I-DNS ne-DHCP ku-Debian 8 "Jessie" - Amanethiwekhi we-SMB

Inkomba ejwayelekile yochungechunge: Ama-Computer Networks ama-SME: Isingeniso

Sanibonani zihlobo !. Ngemuva kwezindatshana ezimbalwa ezedlule kwi Domain Name System futhi i I-Dynamic Host Configuration Protocol kushicilelwe ku- «I-DNS ne-DHCP kuvuliweSUSE 13.2 'Harlequin'"Y"I-DNS ne-DHCP ku-CentOS 7«, Kokubili kusuka ochungechungeni Amanethiwekhi we-SME, kufanele silungiselele lawo masevisi ku-Debian.

Siyaphinda ukuthi iphuzu lokuqala lokufunda ngemibono yethiyori ye-DNS ne-DHCP yi-Wikipedia.

Ukufaka isistimu yokusebenza

Sizoqala kusukela ekufakweni okuyisisekelo kwesiphakeli ngohlelo lokusebenza lwe-Debian 8 "Jessie" ngaphandle kokufaka noma iyiphi indawo yokuqhafaza noma olunye uhlelo. Umshini obonakalayo onama-megabyte angu-512 we-RAM kanye ne-hard drive engama-gigabyte angama-20 ungaphezu kokwanele.

Ngesikhathi senqubo yokufaka -ngemodi yombhalo ngokukhethekile- futhi ngokulandela ukuhleleka kwezikrini, sikhethe amapharamitha alandelayo:

  • Ulimi: ISpanishi - iSpanishi
  • Izwe, insimu noma indawo: U.S
  • I-Keymap ongayisebenzisa: IsiNgisi saseMelika
  • Lungiselela inethiwekhi ngesandla:
    • Ikheli le-IP: 192.168.10.5
    • I-Netmask: 255.255.255.0
    • Isango: 192.168.10.1
    • Amakheli eNameserver: 127.0.0.1
    • Igama lomshini: dns
    • Igama lesizinda: desdelinux.fan
  • Iphasiwedi Yomsebenzisi Omkhulu: ISuClave (bese ucela isiqinisekiso)
  • Igama eligcwele lomsebenzisi omusha: I-Debian First OS Buzz
  • Igama lomsebenzisi le-akhawunti: bhuz
  • Khetha iphasiwedi yomsebenzisi omusha: ISuClave (bese ucela isiqinisekiso)
  • Khetha umkhawulo wesikhathi sakho: EMpumalanga
  • Indlela yokuhlukanisa: Kuqondisiwe - sebenzisa yonke idiski
    • Khetha idiski ukwahlukanisa: I-Virtual disk 1 (vda) - 21.5 GB Virto Block Device
    • Isikimu sokuhlukanisa: Onke amafayela kusigaba esisodwa (kunconyelwe ama-newbies).
    • Qedela ukwahlukanisa bese ubhala ushintsho kudiski
    • Ngabe ufuna ukubhala ushintsho kumadiski?
  • Ngabe ufuna ukuhlaziya enye iCD noma iDVD?:
  • Ngabe ufuna ukusebenzisa umfanekiso wed?:
  • Ngabe ufuna ukuthatha inhlolovo yokusebenzisa iphakethe?:
  • Khetha izinhlelo ozozifaka:
    [] Imvelo yedeskithophu ye-Debian
    [*] Izinsiza ezijwayelekile zohlelo
  • Ngabe ufuna ukufaka i-GRUB boot loader kwirekhodi elikhulu le-boot?
    • / dev / vda
  • "Ukufaka kuqediwe":

Ngokubona kwami ​​ngesizotha, ukufaka iDebian kulula. Kuyadingeka kuphela ukuphendula imibuzo yezinketho ezichazwe ngaphambilini nolunye ulwazi. Ngize ngibe nesibindi sokusho ukuthi kulula ukulandela izinyathelo ezingenhla kunokusebenzisa ividiyo, isibonelo. Lapho ngifunda angilahlekelwa ukugxila. Olunye udaba ukubuka, ukufunda, ukutolika, nokunikeza ividiyo emuva naphambili, lapho ngilahlekelwa noma ngingaqondi kahle incazelo ethile ebalulekile. Ishidi elibhalwe ngesandla, noma ifayela lombhalo elilula elikopishwe kuselula, lizosebenza njengesiqondisi esisebenza kahle ngokuphelele.

Izilungiselelo zokuqala

Ngemuva kokuqeda ukufakwa okuyisisekelo nokuqalisa kabusha kokuqala, siyaqhubeka nokumemezela amaRekhodi Ohlelo.

Lapho uhlela ifayela imithombo.luhlu, siphawula konke okufakiwe okukhona ngokuzenzakalela ngoba sizosebenza kuphela nezinqolobane zasendaweni. Okuqukethwe kokugcina kwefayela -ukufaka imigqa ephawuliwe- kungaba:

izimpande @ dns: ~ # nano /etc/apt/source.list
deb http: // 192.168.10.1.

Sibuyekeza uhlelo

(i-imeyili ivikelwe): ~ # ukubuyekeza kokufaneleka
izimpande @ dns: ~ # ukuthuthukisa ukufaneleka
izimpande @ dns: ~ # qala kabusha

Sifaka i-SSH ukufinyelela kude

izimpande @ dns: ~ # ukufaneleka ukufaka i-ssh

Ukuvumela umsebenzisi ukuthi aqale iseshini esikude nge-SSH izimpande -kusuka ku-Enterprise LAN kuphela- siguqula ifayela layo lokumisa:

izimpande @ dns: ~ # nano / etc / ssh / sshd_config
.... PermitRootLogin yebo ....

izimpande @ dns: ~ # systemctl qala kabusha ssh.service
izimpande @ dns: ~ # systemctl isimo ssh.service

Siqala iseshini esikude ngeSSH ku- «dns» kusuka kumshini we- «sysadmin»:

buzz @ sysadmin: ~ $ rm .ssh / known_hosts buzz @ sysadmin: ~ $ ssh root@192.168.10.5 ... iphasiwedi ye-root@192.168.10.5: ... root @ dns: ~ #

Amafayela wokumisa ayinhloko

Amafayela amakhulu wokumiswa kwesistimu azoba ngokokukhetha kwethu ngesikhathi sokufakwa:

izimpande @ dns: ~ # ikati / njll / imikhosi
127.0.0.1 i-localhost 192.168.10.5 dns.desdelinux.fan dns # Imigqa elandelayo iyadingeka kuma-IPv6 abasingathi abanamandla :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouters

izimpande @ dns: ~ # ikati /etc/resolv.conf 
sesha kusuka linux.fan nameserver 127.0.0.1

izimpande @ dns: ~ # igama lomethuleli
dns

izimpande @ dns: ~ # igama lomgcini -f
dns.fromlinux.fan

izimpande @ dns: ~ # ikati / njll / inethiwekhi / izinhlaka
# Leli fayela lichaza izixhumanisi zenethiwekhi ezitholakala kusistimu yakho # nokuthi ungazisebenzisa kanjani. Ngemininingwane engaphezulu, bheka izixhumi (5). umthombo /etc/network/interfaces.d/ * # I-loopback network interface auto lo iface lo inet loopback # I-interface eyinhloko yenethiwekhi ivumela-hotplug eth0 iface eth0 inet static ikheli 192.168.10.5 netmask 255.255.255.0 network 192.168.10.0 ukusakaza 192.168.10.255. Isango le-192.168.10.1 127.0.0.1 # dns- * izinketho zenziwa yiphakeji ye-resolutionvconf, uma ifakiwe i-dns-nameservers XNUMX dns-search kusuka ku-linux.fan

Sifaka amaphakheji amahle kakhulu

izimpande @ dns: ~ # ukufaneleka ukufaka i-htop mc deborphan

Ukuhlanza amaphakheji alandiwe, uma akhona

izimpande @ dns: ~ # ukufaka ukufaneleka -f root @ dns: ~ # aptitude purge ~ c root @ dns: ~ # aptitude clean root @ dns: ~ # aptitude autoclean

Sifaka i-BIND9

  • NGAPHAMBI kokufaka ISIBOPHO sincoma kakhulu vakashela ikhasi Izinhlobo zerekhodi le-DNS ku-Wikipedia, zombili ngezinguqulo zayo zaseSpain nezesiNgisi Lezi zinhlobo zamarejista yizo esizozisebenzisa ukumisa amafayela weZones, womabili aqonde ngqo naphindayo. Kuyafundisa kakhulu ukwazi ukuthi sibhekene nani.
  • Futhi siphakamisa funda okulandelayo Isicelo samazwana RFC - Izicelo zamazwana, ezihlobene kakhulu nokusebenza okunempilo kwensizakalo ye-DNS, ikakhulukazi maqondana nokuphindisela kumaseva ezimpande:
    • Ama-RFCs 1912, 5735, 6303, kanye ne-BCP 32: ephathelene ne- localhost
    • Ama-RFCs 1912, 6303: Indawo yesitayela yekheli le-IPv6 lendawo yasendaweni
    • Ama-RFCs 1912, 5735 kanye no-6303: Okuhlobene Nenethiwekhi Yasendaweni - «Lokhu» Inethiwekhi
    • Ama-RFCs 1918, 5735 kanye no-6303: Amanethiwekhi Wokusetshenziswa Okuyimfihlo
    • RFC 6598: Isikhala Samakheli Abiwe
    • Ama-RFCs 3927, 5735 kanye no-6303: Xhumanisa-okwasendaweni / APIPA
    • Ama-RFCs 5735 kanye no-5736: Izabelo ze-Internet Engineering Task Force
    • Ama-RFCs 5735, 5737 kanye no-6303: ISIVIVINYO-NET- [1-3] Samaphepha
    • Ama-RFCs 3849 no-6303: Ibanga Lesibonelo le-IPv6 leMibhalo
    • I-BCP 32: Amagama Esizinda Emibhalo Nokuhlolwa
    • Ama-RFCs 2544 kanye no-5735: Ukuhlolwa kwe-Router Benchmark
    • RFC 5735: IANA Igcinelwe - Isikhala Esidala Ekilasini E
    • RFC 4291: Amakheli we-IPv6 Angabelwe
    • Ama-RFCs 4193 kanye no-6303: IPv6 ULA
    • Ama-RFCs 4291 kanye no-6303: IPv6 Link Local
    • Ama-RFCs 3879 kanye no-6303: Amakheli e-IPv6 Acekisiwe Esayithi
    • I-RFC 4159: IP6.INT yehlisiwe

Ukufakwa

izimpande @ dns: ~ # search aptitude bind9
p bind9 - I-Internet Domain Name Server p p bind9-doc - Imibhalo ye-BIND i bind9-host - Inguqulo ye-'host 'ehlanganiswe ne-BIND 9.X p bind9utils - Izinsiza ze-BIND p gforge-dns-bind9 - ithuluzi lokusebenzisana lokusebenzisana - Ukuphathwa kwe-DNS (usebenzisa iBind9) i Libbind9-90 - ILabhulali Eyabiwe ye-BIND9 esetshenziswe yi-BIND

Futhi zama ukugijima usesho lokufaneleka ~ dbind9

izimpande @ dns: ~ # ukufaneleka ukufaka bind9

izimpande @ dns: ~ # systemctl qala kabusha bind9.service

izimpande @ dns: ~ # isimo se-systemctl bind9.service
● bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; inikwe amandlaUkungena: /run/systemd/generator/bind9.service.d └─50-insserv.conf- $ named.conf
   Isebenza: isebenza (isebenza) kusukela ngoLwesihlanu 2017-02-03 10:33:11 EST; 1s ago Amadokhumenti: man: named (8) Inqubo: 1460 ExecStop = / usr / sbin / rndc stop (code = exited, status = 0 / SUCCESS) Main PID: 1465 (named) CGroup: /system.slice/bind9.service └─1465 / usr / sbin / named -f -u bind Feb 03 10:33:11 dns named [1465]: othomathikhi zone ezingenalutho: 8.BD0.1.0.0.2.IP6.ARPA Feb 03 10:33:11 dns okuthiwa [1465]: umyalo wesiteshi olalele ku-127.0.0.1 # 953 Feb 03 10:33:11 dns eqanjwe [1465]: umyalo wesiteshi olalele ku :: 1 # 953 Feb 03 10:33:11 dns eqanjwe [1465]: iphethwe -keys-zone: serial serial Feb 2 03 10:33:11 dns named [1465]: zone 0.in-addr.arpa/IN: serial serial Feb 1 03 10:33:11 dns okuthiwa [1465]: zone localhost / IN: serial serial Feb 2 03 10:33:11 dns named [1465]: zone 127.in-addr.arpa/IN: serial serial Feb 1 03 10:33:11 dns named [1465]: zone 255.in -addr.arpa/IN: serial serial 1 Feb 03 10:33:11 dns named [1465]: zonke izindawo ezilayishwe Feb 03 10:33:11 dns named [1465]: egijima Ukusikisela: Eminye imigqa yayihlisiwe, sebenzisa -l ukukhombisa ngokugcwele.

