Inkomba ejwayelekile yochungechunge: Ama-Computer Networks ama-SME: Isingeniso
Sanibonani zihlobo !. Ukuqonda nokulandela kahle le ndatshana yi kubalulekile ifunda ababengaphambi kwayo:
Bachaza imiqondo ethiyori neyengokoqobo esingeke sibhekise kuyo kulokhu. Sizoshintsha ukusatshalaliswa kulo nyaka esikuwo kuye ku- I-Debian 8.6 "Jessie" futhi sizoqhubeka ngamapharamitha afanayo esisebenzisa kuwo Bopha futhi Active Directory®.
- Inqubo echazwe kulokhu okuthunyelwe nayo isebenza ku-CentOS 7. Ifayela lokumisa / njll / dnsmasq liyafana. Ngiyakumemezela ngoba ngikubona kungadingekile ukwenza i-athikili ehlukile ye-Dnsmasq ne-Active Directory® kususelwa kuCentOS. Ngenhlanhla, izinkomba ezihlobene nemibhalo nokucushwa ziyefana. 😉
- I-Dnsmaq iyindalo ye- USimon Kelley
Imikhawulo ekusetshenzisweni kwe-Dnsmasq
Ngenxa yokubaluleka kwayo siyaphinda IMIKHAWULO esekela iDnsmasq -run indoda dnsmasq- okukhombisa ncamashi Okulandelayo:
IMIKHAWULO
- Amanani wokuzenzakalelayo wemikhawulo yezinsiza ngokuvamile ayalondolozwa, futhi afanele ukusetshenziswa kumadivayisi wohlobo lomzila. kubhajwe ngama-processor slow and memory low. Ku-hardware ngaphezulu onekhono, kungenzeka ukwandisa imingcele, futhi usekele abaningi amakhasimende. Lokhu okulandelayo kusebenza ku-dnsmasq-2.37: izinhlobo zangaphambilini azenzi bakhuphuke kahle kakhulu.
- I-Dnsmasq iyakwazi ukuxhasa i-DNS ne-DHCP okungenani inkulungwane eyodwa (1,000) amakhasimende. Izikhathi zokuqashisa akufanele zibe mfushane kakhulu (ngaphansi koyedwa isikhathi). Inani le -dns-forward-max lingakhushulwa: qala ngo- inani elilinganayo lamakhasimende futhi ulinyuse uma ngabe I-DNS. Qaphela ukuthi ukusebenza kwe-DNS futhi kuya ngamaseva I-DNS engenhla. Usayizi wenqolobane ye-DNS ungakhuphuka: umkhawulo Okudingekayo ngamagama ayi-10,000 futhi okuzenzakalelayo (150) kuphansi kakhulu. Ukuthumela i-SIGUSR1 ku-dnsmasq kwenza imininingwane ye-bitacore leyo ilusizo ekuhleleni kahle usayizi wenqolobane. Bona isigaba se-NOTES ukuthola imininingwane.
- Iseva ye-TFTP eyakhelwe ngaphakathi iyakwazi ukuxhasa ukudluliswa okuningi amafayela afanayo ngasikhathi sinye: umkhawulo ophelele uhlobene nenani leziphathi zefayela ezivunyelwe kwinqubo kanye nekhono le-sys‐tem call select () ukuxhasa izinombolo ezinkulu zokuphathwa kwamafayela. Uma umkhawulo usethwe waba mkhulu kakhulu nge-tftp-max uzosuswa futhi umkhawulo wangempela uzobekwa iwashi ekuqaleni. Qaphela ukuthi ukudluliswa okuningi kungenzeka uma ifayili elifanayo lithunyelwa kuthiwani lapho kudluliswa ngakunyeI-ferencia ithumela ifayela elihlukile. Kungenzeka usebenzise i-dnsmasq ukuphika ukukhangisa kweWebhu usebenzisa uhlu lwe amaseva we-banner aziwa kahle, konke kuxazululeka ku-127.0.0.1 noma 0.0.0.0 ku- / etc / Sebawoti noma kufayela elingeziwe le-Host. Uhlu lungakwazi yinde kakhulu. I-Dnsmasq ihlolwe ngempumelelo ngamagama ayisigidi. Lolo sayizi wefayela lidinga i-1GHz CPU nokulinganiselwa60MB RAM.
- I-Dnsmasq iyakwazi ukuxhasa i-DNS ne-DHCP okungenani inkulungwane eyodwa (1,000) amaklayenti.
Masifake futhi silungiselele uJessie noDnsmasq
Sizoqala ngokufakwa okusha nokuhlanzekile kweseva ngokuya nge- I-Debian 8 "Jessie". Okusho ukuthi, uhlelo lokusebenza ngaphandle kwesibonisi sokuqhafaza noma enye iphakheji efakiwe. Imingcele yenethiwekhi izofana naleyo esetshenziswe ku-athikili Bopha futhi Active Directory®:
Igama lesizinda mordor.fan LAN Network 10.10.10.0/24 ================================== == ==================================== Amaseva we-IP Ikheli Injongo (Amaseva ane-OS Windows) ============================================== == ============================= sauron.mordor.fan. 10.10.10.3 I-Active Directory® 2008 SR2 imamba.mordor.fan. 10.10.10.4 I-Windows File Server dns.mordor.fan 10.10.10.5 I-DnsMasq Server kuJessie thokozani_mnguni 10.10.10.6 Ummeleli, isango nodonga lomlilo kuKerios troll.mordor.fan. 10.10.10.7 Blog esuselwe ku ... ayikwazi ukukhumbula i-shadowftp.mordor.fan. 10.10.10.8 Iseva ye-FTP emnyama black.mordor.fan. 10.10.10.9 Isevisi ephelele ye-imeyili blackspider.mordor.fan. 10.10.10.10 Insiza yeWWW palantir.mordor.fan. 10.10.10.11 Xoxa ku-Openfire ye-Windows Real CNAME ============================= i-sauron ad-dc mamba fileserver darklord proxyweb troll blog i-shadowftp ftpserver i-blackelf mail i-blackspider www palantir umlilo ovulekile
Izilungiselelo zeseva zokuqala ze-dns.mordor.fan
izimpande @ dns: ~ # nano / etc / hostname dns izimpande @ dns: ~ # nano / etc / hosts 127.0.0.1 i-localhost 10.10.10.5 dns.mordor.fan dns # Imigqa elandelayo iyadingeka kuma-host aphathekayo we-IPv6 :: 1 localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouters izimpande @ dns: ~ # nano / etc / network / interface # Leli fayela lichaza izixhumanisi zenethiwekhi ezitholakala kusistimu yakho # nokuthi ungazisebenzisa kanjani. Ngemininingwane engaphezulu, bheka izixhumi (5). umthombo /etc/network/interfaces.d/ * # I-interface ye-loopback network interface auto lo iface lo inet loopback # I-interface eyinhloko yenethiwekhi ivumela-hotplug eth0 iface eth0 inet static ikheli 10.10.10.5 netmask 255.255.255.0 network 10.10.10.0 ukusakaza 10.10.10.255. Isango le-10.10.10.1 127.0.0.1 # dns- * izinketho zenziwa yiphakeji ye-resolutionvconf, uma ifakiwe i-dns-nameservers XNUMX dns-search mordor.fan
Masifake i-Dnsmasq ne-htop
izimpande @ dns: ~ # ukufaneleka ukufaka i-dnsmasq htop
Ngemuva kokufaka iphakheji htop singabheka i-CPU nokusetshenziswa kwememori kwemishini. Kwakudla kuphela ama-megabytes angama-71 we-RAM. Uma sifuna ukwehlisa ukusetshenziswa kakhulu, singafaka iphakheji I-SSMTP -simple MTA- yona ehlanza iphakheji Isibonelo4 iDebian ehlala ifaka ngokuzenzakalela nokuthi empeleni asiyidingi ngokusetshenziswa esizokunika le seva:
(i-imeyili ivikelwe): ~ # ukufaka ukufaneleka ssmtp izimpande @ dns: ~ # ukufaneleka purge ~ c izimpande @ dns: ~ # ukufaneleka kuhlanzekile izimpande @ dns: ~ # i-aptitude autoclean izimpande @ dns: ~ # systemctl qala kabusha
Ngemuva kokuqalisa kabusha ikhompyutha, ukusetshenziswa kokulandelayo: 
Phansi, akunjalo? Asiqhubeke.
