Gushiraho DNS muri Centos

Intambwe ya 1: Kwishyiriraho ibikenewe bikenewe

Mbere yuko utangira gusuzuma amabwiriza akurikira, turashaka kumenya ko kurubuga rwacu hariya busanzwe buyobora umurongo rusange kuri DNS isanzwe muri Linux. Turasaba gukoresha neza ibikoresho niba ugomba gushyiraho igenamiterere ryo gusura ibibanza bya interineti. Ibikurikira, tuzerekana uburyo seriveri nyamukuru ya DNS hamwe nigice cyabakiriya cyashyizweho.

Iyo nzira irangiye, uzamenyeshwa ko amapaki yose yongeweho muri sisitemu. Nyuma yibyo, jya ku ntambwe ikurikira.

Intambwe ya 2: SNS ya DNS Seriveri

Noneho turashaka kwerekana uburyo dosiye nyamukuru ihinduwe, kimwe nimirongo yongereweyo. Ntabwo tuzibanda kuri buri murongo utandukanye, nkuko bizafata umwanya munini, byongeye kandi, amakuru yose akenewe araboneka mubyangombwa byemewe.

1. Urashobora gukoresha inyandiko iyo ari yo yose kugirango uhindure ibintu byiboneza. Dutanga kwishyiriraho Nano yoroshye twinjira muri Sudo Yum Shyira Nano muri konsole.



2. Ibipapuro byose bikenewe bizakururwa, kandi niba bimaze kuboneka mugukwirakwiza, uzabona imenyesha "ntacyo ukora."



3. Tuzakomeza guhindura dosiye ubwayo. Fungura ukoresheje Sudo Nano /etc/Sod.conf. Nibiba ngombwa, gusimbuza umwanditsi wifuzwa, noneho umugozi uzaba ukurikira: Sudo VI /Vetc/named.conf.



4. Hasi tugaragaza ibirimo ukeneye kwinjiza muri dosiye yafunguwe cyangwa kubigenzura bimaze kubaho wongeyeho imirongo yabuze.



5. Nyuma yibyo, kanda Ctrl + o kugirango wandike impinduka.



6. Ntugomba guhindura izina rya dosiye, kanda gusa kuri Enter.



7. Kureka umwandiko wanditse ukoresheje Ctrl + X.

Nkuko bimaze kuvugwa mbere, dosiye iboneza izakenera gushyiramo imirongo imwe igaragaza amategeko rusange yimyitwarire ya DNS.

//

// yitwa.conf.

//

// yatanzwe na hat hand ihuza paki kugirango igena isc guhambira izina (8) dns

// seriveri nkizina ryonyine izina (nka honchost DISTER gusa).

//

// reba / usr / kugabana / doc / guhambira * / icyitegererezo / kurugero rwita ku iboneza.

//

Amahitamo {

Umva-ku cyambu 53 {127.0.0.1; 192.168.1.1010;}; ### MASTER DNS IP ###

# Umva-inte-v6 Port 53 {:: 1; ;

Ububiko "/ var / yitwa";

dosiye-dosiye "/var/named/data/ca_dump.dDump";

Imibare-dosiye "/var/named/data/ad_stats.tport";

Memstatistics-dosiye "/var/named/data/named_mem_stats";;

Emera-ikibazo {loancehost; 192.168.1.0hani;}; ### IP Range ###

Emera-kwimura {loancehost; 192.168.1.102; ; ### Umucakara Dns Ip ###

/*

- Niba wubaka seriveri yemewe, ntushoboze kurenga.

- Niba wubaka (cashing) seriveri ya DNS, ugomba gukora

Kwandikwa.