Amafayela wokucushwa afakwe yi-BIND9

Ngendlela ehluke kancane kunokumisa insizakalo ye-DNS ku-CentOS naku-OpenSUSE, ku-Debian amafayela alandelayo adalwe enkombeni / njll / bind:

izimpande @ dns: ~ # ls -l / etc / bind /
Imininingwane 52 -rw-r - r-- 1 impande impande 2389 Jun 30 2015 bind.keys -rw-r - r-- 1 impande impande 237 Jun 30 2015 db.0 -rw-r - r-- 1 impande 271 UJun 30 2015 db.127 -rw-r - r-- 1 impande impande 237 Juni 30 2015 db.255 -rw-r - r-- 1 impande impande 353 Jun 30 2015 db.empty -rw- r - r-- Impande eyi-1 impande 270 Jun 30 2015 db.local -rw-r - r-- 1 impande 3048 Jun 30 2015 db.root -rw-r - r-- 1 impande ibopha 463 Jun 30 2015 eqanjwe.conf -rw-r - r-- 1 impande ibopha ama-490 Jun 30 2015 aqanjwe igama elithi.conf.default-zones -rw-r - r-- 1 root bind 165 Jun 30 2015 named.conf.local -rw -r - r-- 1 root bind 890 Feb 3 10:32 named.conf.options -rw-r ----- 1 bind bind 77 Feb 3 10:32 rndc.key -rw-r - r- - 1 impande izimpande 1317 Jun 30 2015 zones.rfc1918

Wonke amafayela angenhla asembhalweni ocacile. Uma sifuna ukwazi incazelo nokuqukethwe yilowo nalowo wabo, singakwenza sisebenzisa imiyalo Ngaphansi o cat, okungumkhuba omuhle.

Imibhalo ehambisana nayo

Encwadini yamakheli / usr / share / doc / bind9 sizoba:

izimpande @ dns: ~ # ls -l / usr / share / doc / bind9
Imininingwane engu-56 -rw-r - r-- 1 impande 5927 Jun 30 2015 copyright -rw-r - r-- 1 impande 19428 30 Jun 2015 1 changelog.Debian.gz -rw-r - r-- 11790 impande 27 Jan 2014 1 FAQ.gz -rw-r - r-- 396 impande 30 Jun 2015 1 IZINDABA.Debian.gz -rw-r - r-- 3362 impande 30 Jun 2015 1 README.Debian. Gz -rw- r - r-- 5840 impande 27 Jan 2014 XNUMX README.gz

Emibhalweni edlule sizothola Izinto Zokufunda Eziningi esizincomayo ukuthi zifundwe NGAPHAMBI kokulungiselela ISIBOPHO, ngisho nangaphambi kokuba useshe i-Intanethi ngezindatshana ezihlobene ne-BIND ne-DNS ngokujwayelekile.. Sizofunda okuqukethwe kwamanye alawo mafayela:

Imibuzo Evame Ukubuzwa o Fngokufanele Asked Qimibono mayelana nokubopha 9

  1. Imibuzo Yokuhlanganisa Nokufaka - Imibuzo ngokuhlanganiswa nokufakwa
  2. Imibuzo Yokumisa Nokusetha - Imibuzo mayelana ukumisa kanye Tuning
  3. Imibuzo Yokusebenza - Imibuzo mayelana nokusebenza
  4. Imibuzo Ejwayelekile - Imibuzo ejwayelekile
  5. Imibuzo Eqondene Nohlelo Lokusebenza - Imibuzo ethile mayelana neSistimu ngayinye yokusebenza
    1. I-HPUX
    2. Linux
    3. Windows
    4. I-FreeBSD
    5. Solaris
    6. I-Apple Mac OS X

IZINDABA.Debian.gz

IZINDABA.UDebian usitshela ngokufingqiwe ukuthi amapharamitha vumela i-cache-query y vumela-ukuphinda kwenzeke inikwa amandla ngokuzenzakalela kuma-ACL ashumekwe ku-Bopha -eyakhelwe ngaphakathi- 'amanethi wendawo'futhi'localhost'. Futhi kusazisa ukuthi izinguquko ezizenzakalelayo zenziwe ukwenza amaseva we-cache angakhangi kangako ekuhlaselweni ngu Ukusakaza kusuka kumanethiwekhi angaphandle.

Ukuhlola okulotshwe esigabeni esedlule, uma kusuka kumshini kunethiwekhi uqobo 192.168.10.0 / 24 okunguyena osesibonelweni sethu, senza isicelo se-DNS esizindeni kusuka ku-linux.net, futhi ngasikhathi sinye kuseva uqobo dns.fromlinux.fan sikhipha umsila -f / var / log / syslog sizothola okulandelayo:

buzz @ sysadmin: ~ $ dig localhost
.... ;; UKUKHETHA UKUKHETHA :; I-EDNS: inguqulo: 0, amafulegi :; udp: 4096 ;; ISIQEPHU SOMBUZO :; i-localhost. PHAKATHI KU ;; ISIGABA SEMPENDULO: i-localhost. I-604800 IN A 127.0.0.1 ;; ISIGUNYA SEZIPHATHIMANDLA: i-localhost. 604800 IN NS wendawohost. ;; ISIQEPHU ESINGEZIWE: i-localhost. 604800 IN AAAA :: 1

buzz @ sysadmin: ~ $ dig kusuka ku-linux.net
....
;; KHETHA UKUKHETHA :; I-EDNS: inguqulo: 0, amafulegi :; udp: 4096 ;; ISIQEPHU SOMBUZO :; desdelinux.net. PHAKATHI KU
....
izimpande @ dns: ~ # umsila -f / var / log / syslog ....
Feb 4 13:04:31 i-dns eqanjwe ngo- [1602]: iphutha (inethiwekhi ayifinyeleleki) ukuxazulula 'desdelinux.net/A/IN': 2001: 7fd :: 1 # 53 Feb 4 13:04:31 dns eqanjwe ngo- [1602]: iphutha (inethiwekhi ayifinyeleleki) ukuxazulula 'desdelinux.net/A/IN': 2001: 503: c27 :: 2:30 # 53
....

Umphumela we syslog yinde kakhulu ngenxa yokuseshwa kwamaseva ezimpande NGOKUBOPHA. Vele ifayela /etc/resolv.conf eqenjini sysadmin.fromlinux.fan ikhomba ku-DNS 192.168.10.5.

Kusukela ekusebenzeni kwemiyalo yangaphambilini singathola iziphetho eziningana a priori:

  • I-BIND ihlelwe ngokuzenzakalela njenge-Cache Server esebenzayo ngaphandle kwesidingo sokumiswa okulandelayo, futhi iphendula imibuzo ye-DNS amanethi wendawo futhi i localhost
  • Ukuphinda - recursion ivunyelwe i- amanethi wendawo futhi i localhost
  • Ayikabi iseva yokugunyazwa
  • Ngokungafani ne-CentOS, lapho bekufanele simemezele ipharamitha «Itheku lokulalela eliku-53 {127.0.0.1; 192.168.10.5; }; » ngokucacile ukulalela izicelo ze-DNS ngaphezulu kwesixhumi esibonakalayo senethiwekhi 192.168.10.5 I-DNS uqobo, ku-Debian akudingekile ngoba isekela izicelo ze-DNS ze amanethi wendawo futhi i localhost okuzenzakalelayo. Buyekeza okuqukethwe kufayela /etc/bind/named.conf.options futhi bazobona ukuthi akukho sitatimende lalela.
  • Imibuzo ye-IPv4 ne-IPv6 inikwe amandla

Uma nje ngokufunda nokutolika - ithini njengoba sisho eCuba- ingobo yomlando IZINDABA.Debian.gz Sifinyelele eziphethweni ezithokozisayo ezisivumela ukuthi sazi okuthe xaxa mayelana ne-Default Configuration Philosophy yeTeam Debian maqondana nokuBopha, yiziphi ezinye izinto ezithokozisayo esingazazi ngokuqhubeka nokufunda amafayela eMibhalo Ehambisana Nakho?.

FUNDA.Debian.gz

FUNDA.I-Debian isazisa -kuphakathi kwezinye izinto eziningi- ukuthi i-Security Extensions ye-Domain Name System - Izandiso Zokuphepha Kwesistimu Yegama Lesizinda o DNSSEC, zivunyelwe; futhi iqinisekisa ukuthi ukumiswa okuzenzakalelayo kusebenza kumaseva amaningi (ama-server server - amaseva amaqabunga ebhekisa emaqabunga esihlahla sesizinda) ngaphandle kwesidingo sokungenelela komsebenzisi.

  • DNSSEC ngokusho kweWikipediaI-Domain Name System Security Extensions (DNSSEC) iqoqo lezincazelo ze-Internet Engineering Task Force (IETF) ukuvikela izinhlobo ezithile zolwazi olunikezwa ngegama lesizinda sohlelo (DNS) elisetshenziswe kwi-Internet Protocol (IP). Kuyisethi yezandiso kwi-DNS enikezela amaklayenti we-DNS (noma ama-resolution) ngokuqinisekiswa komthombo wedatha ye-DNS, ukuphika okuqinisekisiwe kobukhona nobuqotho bemininingwane, kepha hhayi ukutholakala noma imfihlo.

Mayelana nalokho Isikimu sokumisa isitshela ukuthi wonke amafayili wokumiswa kwe-Static, ama-Zone Files wamaseva ezimpande, kanye neZindawo eziPhambili neziguqukayo ze localhost bangena / njll / bind.

Isiqondisi Sokusebenza KweDimoni okuthiwa es / var / cache / bind ukuze noma yiliphi ifayili lesikhashana elenziwe yi okuthiwa okufana nemininingwane esebenza njengeServer Server, kubhaliwe kuhlelo lwefayela / var, okuyilapho bekhona.

