapheleka futhi; ngaphezu kwemininingwane enkulu ekhombisa isizinda sakho kumasevisi amabili abaluleke kakhulu (i-DNS ne-DHCP) yanoma iyiphi inethiwekhi. Kulesi senzakalo futhi ngokungafani nokuphawula kwami kwangaphambilini, nginokuphawula okungu-2 okulindile ngemuva kokusebenzisa engikushilo kulokhu okuthunyelwe.
Awekho amazwana, pa '400 !!! UFico ngiyabonga ngoba wazi kahle ukuthi ngifunde okuthunyelwe kwakho futhi asikwazi ukucela okuningi. Uqala ngenhlangano enhle kakhulu, kusukela ekufakweni nasekusetheni ideskithophu yomuntu siqu yomsebenzisi, indawo yokusebenza iyisisekelo, kungumqondo wokuba yilezo zinsizakalo zenethiwekhi ochaza kahle kakhulu. Ubulokhu ukhuphuka kanti yize kuyiqiniso ukuthi izinga liyakhuphuka, kuyiqiniso ukuthi ubhalele futhi wakhicilela labo abangaphansi kwalabo abaqala, kulabo asebeke bafana nami isikhathi esithile futhi sebephambili kakhulu.
Ngokuhamba kwesikhathi ngifinyelele esiphethweni sokuthi ngiyazi abaningi sebefikile, inkolelo-mbono, leyo ebiza kakhulu kithi ukukuthola ngeqiniso elilula lokungafuni ukufunda, ngoba ukwenza sekuvele kulula kakhulu uma sazi esikwenzayo, kungani ???, imibuzo, ukutholakala kuphi nokuthi ungaphuma kanjani ephutheni elinika ikhanda elingaka lapho singazi nokuthi zivelaphi, kufanelekile ukuswela umsebenzi.
Ngalesi sizathu, angifuni ukuthi ushiye ngemuva lezo zinto ezizofakwa mayelana namarekhodi e-DNS kushicilelo olulandelayo njengoba umemezele, kungasaphathwa uma kukhulunywa nge-DEBIAN ethandekayo nethandekayo.
NGIYABONGA KAKHULU futhi silindile.
Kuhle kakhulu njalo ngeFico! Ngilinde inguqulo ye-Debian, bengilokhu ngidlala yonke into ngaleyo distro iminyaka.
Wong: Umbono wakho ngemuva kokufunda ubaluleke kakhulu. Ngilinde ukuphawula kwakho lapho uvivinya okuqukethwe, ngoba ngiyazi ukuthi yindlela othanda ukukwenza ngayo lokho. 😉
I-Crespo: Njengenjwayelo, imibono yakho yamukelwa kahle kakhulu. Ngiyabona ukuthi uwuthumile umugqa ojwayelekile engiwukhulisile ekwakhiweni kwalolu chungechunge. Ngiyethemba ukuthi, njengawe, abaningi sebevele bakuqaphelile. Siyabonga ngokuphawula kwakho.
UDhunter: Kuhle ukukufunda futhi! Ngeke kudingeke ulinde isikhathi eside. NgoMsombuluko maduzane- noma ngaphambi- kuzobe sekuqediwe ukushicilelwa. Ungacabangi ukuthi kulula kimi ukumboza ama-distros amathathu ahlukene, kepha iRespectable Reader, iyakucela. Hhayi i-Debian ne-Ubuntu kuphela, kepha ama-Three Oriented kuma-SME.
Uma ushicilele, kungenxa yokuthi uyakwazi, siyakweseka futhi siyazi ukuthi uzowulandela lowo mugqa.
Njengokuthungatha ngilinde ukukhishwa kwe-Debian ngamazinyo abukhali. Kungaba kuhle uma umboza okuncane nge-NTP. I-Sl2 nokwangana okukhulu. Ukube othisha bami bebengifundise yonke into enjalo, HAHAJJA, Platinum Degree, HAHAJJA.
Izinga lemininingwane ekuphumeni komyalo liyadingeka ukukhombisa ukubaluleka kwalo. Basho okuningi. Kuyiqiniso ukuthi zimbalwa izindatshana ezikhuluma ngaleli zinga lemininingwane, ngoba bacabanga ukuthi zizoba yindatshana ende futhi enzima yokufunda. Yebo, ingxenye yomsebenzi weSysAdmin ukufunda leyo miphumela esindayo nenemininingwane, hhayi nje lapho kunenkinga, kepha futhi nasebusweni bamasheke.
Sawubona Federico, bengikuthembisile ngaphambili, ukubhala okunye ukuphawula ngemuva kokukufunda ngokucophelela okuthunyelwe okukhulunywa ngakho; Nakhu okulandelayo:
- Inqubo enhle esikhundleni sokwenza ukhiye we-TSIG wezibuyekezo ze-DNS eziguquguqukayo nge-DHCP, ukopisha ukhiye ofanayo we-rndc.key njenge-dhcp.key, lokhu ngokusobala "okulula kakhulu" kukhombisa ukuthi inhloso akuyona nje ubuchwepheshe kwe-HOWTO-INSTALL-DNS - & - DHCP kepha isifundisa ukucabanga, IZINKANYEZI ezi-5 ZOMBHALI.