Masikhombise ukuthi iDnsmasq ibuye ibonisane neMicrosft® DNS
Ukuhlola ukulungiselelwa kwe-Dnsmasq okungenzeka kukhompyutha yakho dns.mordor.fan, kufanele sifake isitatimende esikhombisa ukuthi iMicrosoft DNS yeseva iyaxoxwa i-sauron.mordor.fan. Singakwenza kufaka phakathi ukuqondiswa iseva = / mordor.fan / 10.10.10.3 endaweni yokugcina umlando dnsmasq.conf -njengoba sizobona kamuva- noma singeza umugqa nameserver 10.10.10.3 endaweni yokugcina umlando /etc/resolv.conf. Njengoba singakayilungisi i-Dnsmasq ngokuya ngezidingo zethu, sikhetha indlela yesibili:
izimpande @ dns: ~ # nano /etc/resolv.conf
isizinda mordor.fan
nameserver 127.0.0.1
nameserver 10.10.10.3
Manje sesingaxazulula imibuzo ye-DNS
Ngokumiswa okuzenzakalelayo kwe-Dnsmasq okunikezwe yifayela layo eliyinhloko /etc/dnasmq.conf, nangalokho okushiwo kufayela /etc/resolv.conf kusuka kuseva uqobo «dns«, Noma iliphi iklayenti elixhunywe kwi-LAN -nalokhu limemezele njengeseva ye-DNS dns.mordor.fan- Ungaxazulula imibuzo ye-DNS ngezindleko zeMicrosoft® DNS okwamanje…
- Kubaluleke kakhulu ukuhlola isivinini sokuphendula se-Dnsmasq lapho kukhonjiswa isimo sayo njenge Phambili ngokufakwa nje kwe-IP 10.10.10.3 kufayela lakho /etc/resolv.conf.
Kusuka emsebenzini wami wokuphatha kanye nokwesekwa kwazo zonke izinto engibhala ngazo, ngiyagijima:
buzz @ sysadmin: ~ $ cat /etc/resolv.conf # Kwenziwe yi-NetworkManager domain mordor.fan nameserver 10.10.10.5 buzz @ sysadmin: ~ $ nslookup > dns Iseva: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Igama: dns.mordor.fan Ikheli: 10.10.10.5 > i-sauron Iseva: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Impendulo engagunyaziwe: Igama: sauron.mordor.fan Ikheli: 10.10.10.3 > 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan Iseva: Ikheli le-10.10.10.5: 10.10.10.5 # 53 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan igama lezincwadi zeBhayibheli = sauron.mordor.fan. Igama: sauron.mordor.fan Ikheli: 10.10.10.3 > 10.10.10.3 Iseva: Ikheli le-127.0.0.1: 127.0.0.1 # 53 3.10.10.10.in-addr.arpa name = sauron.mordor.fan. > 10.10.10.9 Iseva: Ikheli le-127.0.0.1: 127.0.0.1 # 53 9.10.10.10.in-addr.arpa name = blackelf.mordor.fan. > 10.10.10.5 Iseva: Ikheli le-127.0.0.1: 127.0.0.1 # 53 5.10.10.10.in-addr.arpa name = dns.mordor.fan. > imeyili Iseva: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Impendulo engagunyaziwe: mail.mordor.fan igama le-canonical = blackelf.mordor.fan. Igama: blackelf.mordor.fan Ikheli: 10.10.10.9> exit buzz @ sysadmin: ~ $
Ake sihlolisise lezi zici ezilandelayo:
- dns.mordor.fan iphendula ngqo imibuzo ye-DNS engayixazulula ngokuya ngezilungiselelo zakho zamanje ze-Dnsmasq. Uma ungakwazi ukuzixazulula, kusebenza njenge Phambili bese ubuza i-IP 10.10.10.3 uma ingakwazi ukuphendula umbuzo. Lapho ucelwa i-IP yemishini «dns«, Uphendula ngqo. Lapho iDnsmasq ibuzwa ukuthi ngubani «i-sauron",?, yenza ukudlulisela phambili kuya ku 10.10.10.3 -Awukwazi ukuphendula ngqo ngoba awukayibhalisi okwamanje- obuyisa impendulo eyiyo engekho kuhulumeni
- Lapho ubuzwa ukuthi ngubani «03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan"?, yenza ukudlulisela phambili futhi futhi kulokhu uthola Impendulo Egunyaziwe evela kuMicrosoft® DNS.
- Ijubane lokuphendula eliphakeme le-Dnsmasq nganoma iluphi uhlobo lombuzo.
Yimininingwane emincane eyenza uthando lube nkulu ;-).
Umehluko oyisisekelo phakathi kwe-Dnsmasq ne-BIND uhlanganiswe ne-Active Directory®
Ake sisebenzise imibuzo embalwa ye-DNS kumarekhodi SOA y NS kwesizinda i-mordor.fan, Kuma-nameservers ngamunye ahilelekile:
buzz @ sysadmin: ~ $ host -t SOA mordor.fan 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: mordor.fan ine-SOA irekhodi sauron.mordor.fan. umphathi wesikhungo.mordor.fan. 56 900 600 86400 3600 XNUMX buzz @ sysadmin: ~ $ host -t SOA mordor.fan 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-Aliases: mordor.fan ine-SOA irekhodi sauron.mordor.fan. umphathi wesikhungo.mordor.fan. 56 900 600 86400 3600 XNUMX buzz @ sysadmin: ~ $ host -t NS mordor.fan 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-Aliases: mordor.fan igama iseva sauron.mordor.fan. buzz @ sysadmin: ~ $ host -t NS mordor.fan 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: mordor.fan igama iseva sauron.mordor.fan.
Izimpendulo ziyefana - okunengqondo - ngoba Siempre phendula i-sauron.mordor.fan. ngaphambi kombuzo we-DNS mayelana namarekhodi SOA o NS, nakuba kubukeka uphendula athini dns.mordor.fan. Kodwa-ke kwehlukile kulokho okubonwa endimeni Bopha futhi Uhla lwemibhalo olusebenzayo® lapho besisuse ngokuphelele ukusebenza kweMicrosoft® DNS. Kuleyo ndatshana YONKE imibuzo ye-DNS mayelana ne-Domino Namespace i-mordor.fan ISIBOPHO sibaphendulile, ngoba yindlela esiyilungiselela ngayo, futhi ngoba ISIBOPHO siyayiphendula imibuzo SOA y NS ngaphezu kokuvumela uhlelo Master - Isigqila, Ukudluliswa kwendawo, njll., Ngakho-ke iseva ephelele ye-DNS - eyinkimbinkimbi.