Ngokungafani nezinguqulo zangaphambilini ze-BIND package ye-Debian, file igama.conf futhi i db. * kuhlinzekiwe, zibhalwe njengamafayela wokumisa. Ngendlela yokuthi uma sidinga i-DNS Server esebenza ikakhulu njenge-Cache Server futhi engagunyaziwe kunoma ngubani omunye umuntu, singayisebenzisa njengoba ifakiwe futhi ilungiselelwe ngokuzenzakalela.

Uma udinga ukusebenzisa i-DNS egunyaziwe, basikisela ukubeka amafayela we-Master Zones enkombeni efanayo / njll / bind. Uma ubunzima bezindawo lapho i- okuthiwa kuzoba nokugunyazwa kuyayidinga, kuyanconywa ukuthi kwakhiwe isakhiwo esingaqondakali, kubhekiswe kumafayela ezoni ngokuphelele efayeleni igama.conf.

Noma yiliphi Ifayela Lezoni lapho i- okuthiwa yenza njengeServe Server kufanele itholakale ku- / var / cache / bind.

Ama-Zone Files akhonjelwe ku-Dynamic Updates yi-DHCP noma umyalo buyekeza, kufanele igcinwe ku- / var / lib / bind.

Uma uhlelo lokusebenza lusebenzisa isembatho, Iphrofayili efakiwe isebenza kuphela ngezilungiselelo ezizenzakalelayo ze-BIND. Izinguquko ezilandelayo ekucushweni kwe- okuthiwa zingadinga ushintsho kuphrofayli ye-apparmor. Kuvakashelwe https://wiki.ubuntu.com/DebuggingApparmor ngaphambi kokugcwalisa ifomu elisola a bug kuleyo nkonzo.

Kunezinkinga eziningi ezihlobene nokusebenzisa i-Debian BIND ku-Chroot Cage - ijele le-chroot. Vakashela http://www.tldp.org/HOWTO/Chroot-BIND-HOWTO.html ukuthola eminye imininingwane.

Olunye ulwazi

umuntu ogama lakhe, igama lomuntu.conf, indoda egama lingu-checkconf, indoda egama lingu-checkzone, indoda rndc, njalonjalo

izimpande @ dns: ~ # eqanjwe -v
Bopha i-9.9.5-9 + deb8u1-Debian (I-Extended Support Version)

izimpande @ dns: ~ # eqanjwe -V
Bopha i-9.9.5-9 + deb8u1-Debian (I-Extended Support Version) eyakhiwe nge- '--prefix = / usr' '--mandir = / usr / share / man' \ '--infodir = / usr / share / info' '--sysconfdir = / etc / bind' \ '- -localstatedir = / var '' --able-threads '' --ableable-largefile '\' --with-libtool '' --ableable-shared '' --able-static '\' --with-openssl = / usr '' --with-gssapi = / usr '' --with-gnu-ld '\ --with-geoip = / usr' '--with-atf = cha' '-nika amandla-ipv9' ' --able-rrl '\' --able-filter-aaaa '\' CFLAGS = -fno-strict-aliasing -fno-delete-null-pointer-checks -DDIG_SIGCHASE -O8 'ehlanganiswe yi-GCC 50 isebenzisa inguqulo ye-OpenSSL : OpenSSL 6k 2 Jan 4.9.2 kusetshenziswa inguqulo ye-libxml1.0.1: 8

izimpande @ dns: ~ # ps -e | grep iqanjwe
  408? 00:00:00 igama lakhe

izimpande @ dns: ~ # ps -e | grep bopha
  339? 00:00:00 rpcbind

izimpande @ dns: ~ # ps -e | grep bind9
izimpande @ dns: ~ #

izimpande @ dns: ~ # ls / var / run / named /
igama lesikhathi.pid session.key  
izimpande @ dns: ~ # ls -l /var/run/named/named.pid 
-rw-r-r-- 1 bopha ukubopha 4 Feb 4 13: 20 /var/run/named/named.pid

izimpande @ dns: ~ # isimo se-rndc
inguqulo: 9.9.5-9 + deb8u1-Debian Ama-CPU atholakele: Imicu eyisisebenzi e-9: Abalaleli abangu-8 be-UDP isikhombimsebenzisi ngasinye: Inombolo yezoni engu-50: Izinga lokulungisa iphutha elingu-1: 1 ama-xfers asebenzayo: 1 ama-xfers ahlehlisiwe: Imibuzo engu-100 eqhubekayo: Imibuzo engu-0 yokufaka ngemvume KUVALIWE amaklayenti aphindaphindwayo: 0/0/0 tcp amaklayenti: iseva engu-0/0 iyasebenza
  • Akunakuphikwa ukubaluleka kokuthintana neMibhalo efakwe nephakheji le-BIND9 ngaphambi kwanoma yimuphi omunye.

bind9-idokodo

izimpande @ dns: ~ # aptitude install bind9-doc links2
izimpande @ dns: ~ # dpkg -L bind9-doc

Iphakheji bind9-idokodo ifaka, phakathi kweminye imininingwane ewusizo, i-BIND 9 Administrator Reference Manual. Ukufinyelela ibhukwana -ngesiNgisi- senza:

(i-imeyili ivikelwe): ~ # izixhumanisi ifayili2: ///usr/share/doc/bind9-doc/arm/Bv9ARM.html
BIND 9 Manual Reference Manual Copyright (c) 2004-2013 Internet Systems Consortium, Inc. ("ISC") Copyright (c) 2000-2003 Internet Software Consortium.

Sithemba ukuthi uyakujabulela ukuyifunda.

  • Ngaphandle kokushiya ikhaya, sinemibhalo Eningiliziwe Esemthethweni mayelana nokuBOPHA kanye nensizakalo ye-DNS iyonke.

Silungiselela i-BIND ngesitayela se-Debian

/etc/bind/named.conf "uthishanhloko"

izimpande @ dns: ~ # nano /etc/bind/named.conf
// Leli yifayela lokucushwa eliyinhloko leseva ye-BIND DNS eqanjwe.
//
// Sicela ufunde /usr/share/doc/bind9/README.Debian.gz ukuthola ulwazi ku-
// isakhiwo samafayela wokumisa we-BIND ku-Debian, * NGAPHAMBI * kokwenza ngokwezifiso
// leli fayela lokumisa.
//
// Uma ungeza nje izindawo, sicela wenze lokho ku- /etc/bind/named.conf.local

faka "/etc/bind/named.conf.options";
faka "/etc/bind/named.conf.local";
faka i - "/etc/bind/named.conf.default-zones";

Ingabe isihloko esibekiwe sidinga ukuhunyushwa?

/etc/bind/named.conf.options

izimpande @ dns: ~ # cp /etc/bind/named.conf.options /etc/bind/named.conf.options.original

izimpande @ dns: ~ # nano /etc/bind/named.conf.options
izinketho {lwemibhalo "/ var / cache / bind"; // Uma kukhona i-firewall phakathi kwakho nama-nameservers ofuna // ukukhuluma nawo, kungadingeka ukuthi ulungise i-firewall ukuze uvumele amachweba amaningi we-// ukuthi akhulume. Bona i-http: //www.kb.cert.org/vuls/id/800113 // Uma i-ISP yakho inikeze ikheli elilodwa noma amaningi e-IP ngama-nameservers ezinzile //, mhlawumbe ufuna ukuwasebenzisa njengabathumeli. // Khipha ibhulokhi elandelayo, bese ufaka amakheli afaka esikhundleni se-placeholder se-all-0. // abadlulisela phambili {// 0.0.0.0; //}; // ========================================== = ==================== $ // Uma BUNGELA izingodo imilayezo yephutha mayelana nokhiye wezimpande ophelelwe yisikhathi, // uzodinga ukuvuselela okhiye bakho. Bona https://www.isc.org/bind-keys // ================================= ============================== $

    // Asifuni i-DNSSEC
        dnssec-nika amandla cha;
        //auto auto validation;

        i-Author-nxdomain no; #vumelana ne-RFC1035

 // Asidingi ukulalela amakheli we-IPv6
        // lalela-ku-v6 {noma yikuphi; };
    lalela-ku-v6 {lutho; };

 // Ukuhlolwa okuvela ku-localhost naku-sysadmin
    // ngokusebenzisa dig desdelinux.fan axfr // Asinayo i-Slave DNS ... kuze kube manje
 vumela-dlulisa i- {localhost; 192.168.10.1; };
};

izimpande @ dns: ~ # okuthiwa-checkconf 
izimpande @ dns: ~ #

/etc/bind/named.conf.local

Konhlokweni ophawuliwe waleli fayela, bancoma ukuthi kufakwe amaZoni akhonjiswe kufayela le- I-RFC-1918 kuchazwe kufayela /etc/bind/zones.rfc1918. Ukufakwa kwalezi zindawo endaweni kunikeza ukuthi noma imuphi umbuzo maqondana nawo awushiyi inethiwekhi yendawo iye kumaseva empande, anezinzuzo ezimbili ezibalulekile:

  • Ukulungiswa okusheshayo kwasendaweni kubasebenzisi bendawo
  • Ayenzi ithrafikhi engadingekile - noma engamanga - eseva yezimpande.

Ngokwami, anginakho ukuxhumeka kwe-inthanethi ukuze ngivivinye ukuphindeka noma ukudlulisela phambili. Kodwa-ke, futhi njengoba singakasebenzisi i-Recursion kufayela le-.conf.options ukuthi lisebenze - ngezindlela zokuphindaphinda hhayi; - singafaka izindawo ezichazwe ngenhla nezinye engizichaza ngezansi.

Lapho ufaka i-BIND 9.9.7 ku-FreeBSD 10.0 Operating System, nayo eyi-Software yamahhala, ifayela lokumisa /usr/local/etc/namedb/named.conf.sample Iqukethe uchungechunge oluphelele lwezindawo ezincoma ukuthi kusetshenzelwe endaweni yangakini ku- -also- ukuthola izinzuzo ezibalulwe ngenhla.