- Niba seriveri yawe ya onns ifite aderesi rusange ya IP, ugomba gukora

Kugenzura kugabanya ibibazo kubakoresha byemewe. Kunanirwa kubikora

Tera seriveri yawe kugirango ibe igice kinini cya DNS Amplifigishi

Ibitero. Gushyira mu bikorwa BCP38 mururugo rwawe niwongeye

Gabanya ubuso nk'ubwo

*/

KUBONA Yego;

dnsese-ishoboze Yego;

DnSSEC-Kwemeza Yego;

DnSSEC-Ishakisha Auto;

/ * Inzira isc dlv urufunguzo * /

bindkeys-dosiye "/etc/named.iscdlv.y;;

Gucungwa-urufunguzo-Ubuyobozi "/ Var / kwitwa / dinamike";

pid-dosiye "/ir/named/named.pid";

isomo-urufunguzo "/Nor/named/session.y";

};

Kwinjira {

Umuyoboro Mburabuzi_debug {

Dosiye "amakuru / yitwa.run";

Ubukana bufite imbaraga;

};

};

zone "." Muri {

Andika igitekerezo;

Dosiye "yitwa.ca";

};

Zone "Unixmen.urugendo" muri {

Andika Umwigisha;

Dosiye "imbere.Nixmen";

Emera-kuvugurura {ntayo; ;

};

Zone "1.168.192.Naddr.arpa" muri {

Andika Umwigisha;

Dosiye "reverse.Nixmen";

Emera-kuvugurura {ntayo; ;

};

Shyiramo "/etc/named.rfc1912.Zone";

shyiramo "/etc/named.root.y;;

Menya neza ko ibintu byose bigaragara neza nkuko bigaragara hejuru, hanyuma ujye ku ntambwe ikurikira.

Intambwe ya 3: Gukora zone itaziguye kandi isubirwamo

Kumakuru yerekeye inkomoko, DNS Seriveri ikoresha muri zone itaziguye kandi igoretse. Ubusobanuro bugufasha kwakira aderesi ya IP yizina ryakira, kandi kugaruka ukoresheje IP itanga izina rya domaine. Imikorere ikwiye ya buri karere igomba guhabwa amategeko yihariye, kurema dutanga kugirango dukore byinshi.

1. Kuri zone itaziguye, tuzakora dosiye itandukanye binyuze mumyandikire imwe. Noneho umugozi uzasa nkiyi: Sudo Nano /var/named/Orverd.Nixmen.



2. Uzabimenyeshwa ko ari ikintu cyubusa. Shyiramo ibikurikira:

   $ TTL 86400.

   @ Muri soa mahamedns.nixmen.LOCAL. umuzi.Nixmen.Local. (

   2011071001; Serial

   3600; Kuvugurura.

   1800; gusubiramo.

   604800; kurangira

   86400; byibuze TTL

   )

   @ Muri NS MastDenn.Nnixmen.LOCAL.

   @ Muri NS Secoryns.Nixmen.Local.

   @ Mu 192.168.1.1

   @ Mu 192.168.1.102

   @ Muri 192.168.1.103

   Maledns muri 192.168.1.1101

   Secondaryn muri 192.168.1.102

   Umukiriya muri 192.168.1.103



3. Bika impinduka hanyuma ufunge umwanditsi wanditse.



4. Ubu duhindukirira muri zone mbi. Irasaba /var/named/Reverse.urimoxmen.



5. Ibi nabyo bizaba dosiye nshya. Shyiramo Hano:

   $ TTL 86400.

   @ Muri soa mahamedns.nixmen.LOCAL. umuzi.Nixmen.Local. (

   2011071001; Serial

   3600; Kuvugurura.

   1800; gusubiramo.

   604800; kurangira

   86400; byibuze TTL

   )

   @ Muri NS MastDenn.Nnixmen.LOCAL.

   @ Muri NS Secoryns.Nixmen.Local.

   @ Muri PTR UNIXMEN.LOCAL.

   Maledns muri 192.168.1.1101

   Secondaryn muri 192.168.1.102

   Umukiriya muri 192.168.1.103

   101 muri PTR Maledns.nixmen.Loral.

   102 muri PTR kabiri.Nixmen.local.