Mhlawumbe lokho umehluko omkhulu phakathi kwe-DNS ye-Dnsmasq ne-BIND ... Pero Bopha - kungahlala kune-buts eyodwa noma ngaphezulu - ayinayo iseva ye-DHCP ehlangana ngaphandle komthungo neseva ye-DNS endaweni eyodwa duma, futhi ngaphandle kwesidingo sokhiye be-TSIG, amafayela wokumisa, imininingwane yolwazi yeZone, njll, njengoba sibonile kuma-athikili adlule.
- Ngicabanga ukuthi manje, Bafundi Abathandekayo bazobe sebebonile ukuthi angizondi Bopha noma ngincamela iDnsmasq kune-BIND. Izingxoxo zesikhathi esizayo ngakho kungukuchitha isikhathi okuphelele, ngoba kuhlobene kakhulu nezidingo, izidingo, ukuthanda izinto, izintandokazi kanye .... Isixazululo ngasinye sinobuhle baso ;-).
- Ezimweni ezifanayo, vumela wonke umuntu afake futhi alungiselele isoftware ayithandayo nokuthi bazi okuningi ngayo. nokuthi konke kusebenza njengokulindelekile.
Izinzuzo zenhlanganisela iDnsmasq + Active Directory®
Ngale nhlanganisela sinezindlela eziphelele zokuphendula imibuzo ye-DNS nezindlela eziphumelelayo zokuqashisa amakheli e-IP e-SME LAN yethu. Njengoba sizobona ngokuhamba kwesikhathi, isebenza ngokufanele kunoma isiphi isimo maqondana nokuthi ikhompiyutha ijoyinwe yini kuMicrosoft® Active Directory® Domain Controller. Ngaphezu kwalokho, sineseva ye-DNS ne-DNS Phambili par ubuhle, kanye nesiphakeli se-DHCP eshesha kakhulu. Futhi konke kunesidingo esincane sezinsizakusebenza. Ingabe ufuna okuningi?
Kungenzeka i-Dnsmasq + BIND?
Impela yebo. Yize ngincoma ukuthi zifakwe kumakhompyutha ahlukile ukuze kungabikho ukushayisana ngenxa yetheku 53 elithandwa kakhulu lensizakalo ye-DNS. Mhlawumbe sizobona okuthile ngakho lapho sifika eSamba 4-based AD-DC. Kwazi bani?
Amathiphu ngeDnamasq
- Amafayela womsebenzi abalulekile we-Dnsmasq yokuhlinzeka ngezinsizakalo ze-DHCP ne-DNS ku-LAN yile: /etc/dnsmasq.conf, / njll / amabamba, /var/lib/misc/dnsmasq.leases, futhi /etc/resolv.conf. Ifayela dnsmasq.ukuqasha idalwa lapho uqashisa ikheli lakho lokuqala le-IP.
- Elinye ifayela lomsebenzi ongalisebenzisa yi- / njll / ethers. Uma lelo fayela likhona, inkomba abafundi bokufunda kumenyezelwe kufayela lokumisa, utshela uDnsmasq ukuthi ayifunde. Kuyasiza kakhulu lapho silandisa Amakheli we-MAC / amagama wokubamba ngezinhloso ezithile.
- Insizakalo ye-DNS ingakhutshazwa ngokuphelele kusetshenziswa inkomba itheku = 0 ku dnsmasq.conf.
- Insizakalo ye-DHCP yokuxhumeka kwenethiwekhi okukodwa noma ngaphezulu ingakhutshazwa ngemiyalo -yodwa kulayini ngamunye- akukho-dhcp-interface = eth0, no-dhcp-interface = eth1, njalo njalo. Ilusizo kakhulu lapho siphambi kwethimba eline-2 -or more- network interface futhi sifuna ukuthi insiza ye-DHCP inikezwe kuphela omunye wabo noma ngomunye. Vele, uma sikhubaza insizakalo ye-DHCP yazo zonke izixhumi, sizoshiya kuphela insiza ye-DNS isebenza. Uma sikhubaza zombili izinsizakalo, kungani sidinga iDnsmasq? 😉
- Ukumemezela kwamanye amaseva wegama le-DNS Domain lokho cha zisesidlangalaleni noma zangaphandle ku-LAN -nasimo seMicrosoft DNS- sikwenza ngokuyalelwa iseva = / igama lesizinda / iseva ye-DNS IP endaweni yokugcina umlando /etc/dnsmasq.conf. Isibonelo: iseva = / mordor.fan / 10.10.10.3.
- Ukutshela iDnsmasq ukuthi imibuzo ngezizinda zasendaweni iphendulwa kuphela kufayela / njll / amabamba noma nge-DHCP yakho, kufanele sifake isiqondisi kwasendaweni = / localnet / kufayela eliyinhloko lokumiswa kwakho. Isibonelo: kwasendaweni = / mordor.fan /.
- Ukumisa kahle ifayili /etc/resolv.conf - i-resolver siphakamisa ukuthi ufunde imanuwali yayo usebenzisa umyalo umuntu resolutionv.conf. Uma ufaka i-Debian 8.6 "Jessie" uzothola ukuthi ibhalwe kahle ngeSpanishi.
- I-Dnsmasq ayisebenzisi amafayela we-Zone ukuphendula imibuzo eqondile noma eguqukayo.
- Ukwazi okushiwo yinsimu ngayinye «okukhethekile»Lokho kusetshenziswa ekumenyezelweni kweRekhodi Yezinsiza ze-SRV, kufanele ubonisane Bopha futhi Active Directory®. I-syntax yamarekhodi e-SRV efayeleni /etc/dnsmasq.conf Kunje:
umphathi we-srv = , , , ,
Abafundi abafuna ukwazi kabanzi, sicela ufunde ifayili langempela ngokucophelela /etc/dnsmasq.conf noma amadokhumenti akhona enkombeni / usr / share / doc / dnsmasq-base.
izimpande @ dns: ~ # ls -l / usr / share / doc / dnsmasq-base / inani eliphelele le-128 -rw-r - r-- 1 impande 883 Meyi 5 2015 copyright -rw-r - r-- 1 impande 36261 5 Meyi 2015 1 changelog.archive.gz -rw-r - r-- 11297 impande impande 5 Meyi 2015 1 changelog.Debian.gz -rw-r - r-- 26014 impande impande 5 Meyi 2015 1 changelog.gz -rw-r - r-- 2084 impande impande 5 Meyi 2015 1 DBus-interface. gz -rw-r - r-- 4297 impande 5 Meyi 2015 2 doc.html drwxr-xr-x 4096 impande 19 Feb 17 52:1 izibonelo -rw-r - r-- 9721 impande 5 May 2015 1 FAQ.gz -rw-r - r-- 4180 impande 5 Meyi 2015 1 README.Debian -rw-r - r-- 12019 impande impande 5 Meyi 2015 XNUMX setup.html
Masilungiselele iDnsmasq neResolver
Sizothatha njengesiqondisi sokuqala - ukushintsha amagama nokunye, kunjalo - ifayela lokumisa elisetshenziswe ku-athikili «I-Dnsmasq ku-CentOS 7.3".