Ukuze ungaguquli ukumiswa kwe-BIND kwasekuqaleni ku-Debian, siphakamisa ukuthi kudalwe ifayili /etc/bind/zones.rfcFreeBSD bese uyifaka kufayela le- /etc/bind/named.conf.local ngokuqukethwe okuboniswe ngezansi, nangezindlela - izindlela kumafayela asevele eguqulelwe ku-Debian:

izimpande @ dns: ~ # nano /etc/bind/zones.rfcFreeBSD
// Isikhala Samakheli Abiwe (RFC 6598)
zone "64.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "65.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "66.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "67.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "68.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "69.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "70.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "71.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "72.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "73.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "74.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "75.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "76.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "77.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "78.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "79.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "80.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "81.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "82.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "83.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "84.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "85.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "86.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "87.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "88.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "89.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "90.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "91.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "92.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "93.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "94.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "95.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "96.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "97.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "98.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "99.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "100.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "101.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "102.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "103.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "104.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "105.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "106.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "107.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "108.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "109.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "110.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "111.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "112.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "113.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "114.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "115.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "116.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "117.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "118.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "119.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "120.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "121.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "122.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "123.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "124.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "125.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "126.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "127.100.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };

// Isixhumanisi sendawo / i-APIPA (RFCs 3927, 5735 kanye ne-6303)
indawo "254.169.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; };

Izabelo ze-// IETF protocol (RFCs 5735 kanye no-5736)
indawo "0.0.192.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// I-TEST-NET- [1-3] Yemibhalo (i-RFCs 5735, 5737 ne-6303)
indawo "2.0.192.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "100.51.198.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "113.0.203.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// Ibanga Lesibonelo le-IPv6 leMibhalo (ama-RFCs 3849 no-6303)
indawo "8.bd0.1.0.0.2.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// Amagama Esizinda Wokubhalwa Kwemibhalo Nokuhlolwa (BCP 32)
zone "test" {type master; ifayela "/etc/bind/db.empty"; }; zone "example" {type master; ifayela "/etc/bind/db.empty"; }; indawo "engavumelekile" {uhlobo lwenkosi; ifayela "/etc/bind/db.empty"; }; indawo "example.com" {type master; ifayela "/etc/bind/db.empty"; }; indawo "example.net" {type master; ifayela "/etc/bind/db.empty"; }; indawo "example.org" {type master; ifayela "/etc/bind/db.empty"; };

// Ukuhlolwa kweBenchmark Benchmark (RFCs 2544 no-5735)
indawo "18.198.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "19.198.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// IANA Igcinwe - Isikhala Esidala E (RFC 5735)
indawo "240.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "241.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "242.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "243.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "244.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "245.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "246.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "247.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "248.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "249.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "250.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "251.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "252.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "253.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "254.in-addr.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// Amakheli we-IPv6 angabelwe (RFC 4291)
indawo "1.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "3.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "4.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "5.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "6.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "7.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "8.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "9.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "a.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "b.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "c.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "d.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "e.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "0.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "1.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "2.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "3.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "4.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "5.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "6.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "7.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "8.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "9.f.ip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "afip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "bfip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "0.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "1.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "2.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "3.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "4.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "5.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "6.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "7.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// IPv6 ULA (RFCs 4193 no-6303)
indawo "cfip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "dfip6.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// IPv6 Link Local (RFCs 4291 kanye 6303)
indawo "8.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "9.efip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "aefip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "befip6.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// Amakheli e-IPv6 ahoxisiwe eSayithi (i-RFCs 3879 ne-6303)
indawo "cefip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "defip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "eefip6.arpa" {type master; ifayela "/etc/bind/db.empty"; }; indawo "fefip6.arpa" {type master; ifayela "/etc/bind/db.empty"; };

// IP6.INT yehlisiwe (RFC 4159)
indawo "ip6.int" {type master; ifayela "/etc/bind/db.empty"; };

Yize sikuqedile ukuthi kungenzeka kulalelwe izicelo ze-IPv6 kusibonelo sethu, kufanelekile ukufaka izindawo ze-IPv6 efayeleni eledlule kulabo abazidingayo.

Okuqukethwe kokugcina kwe- /etc/bind/named.conf.local es:

izimpande @ dns: ~ # nano /etc/bind/named.conf.local
// // Ingabe kukhona ukumiswa kwasendaweni lapha // // Cabanga ukungeza izindawo ze-1918 lapha, uma zingasetshenziswa enhlanganweni yakho //
faka phakathi "/etc/bind/zones.rfc1918"; faka i- "/etc/bind/zones.rfcFreeBSD";

// Isimemezelo segama, uhlobo, indawo kanye nemvume yokuvuselela
// yezindawo zamarekhodi e-DNS // zombili lezi zindawo zingamakhosi
indawo "desdelinux.fan" {
 uhlobo lokubhala;
 ifayela "/var/lib/bind/db.desdelinux.fan";
};

indawo "10.168.192.in-addr.arpa" {
 uhlobo lokubhala;
 ifayela "/var/lib/bind/db.10.168.192.in-addr.arpa";
};

izimpande @ dns: ~ # okuthiwa-checkconf izimpande @ dns: ~ #

Sakha amafayela eZoni ngayinye

Okuqukethwe kwamafayela endaweni ngayinye kungakopishwa ngokoqobo kusuka ku-athikili «I-DNS ne-DHCP ku-CentOS 7«, Uma nje siqikelela ukushintshela umkhombandlela wendawo lapho uya khona / var / lib / bind:

[izimpande @ dns ~] # nano /var/lib/bind/db.fromlinux.fan
$ TTL 3H @ IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. (1; i-serial 1D; vuselela i-1H; zama kabusha i-1W; iphela ngo-3H) ubuncane noma; Isikhathi sokugcina isikhashana sokuphila; @ IN NS dns. @ IN MX 10 imeyili.fromlinux.fan. @ IN TXT "FromLinux, Ibhulogi yakho inikezelwe ku-Free Software"; sysadmin IN A 192.168.10.1 ad-dc IN A 192.168.10.3 fileserver IN A 192.168.10.4 dns IN A 192.168.10.5 proxyweb IN A 192.168.10.6 blog KU-192.168.10.7 ftpserver KU-A 192.168.10.8 imeyili KU-A A 192.168.10.9

[izimpande @ dns ~] # nano /var/lib/bind/db.10.168.192.in-addr.arpa
$ TTL 3H @ IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. (1; i-serial 1D; vuselela i-1H; zama i-1W; iphelelwa yisikhathi i-3H); ubuncane noma; Isikhathi sokugcina isikhashana sokuphila; @ IN NS dns.fromlinux.fan. ; 1 KU-PTR sysadmin.fromlinux.fan. 3 KU-PTR ad-dc.fromlinux.fan. 4 KWI-PTR fileserver.fromlinux.fan. 5 KU-PTR dns.fromlinux.fan. 6 KU-PTR prowebweb.desdelinux.fan. 7 KU-PTR blog.desdelinux.fan. 8 KU-PTR ftpserver.fromlinux.fan. 9 KWE-PTR mail.fromlinux.fan.

Sihlola i-syntax yendawo ngayinye

izimpande @ dns: ~ # iqanjwe-i-checkzone kusuka ku-linux.fan / var / lib / bind / db. kusuka ku-linux.fan 
zone kusuka linux.fan/IN: serial elayishiwe 1 KULUNGILE

izimpande @ dns: ~ # okuthiwa-checkzone 10.168.192.in-addr.arpa /var/lib/bind/db.10.168.192.in-addr.arpa 
indawo engu-10.168.192.in-addr.arpa/IN: i-serial elayishiwe engu-1 KULUNGILE

Ukuhlola izilungiselelo ezijwayelekile zokubopha

izimpande @ dns: ~ # okuthiwa-checkconf -zp
  • Ukulandela inqubo yokuguqula i- igama.conf Ngokuya ngezidingo zethu kanye nokuhlola, nokwakha ifayili lendawo ngayinye bese ulihlola, siyangabaza ukuthi kuzodingeka sibhekane nezinkinga ezinkulu zokumiswa. Ekugcineni siyabona ukuthi ngumdlalo womfana, onemiqondo eminingi ne-syntax yokuxabana. 😉

Amasheke abuyise imiphumela egculisayo, ngakho-ke singaqala kabusha ISIBOPHO - okuthiwa.

Siqala kabusha i-BIND bese sihlola isimo sayo

[root @ dns ~] # systemctl qala kabusha bind9.service
[root @ dns ~] # systemctl isimo bind9.service
● bind9.service - BIND Domain Name Server Loaded: packed (/lib/systemd/system/bind9.service; enabled) Drop-In: /run/systemd/generator/bind9.service.d └─50-insserv.conf- $ named.conf Iyasebenza: iyasebenza (iyasebenza) kusukela ngeLanga 2017-02-05 07:45:03 EST; 5s ago Amadokhumenti: man: named (8) Inqubo: 1345 ExecStop = / usr / sbin / rndc stop (code = exited, status = 0 / SUCCESS) Main PID: 1350 (named) CGroup: /system.slice/bind9.service └─1350 / usr / sbin / named -f -u bind Feb 05 07:45:03 dns named [1350]: zone 1.f.ip6.arpa/IN: serial serial 1 Feb 05 07: 45: 03 dns eqanjwe [1350]: zone afip6.arpa/IN: serial serial 1 Feb 05 07:45:03 dns named [1350]: zone localhost / IN: serial serial 2 Feb 05 07: 45: 03 dns eqanjwe [1350]: zone test / IN: serial elayishiwe 1 Feb 05 07:45:03 dns eqanjwe [1350]: zone example / IN: serial serial 1 Feb 05 07:45:03 dns named [1350]: zone 5.efip6.arpa/IN: loaded serial 1 Feb 05 07:45:03 dns named [1350]: zone bfip6.arpa/IN: serial serial 1 Feb 05 07:45:03 dns named [1350]: zone ip6.int/IN: serial serial 1 Feb 05 I-07: i-45: i-dns eqanjwe ngo- [03]: wonke amazoni alayishwe ngo-Feb 1350 05:07:45 ama-dns aqanjwe [03]: ukugijima

Uma sithola noma yiluphi uhlobo lwephutha ekukhipheni komyalo wokugcina, kufanele siqale kabusha ifayela le- igama.inkonzo bese uphinde uhlole i- Isimo. Uma amaphutha engasekho, insiza iqalwe ngempumelelo. Ngaphandle kwalokho, kufanele senze ukubuyekeza okuphelele kwawo wonke amafayela aguquliwe nadaliwe, bese siphinda inqubo.

Amasheke

Amasheke angaqhutshwa kuseva efanayo noma emshinini oxhunywe kwi-LAN. Sincamela ukukwenza kusuka eqenjini sysadmin.fromlinux.fan esinikeze imvume ebonakalayo yokwenza iZones Transfers. Ifayela /etc/resolv.conf walelo qembu yilokhu okulandelayo:

buzz @ sysadmin: ~ $ cat /etc/resolv.conf 
# Kwenziwe ukusesha kwe-NetworkManager kusuka ku-linux.fan nameserver 192.168.10.5

buzz @ sysadmin: ~ $ dig kusuka ku-linux.fan axfr
; << >> I-DiG 9.9.5-9 + deb8u1-Debian << >> desdelinux.fan axfr ;; izinketho zomhlaba wonke: + cmd kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 kusuka ku-linux.fan. 10800 IN NS dns.fromlinux.fan. kusuka ku-linux.fan. 10800 IN MX 10 imeyili.fromlinux.fan. kusuka ku-linux.fan. I-10800 IN TXT "FromLinux, i-Blog yakho inikezelwe ku-Free Software" ad-dc.desdelinux.fan. I-10800 KU-blog 192.168.10.3 blog.desdelinux.fan. I-10800 KU-192.168.10.7 dns.fromlinux.fan. I-10800 IN A 192.168.10.5 fileserver.fromlinux.fan. I-10800 IN A 192.168.10.4 ftpserver.fromlinux.fan. 10800 KU-192.168.10.8 mail.fromlinux.fan. 10800 IN A proxyweb.fromlinux.fan ngu-192.168.10.9 proxyweb. I-10800 KU-192.168.10.6 sysadmin.fromlinux.fan. I-10800 IN Kuya ku-192.168.10.1 kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 ;; Isikhathi sombuzo: 1 msec ;; ISERVER: 192.168.10.5 # 53 (192.168.10.5) ;; NINI: ILanga Feb 05 07: 49: 01 EST 2017
;; Usayizi we-XFR: amarekhodi ayi-13 (imiyalezo 1, amabhayithi 385)