   103 Mu kubakiriya wa PTR.Nixmen.LOCAL.



6. Mugihe uzigamye, ntugahindura izina ryikintu, ariko kanda urufunguzo rwa Enter.

Noneho amadosiye yerekanwe azakoreshwa muri zone itaziguye kandi agahinda. Nibiba ngombwa, ugomba kubahindura kugirango uhindure ibipimo bimwe. Urashobora kandi kubisoma mu nyandiko zemewe.

Intambwe ya 4: Tangira DNS Seriveri

Nyuma yo kurangiza amabwiriza yose yabanjirije, urashobora gutangira seriveri ya DNS kugirango ejo hazaza byoroshye kugenzura imikorere yayo kandi ukomeze gushiraho ibipimo byingenzi. Inshingano ikorwa nkibi bikurikira:

1. Muri konsole, andika sudo sisitemu yakoreshejwe kugirango wongere seriveri ya DNS kugirango ake autoload yo gutangira byikora mugihe utangira sisitemu y'imikorere.



2. Emeza iki gikorwa winjiza ijambo ryibanga rya superser.



3. Uzamenyeshwa ibyaremwe byerekana ibimenyetso byikigereranyo, bivuze ko ibikorwa byagenze neza.



4. Koresha akamaro ukoresheje sisitemu yo gutangira. Urashobora kubihagarika muburyo bumwe, gusimbuza gusa uburyo bwo gutangira guhagarara.



5. Iyo kwemeza pop-up idirishya igaragara, andika ijambo ryibanga kuruzi.

Nkuko mubibona, imicungire ya serivise yagenwe irakorwa ukurikije ihame rimwe nubwoko bwose busanzwe, ntabwo rero byakagombye kubaho kubijyanye nabakoresha noovo.

Intambwe ya 5: Guhindura ibipimo bya firewall

Kubikorwa byukuri bya seriveri ya DNS, uzakenera gufungura ibyambu 53, bikozwe binyuze muri firewal isanzwe. Muri terminal, uzakenera kumenyekanisha amategeko atatu yoroshye:

1. Ibirimo byambere kureba firewall-cmd --Permanent --dd-Port = 53 / tcp kandi ifite inshingano zo gufungura icyambu cya TCP. Shyiramo muri konsole hanyuma ukande kuri Enter.



2. Ugomba kwakira imenyekanisha "intsinzi", byerekana ko ushyira mu bikorwa amategeko. Nyuma yibyo, shyiramo firewall-cmd --dpermanent --dd-Port = 53 / udp umugozi kugirango ufungure icyambu cya udp protocole.



3. Impinduka zose zizakurikizwa gusa nyuma yo kongera gukoresha firewall, ikorwa binyuze muri firewall-cmd - itegeko.

Nta bindi bihinduka hamwe na firewall kugirango itange umusaruro. Komeza uhore uhora muri leta, kugirango hatabaho ibibazo.

Intambwe ya 6: Hindura uburenganzira bwo kwinjira

Noneho bizaba ngombwa gushyiraho uburenganzira nyamukuru no kubona uburenganzira bwo kurinda imikorere ya DNS no kurinda abakoresha bisanzwe mubushobozi bwo guhindura ibipimo. Tuzabikora muburyo busanzwe binyuze muri Selinux.

1. Amategeko yose yakurikiyeho agomba gukorwa mu izina rya supersusser. Guhora winjiza ijambo ryibanga, turagugira inama yo gukora imizi ihoraho yo kubona amasomo yanyuma. Gukora ibi, andika su muri konsole.



2. Kugaragaza ijambo ryibanga.



3. Nyuma yibyo, ubundi bwinjire kumategeko akurikira kugirango ukore intego zifatika zo kubona:

   Chggy yitiriwe -R / VAR / yitwa

   Chowawn -V Imizi: Yiswe /etc/name.conf

   Kugarura -RV / Var / yitwa

   Kugarura /etc/named.conf.

Kuri ibi, iboneza rusange ya seriveri nyamukuru ya DNS irangiye. Biracyaza gusa guhindura dosiye nyinshi zo kuboneza no kwipimisha. Turatanga ibi byose kugirango tumenye intambwe ikurikira.