Masingakhohlwa isinyathelo esilandelayo:
[izimpande @ dns ~] # mv /etc/dnsmasq.conf /etc/dnsmasq.conf.original
Amakheli we-IP alungisiwe
Amakheli amaseva noma okokusebenza okudinga i-IP engaguquki -ombili I-IPv4 njengoba I-IPv6- Kumenyezelwe kufayela / njll / amabamba:
[izimpande @ dns ~] # nano / etc / hosts 127.0.0.1 i-localhost # Le migqa elandelayo iyadingeka kuma-host ephathekayo we-IPv6 :: 1 i-localhost ip6-localhost ip6-loopback ff02 :: 1 ip6-allnodes ff02 :: 2 ip6-allrouters # amaseva namakhompyutha ane-IP ehleliwe. 10.10.10.1 sysadmin.mordor.fan 10.10.10.3 sauron.mordor.fan 10.10.10.4 mamba.mordor.fan 10.10.10.5 dns.mordor.fan 10.10.10.6 darklord.mordor.fan 10.10.10.7 troll.mordor.fan 10.10.10.8. 10.10.10.9 shadowftp.mordor.fan 10.10.10.10 blackelf.mordor.fan 10.10.10.11 blackspider.mordor.fan XNUMX palantir.mordor.fan
Masenze ifayela le /etc/dnsmasq.conf
[izimpande @ dns ~] # nano /etc/dnsmasq.conf
# ------------------------------------------------- ------------------ # IZINKETHO JIKELELE # ---------------------------- - -------------------------------------- kudingeka isizinda # Ungadluli amagama ngaphandle kwesizinda ingxenye mbumbulu-ngasese # Ungadluli amakheli esikhaleni esingavinjelwe sanda-abasingathi # Faka ngokuzenzakalela isizinda kusikhungo esibonakalayo = eth0 # Interface. QAPHELA i-Interface # except-interface = eth1 # Ungalaleli le oda eqinile ye-NIC # Order lapho ubheka khona ifayela le /etc/resolv.conf # Faka izinketho eziningi zokumisa # ngefayela noma ngokuthola amafayela wokumisa # okungeziwe enkombeni # conf-file = / etc / dnsmasq.more.conf conf-dir = / etc / dnsmasq.d # Okuhlobene ne-Domain Name domain = mordor.fan # Domain Name # Time Server is 10.10.10.1. 10.10.10.1 ikheli = / time.windows.com / XNUMX # Ithumela inketho engenalutho yenani le-WPAD. Kuyadingeka kuma- # Windos 7 nakamuva amaklayenti ukuthi aziphathe kahle. ;-) dhcp-option = 252, "\ n" # Ifayela lapho sizomemezela khona IZIMPAHLA ezizo "vinjelwa" addn-hosts = / etc / banner_add_hosts # Bheka iseva yeMicrosoft® DNS "sauron" uma siyivumela run server = / mordor.fan / 10.10.10.3 # Imibuzo ngezizinda zasendaweni izophendulwa # from / etc / hosts or through local DHCP = / mordor.fan / # Queries about PTR or Reverse records will be answered # by the server " dns "ne" sauron "ngaleyo ndlela server = / 10.10.10.in-addr.arpa / 10.10.10.5 server = / 10.10.10.in-addr.arpa / 10.10.10.3 # ------- - ------------------------------------------------------ - --------- # UKUBHALISWA KWAMANQAKU # # ----------------------------- # Lolu hlobo lokubhalisa ludinga ukungena # kufayela le- / etc / hosts # # isib. 10.10.0.7 troll.mordor.fan troll # cname = ALIAS, REAL_NAME cname = ad-dc.mordor.fan, sauron.mordor.fan cname = fileserver.mordor.fan, mamba.mordor.fan cname = proxyweb.mordor.fan, mnyama .mordor.fan cname = blog.mordor .fan, troll.mordor.fan cname = ftpserver.mordor.fan, shadowftp.mordor.fan cname = mail.mordor.fan, blackelf.mordor.fan cname = www.mordor.fan, blackspider.mordor.fan cname = opendire .mordor.fan, palantir.mordor.fan # MX RECORDS # Returns a MX record with the name "mordor.fan" destined # to the blackelf.mordor.fan team and priority of 10 mx-host = mordor.fan, mail. mordor.
dhcp-lease-max = 222 # Inani eliphakeme lamakheli okuqashisa
# ngokuzenzakalela kungu-150
# IPV6 Range # dhcp-range = 1234 ::, ra-only # Izinketho zeRANGE # OPTIONS dhcp-option = 1,255.255.255.0 # NETMASK dhcp-option = 3,10.10.10.253 # ROUTER GATEWAY dhcp-option = 6,10.10.10.5. 15 # DNS Servers dhcp-option = 19,1, mordor.fan # DNS Domain Name dhcp-option = 28,10.10.10.255 # option ip-forwarding ON dhcp-option = 42,10.10.10.1 # BROADCAST dhcp-option = 40. 41,10.10.10.3 # NTP # dhcp-option = 44,10.10.10.3, MORDOR # NIS Igama Lesizinda # dhcp-option = 45,10.10.10.3 # NIS Server # dhcp-option = 73,10.10.10.3 # WINS # dhcp-option = 46,8 # Ama-datagrams we-NetBIOS # dhcp-option = XNUMX # Finger Server # dhcp-option = XNUMX # NetBIOS node dhcp-onegunya # I-DHCP egunyaziwe ku-subnet # ------------- - ----------------------------------------------------- - --- # --------------------------------------------- - --------------------- # UKUNGENA NGEMISELA -f / var / log / syslog noma journalctl -f # -------------- ----------------------------------------------------- - ---- imibuzo ye-log # ----------------------------------------- - ------------------------- # Re A kanye namarekhodi e-SRV ahambelana ne-Active Directory # --------------------------------------------- --------------------------
# Amarekhodi A
ikheli = / gc._msdcs.mordor.fan / 10.10.10.3 ikheli = / DomainDnsZones.mordor.fan / 10.10.10.3 ikheli = / ForestDnsZones.mordor.fan / 10.10.10.3
# I-Microsoft DNS Zone CNAME irekhodi _msdcs.mordor.fan
cname=03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan,sauron.mordor.fan
# Amarekhodi e-SRV
# umphathi we-srv = , , , ,
# Ikhathalogu Yomhlaba Wonke # Indawo ye-Microsoft DNS _msdcs.mordor.fan
srv-host = _ldap._tcp.gc._msdcs.mordor.fan, sauron.mordor.fan, 3268,0,0 srv-host = _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mordor .fan, sahle.mordor.fan, 3268,0,0
# I-Microsoft DNS zone mordor.fan
srv-host = _gc._tcp.mordor.fan, sahle.mordor.fan, 3268,0,0 srv-host = _gc._tcp. .3268,0,0
# I-LDAP eguquliwe neyimfihlo ye-Directory Esebenzayo
# Indawo ye-Microsoft DNS _msdcs.mordor.fan
srv-host=_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.dc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.pdc._msdcs.mordor.fan,sauron.mordor.fan,389,0,0
# Indawo ye-Microsoft DNS mordor.fan
srv-host=_ldap._tcp.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.DomainDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
srv-host=_ldap._tcp.ForestDnsZones.mordor.fan,sauron.mordor.fan,389,0,0
#
# I-KERBEROS iguqulwe futhi yangasese kusuka ku-Active Directory
srv-host=_kerberos._tcp.Default-First-Site-Name._sites.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kerberos._tcp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._tcp.mordor.fan,sauron.mordor.fan,464,0,0