buzz @ sysadmin: ~ $ bamba 10.168.192.in-addr.arpa axfr
; << >> I-DiG 9.9.5-9 + deb8u1-Debian << >> 10.168.192.in-addr.arpa axfr ;; izinketho zomhlaba wonke: + cmd 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 10.168.192.in-addr.arpa. 10800 IN NS dns.fromlinux.fan. 1.10.168.192.in-addr.arpa. 10800 KU-PTR sysadmin.fromlinux.fan. 3.10.168.192.in-addr.arpa. 10800 KWE-PTR ad-dc.fromlinux.fan. 4.10.168.192.in-addr.arpa. I-10800 IN PTR fileserver.fromlinux.fan. 5.10.168.192.in-addr.arpa. 10800 KWE-PTR dns.fromlinux.fan. 6.10.168.192.in-addr.arpa. I-10800 IN PTR proxyweb.fromlinux.fan. 7.10.168.192.in-addr.arpa. I-10800 KU-PTR blog.desdelinux.fan. 8.10.168.192.in-addr.arpa. I-10800 IN PTR ftpserver.fromlinux.fan. 9.10.168.192.in-addr.arpa. 10800 KWE-PTR mail.fromlinux.fan. 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 ;; Isikhathi sombuzo: 1 msec ;; ISERVER: 192.168.10.5 # 53 (192.168.10.5) ;; NINI: ILanga Feb 05 07: 49: 47 EST 2017
;; Usayizi we-XFR: amarekhodi ayi-11 (imiyalezo 1, amabhayithi 333)

buzz @ sysadmin: ~ $ dig IN SOA kusuka ku-linux.fan
buzz @ sysadmin: ~ $ dig IN MX from linux.fan buzz @ sysadmin: ~ $ dig IN TXT from linux.fan

buzz @ sysadmin: ~ $ umphathi we-proxyweb
proxyweb.desdelinux.fan inekheli 192.168.10.6

buzz @ sysadmin: ~ $ host ftpserver
ftpserver.desdelinux.fan inekheli 192.168.10.8

buzz @ sysadmin: ~ $ umsingathi 192.168.10.9
9.10.168.192.in-addr.arpa isizinda segama lesikhombi mail.fromlinux.fan.

… Nanoma yikuphi okunye ukuhlola okudingayo.

Sifaka futhi silungiselela i-DHCP

Ku-Debian, insizakalo ye-DHCP inikezwa yiphakheji i-isc-dhcp-iseva:

izimpande @ dns: ~ # usesho lokufaneleka i-isc-dhcp
i-isc-dhcp-client - iklayenti le-DHCP lokuthola ngokuzenzakalela ikheli le-IP p isc-dhcp-client-dbg - ISC DHCP iseva yokunikezwa kwekheli le-IP okuzenzakalelayo (iklayenti lokulungisa iphutha) i-isc-dhcp-common - amafayela ajwayelekile asetshenziswa yiwo wonke amaphakheji we-isc-dhcp p isc-dhcp-dbg - iseva ye-ISC DHCP yokunikezwa kwekheli le-IP okuzenzakalelayo (ukulungisa iphutha uphawu p isc-dhcp-dev - i-API yokufinyelela nokuguqula iseva ye-DHCP nombuso wamakhasimende p isc-dhcp-relay - i-ISC DHCP edluliselwe I-daemon p isc-dhcp-relay-dbg - Iseva ye-ISC DHCP yokunikezwa kwekheli le-IP okuzenzakalelayo (ukudlulisa iphutha) p isc-dhcp-server - ISC DHCP iseva yokunikezwa kwekheli le-IP okuzenzakalelayo p isc-dhcp-server-dbg - ISC DHCP iseva ye ukunikezwa kwekheli le-IP okuzenzakalelayo (ukulungisa iphutha leseva) p isc-dhcp-server-ldap - iseva ye-DHCP esebenzisa i-LDAP njengokubuyela emuva

(i-imeyili ivikelwe): ~ # ukufaka ukufaneleka isc-dhcp-server

Ngemuva kokufakwa kwephakeji, i -omnipresent- i-systemd ikhala ngokuthi ayikwazi ukuqala isevisi. Ku-Debian, kufanele simemezele ngokusobala ukuthi iyiphi inethiwekhi ezoqasha amakheli e-IP futhi siphendule izicelo, i- i-isc-dhcp-iseva:

izimpande @ dns: ~ # nano / etc / default / isc-dhcp-server
.... # Kukuziphi izindlela lapho iseva ye-DHCP (dhcpd) izosebenzela khona izicelo ze-DHCP? # Izikhumulo ezihlukanisiwe eziningi ezinezikhala, isb. "Eth0 eth1".
IZINHLANGANO = "eth0"

Imibhalo efakiwe

izimpande @ dns: ~ # ls -l / usr / share / doc / isc-dhcp-server /
inani eliphelele lama-44 -rw-r - r-- 1 impande 1235 Dec 14 2014 copyright -rw-r - r-- 1 impande 26031 Feb 13 2015 changelog.Debian.gz drwxr-xr-x 2 impande 4096 Feb 5 08 : 10 izibonelo -rw-r - r-- 1 impande impande 592 Dec 14 2014 IZINDABA.Debian.gz -rw-r - r-- 1 impande 1099 Dec 14 2014 README.Debian

Ukhiye we-TSIG "ukhiye we-dhcp"

Kunconywa ukwenziwa kokhiye I-TSIG o Isiginesha Yokuthengiselana - Tukulamula I-SIGnature, Ukufakazela ubuqiniso bezibuyekezo ezinamandla ze-DNS nge-DHCP. Njengoba sibonile esihlokweni esandulele «I-DNS ne-DHCP ku-CentOS 7«Sibheka ukuthi ukwenziwa kwalo khiye akubalulekile kangako, ikakhulukazi lapho zombili izinsiza zifakwa kuseva efanayo. Kodwa-ke, sinikeza inqubo ejwayelekile yokwenziwa kwayo okuzenzakalelayo:

izimpande @ dns: ~ # dnssec-keygen -a HMAC-MD5 -b 128 -r / dev / urandom -n USER dhcp-key
Ukhiye we-Kdhcp. + 157 + 11088

izimpande @ dns: ~ # ikati Kdhcp-key. +157 + 11088 
Ifomethi eyimfihlo yangasese: v1.3 Algorithm: 157 (HMAC_MD5) Ukhiye: TEqfcx2FUMYBQ1hA1ZGelA == Amabhithi: AAA = Idalwe: 20170205121618 Shicilela: 20170205121618 Yenza kusebenze: 20170205121618

izimpande @ dns: ~ # nano dhcp.key
ukhiye we-dhcp-key {
        I-algorithm hmac-md5;
        imfihlo "TEqfcx2FUMYBQ1hA1ZGelA ==";
};

izimpande @ dns: ~ # faka -o impande -g bopha -m 0640 dhcp.key /etc/bind/dhcp.key (i-imeyili ivikelwe): ~ # ukufaka -o impande -g impande -m 0640 dhcp.key / njll / dhcp /dhcp.key izimpande @ dns: ~ # ls -l /etc/bind/*.key
-rw-r ----- 1 impande hlanganisa 78 Feb 5 08:21 /etc/bind/dhcp.key -rw-r ----- 1 bind bind 77 Feb 4 11:47 / etc / bind / rndc .ukhiye
izimpande @ dns: ~ # ls -l /etc/dhcp/dhcp.key 
-rw-r ----- impande engu-1 78 Feb 5 08:21 /etc/dhcp/dhcp.key

Ukubuyekeza i-BIND Zones usebenzisa i-dhcp-key

izimpande @ dns: ~ # nano /etc/bind/named.conf.local
// // Ingabe kukhona ukumiswa kwasendaweni lapha // // Cabanga ukungeza izindawo ezingama-1918 lapha, uma zingasetshenziswa enhlanganweni yakho // zifaka phakathi "/etc/bind/zones.rfc1918"; faka i- "/etc/bind/zones.rfcFreeBSD"; faka "/etc/bind/dhcp.key"; // Isimemezelo segama, uhlobo, indawo, kanye nemvume yokubuyekeza // ye-DNS Registry Zones // Zombili iZones Ziyi-MASTER zone "desdelinux.fan" {type master; ifayela "/var/lib/bind/db.desdelinux.fan";
 vumela-ukubuyekeza {key dhcp-key; };
}; indawo "10.168.192.in-addr.arpa" {type master; ifayela "/var/lib/bind/db.10.168.192.in-addr.arpa";
 vumela-ukubuyekeza {key dhcp-key; };
};
izimpande @ dns: ~ # okuthiwa-checkconf 
izimpande @ dns: ~ #

Silungiselela isc-dhcp-server

izimpande @ dns: ~ # mv /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.original
izimpande @ dns: ~ # nano /etc/dhcp/dhcpd.conf
ddns-buyekeza-isitayela sesikhashana; izibuyekezo ze-ddns ku; i-ddns-domainname "desdelinux.fan."; ddns-rev-domainname "in-addr.arpa."; unganaki izibuyekezo zamakhasimende; onegunya ukudlulisa inketho kuvaliwe; igama lesizinda legama "desdelinux.fan"; faka phakathi "/etc/dhcp/dhcp.key"; zone kusuka linux.fan. {okuyinhloko 127.0.0.1; ukhiye we-dhcp-ukhiye; } indawo engu-10.168.192.in-addr.arpa. {okuyinhloko 127.0.0.1; ukhiye we-dhcp-ukhiye; } okwabiwe-inethiwekhi eyabelwe kabusha {subnet 192.168.10.0 netmask 255.255.255.0 {option routers 192.168.10.1; inketho ye-subnet-mask 255.255.255.0; ikheli lokusakaza lekheli 192.168.10.255; inketho yesizinda-igama-amaseva 192.168.10.5; izinketho ze-netbios-name-server 192.168.10.5; ububanzi 192.168.10.30 192.168.10.250; }} # END Dhcpd.conf

Sihlola ifayela le-dhcpd.conf

izimpande @ dns: ~ # dhcpd -t
I-Internet Systems Consortium DHCP Server 4.3.1 Copyright 2004-2014 Internet Systems Consortium. Wonke Amalungelo Agodliwe. Ngemininingwane, sicela uvakashele ku-https: //www.isc.org/software/dhcp/ Config file: /etc/dhcp/dhcpd.conf Database file: /var/lib/dhcp/dhcpd.leases PID file: / var / run /dhcpd.pid

Siqala kabusha i-BIND bese siqala isc-dhcp-server

izimpande @ dns: ~ # systemctl qala kabusha bind9.service 
izimpande @ dns: ~ # isimo se-systemctl bind9.service 

izimpande @ dns: ~ # systemctl qala isc-dhcp-server.service
izimpande @ dns: ~ # isimo se-systemctl isc-dhcp-server.service 
● isc-dhcp-server.service - LSB: Iseva ye-DHCP ilayishiwe: ilayishiwe (/etc/init.d/isc-dhcp-server) Iyasebenza: iyasebenza (isebenza) kusukela ngeLanga 2017-02-05 08:41:45 EST; Inqubo engu-6s edlule Inqubo: 2039 ExecStop = / etc / init.d / isc-dhcp-server stop (code = exited, status = 0 / SUCCESS) Inqubo: 2049 ExecStart = / etc / init.d / isc-dhcp-server start ( ikhodi = kuphumile, isimo = 0 / IMPUMELELO) IGroup: / uhlelo.slice/isc-dhcp-server.service └─2057 / usr / sbin / dhcpd -q -cf /etc/dhcp/dhcpd.conf -pf / var / run / dhcpd.pid eth0 Feb 05 08: 41: 43 dns dhcpd [2056]: Wabhala izivumelwano eziyi-0 zokuqashisa ifayili. Feb 05 08:41:43 dns dhcpd [2057]: Insiza yokuqala iseva. Feb 05 08: 41: 45 dns isc-dhcp-server [2049]: Iqala iseva ye-ISC DHCP: dhcpd.