Intambwe ya 7: Kwipimisha amakosa no kurangiza igenamiterere

Turasaba guhera kuri cheque yikosa kugirango ejo hazaza bitagomba guhindura dosiye zisigaye. Niyo mpamvu tuzabisuzuma byose mu ntambwe imwe, kimwe no gutanga urugero rwo gusohoza amategeko akwiye kumabwiriza yo kwipimisha.

1. Injira izina-checkconf /etc/ad.conf muri terminal. Ibi bizagufasha kugenzura ibipimo byisi. Niba, nkigisubizo, ntasohoka zakurikiyeho, bivuze ko ibintu byose byashyizweho neza. Bitabaye ibyo, wige ubutumwa kandi, usunike muri yo, ukemure ikibazo.
2. Ubutaha ugomba kugenzura akarere kataziguye winjizamo yitwa-chequeZone Unixmen.Ijwi rya /var/ad/forverd.Nixmen umugozi.
3. Ibisohoka icyitegererezo ni nkibi bikurikira: Zone Unixmen.urugendo / muri: Serivise yuzuye 2011071001 Nibyo.



4. Hafi ya zone hamwe na zone yinyuma unyuze mumazina-chequeZone Unixmen.umurongo wa /var/ad/Rever.Nixver.usixmen.



5. Ibisohoka neza bigomba kuba: Zone Unixmen.umurongo / muri: Urupapuro rwapakiwe 201071001 Ok.



6. Ubu twimukiye kumiterere yumurongo wingenzi. Bizakenera kongera amakuru ya seriveri ya DNS. Kugirango ukore ibi, fungura / etc / sysconfig / umuyoboro-inyandiko / Ifcfg-enp0s3.



7. Reba ko ibirindiro nkuko bigaragara hano hepfo. Nibiba ngombwa, shyiramo ibipimo bya DNS.

   Andika = "Ethernet"

   BootProto = "Ntayo"

   Kwibeshya = "yego"

   IPV4_Fulure_Fatal = "Oya"

   IPV6INT = "Yego"

   IPV6_ATOCONF = "Yego"

   IPV6_defroute = "yego"

   IPV6_Fulure_Fatal = "Oya"

   Izina = "enp0s3"

   Uuid = "5d0428b3-6AF2-6F6B-9FE3-5-50cD839EFA"

   ONOOT = "Yego"

   Hwaddr = "08: 00: 27: 6: 68: 73"

   Ipaddr0 = "192.168.1.101"

   Prefix0 = "24"

   Gateway0 = "192.168.1.1

   Dns = "192.168.1.101"

   IPV6_Perdns = "yego"

   IPV6_peerroutes = "yego"



8. Nyuma yo kumara impinduka, jya kuri dosiye ya /etc/renf.conf.



9. Hano ukeneye kongeramo umurongo umwe gusa: izina ryabavuga 192.168.1.101.



10. Iyo urangije, biracyatangira gusa umuyoboro cyangwa mudasobwa kugirango uvugurure iboneza. Urusobe rusubizwa muri sisitemu yo gutangira umuyoboro.

Intambwe ya 8: Kugenzura seriveri yashyizweho

Iboneza ryiboneza, biracyareba gusa imikorere ya seriveri ya DNS iboneka nyuma yo kongewe kumurimo wisi yose. Iki gikorwa nacyo gikorwa ukoresheje amategeko yihariye. Iya mbere muribo ifite uburyo bwo gucukura malldns.nixmen.local.

Nkigisubizo, ibisohoka bigomba kugaragara kuri ecran, bifite idini nkibyo hamwe nibirimo byerekanwe hepfo.

; Gucukura 9.9.4-RECHT-9.9.4-14.El7 Maleddns.nixmen.Local

;; Ihitamo ryisi: + CMD

;; Yabonye igisubizo:

;; - >> Umutwe.

;; Ibendera: QR AA RD Ra; Ikibazo: 1, Igisubizo: 1, Ubuyobozi: 2, inyongera: 2

;; Hitamo pseudosection:

; EDNS: Version: 0, ibendera :; UDP: 4096.