srv-host=_kerberos._udp.mordor.fan,sauron.mordor.fan,88,0,0
srv-host=_kpasswd._udp.mordor.fan,sauron.mordor.fan,464,0,0
# UKUPHELA kwefayela le /etc/dnsmasq.conf
# ----------------------------------------------------- ------------------
Masakhe ifayela le / etc / banner_add_host
[izimpande @ dns ~] # nano / njll /banner_add_Hosts 127.0.0.1 windowsupdate.com 127.0.0.1 ctldl.windowsupdate.com 127.0.0.1 ocsp.verisign.com 127.0.0.1 csc3-2010-crl.verisign.com 127.0.0.1 www.msftncsi.com 127.0.0.1 ipv6.msftncsi.com 127.0.0.1 teredo.ipv6.microsoft.com 127.0.0.1 ds.download.windowsupdate.com 127.0.0.1 download.microsoft.com 127.0.0.1 fe2.update.microsoft.com 127.0.0.1 crl.microsoft.com 127.0.0.1 www .download.windowsupdate.com 127.0.0.1 win8.ipv6.microsoft.com 127.0.0.1 spynet.microsoft.com 127.0.0.1 spynet1.microsoft.com 127.0.0.1 spynet2.microsoft.com 127.0.0.1 spynet3.microsoft.com 127.0.0.1. 4 spynet127.0.0.1.microsoft.com 5 spynet127.0.0.1.microsoft.com 15 office127.0.0.1client.microsoft.com 127.0.0.1 addons.mozilla.org XNUMX crl.verisign.com [izimpande @ dns ~] # dnsmasq - isivivinyo dnsmasq: isheke le-syntax KULUNGILE. [root @ dns ~] # systemctl qala kabusha dnsmasq.service [root @ dns ~] # systemctl isimo dnsmasq.service
Masiguqule ifayela /etc/resolv.conf - Resolver
izimpande @ dns: ~ # nano /etc/resolv.conf
isizinda mordor.fan sesha mordor.fan
Kungani singenayo imigqa ejwayelekile emenyezelwe kufayela isisombululo? Ngoba simemezela kufayela le- dnsmasq.conf iziqondiso ezilandelayo:
# Bheka iseva yeMicrosoft® DNS "sauron" uma # siyisebenzisa iseva = / mordor.fan / 10.10.10.3 # Imibuzo ngezizinda zasendaweni izophendulwa # kusuka / etc / hosts noma nge-DHCP kwasendaweni = / mordor.fan / Imibuzo engu- # mayelana ne-PTR noma amarekhodi abuyayo izophendulwa # ngamaseva we- "dns" ne- "sauron" ngokulandelana iseva = / 10.10.10.in-addr.arpa / 10.10.10.5 iseva = / 10.10.10.in-addr.arpa / 10.10.10.3
Imibuzo evela ku-sysadmin.mordor.fan
Ifayela /etc/resolv.conf waleli qembu ngu:
buzz @ sysadmin: ~ $ cat /etc/resolv.conf # Kukhiqizwe yi-NetworkManager search mordor.fan nameserver 10.10.10.5
buzz @ sysadmin: ~ $ host -t Ku-spynet4.microsoft.com ispynet4.microsoft.com inekheli 127.0.0.1 buzz @ sysadmin: ~ $ host -t Ukuze www.download.windowsupdate.com www.download.windowsupdate.com inekheli 127.0.0.1 buzz@sysadmin: ~ $ dig dns buzz @ sysadmin: ~ $ dig dns.mordor.fan ;; ISIQEPHU SOMBUZO :; dns.mordor.fan. KWI ;; ISIGABA SEMPENDULO: dns.mordor.fan. 0 KU-A 10.10.10.5 buzz @ sysadmin: ~ $ umphathi -t SRV _ldap._tcp.gc._msdcs buzz @ sysadmin: ~ $ umphathi -t SRV _ldap._tcp.gc._msdcs.mordor.fan _ldap._tcp.gc._msdcs.mordor.fan unerekhodi le-SRV 0 0 3268 sauron.mordor.fan. buzz @ sysadmin: ~ $ dig _ldap._tcp.gc._msdcs.mordor.fan ;; ISIQEPHU SOMBUZO :; _ldap._tcp.gc._msdcs.mordor.fan. KWI ;; ISIGABA SEMPENDULO: _ldap._tcp.gc._msdcs.mordor.fan. 0 KU-A 10.10.10.3 buzz @ sysadmin: ~ $ dig mordor.fan axfr buzz @ sysadmin: ~ $ bamba 10.10.10.in-addr.arpa axfr
Futhi ngaleyo ndlela, kudinga ukubonisana okungaki
I-Dnsmasq + Active Directory® + Microsoft® Windows Amaklayenti
Iqamba kabusha i-Microsoft® Windows Client
eziyisikhombisa uqashe ikheli le-IP:
izimpande @ dns: ~ # ikati /var/lib/misc/dnsmasq.leases 1488006009 00:0c:29:d6:14:36 10.10.10.115 seven 01:00:0c:29:d6:14:36
Ake siqambe kabusha i- «Isikhombisa»-Okungahlanganisiwe ku-Active Directory Domain- ngo-«ugamthilini«. Ngemuva koshintsho nokuqala kabusha sihlola:
izimpande @ dns: ~ # ikati /var/lib/misc/dnsmasq.leases 1488006633 00:0c:29:d6:14:36 10.10.10.115 eucaliptus 01:00:0c:29:d6:14:36
Umlando wezinguquko ungabonakala kusuka ku- "sysadmin":
buzz @ sysadmin: ~ $ host -t A eziyisikhombisa seven.mordor.fan unekheli le-10.10.10.115
Ngemuva kokushintshwa kwegama
buzz @ sysadmin: ~ $ host -t A eziyisikhombisa abayisikhombisa abanalo i-A record buzz @ sysadmin: ~ $ host -t I-eucaliptus eucaliptus.mordor.fan unekheli le-10.10.10.115
Imibuzo evela kumakhasimende eucaliptus.mordor.fan
I-Microsoft Windows [Inguqulo 6.1.7601] I-copyright (c) 2009 Microsoft Corporation. Wonke Amalungelo Agodliwe. C: \ Abasebenzisi \ buzz> nslookup Iseva ezenzakalelayo: dns.mordor.fan Ikheli: 10.10.10.5 > isayoni Iseva: dns.mordor.fan Ikheli: 10.10.10.5 Igama: sauron.mordor.fan Ikheli: 10.10.10.3 > mordor.fan Iseva: dns.mordor.fan Ikheli: 10.10.10.5 Igama: mordor.fan Ikheli: 10.10.10.3 > ugamthilini Iseva: dns.mordor.fan Ikheli: 10.10.10.5 Igama: eucaliptus.mordor.fan Ikheli: 10.10.10.115 > 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan Iseva: dns.mordor.fan Ikheli: 10.10.10.5 Igama: Ikheli le-sauron.mordor.fan: 10.10.10.3 Ama-aliases: 03296249-82a1-49aa-a4f0-28900f5d256b._msdcs.mordor.fan > setha uhlobo = SRV > _dladla._udp.mordor.fan Iseva: dns.mordor.fan Ikheli: 10.10.10.5 _kerberos._udp.mordor.fan Indawo yesevisi ye-SRV: kuqala = 0 isisindo = 0 port = 88 svr hostname = sauron.mordor.fan sauron.mordor.fan ikheli le-inthanethi = 10.10.10.3. XNUMX > _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan Iseva: dns.mordor.fan Ikheli: 10.10.10.5 _ldap._tcp.18d3360d-8fdb-40cf-a678-d7c420b6d775.domains._msdcs.mordor.fan Indawo yesevisi ye-SRV: kuqala = 0 weight = 0 port = 389 svr hostname = sauron .mordor.fan sauron.mordor.fan ikheli le-inthanethi = 10.10.10.3 > phuma C: Abasebenzisi buzz>
Ukubhaliswa kwamakhasimende eWindows kuMicrosoft® DNS
Amaklayenti e-Windows Awajoyinanga ku-Active Directory® Domain
Kumele sibheke ukuthi amakheli e-IP aqashiswe ngamakhasimende ahlukile e-Windows avela ku-Dnsmasq abhaliswe kahle kwi-Microsoft® DNS. Kungaba nomthelela indlela esivula ngayo iDynamic Updates - Ukuvuselelwa okunamandla kuzindawo zeMicrosoft® DNS ze-Active Directory®. Siqala kusukela ekucushweni okuzenzakalelayo kweMicrosoft DNS evumela kuphela ukuvuselelwa okuvikelekile okunamandla - Ukuvuselelwa okunamandla -> Kuphephile kuphela, eziNdeni ngalunye.
