Bii o ṣe le Ṣeto DNS/DHCP Server Lilo dnsmasq lori CentOS/RHEL 8/7
Olupin Protocol Configuration Protocol (DHCP) Dynamic Host sọtọ awọn adiresi IP ati awọn ipilẹ iṣeto ni nẹtiwọọki miiran si ẹrọ kọọkan lori nẹtiwọọki kan. Onitẹsiwaju DNS kan lori LAN ṣiwaju awọn ibeere DNS fun awọn orukọ ìkápá ti kii ṣe ti agbegbe lati gbe awọn olupin DNS soke (ni ita nẹtiwọọki naa). Olupin caching DNS kan n dahun awọn ibeere atunkọ lati ọdọ awọn alabara ki ibeere DNS le yanju yiyara, nitorinaa imudarasi awọn iyara wiwa DNS si awọn aaye ti o ti ṣaju tẹlẹ.
dnsmasq jẹ iwuwo fẹẹrẹ kan, rọrun lati tunto onitẹsiwaju DNS, sọfitiwia olupin DHCP ati eto isọdọtun olulana fun awọn nẹtiwọọki kekere. Dnsmasq ṣe atilẹyin Linux, * BSD, Mac OS X ati Android.
O ṣe ẹya eto-iṣẹ DNS kan ti o pese olupin DNS ti agbegbe fun nẹtiwọọki, pẹlu firanšẹ siwaju gbogbo awọn iru ibeere si ilodisi awọn olupin DNS apadabọ ati fifipamọ awọn oriṣi igbasilẹ to wọpọ. Eto DHCP ṣe atilẹyin DHCPv4, DHCPv6, BOOTP, PXE, ati olupin TFTP kan. Ati eto isomọ olulana ṣe atilẹyin isọdọkan auto ipilẹ fun awọn ogun IPv6.
Ninu àpilẹkọ yii, a yoo rin ọ nipasẹ awọn itọnisọna lori bii o ṣe le fi sori ẹrọ ati ṣeto DNS/DHCP Server Lilo dnsmasq lori awọn kaakiri CentOS/RHEL 8/7.
Fifi dnsmasq sori ẹrọ ni CentOS ati RHEL Linux
1. Apoti dnsmasq wa ni awọn ibi ipamọ aiyipada ati pe o le fi sori ẹrọ ni rọọrun nipa lilo oluṣakoso package YUM bi o ti han.
# yum install dnsmasq
2. Lọgan ti fifi sori package dnsmasq ti pari, o nilo lati bẹrẹ iṣẹ dnsmasq fun bayi ati mu ki o bẹrẹ laifọwọyi ni bata eto. Yato si, ṣayẹwo ipo rẹ lati rii daju pe o ti n ṣiṣẹ ati ṣiṣe ni lilo awọn ofin systemctl atẹle.
# systemctl start dnsmasq # systemctl enable dnsmasq # systemctl status dnsmasq
Tito leto dnsmasq Server ni CentOS ati RHEL Linux
3. A le tunto olupin dnsmasq nipasẹ faili /etc/dnsmasq.conf (eyiti o ni alaye daradara ati awọn alaye ti o ṣalaye ninu rẹ), ati awọn faili iṣeto-asọye olumulo tun le ṣafikun ninu itọsọna /etc/dnsmasq.d.
DNS ti ṣiṣẹ nipasẹ aiyipada, nitorinaa ṣaaju ṣiṣe awọn ayipada, rii daju lati ṣẹda afẹyinti ti faili /etc/dnsmasq.conf.
# cp /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
4. Bayi ṣii faili /etc/dnsmasq.conf nipa lilo olootu orisun ọrọ ayanfẹ rẹ ki o ṣe awọn eto iṣeto atẹle ti a daba.
# vi /etc/dnsmasq.conf
Awọn adirẹsi-gbọ
aṣayan ni a lo lati ṣeto adirẹsi IP, nibiti dnsmasq yoo tẹtisi. Lati lo olupin CentOS/RHEL rẹ lati tẹtisi fun awọn ibeere DHCP ati awọn DNS lori LAN, ṣeto aṣayan adirẹsi-tẹtisi
si awọn adirẹsi IP IP rẹ (ranti lati ni 127.0.0.1) bi a ti han. Ṣe akiyesi pe IP olupin gbọdọ jẹ aimi.
listen-address=::1,127.0.0.1,192.168.56.10
Ni ibatan si eyi ti o wa loke, o le ni ihamọ wiwo dnsmasq tẹtisi lori lilo aṣayan wiwo (ṣafikun awọn ila diẹ sii fun wiwo diẹ sii ju ọkan lọ).
interface=eth0
5. Ti o ba fẹ lati ni ìkápá kan (eyiti o le ṣeto bi o ṣe han ni atẹle) fi kun laifọwọyi si awọn orukọ ti o rọrun ninu faili-ogun kan, ṣoki aṣayan awọn ọmọ-ogun faagun-ogun
.
expand-hosts
6. Lati ṣeto ìkápá naa fun dnsmasq, eyiti o tumọ si pe awọn alabara DHCP yoo ni awọn orukọ ìkápá ti o pe ni kikun niwọn igba ti aṣẹ ti a ṣeto ba baamu, ti o si ṣeto aṣayan “ašẹ” DHCP fun gbogbo awọn alabara.
domain=tecmint.lan
7. Itele, tun ṣalaye olupin DNS ti o wa ni oke fun awọn ibugbe ti kii ṣe ti agbegbe nipa lilo aṣayan olupin (ni olupin fọọmu = dns_server_ip) bi a ṣe han.