;; Icyiciro cy'ibibazo:

; ubuhanga.Nnixmen.LOCAL. Muri.

;; Icyiciro cy'igisubizo:

MastDenn.Nnixmen.LOCAL. 86400 muri 192.168.1.1

;; Icyiciro cy'ubuyobozi:

Unixmen.umucyo. 86400 muri NS Secolonaryn.Nixmen.LOCAL.

Unixmen.umucyo. 86400 muri NS MastDenns.Nnixmen.LOCAL.

;; Igice cy'inyongera:

Secondaryn.Nnixmen.Loral. 86400 muri 192.168.1.102

;; Ikibazo Ikibazo: 0 Msec

;; Seriveri: 192.168.1.101 # 53 (192.168.1.101)

;; Iyo: Wed Aug 20 16,00:46 IST 2014

;; Ingano ya MSG RCVD: 125

Itegeko ryinyongera rizagufasha kwiga kubyerekeye seriveri ya DNS yaho. Kugirango ukore ibi, shyiramo Nslookup Unixmen.umuyoboro kuri konsole hanyuma ukande kuri Enter.

Kubera iyo mpamvu, ibihagararo bitatu bitandukanye bya IP namazina ya domeni bigomba kugaragara.

Seriveri: 192.168.1.101

Aderesi: 192.168.1.101 # 53

IZINA: UNIXMEN.LOCAL

Aderesi: 192.168.1.103

IZINA: UNIXMEN.LOCAL

Aderesi: 192.168.1.101

IZINA: UNIXMEN.LOCAL

Aderesi: 192.168.1.102

Niba ibisohoka bihuye nibyo twerekanye, bivuze ko iboneza ryarangiye neza kandi urashobora kujya kukazi hamwe numukiriya igice cya seriveri ya DNS.

Gushiraho igice cyabakiriya ba seriveri ya DNS

Ntabwo tuzahuza ubu buryo ku ntambwe kugiti cye, kuko bikorwa nuguhindura dosiye imwe. Birakenewe kongera amakuru kubyerekeye abakiriya bose bazahuzwa na seriveri, nurugero rwibintu bisa nkibi:

1. Fungura dosiye ya /retc.conf.Conf ukoresheje umwanditsi winyandiko.



2. Ongeraho umugozi wo gushakisha Unixmen.Ibyamamare Izina rya Unixmen 192.168.1.11



3. Mugihe uzigamye, ntugahindure izina rya dosiye, ariko kanda gusa urufunguzo.



4. Nyuma yo kuva mu mwanditsi wanditse, ongera utangire umuyoboro wisi yose ukoresheje sisitemu yo gutangira.

Izi nizo ngingo nyamukuru zigize abakiriya ba seriveri ya DNS, ibyo twifuzaga kubivuga. Ibindi bikoresho byose bisabwa kwiga usoma ibyangombwa byemewe nibisabwa.

Dns seriveri

Icyiciro cya nyuma cyibikoresho byuyu munsi nicyiciro cya nyuma cya seriveri ya DNS. Hasi Urabona amategeko menshi, akwemerera guhangana ninshingano. Koresha umwe muribo ukora binyuze muri "terminal". Niba nta makosa agaragara mubisohoka, kubwibyo, inzira yose irakorwa neza.

Gucuku gucuku gucukura.nixmen.umurongo

Gucukura kabiri.Nixmen.Local

Gucukura Umukiriya.Nixmen.Local

Nslookup Unixmen.uwako

Uyu munsi wize byose kubyerekeye gushyiraho seriveri nyamukuru ya DNS muri Kameto. Nkuko mubibona, ibikorwa byose byibanze ku kwinjiza amategeko ya terminal no guhindura dosiye iboneza, bishobora gutera ingorane zimwe nabakoresha Novice. Ariko, ukeneye gukurikiza neza aya mabwiriza ugasoma ibisubizo bya cheque kugirango byose bitagira amakosa.