Amasheke namakhasimende

Siqale iklayenti ngohlelo lokusebenza lwe-Windows 7, enegama elithi «LAGER».

buzz @ sysadmin: ~ $ umphathi we-lager
ILAGER.desdelinux.fan inekheli 192.168.10.30

buzz @ sysadmin: ~ $ dig ku-txt lager.fromlinux.fan

Sishintsha igama lalelo klayenti libe "eziyisikhombisa" bese siqala kabusha iklayenti

buzz @ sysadmin: ~ $ umphathi we-lager
;; uxhumano kuphelelwe yisikhathi; awekho amaseva angafinyelelwa

buzz@sysadmin: ~ $ host eziyisikhombisa
seven.fromlinux.fan inekheli 192.168.10.30
buzz @ sysadmin: ~ $ umsingathi 192.168.10.30
30.10.168.192.in-addr.arpa igama lesizinda pointer seven.fromlinux.fan.

buzz @ sysadmin: ~ $ dig ku-txt seven.fromlinux.fan

Sishintshe igama leklayenti leWindows 7 sabuyela ku- "win7"

buzz @ sysadmin: ~ $ host eziyisikhombisa
;; uxhumano kuphelelwe yisikhathi; awekho amaseva angafinyelelwa

buzz @ sysadmin: ~ $ umsingathi win7
win7.fromlinux.fan inekheli 192.168.10.30
buzz @ sysadmin: ~ $ umsingathi 192.168.10.30
30.10.168.192.in-addr.arpa igama lesizinda pointer win7.fromlinux.fan.

buzz @ sysadmin: ~ $ dig ku-txt win7.fromlinux.fan
; << >> I-DiG 9.9.5-9 + deb8u1-Debian << >> ku-txt win7.fromlinux.fan ;; izinketho zomhlaba wonke: + cmd ;; Uthole impendulo :;; - >> HEADER << - opcode: QUERY, status: NOERROR, id: 11218 ;; amafulegi: qr aa rd ra; UMBUZO: 1, IMPENDULO: 1, UKUGUNYAZWA: 1, OKWENGEZIWE: 2 ;; KHETHA UKUKHETHWA KOMSEBENZI :; I-EDNS: inguqulo: 0, amafulegi :; udp: 4096 ;; ISIQEPHU SOMBUZO :; win7.fromlinux.fan. KU-TXT ;; ISIGABA SEMPENDULO: win7.fromlinux.fan. I-3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" ;; ISIGUNYA SOKUGUNYAZA: desdelinux.fan. 10800 IN NS dns.fromlinux.fan. ;; ISIGABA ESINGEZIWE: dns.fromlinux.fan. I-10800 IN A 192.168.10.5 ;; Isikhathi sombuzo: 0 msec ;; ISERVER: 192.168.10.5 # 53 (192.168.10.5) ;; NINI: ILanga Feb 05 09: 13: 20 EST 2017 ;; I-MSG SIZE rcvd: 129

buzz @ sysadmin: ~ $ dig kusuka ku-linux.fan axfr
; << >> I-DiG 9.9.5-9 + deb8u1-Debian << >> kusuka ku-linux.fan axfr ;; izinketho zomhlaba wonke: + cmd kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 8 86400 3600 604800 10800 kusuka ku-linux.fan. 10800 IN NS dns.fromlinux.fan. kusuka ku-linux.fan. 10800 IN MX 10 imeyili.fromlinux.fan. kusuka ku-linux.fan. I-10800 IN TXT "FromLinux, i-Blog yakho inikezelwe ku-Free Software" ad-dc.desdelinux.fan. I-10800 KU-blog 192.168.10.3 blog.desdelinux.fan. I-10800 KU-192.168.10.7 dns.fromlinux.fan. I-10800 IN A 192.168.10.5 fileserver.fromlinux.fan. I-10800 IN A 192.168.10.4 ftpserver.fromlinux.fan. 10800 KU-192.168.10.8 mail.fromlinux.fan. 10800 IN A proxyweb.fromlinux.fan ngu-192.168.10.9 proxyweb. I-10800 KU-192.168.10.6 sysadmin.fromlinux.fan. I-10800 KU-192.168.10.1
win7.fromlinux.fan. 3600 IN  TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"
win7.fromlinux.fan. I-3600 KU-192.168.10.30
kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 8 86400 3600 604800 10800 ;; Isikhathi sombuzo: 2 msec ;; ISERVER: 192.168.10.5 # 53 (192.168.10.5) ;; NINI: ILanga Feb 05 09: 15: 13 EST 2017 ;; Usayizi we-XFR: amarekhodi ayi-15 (imiyalezo 1, amabhayithi 453)

Ekukhishweni okungenhla, sigqamise ku ngesibindi Los I-TTL -imizuzwana- yamakhompyutha anamakheli e-IP anikezwe insizakalo ye-DHCP lawo anesimemezelo esicacile se-TTL 3600 esinikezwe yi-DHCP. Ama-IP alungisiwe aqondiswa yi- $ TTL yamahora ama-3H -3 = 10800 amasekhondi- amenyezelwe kwirekhodi le-SOA lefayela ngalinye lendawo.

Bangabheka indawo ebuyela emuva ngendlela efanayo.

[izimpande @ dns ~] # bamba i-10.168.192.in-addr.arpa axfr

Eminye imiyalo ethakazelisa kakhulu yile:

[izimpande @ dns ~] # igama-lephephabhuku /var/lib/bind/db.desdelinux.fan.jnl
kusuka desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 engeza i-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 2 86400 3600 604800 10800 engeza i-LAGER.fromlinux.fan. 3600 IN A 192.168.10.30 engeza LAGER.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" from desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 2 86400 3600 604800 10800 kusuka ku-LAGER.fromlinux.fan. I-3600 IN A 192.168.10.30 engeza kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 3 86400 3600 604800 10800 kusuka ku-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 3 86400 3600 604800 10800 kusuka ku-LAGER.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" engeza i-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 4 86400 3600 604800 10800 kusuka ku-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 4 86400 3600 604800 10800 engeza i-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 5 86400 3600 604800 10800 engeza i-seven.fromlinux.fan. I-3600 IN A 192.168.10.30 engeza i-seven.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" from desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 5 86400 3600 604800 10800 kusuka ku-event.fromlinux.fan. I-3600 IN A 192.168.10.30 engeza kusuka ku-linux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 6 86400 3600 604800 10800 kusuka desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 6 86400 3600 604800 10800 kusuka ku-event.fromlinux.fan. 3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9" engeza i-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 7 86400 3600 604800 10800 kusuka ku-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 7 86400 3600 604800 10800 engeza i-desdelinux.fan. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 8 86400 3600 604800 10800 engeza win7.fromlinux.fan. I-3600 IN A 192.168.10.30 engeza win7.fromlinux.fan. I-3600 IN TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"

[izimpande @ dns ~] # enegama-iphephabhuku /var/lib/bind/db.10.168.192.in-addr.arpa.jnl
kusuka ku-10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 1 86400 3600 604800 10800 engeza 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 2 86400 3600 604800 10800 engeza 30.10.168.192.in-addr.arpa. 3600 KU-PTR LAGER.fromlinux.fan. kusuka ku-10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 2 86400 3600 604800 10800 ka-30.10.168.192.in-addr.arpa. 3600 KU-PTR LAGER.fromlinux.fan. engeza i-10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 3 86400 3600 604800 10800 del 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 3 86400 3600 604800 10800 engeza 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 4 86400 3600 604800 10800 engeza 30.10.168.192.in-addr.arpa. 3600 KWE-PTR seven.fromlinux.fan. kusuka ku-10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 4 86400 3600 604800 10800 ka-30.10.168.192.in-addr.arpa. 3600 KWE-PTR seven.fromlinux.fan. engeza i-10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 5 86400 3600 604800 10800 del 10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 5 86400 3600 604800 10800 engeza u-10.168.192.in-addr.arpa. I-10800 IN SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. 6 86400 3600 604800 10800 engeza 30.10.168.192.in-addr.arpa. 3600 KU-PTR win7.fromlinux.fan.

[izimpande @ dns ~] # iphephabhuku -f

Ukuguqulwa okwenziwa ngesandla kwamafayela weZones

Ngemuva kokuthi i-DHCP ingene kumdlalo wokuvuselela ngamandla amafayela we-BIND zone, uma kwenzeka sidinga ukuguqula ifayili lendawo ngesandla, kufanele senze inqubo elandelayo, kepha hhayi ngaphambi kokwazi okuthe xaxa ngokusebenza kwendawo. rndc -indoda rndc- Ukulawulwa kwe- okuthiwa.

  • i-rndc iqhwa [indawo [isigaba [ukubuka []]]], imisa isikhashana ukuvuselelwa okunamandla kwendawo. Uma eyodwa ingacacisiwe, konke kuzomisa. Umyalo uvumela ukuhlelwa okwenziwa ngesandla kwendawo efriziwe noma zonke izingxenye. Noma yikuphi ukubuyekeza okunamandla kuzokwenqatshwa ngenkathi kumisiwe.
  • rndc uncibilike [zone [isigaba [buka]]], inika amandla ukuvuselelwa okunamandla kundawo efriziwe ngaphambilini. Iseva ye-DNS iphinda ilayishe ifayela lendawo kusuka kudiski, futhi izibuyekezo ezinamandla zinikwa amandla kabusha ngemuva kokuphinda kulayishwe.

Ukuqapha okufanele kuthathwe lapho sihlela ngesandla ifayili lendawo? Kuyafana nokuthi siyayakha, ngaphandle kokukhohlwa ukukhulisa inombolo ye-serial ngo-1 noma serial ngaphambi kokugcina ifayili nezinguquko zokugcina.