# Google's nameservers server=8.8.8.8 server=8.8.4.4
8. Lẹhinna o le fi agbara mu agbegbe agbegbe rẹ si adiresi IP (ni) nipa lilo aṣayan adirẹsi bi o ti han.
address=/tecmint.lan/127.0.0.1 address=/tecmint.lan/192.168.56.10
9. Fipamọ faili naa ki o ṣayẹwo sintasi faili iṣeto fun awọn aṣiṣe bi o ti han.
# dnsmasq --test
10. Ni igbesẹ yii, o nilo lati ṣe gbogbo awọn ibeere lati firanṣẹ si dnsmasq nipa fifi awọn adirẹsi localhost sii bi awọn orukọ orukọ nikan ni faili /etc/resolv.conf.
# vi /etc/resolv.conf
11. Faili /etc/resolv.conf jẹ itọju nipasẹ daemon agbegbe paapaa aṣẹ chattr bi o ti han.
# chattr +i /etc/resolv.conf # lsattr /etc/resolv.conf
12. Dnsmasq ka gbogbo awọn ọmọ ogun DNS ati awọn orukọ lati faili/ati be be/awọn ogun, nitorinaa ṣafikun awọn adirẹsi IP awọn olupin DNS rẹ ati awọn orisii orukọ bi o ti han.
127.0.0.1 dnsmasq 192.168.56.10 dnsmasq 192.168.56.1 gateway 192.168.56.100 maas-controller 192.168.56.20 nagios 192.168.56.25 webserver1
Pataki: Awọn orukọ DNS agbegbe tun le ṣalaye nipasẹ gbigbewọle awọn orukọ lati eto DHCP, tabi nipasẹ iṣeto ti ọpọlọpọ awọn iru awọn gbigbasilẹ iwulo.
13. Lati lo awọn ayipada ti o wa loke, tun bẹrẹ iṣẹ dnsmasq bi o ti han.
# systemctl restart dnsmasq
14. Ti o ba ni iṣẹ iṣẹ ina, o nilo lati ṣii awọn iṣẹ DNS ati DHCP ninu iṣeto ogiriina, lati gba awọn ibeere lati ọdọ awọn ọmọ-ogun lori LAN rẹ lati kọja si olupin dnsmasq.
# firewall-cmd --add-service=dns --permanent # firewall-cmd --add-service=dhcp --permanent # firewall-cmd --reload
15. Lati ṣe idanwo ti olupin DNS agbegbe tabi firanšẹ siwaju n ṣiṣẹ daradara, o nilo lati lo awọn irinṣẹ bii nslookup fun ṣiṣe awọn ibeere DNS. Awọn irinṣẹ wọnyi ni a pese nipasẹ package ti awọn ohun elo abuda eyiti o le ma wa ni fifi sori ẹrọ tẹlẹ lori CentOS/RHEL 8, ṣugbọn o le fi sii bi o ti han.
# yum install bind-utils
16. Ni kete ti o ba ti fi sii, o le ṣiṣe ibeere ti o rọrun lori agbegbe agbegbe rẹ bi o ti han.
# dig tecmint.lan OR # nslookup tecmint.lan
17. O tun le gbiyanju lati beere FQDN ti ọkan ninu awọn olupin naa.
# dig webserver1.tecmint.lan OR # nslookup webserver1.tecmint.lan
18. Lati ṣe idanwo wiwa IP yiyipada, ṣiṣe iru aṣẹ kan.
# dig -x 192.168.56.25 OR # nslookup 192.168.56.25
Jeki olupin DHCP Lilo dnsmasq
19. O le mu olupin DHCP ṣiṣẹ nipa ṣiṣiro aṣayan dhcp-range
ki o pese ibiti awọn adirẹsi ti o wa fun yiyalo ati aṣayan akoko yiyalo fun apẹẹrẹ (tun ṣe fun diẹ ẹ sii ju nẹtiwọki kan lọ).
dhcp-range=192.168.0.50,192.168.0.150,12h
20. Aṣayan atẹle n ṣalaye ibiti olupin DHCP yoo tọju ibi ipamọ data rẹ, eyi yoo ṣe iranlọwọ fun ọ lati ṣayẹwo awọn adirẹsi IP ti o ti yan ni irọrun.
dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
21. Lati ṣe olupin DHCP si ipo aṣẹ, ṣe iyanilenu aṣayan naa.
dhcp-authoritative
22. Fi faili pamọ ki o tun bẹrẹ iṣẹ dnsmasq lati lo awọn ayipada to ṣẹṣẹ.
# systemctl restart dnsmasq
Iyẹn mu wa de opin itọsọna yii. Lati de ọdọ wa fun eyikeyi ibeere tabi awọn ero ti o fẹ pin nipa itọsọna yii, lo fọọmu esi ni isalẹ.