Qaphela ukuthi iklayenti eline-current I-FQDN eucaliptus.mordor.fan cha inamathiselwe ku-Active Directory Domain (noma i-Samba4 AD-DC), futhi ihlukile kumthetho we-Microsoft othi «Amaklayenti kuphela abhaliswe ku-My Domain azothola imvume nge-My Update Mechanism - engikwaziyo kuphela- ukubhalisa ku-My DNS«. Into enhle iSamba4 AD-DC isifundisa okuthile ngayo.
i-eucaliptus.mordor.fan uqashe i-IP 10.10.10.115:
buzz @ sysadmin: ~ $ host -t I-eucaliptus eucaliptus.mordor.fan unekheli le-10.10.10.115
Ake sishintshe igama lalo lithi «mahogany«, Ake siqale kabusha iWindows 7, bese ubona ukuthi kwenzekani lapho sicela amagama«ugamthilini»Futhi«mahogany»Ku-DNS ngayinye, kuqala ku-Microsoft DNS bese ku-Dnsmasq:
buzz @ sysadmin: ~ $ host -t I-eucaliptus.mordor.fan 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: Umsingathi we-eucaliptus.mordor.fan akatholakali: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: Umsingathi mahogany.mordor.fan akatholakali: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t I-eucaliptus.mordor.fan 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-Aliases: Umsingathi we-eucaliptus.mordor.fan akatholakali: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-Aliases: mahogany.mordor.fan unekheli le-10.10.10.115
Singashintsha igama leklayenti leWindows 7 lelo cha inamathiselwe ku-Domain i-mordor.fan ye-Active Directory® kaningi ngendlela esifuna ngayo, ukuthi iMicrosoft® DNS ayitholi ngalezi zinguquko noma ukuthi lelo khasimende likhona. Kungenzeka yini ukuthi kungenxa yokuthi sikhethe inketho Ukuvuselelwa okunamandla -> Kuphephile kuphela kuZoni ngayinye ye-Micorosft DNS?.
Ukuze uMnu Microsoft® DNS azi ngezinguquko, kufanele sikhethe Ukuvuselelwa okunamandla -> Ukungavikeleki futhi kuvikelekile. Le nketho, Bafundi Abathandekayo, isho ukuba sengozini okukhulu kokuphepha kwanoma iyiphi i-Domain Name Server ehlonishwayo, kungaba iMicrosft® noma i-UNIX® / Linux. IMicrosoft® DNS ixwayisa ngobungozi ngoba ekugcineni akuyona nje into eboshelwe futhi eyenziwe yangasese ukuze isinikeze «Ukuphepha Kobumnyama«. Uma kungenjalo, kungani uncoma ukonga kokudumile kwakho ukubhalisa wonke amasethingi e-DNS kanye namarekhodi e-Microsoft® DNS yakho lapho sisebenzisa i-Active Directory®?. Ngaphezu kokusekela izibuyekezo ezingaphephile ku-Microsoft® DNS, ukuguqulwa okulandelayo kuyadingeka ekucushweni kwekhadi lenethiwekhi yamakhasimende e-Windows 7
Ake sihlole:
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Usebenzisa i-domain server: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-aliases: mahogany.mordor.fan unekheli le-10.10.10.115 buzz @ sysadmin: ~ $ umphathi 10.10.10.115 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: 115.10.10.10.in-addr.arpa igama lesizinda pointer mahogany.mordor.fan. buzz @ sysadmin: ~ $ host -t I-mahogany 10.10.10.5 Usebenzisa i-domain server: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-aliases: mahogany.mordor.fan unekheli le-10.10.10.115 buzz @ sysadmin: ~ $ umphathi 10.10.10.115 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-Aliases: 115.10.10.10.in-addr.arpa igama lesizinda pointer mahogany.mordor.fan.
Yebo manje. Yeka ukuvumelanisa okuhle kwamaseva amabili e-DNS angavumelanisiwe nganoma iyiphi indlela, akunjalo?
Amaklayenti e-Windows Ajoyine i-Active Directory® Domain
Ake sihlanganise iklayenti mahogany.mordor.fan ku-Domain, kepha hhayi ngaphambi kokuqeda ukuguqulwa esikwenze ekucushweni kwekhadi lakho lenethiwekhi, uma noma ngasiphi isikhathi sikwenzile ukuqinisekisa iphuzu lesahluko esedlule. Futhi susa okufakiwe kwe- «mahogany»KuMicrosoft® I-DNS, bese ubuyisela izibuyekezo zeDynamic endaweni yazo yemvelaphi ye- «Kuphephile kuphela«. Ngendlela, kuvumelekile ukuqala kabusha insiza yeMicrosoft® DNS.
Ngemuva kokujoyina i-Domain, futhi ngaphandle kwayo yonke imizamo yethu, iklayenti «mahogany»Ayibhalisiwe ku-Microsoft® DNS. Simemezele nakwi- dnsmasq.conf -esikhashana- ukuthi iseva yokuqala ye-DNS ingu-10.10.10.3.
I-Microsoft Windows [Inguqulo 6.1.7601]
I-copyright (c) 2009 Microsoft Corporation. Wonke Amalungelo Agodliwe.