- Kuyathakazelisa kakhulu kufayela lokumiswa kwe-DNS, okuthiwa.conf, ubukhona bomugqa «vumela-ukudlulisa {i-localhost; 192.168.10.1; }; » ukuhlola i-Domain «desdelinux.fan» kuphela esiteshini sokusebenza se-SysAdmin kanye ne-localhost (iseva ye-DNS uqobo), bese ufaka nokhiye we-TSIG ukuvuselela i-DNS kusuka ku-DHCP.
- Kuhle kakhulu ukwakhiwa kwezindawo eziqondile neziphambene ze-DNS kanye nencazelo "eningiliziwe" yezinhlobo zabo zamarekhodi, ngaphezu kokukhishwa komyalo othi "# named-checkconf -zp" ukubheka yonke i-syntax yegama ngaphambi kwalo ukusetha kabusha kanzima, kanye nezibonelo zokusebenzisa umyalo "wokumba" ukuqinisekisa izinhlobo ezahlukahlukene zamarekhodi e-DNS.
. Ekucushweni kwe-DHCP (kusetshenziswa ifayili /etc/dhcp/dhcpd.conf):
- Ungayengeza kanjani inethiwekhi yethu yendawo nobubanzi bayo bamakheli we-IP ashukumisayo ongawabela, incazelo yegama-iseva, njll. nokuthi ungatshela kanjani i-DHCP ukuthi ivuselele amarekhodi e-DNS ngokusebenzisa imigqa ye- "ddns- ..." ekucushweni kwayo.
. Lapho yonke into isivele isebenza, IZINKANYEZI ezi-5 ZOMBHALI, ekwenzeni umyalo othi "# dig desdelinux.fan axfr" ukuhlola i-TTL yamakhompiyutha ku-LAN ane-IP emile yalabo abane-IP enamandla abelwe yona.
. Ekugcineni, KUKHULU, ukuguqulwa okwenziwa ngesandla kwamafayela weZones ngokuwaqanda okokuqala nge- "# rndc freeze desdelinux.fan", bese wenza ukuguqulwa futhi ekugcineni uwavule nge "# rndc thaw desdelinux.fan"
. FUTHI OKUNGCONO KAKHULU, KONKE KWAKWENZIWA KUSUKELA EGAMENI.
Qhubeka njalo Fico.
Sawubona,
Ik kom net kijken, dit omdat ik probeer te achterhalen hoe het kan dat alles gedeeld en verwijderd wordt op mijn computer zelfs mijn foto's. Ik heb totaal geen control meer over mijn eigen computer on mobiel.
Het zit m dus ook ku-het dns ku-dhcp. Ik weet echt niet hoe ik dit moet oplossen en het kan verwijderen. Misschien dat iemand mij wilt usizo? I-Dit is namelijk buiten mij om geinstalleerd. I-Walgelijk gedrag vind ik het.
Wong: ukuphawula kwakho kugcwalisa i-athikili. Ngokuzimisela, kukhombisa ukuthi ukutadishe kahle. Ngaphandle kwalokho, awukwazi ukuphawula ngezinga lemininingwane oyenzayo. Vele ungeze lokho vumela-dlulisa Isetshenziselwa ikakhulukazi lapho sinesigqila se-DNS futhi sivumela ukudluliswa kwezindawo kusuka enkosini kuye. Ngiyisebenzisa ngaleyo ndlela ngoba kuyindlela elula yokusebenzisa ukwenza amasheke angenabungozi kusuka kukhompyutha eyodwa. Ngiyabonga kakhulu ngokuhlola kwakho 5. Ngiyabingelela! futhi ngizoqhubeka ngikulinde kuma-athikili ami alandelayo.
Sawubona Federico. Ngiyazi ukuthi sekwephuze kancane, kodwa ngithanda ukukubuza umbuzo.
Ingabe le nqubo izongisiza uma ngifuna ukukhomba isizinda kwiseva yami ye-vps?
Njalo ngemizuzu engu-15 ngithola le milayezo yohlelo:
I-DHCPREQUEST ku-eth0 kuya echwebeni 67 (xid =…)
I-DHCPACK kusuka ku- (xid =…)
kufanele - ukuvuselelwa ngemizuzwana engama-970.
Futhi kulokho engikuqondayo kufanele ngidale irekhodi le-A ngesizinda sami kanye ne-ip yeseva yami ezinikele.
* Ngiyakuhalalisela futhi ngiyabonga ngale ndatshana, angazi noma bekuyiyona yini ebengiyifuna kodwa ngiyithole ithakazelisa kakhulu futhi ichazwe kahle. Ngaphezu kwalokho ngithatha isincomo se- "DNS ne-BIND" ebengivele ngihleba kancane futhi kubonakala kuthakazelisa kakhulu.
Ukubingelela okuvela e-Argentina!
sicela uxhumane nami ngokusebenzisa valdestoujague@yandex.com