Simisa izindawo

Njengoba sizokwenza ushintsho Ezindaweni Eziphambili Neziphindayo ngenkathi i-DNS ne-DHCP isebenza, into enempilo kunazo zonke ongayenza ukuqandisa izindawo ze-DNS:

[izimpande @ dns ~] # rndc iqhwa

I-La Zona kusuka inamarekhodi alandelayo:

[izimpande @ dns ~] # ikati /var/lib/bind/db.fromlinux.fan
$ IMVELAPHI. $ TTL 10800; Amahora angu-3 ukusuka ku-linux.fan KU-SOA dns. Kusuka ku-linux.fan. izimpande.dns.fromlinux.fan. (
                                8; serial
                                86400; uvuselele (usuku olungu-1) 3600; zama futhi (1 ihora) 604800; kuphelelwa yisikhathi (1 isonto) 10800; ubuncane (amahora amathathu)) NS dns.fromlinux.fan. I-MX 3 mail.fromlinux.fan. TXT "FromLinux, Ibhulogi yakho inikezelwe ku-Free Software" $ ORIGIN fromlinux.fan. ad-dc Ku 10 blog Ku 192.168.10.3 dns Ku 192.168.10.7 fileserver To 192.168.10.5 ftpserver To 192.168.10.4 mail To 192.168.10.8 proxyweb To 192.168.10.9 sysadmin To 192.168.10.6 $ TTL 192.168.10.1; 3600 ihora win1 A 7 TXT "192.168.10.30b31ddd7228a3b3be73fda2e9e09f601e3"

Masengeze iseva «shobo»Nge-IP 192.168.10.10:

izimpande @ dns: ~ # nano /var/lib/bind/db.fromlinux.fan
$ IMVELAPHI. $ TTL 10800; Amahora angu-3 ukusuka ku-linux.fan KU-SOA dns. Kusuka ku-linux.fan. izimpande.dns.fromlinux.fan. (
                9; serial
                86400; uvuselele (usuku olungu-1) 3600; zama futhi (1 ihora) 604800; kuphelelwa yisikhathi (1 isonto) 10800; ubuncane (amahora amathathu)) NS dns.fromlinux.fan. I-MX 3 mail.fromlinux.fan. TXT "FromLinux, Ibhulogi yakho inikezelwe ku-Free Software" $ ORIGIN fromlinux.fan. ad-dc Ku-10 blog Ku-192.168.10.3 dns Ku-192.168.10.7 fileserver Ku-192.168.10.5 ftpserver Ku-192.168.10.4 imeyili Ku-192.168.10.8 proxyweb Ku-192.168.10.9
shorewall A 192.168.10.10
sysadmin A 192.168.10.1 $ TTL 3600; 1 ihora win7 A 192.168.10.30 TXT "31b7228ddd3a3b73be2fda9e09e601f3e9"

Kumele futhi siguqule indawo ebuyela emuva:

izimpande @ dns: ~ # nano /var/lib/bind/db.10.168.192.in-addr.arpa
$ IMVELAPHI. $ TTL 10800; Amahora angu-3 10.168.192.in-addr.arpa KU-SOA dns.fromlinux.fan. izimpande.dns.fromlinux.fan. (
                                7; serial
                                86400; uvuselele (usuku olungu-1) 3600; zama futhi (1 ihora) 604800; kuphelelwa yisikhathi (1 isonto) 10800; ubuncane (amahora amathathu)) NS dns.fromlinux.fan. $ OKUQALILE 3.in-addr.arpa. 10.168.192 PTR sysadmin.fromlinux.fan. 1 PTR ad-dc.fromlinux.fan. $ TTL 3; Ihora elingu-3600 i-PTR win1.fromlinux.fan. $ TTL 30; 7 amahora 10800 PTR fileserver.fromlinux.fan. 3 PTR dns.fromlinux.fan. 4 PTR proxyweb.desdelinux.fan. 5 PTR blog.desdelinux.fan. 6 PTR ftpserver.fromlinux.fan. 7 PTR mail.fromlinux.fan.
10 PTR shorewall.fromlinux.fan.

Sihlehlisa futhi sivuselele izindawo

[izimpande @ dns ~] # rndc ncibilikisa

izimpande @ dns: ~ # journalctl -f
- Izingodo ziqala eSun 2017-02-05 06:27:10 EST. - Feb 05 12:00:29 i-dns eqanjwe ngo- [1996]: yathola umyalo wesiteshi sokulawula 'thaw' Feb 05 12:00:29 dns named [1996]: thawing all zones: success Feb 05 12:00:29 dns named [1996 ]: i-zone 10.168.192.in-addr.arpa/IN: ifayili lejenali liphelelwe yisikhathi: kususwa ifayili lephephabhuku Feb 05 12:00:29 dns eqanjwe ngo- [1996]: zone 10.168.192.in-addr.arpa/ IN : serial serial 7 Feb 05 12:00:29 dns named [1996]: zone desdelinux.fan/IN: file journal is out of date: leaving journal file Feb 05 12:00:29 dns named [1996]: zone desdelinux. fan / IN: ilayishwe i-serial 9

buzz @ sysadmin: ~ $ umsingathi shorewall
shorewall.fromlinux.fan unekheli 192.168.10.10

buzz @ sysadmin: ~ $ umsingathi 192.168.10.10
10.10.168.192.in-addr.arpa igama lesizinda pointer shorewall.fromlinux.fan.

buzz @ sysadmin: ~ $ dig kusuka ku-linux.fan axfr

buzz @ sysadmin: ~ $ bamba 10.168.192.in-addr.arpa axfr

izimpande @ dns: ~ # journalctl -f
.... Feb 05 12:03:05 i-dns eqanjwe ngo- [1996]: iklayenti 192.168.10.1 # 37835 (desdelinux.fan): ukudluliswa kwe- 'desdelinux.fan/IN': I-AXFR iqalile ngoFebhuwari 05 12:03:05 i-dns eqanjwe [1996]: iklayenti 192.168.10.1 # 37835 (desdelinux.fan): ukudluliswa kwe- 'desdelinux.fan/IN': I-AXFR iphele ngoFebhuwari 05 12:03:20 i-dns eqanjwe ngo- [1996]: iklayenti 192.168.10.1 # 46905 (10.168.192. 10.168.192.in-addr.arpa): ukudluliswa kwe-'05 .12.in-addr.arpa / IN ': I-AXFR iqale ngoFebhuwari 03 20:1996:192.168.10.1 i-dns eqanjwe ngo- [46905]: iklayenti 10.168.192 # 10.168.192 (XNUMX .in-addr.arpa): ukudluliswa kwe-'XNUMX .XNUMX.in-addr.arpa / IN ': I-AXFR iphelile

Isifingqo

Kuze kube manje sinesiphakeli se-Caché DNS esisebenzayo, esisekela i-Recursion, eyi-Authoritarian ye-Zone kusuka, futhi lokho kuvumela i-DHCP ukuthi ivuselele i-Forward and Reverse Zones enamagama amakhompyutha ne-IP ayinikezayo.

Lo mbhalo kanye nezimbili ezedlule «I-DNS ne-DHCP kuvuliweSUSE 13.2 'Harlequin'"Y"I-DNS ne-DHCP ku-CentOS 7»Cishe eyodwa. Uzothola imiqondo ejwayelekile mayelana ne-DNS ne-DHCP, kanye nokucaciswa kokusatshalaliswa ngakunye ngakunye. Ziyi- Iphoyinti lokungena esihlokweni, kanye nesisekelo sentuthuko enzima kakhulu.

Ngeke sinqikaze ukugcizelela - futhi futhi - ngokubaluleka kokufunda imibhalo yezobuchwepheshe efakwe ngokuzenzakalela ngephakeji ngalinye, NGAPHAMBI kokulungisa noma imiphi imininingwane. Sikusho ngokuhlangenwe nakho kwethu.

Ukulethwa okulandelayo

Cishe yi- "Microsoft® Active Directory + BIND"


Okuqukethwe yi-athikili kunamathela ezimisweni zethu ze izimiso zokuhlelela. Ukubika iphutha chofoza lapha.

Amazwana ayi-23, shiya okwakho

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   isibankwa kusho

    Yeka ucezu lwesifundo osithumele umlingani wakho, angazi ukuthi ungakanani umthamo wemininingwane nokuhleleka ezihlokweni eziyinkimbinkimbi njengalezo ezivela kuzo.

    Ukuhalalisela kwami ​​okuqotho, kuyinhlonipho ukukwazi ukukufunda

  2.   bafo kusho

    Kumele ngikutshele ukuthi ama-tutorials owashicilelayo yi-HOSTIA, ngiyabathanda.
    Ngihlale ngilinde isahluko sakho esilandelayo.
    Uma usuqedile, uzoyifaka ku-pdf? Kuyimibhalo ngokubona kwami ​​ukuthi ibaluleke kakhulu, ifanelwe ukugcinwa kahle.
    Ngiyabonga kakhulu nokubingelela okukhulu.
    Bafo.

  3.   frederico kusho

    Bafo: Ngiyabonga kakhulu ngokuhlola kwakho nokuphawula. Umvuzo omuhle wesikhathi, umsebenzi, nomzamo engiwunikela kumfundisi ngamunye ukuphawula. Kungaba okuhle noma okungekuhle, kepha kuyisibonakaliso sokuthi kuya kungabonakali. Ngicabanga ukuthi abafundi abaningi bavele balande futhi balondoloze, noma balibhukumake. Kepha ngicabanga nje ukuthi ngokwenani lokuvakashelwa. Kubi kakhulu ukuthi ababaningi abaphawulayo, yize ngazi ukuthi izingqinamba engibhekana nazo ngokuyisisekelo ziseSysadmins. Ngiyabingelela nakuwe futhi ngizokulinda kuma-athikili ami alandelayo.

  4.   frederico kusho

    Lizard: Ngiyabonga ngokuhlola kwakho okuthembekile engizohlala ngikukhumbula njalo.

  5.   ubuciko kusho

    Ukucushwa kungaba kanjani uma nginezindawo ezimbili zenethiwekhi ezimweni zokubopha
    Ngiyabonga futhi ngiyakuhalalisela ngale nto.

  6.   frederico kusho

    Ubuciko: Ngiyabonga ngokuphawula kwakho futhi siyakuhalalisela.
    Impendulo yombuzo wakho ifanelwa i-athikili ehlukile ekusetshenzisweni kokubukwa - Ukubukwa EKUBOPHENI.

    Uma kwenzeka uneZoni Ezithunyelwe ngaphansi kwesibopho sakho, futhi ufuna ukuba NESIBOPHO esisodwa ukuhambela imibuzo yangaphakathi evela kwi-LAN yakho kanye nemibuzo yangaphandle evela kwi-Intanethi -NgOKUBOPHA okuvikelwe yi-Firewall kunjalo- kuyanconywa ukusebenzisa Ukubukwa .

    Ukubukwa, ngokwesibonelo, kukuvumela ukuthi wethule ukumiswa kweNethiwekhi yakho ye-SME nenye ye-Intanethi. Lapho singalungiseleli noma yikuphi ukubuka ngokusobala, i-BIND yenza ngokuphelele eyodwa ekhombisa wonke amakhompyutha ayisebenzisayo.

    Njengokusetshenziswa kokubukwa ngikuthatha njengesihloko esithuthukile kungaba bese ubhala i-athikili ngakho, ngaphambi noma ngemuva kweposi elithenjisiwe elimenyezelwe ekugcineni kwalo.

    Manje, uma unezindawo ezimbili zokuxhumana ezibhekene nenethiwekhi yakho ye-SME eyenziwe ngamanethiwekhi wangasese amabili- nganoma yisiphi isizathu sokwakha, ibhalansi yokulayisha, inani lezinto zokusebenza noma okunye, futhi ufuna ukwethula zonke izingxenye zakho kuwo womabili amanethiwekhi, ungawaxazulula nge isitatimende:

    lalela {
    I-127.0.0.1;
    IP-Private-Interface1;
    IP-interface-Private2;
    };

    Ngale ndlela, i-BIND ilalela izicelo kuzo zombili izixhumi.

    Uma wonke amakhompyutha akho eku-Class C Private Network 192.168.10.0/255.255.240.0 -kufika kuma-4094 host- ngokwesibonelo, ungasebenzisa futhi isitatimende:

    lalela-on {127.0.0.1; 192.168.10.0/20; };

    Futhi uqhubeka ukhombisa ukubuka okukodwa kuwo wonke amakhompyutha axhunywe kwi-LAN yakho yangasese.

    Ngiyethemba impendulo yami emfushane iyakusiza. Ukubingelela nempumelelo.