C: Abasebenzisi sumanuman> ipconfig / all
Igama le-Windows IP Configuration Host. . . . . . . . . . . . : MAHOGANY Primary Dns Isijobelelo. . . . . . . : Uhlobo lweNode yeNode. . . . . . . . . . . . Umzila we-Hybrid IP Unikwe amandla. . . . . . . . : Akukho Proxy WINS Enikwe Amandla. . . . . . . . : Alukho Uhlu Lokusesha Isijobelelo Se-DNS. . . . . . : mordor.fan Ethernet adaptha Ukuxhuma Kwendawo Yasendaweni: Ukuxhunyaniswa okuqondene ne-DNS Suffix. : mordor.fan Incazelo. . . . . . . . . . . I-Intel (R) PRO / 1000 MT Network Connection Ikheli Lendawo. . . . . . . . . : 00-0C-29-D6-14-36 DHCP Inikwe amandla. . . . . . . . . . . : Yebo Ukulungiswa kokuzenzakalelayo kunikwe amandla. . . . : Yebo Ikheli le-IPv6 lasendaweni. . . . . : fe80 :: 352a: b954: 7eba: 963e% 12 (Kukhethwa) Ikheli le-IPv4. . . . . . . . . . . : 10.10.10.115 (Okuncanyelwayo) Subnet Mask. . . . . . . . . . . : 255.255.255.0 Ukuqashwa Kutholakele. . . . . . . . . . : NgoMgqibelo, ngoFebhuwari 25, 2017 8:19:05 AM Ukuqashwa Kuphela. . . . . . . . . . : NgoMgqibelo, ngoFebhuwari 25, 2017 4:20:36 PM I-Default Gateway. . . . . . . . . : 10.10.10.253 I-DHCP Server. . . . . . . . . . . : 10.10.10.5 DHCPv6 IAID. . . . . . . . . . . : 251661353 DHCPv6 Iklayenti DUID. . . . . . . . : 00-01-00-01-20-3B-69-81-00-0C-29-D6-14-36
Amaseva we-DNS. . . . . . . . . . . : 10.10.10.3
10.10.10.5
INetBIOS ngaphezulu kweTcpip. . . . . . . . : I-adaptha yomhubhe evunyelwe isatap.mordor.fan: Media State. . . . . . . . . . . : Imidiya inqanyuliwe Isixhumi Sesixhumi Esicacisiwe Sokuxhumeka. : mordor.fan Incazelo. . . . . . . . . . . : I-adaptha ye-Microsoft ISATAP Ikheli Lendawo. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Inikwe amandla. . . . . . . . . . . : Akukho ukulungiswa okuzenzakalelayo okunikwe amandla. . . . : Yebo i-adapter yomhubhe Ukuxhuma Kwendawo Yendawo * 9: Media State. . . . . . . . . . . : Imidiya inqanyuliwe Isixhumi Sesixhumi Esicacisiwe Sokuxhumeka. : Incazelo. . . . . . . . . . . : I-adaptha ye-Microsoft Teredo Tunneling Ikheli Lendawo. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Inikwe amandla. . . . . . . . . . . : Akukho ukulungiswa okuzenzakalelayo okunikwe amandla. . . . : Futhi kunjalo
C: \ Abasebenzisi \ saruman>
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3
Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: I-Host caoba.mordor.fan ayitholakali: 3 (NXDOMAIN)
buzz@sysadmin: ~ $ host -t Ku-mahogany.mordor.fan
mahogany.mordor.fan unekheli le-10.10.10.115
- Ukuphela kwendlela iklayenti elibhaliswe ngayo «mahogany»KwiMicrosft® DNS iguqula ikhadi lakho lenethiwekhi njengoba kukhonjisiweó emfanekisweni owedlule, okusho ngokucacile ukuthi: Isijobelelo se-DNS soxhumano yi-mordor.fan, ukuthi sibhalisa ikheli lokuxhumeka ku-DNS, nokuthi lisebenzisa isijobelelo esimenyezelwe se-DNS lapho kubhaliswa ukuxhumana.
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Usebenzisa i-domain server: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-aliases: mahogany.mordor.fan unekheli le-10.10.10.115 buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan mahogany.mordor.fan unekheli le-10.10.10.115
Ake sishintshe igama lisuke ku- "mahogany" liye ku- "cedar"
buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-Aliases: I-Host caoba.mordor.fan ayitholakali: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t Ku cedar.mordor.fan 10.10.10.3 Usebenzisa iseva yesizinda: Igama: 10.10.10.3 Ikheli: 10.10.10.3 # 53 Ama-aliases: cedro.mordor.fan unekheli le-10.10.10.115 buzz @ sysadmin: ~ $ host -t A mahogany.mordor.fan 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-Aliases: I-Host caoba.mordor.fan ayitholakali: 3 (NXDOMAIN) buzz @ sysadmin: ~ $ host -t Ku cedar.mordor.fan 10.10.10.5 Usebenzisa iseva yesizinda: Igama: 10.10.10.5 Ikheli: 10.10.10.5 # 53 Ama-aliases: cedro.mordor.fan unekheli le-10.10.10.115
Futhi konke okujwayelekile, njengamaklayenti e-Microsoft® kanye ne-Microsoft® DNS bathanda izinto ukuba zibe.
Masisebenze neMicrosoft® DHCP neMicrosoft® DNS
Bafundi Abathandekayo, lesi sahluko asiphumi kumongo webhulogi enikezelwe kwiFree Software. Bheka usizo lweMicrosoft®. Abakholwa ?. 😉
Iziphetho
Kunezindlela eziningi zokusebenza ne-Microsoft® DNS lapho siyenza ihlangane ku-SME Network ne-Dnsmasq. Phakathi kwabo sizokhuluma ngokulandelayo kuphela:
- Misa ngokuphelele insizakalo ye-Microsoft® DNS kwikhompyutha lapho isebenza khona, okukhombisa ngemuva kwalokho ukuthi ukuqala kwensiza kukhutshaziwe. Ungahloli ukumiswa kwekhadi lenethiwekhi leklayenti ngalinye le-Microsoft® inketho yokubhalisa ikheli lokuxhumeka ku-DNS. Susa kufayela /etc/dnsmasq.conf Isiqondisi iseva = / mordor.fan / 10.10.10.3. Amanothi:
- Noma imibuzo ephathelene namarekhodi ingaphendulwa SOA y NS, inethiwekhi izosebenza kahle, kanye nokuhlanganiswa kwamakhasimende ahlukene -Microsoft® neLinux- ku-Active Directory® Domain.
- Kunenzuzo yokuthi ku-SME LAN kuzoba ne-Domain Name Server eyodwa kuphela - owesilisa wesilisa - futhi kuzoba yi-Dnsmasq. ;-). Ngakolunye uhlangothi, kungenzeka ukungahambelani phakathi kwamarekhodi e-DNS agcinwe ku-Microsoft® DNS nalawo atholakala nge-Dnsmasq kuyasuswa.
- Shiya iMicrosoft® DNS isebenza ukuphendula imibuzo ye-DNS kuphela mayelana namarekhodi we-SOA ne-NS. Notes:
- Shintsha ukumiswa kwekhadi lenethiwekhi leklayenti ngalinye leWindows, ungahloli inketho yokubhalisa ikheli lokuxhumeka ku-DNS.
- Siyacabanga ukuthi lesi sixazululo ukuchitha izinsiza.
- Lungiselela izinsizakalo njengoba sibonile kulo lonke i-athikili, ekhombisa isisombululo ngokuthanda ifilosofi yeMicrosoft® -hhayi i-FreeBSD / Linux- Ok?
Isifingqo
- Isiphakamiso seMicrosoft® DNS sivalwe kakhulu. Akushiyi indawo yezinye izixazululo ezingahambisani nefilosofi yayo ye-hermetic.
- Umama Wemvelo usifundisa ukuthi sikhona endaweni yonke eyahlukahlukene. Into ejwayelekile ukuthi ube ne-LAN exubile, ubheke e-Free Software, futhi ucebile ngempilo nangokuhlukahluka.
- Kubukeka sengathi kwiMicrosoft®, amakhasimende angayijoyini i-His Philosophy ayilahlwa, ngakho-ke akufanele azihluphe ngokuwanaka.