    1.    ubuciko kusho

      Siyabonga ngempendulo kungekudala. Uyabona ngisetha i-Debian Server ene-version 9 (Strech), ine-DNS, dhcp ne-squid njengommeleli, okokuhlunga okuqukethwe engizokusebenzisa i-e2guardian.

      Ikhompyutha inezindawo ezimbili zokuxhumana, ezizovumela amakhompyutha akwi-LAN ukuthi aye kwi-Intanethi.
      umzila: 192.168.1.1
      i-eth0: 192.168.1.55 (ngokusebenzisa le interface izokuya kwi-Intanethi)
      i-eth1: 192.168.100.1 (LAN)

      Umqondo ngukuthi amakhompyutha angaya kwi-Intanethi ngale seva yommeleli, ezophinde inikeze ama-ips nama-dns kumakhompyutha akulenethiwekhi yangaphakathi.

      Kulokhu angidingi ukuthi iseva ilalele izicelo ze-dns ngokusebenzisa isikhombimsebenzisi se-eth0 (angifuni ukwethula izindawo zami kuwo womabili amanethiwekhi, kuphela kwi-LAN yami); ngakho-ke uma ngisusa i-private-interface-IP1, ngabe lokho kuzokwanela?

      Ngiyabonga futhi nokubingelela.

  7.   U-Eduardo Noel kusho

    Isihloko esihle kakhulu mngani wami
    UNESIBOPHO emithanjeni yakho, noma ngabe usho futhi ucabange ngenye indlela 🙂
    Halala

  8.   frederico kusho

    Ubuciko: Susa isikhombimsebenzisi se-192.168.1.55 esitatimendeni sokulalela bese uya. Noma memezela ukulalela ku- {127.0.0.1; 192.168.100.1; }; futhi yilokho kuphela. I-BIND izolalela kuphela kulezo interface.

    1.    ubuciko kusho

      Ngiyabonga.

  9.   frederico kusho

    U-Eduardo: mngani wami, ngisathanda i-dnsmasq yamanethiwekhi "amancane", futhi kuzofanele sibone ukuthi angaba "makhulu" kanjani. Yize ngibona ukuthi i-BIND + isc-dhcp-server yi-BIND + isc-dhcp-server. 😉

  10.   frederico kusho

    U-Eduardo: Ngikhohliwe ukukutshela ukuthi Uchwepheshe WOKUBOPHA nguwe, Master.

  11.   isihlibhi kusho

    Iminyaka ngisebenzisa i-BIND futhi ngiqhubeka ngifunda ngemibhalo yakho, ngiyabonga kakhulu uFederico, ngalolu chungechunge lwezifundo kuxoshwa i-sysadmin. Ngiyabuya ngiyaphinda, umqondo wokuhlanganisa lonke lolu lwazi ngefomethi ephathekayo esemthethweni awubi neze, yinikeze ikhanda lokuthi okuthile okuhle kakhulu kungavela. Ukubingelela.

  12.   frederico kusho

    Dhunter mngani: Ukuphawula kwakho kuhlala kwamukelwa kahle. Ukuhlanganisa konke kunzima futhi cishe akunakwenzeka, ngoba isihloko esisha sihlala sivela njalo. Ngezahluko, kuyahamba futhi kungenzeka. Enye i-athikili kuzodingeka ibhalwe kabusha ukuthola ukuvumelana kokulungiselelwa. Angithembisi lutho, kodwa sizobona.

  13.   U-Ismael Alvarez Wong kusho

    sawubona federico, nayi imibono yami:
    1) Ukugcizelela okubeka ku- «... funda ngaphambi kokumisa ISIBOPHO ngisho nangaphambi kokuba useshe i-Intanethi ngama-athikili ahlobene ne-BIND ne-DNS ...» ukuzifuna kukhompyutha yethu nakho konke lokhu «... ngaphandle kokushiya ikhaya ... »ukusebenzisa amagama akho.
    2) Kulokhu okuthunyelwe sithola imfundiso ethe xaxa mayelana ne-DNS egcwalisa leyo enikezwe kokuthunyelwe okubili kwangaphambilini futhi ihlonishwa njalo; isibonelo: I-DNSSEC (i-Domain Name System Security Extensions) nokuthi isetshenziselwa ini; kanye ne-BIND Configuration Scheme namafayela ayo wokumisa oku-Static, Amafayela weZone wamaSeva Womsuka, kanye neZindawo Phambili Nezobuyela emuva ze-localhost eDebian.
    3) KAKHULU ithiphu yokungakhubekisi ukuphinda kwenzeke (kusetshenziswa umugqa "recursion no;") bese ufaka kufayela lokumisa /etc/bind/named.conf.local, amafayili endawo / etc / bind / zones. Rfc1918 and / etc /bind/zones.rfcFreeBSD ukuvimbela noma imiphi imibuzo ephathelene nayo ekushiyeni inethiwekhi yendawo kumaseva ezimpande.
    4) Ngokungafani nokuthunyelwe kwangaphambilini mayelana ne-CentOS 7, kulokhu okuthunyelwe uma ukhiye we-TSIG "dhcp-key" wenziwa ngezibuyekezo ezinamandla ze-DNS ezivela ku-DHCP; ukuyivumela kufayela /etc/bind/named.conf.local file, include "allow-update {key dhcp-key; }; » ekucushweni kwezindawo eziqondile neziphindayo zesizinda sethu.
    5) Imininingwane enhle (elingana nokuthunyelwe kwangaphambilini ku-CentOS 7) yakho konke okuphathelene nokuhlolwa kokusebenza kwe-DNS, i-DHCP kanye namakhasimende.
    6) KAKHULU ithiphu yokusebenzisa umyalo we- "install" (uma uwubhala kanjani, angisho inketho yegama elifanayo elisetshenziswe kweminye imiyalo), bengingazi, ngoba kuyiqiniso " Ama-3 kuma-1 "copy copy (cp), ukusungulwa kwabanikazi (chown) nezimvume (chmod).
    . Ekugcineni, impendulo yakho ku-Artus mayelana nokusetshenziswa kwe-Views in BIND inhle kakhulu, eyodwa ye-LAN (inethiwekhi yangasese) nenye nge-Intanethi ukuze kuboniswane nezinsizakalo zomphakathi kuphela. Ngiyethemba ngokuhamba kwesikhathi unesikhathi sokulungiselela okuthunyelwe ngoba kuyisihloko sohlelo lokusebenza esisebenziseka kakhulu kuma-sysadmin amaningi.
    Akukho lutho uFederico engiqhubeka nokuba nomdlandla ngokwengeziwe ngochungechunge lwe-PYMES futhi ngilangazelela okulandelayo "iMicrosoft Active Directory + BIND"

  14.   frederico kusho

    U-Wong: Ozakwethu nomngani, ukuphawula kwakho kugcwalisa izindatshana zami futhi kukhombisa ukuthi kuyaqondakala. Umyalo we- "install" unezinketho eziningi eziningi. Umbuzo umuntu ufake. Ngiyabonga inkulungwane ngokuphawula !!!

  15.   crespo88 kusho

    Angikakawafundi amazwana okwamanje, ngizokwenza lokho ngemuva kokusho imigomo yami.
    Wenzile futhi uzuze okuningi, usinike isibani kepha hhayi lesi esibonakala ekugcineni »komhubhe» lapho kungekho themba + njengoba sijwayele ukusho; hhayi ukuthi nakancane, unikeze ukukhanya okugcwele ukuze ukwazi ukuthi "Ekugcineni siyabona ukuthi ngumdlalo womfana, onemiqondo eminingi ne-syntax eyindida" njengoba uchaza kokuthunyelwe.
    Thumela i-TRUNK kanye neyedlule ukuthola ama-distros ambalwa adumile. Uthobele ukunwetshwa kwemiqondo kanye nemfundiso ethi ezikhathini eziningi iba nomthelela kithi. Ngifunde ngokuningiliziwe, ngomoya ophansi futhi akunakwenzeka ukuthi ngingaphawule futhi ngizizwe NGIBONGA NGOKUPHELELE ukuzinikela okunjalo nokuzinikela.
    Ngaphandle kokuchitha isikhathi, sonke sikufisela impilo nokuthi uqhubeke nokufaka isandla; Siyakubonga futhi kwangathi inhlanhla, umnotho, ezempilo (sikufisela okuphindwe kabili) futhi uthando lukukhaphe (noSandra's for more, hahaha).
    Ngiyazi ukuthi ukuphawula kudlulela ngalé kokuqukethwe yilokho okuthunyelwe, kuya kokwakho ngoba singabangani futhi ngiyakuthanda ukulethwa kwakho okungenabugovu. Akekho umuntu OWENZA okwenzela thina abafuna ukufunda okuningi futhi sinomthwalo wokuphatha amanethiwekhi ama-SME emahlombe ethu, hhayi umsebenzi olula.
    Sl2 wonke umuntu.

  16.   frederico kusho

    I-crespo88: Ngiyabonga kakhulu ngokuhlola kwakho ngalokhu nezinye izindatshana ezishicilelwe. Abanye abafundi bangacabanga ukuthi ngizinikela ngakho konke, kanti akulona iqiniso. Ngihlala ngibhekisa kuPhoyinti Lokungena, noma ngabe izibonelo zisebenza ngokuphelele. I-BIND yi-Electronic Industry kanti iDHCP ayikude kakhulu emuva. Ukuze ubazi ngaphezu kwesilinganiso, kufanele uphase iziqu ze-postgraduate eNyuvesi yaseHelsinki, 😉

  17.   UMiguel Guaramato kusho

    Ngithola lesi sihloko sithakazelisa futhi sibaluleke kakhulu. Nginentshisekelo kulolu cwaningo lwalokho okuphathelene nokuphathwa kwamanethiwekhi we-linux futhi ikakhulukazi amaseva: i-dns, i-dhcp enamandla ne-static kanye namanethiwekhi abonakalayo, i-bin9, i-samba, amaseva wokuphrinta, i-ldap, ukwenganyelwa kwenethiwekhi ngezinhlelo zokusebenza, imithombo yolwazi yabahleli bohlelo ' izicelo kanye ne-vlan, njll. Kungakho kubalulekile futhi lawa macebiso mahle kakhulu futhi enemikhuba nezibonelo.

  18.   frederico kusho

    Sawubona Miguel !!!
    Siyabonga ngokuphawula futhi ngiyethemba ukuthi uchungechunge luzokusiza kokuthandayo. Sanibonani.

  19.   jorge kusho

    Ngiyabonga kakhulu nge-athikili uFederico, kukhombisa ukuthi uyazi nge-debian. Ukwanga.

  20.   frederico kusho

    Ngiyabonga kakhulu Jorge, ngokuphawula kwakho. Ngiyethemba ukuthi izindatshana zami zizokusiza.

  21.   IPablo Raul Vargas Hall kusho

    Ngiyabonga kakhulu ngeposi elibhalwe kahle futhi lisinxusa ukuba sifunde, sifunde futhi sifunde futhi. Manje ngokuthunyelwe okulandelayo ozokushicilela, ngithanda ukuthi ucabangele amaphuzu wokuhlangana obekuzoba nawo:
    I-Microsoft Active Directory ene-Samba4 njenge-Directory Esebenzayo

    Ngaphandle kwalokho, bengifuna ukubheka okulandelayo:
    Kungaba kanjani ukusetshenziswa kwe-Bind + Isc-dhcp ku-FW ku-dmz lapho isilawuli sesizinda sizoba ku-dmz nge-samba 4 AD