- Yeka ukuthi kunzima kanjani ukusebenza ne-Private Software! Ngingathanda ukuchitha kancane umsebenzi wokusetha i-Free Software futhi ngikhululeke ngempela, kulahlekile!
"Umgomo Ohamba Phambili Weqiniso Ukuzikhandla."
I-athikili enhle oyibhalile, uFederico!
Indatshana ebabazekayo sithandwa sami. Futhi isifinyezo yi-XD ehamba phambili
Ibhalansi;
Angicabangi ukuthi ngibonile umhlahlandlela ophelele futhi oningiliziwe we-sysadmin ku-inthanethi (ngolimi lweSpanishi), umsebenzi owenzayo kumaNethiwekhi wama-SME wukuhlela.
Yize lo msebenzi unzima futhi ufinyelela kulelo zinga lemininingwane kuyindaba yamahora amaningi, ngicabanga ukuthi udala iphuzu eliyinkomba elizosetshenziswa njengoba laziwa yinani elikhulu leSysAdmin elinokhiye kuthisha wakho wama-athikili wabaningi yemisebenzi abhekana nayo nsuku zonke.
Ngokuqondene ne-dnsmasq nomkhombandlela osebenzayo, ngicabanga ukuthi angikaze ngibe nethuba lokusebenza nabo bobabili, kepha elabhorethri yami, lapho iklayenti lewindows likhona, konke kubonakala kuhamba kahle, futhi akumangalisi ngalesi sinyathelo esihle kakhulu isinyathelo.
Sindisa umusho wakho «Kunzima kanjani ukusebenza ne-Private Software!. Ngingathanda ukuchitha kancane umsebenzi wokulungiselela i-Free Software futhi ngikhululeke ngokweqiniso, kulahlekile! »… Ake sisebenzise lokho ukuchitha umsebenzi omncane silungiselela ukweqa isoftware yamahhala ngokuhamba kwesikhathi, ikakhulukazi ukuthola imibhalo efana neyakho nakwabanye abantu abaningi, kanjani futhi ukwenziwa njalo kwesoftware yamahhala.
Siyakuhalalisela i-FIco… Siyaqhubeka.
Zodiac: Amagama akho ayisisusa sokuqhubeka nokubhala. Unganqikazi, amahora amaningi amahle - izinqe ziyadingeka ukubhala i-athikili enesizotha njengale.
UJulio León: Ngiyakubingelela nawe, Julio othandekayo. Sethemba, uqhubeka nathi endleleni yokwazi okuthe xaxa nge-Free Software.
I-Lagarto: Izinsuku namahora asetshenzisiwe kuwufanele lapho ngifunda ukuphawula okufana nalokhu okuthunyelwe. Bangumklomelo omuhle kakhulu ngomsebenzi wethu. Ngidlulisele isixhumanisi esihlokweni kuSimon Kelley uqobo futhi wayenomusa ngokwanele ukungiphendula.
Ngifuna ukusizakala ngalesi sikhala ukusho ukuthi enkingeni ye-DNS ne-DHCP siqala - ngamasu - kusuka enkingeni kuya kokulula. I-Dnsmasq yisixazululo esivumelekile kuma-SME Networks, futhi kulula kakhulu ukusisebenzisa kune-BIND + Isc-Dhcp-Server duo. Isihloko singabonakala njengokusebenza kancane kubafundi abaningi. Ngokuhamba kwesikhathi nangokuzijwayeza bazobona ukuthi akunjalo. Kuhle ukutadisha Izimiso ze-Infrastructure Server, isihloko esingahlanganisa izindatshana eziyisi-6 ezibhalwe ngezinsizakalo ze-DNS neze-DHCP, ngaphandle kokukhohlwa i-NTP.
Halala kubo bonke… Siyaqhubeka!
Ngiyabonga uFederico ngenye indatshana enhle enemininingwane emangalisayo nemfundiso ebanzi ngeDnsmasq, ithuluzi esivele silibona lisiza kakhulu ama-sysadmins.
KUKHULU konke okuhlobene nokufakwa kufayela lakho lokumisa le- /etc/dnsmasq.conf le-Microsoft DNS Zone "_msdcs.mordor.fan" ngamarekhodi alo e-SRV asebenzisa amasevisi: _gc, _ldap, _kerberos kanye _kpasswd umgomo wokusebenzisa iMicrosoft DNS (command "server = / mordor.fan / 10.10.10.3") ngaphezu kwe-Dnsmasq (command "local = / mordor.fan /") ukuxazulula imibuzo ye-DNS.
OKUKHULU futhi yisibonelo esithuthukisiwe sokuthi iMicrosoft DNS ibhalise amaklayenti weWindows ngezinguquko ze-IP ku-LAN, kuyadingeka ukukhetha ekucushweni kwe-DNS, "izibuyekezo zeDynamic" njenge- "Nonsecure and safe" nokuthi lokho kusho ukuthini ukuba sengozini kwe- ukuphepha kwanoma iyiphi i-Domain Name Server ehlonishwayo, kungaba iMicrosoft noma i-UNIX / Linux. Ngaphandle kokudingeka ukuguqulwa ekucushweni kwekhadi lenethiwekhi yamakhasimende eWindows.
Akukho lutho ngokuthumela okusha ngakunye ophakamisa ukuma! Silinde ngentshiseko izindatshana ezilandelayo!
Ngiyabonga kakhulu ngokuhlola kwakho nokuphawula kwakho, IWO. Kuwo wonke ama-athikili engiwashicilelayo, ngihlala ngilinde umbono wakho, njengoba usekelwa ngumsebenzi wakho, ulwazi nokwenza kwakho. Halala IWO. Sizokubona esihlokweni esilandelayo
Umsebenzi omuhle kakhulu, njengokuhlala uthumela la magugu kuma-sysadmins. Ngiyabonga inkulungwane!
Nikeza i-DNS yeMicrosoft ithuba, awukayivumeli nokuthi ibonise. Asazi noma usaphila yini noma ngabe usenamahloni yini. Indatshana enhle kakhulu.
Igugu elingelona elinye, eligcinwe kuzintandokazi zokubonisana. Indatshana enhle kakhulu.
Ngiyabonga HO2Gi ngokuhlolwa kwakho. Ngincoma wena - futhi ngokujwayelekile WONKE UMUNTU- vakashela https://blog.desdelinux.net/redes-computadoras-las-pymes-introduccion/. Iphinde yahlelwa futhi ngenkomba yakho konke okuthunyelwe okushicilelwe kanye nezihloko okuzoxoxwa ngazo. Sanibonani bese uqhubeka nathi.
Idokhumenti enhle kakhulu njengaleyo etholakala ku- https://blog.desdelinux.net/bind-active-directory/
Ngifuna nje ukwenza isincomo, futhi ngicela ukuthathe njengokugxeka okwakhayo; Ukwenza isibonelo sokucushwa, bekuzoba ngcono ukube esikhundleni sokusebenzisa inethiwekhi ye-10.10.10.0/24 isebenzise eyodwa lapho ibhulokhi ngayinye inezinombolo ezahlukahlukene, njengenethiwekhi ye-192.168.1.0/24.
Lokhu kuzokwenza kucace amaphuzu lapho amakheli enethiwekhi ehlehlela emuva, ngokwesibonelo lapho kufanele ungeze amanani ohlobo ".in-addr.arpa"
Siyabonga ngokwabelana ngolwazi oluhle kakhulu lwekhwalithi.
Okuhle kakhulu