Bii o ṣe le Ṣeto DNS/DHCP Server Lilo dnsmasq lori CentOS/RHEL 8/7

Olupin Protocol Configuration Protocol (DHCP) Dynamic Host sọtọ awọn adiresi IP ati awọn ipilẹ iṣeto ni nẹtiwọọki miiran si ẹrọ kọọkan lori nẹtiwọọki kan. Onitẹsiwaju DNS kan lori LAN ṣiwaju awọn ibeere DNS fun awọn orukọ ìkápá ti kii ṣe ti agbegbe lati gbe awọn olupin DNS soke (ni ita nẹtiwọọki naa). Olupin caching DNS kan n dahun awọn ibeere atunkọ lati ọdọ awọn alabara ki ibeere DNS le yanju yiyara, nitorinaa imudarasi awọn iyara wiwa DNS si awọn aaye ti o ti ṣaju tẹlẹ.

dnsmasq jẹ iwuwo fẹẹrẹ kan, rọrun lati tunto onitẹsiwaju DNS, sọfitiwia olupin DHCP ati eto isọdọtun olulana fun awọn nẹtiwọọki kekere. Dnsmasq ṣe atilẹyin Linux, * BSD, Mac OS X ati Android.

O ṣe ẹya eto-iṣẹ DNS kan ti o pese olupin DNS ti agbegbe fun nẹtiwọọki, pẹlu firanšẹ siwaju gbogbo awọn iru ibeere si ilodisi awọn olupin DNS apadabọ ati fifipamọ awọn oriṣi igbasilẹ to wọpọ. Eto DHCP ṣe atilẹyin DHCPv4, DHCPv6, BOOTP, PXE, ati olupin TFTP kan. Ati eto isomọ olulana ṣe atilẹyin isọdọkan auto ipilẹ fun awọn ogun IPv6.

Ninu àpilẹkọ yii, a yoo rin ọ nipasẹ awọn itọnisọna lori bii o ṣe le fi sori ẹrọ ati ṣeto DNS/DHCP Server Lilo dnsmasq lori awọn kaakiri CentOS/RHEL 8/7.

Fifi dnsmasq sori ẹrọ ni CentOS ati RHEL Linux

1. Apoti dnsmasq wa ni awọn ibi ipamọ aiyipada ati pe o le fi sori ẹrọ ni rọọrun nipa lilo oluṣakoso package YUM bi o ti han.

# yum install dnsmasq

2. Lọgan ti fifi sori package dnsmasq ti pari, o nilo lati bẹrẹ iṣẹ dnsmasq fun bayi ati mu ki o bẹrẹ laifọwọyi ni bata eto. Yato si, ṣayẹwo ipo rẹ lati rii daju pe o ti n ṣiṣẹ ati ṣiṣe ni lilo awọn ofin systemctl atẹle.

# systemctl start dnsmasq
# systemctl enable dnsmasq
# systemctl status dnsmasq

Tito leto dnsmasq Server ni CentOS ati RHEL Linux

3. A le tunto olupin dnsmasq nipasẹ faili /etc/dnsmasq.conf (eyiti o ni alaye daradara ati awọn alaye ti o ṣalaye ninu rẹ), ati awọn faili iṣeto-asọye olumulo tun le ṣafikun ninu itọsọna /etc/dnsmasq.d.

DNS ti ṣiṣẹ nipasẹ aiyipada, nitorinaa ṣaaju ṣiṣe awọn ayipada, rii daju lati ṣẹda afẹyinti ti faili /etc/dnsmasq.conf.

# cp /etc/dnsmasq.conf /etc/dnsmasq.conf.orig

4. Bayi ṣii faili /etc/dnsmasq.conf nipa lilo olootu orisun ọrọ ayanfẹ rẹ ki o ṣe awọn eto iṣeto atẹle ti a daba.

# vi /etc/dnsmasq.conf 

Awọn adirẹsi-gbọ aṣayan ni a lo lati ṣeto adirẹsi IP, nibiti dnsmasq yoo tẹtisi. Lati lo olupin CentOS/RHEL rẹ lati tẹtisi fun awọn ibeere DHCP ati awọn DNS lori LAN, ṣeto aṣayan adirẹsi-tẹtisi si awọn adirẹsi IP IP rẹ (ranti lati ni 127.0.0.1) bi a ti han. Ṣe akiyesi pe IP olupin gbọdọ jẹ aimi.

listen-address=::1,127.0.0.1,192.168.56.10

Ni ibatan si eyi ti o wa loke, o le ni ihamọ wiwo dnsmasq tẹtisi lori lilo aṣayan wiwo (ṣafikun awọn ila diẹ sii fun wiwo diẹ sii ju ọkan lọ).

interface=eth0

5. Ti o ba fẹ lati ni ìkápá kan (eyiti o le ṣeto bi o ṣe han ni atẹle) fi kun laifọwọyi si awọn orukọ ti o rọrun ninu faili-ogun kan, ṣoki aṣayan awọn ọmọ-ogun faagun-ogun .

expand-hosts

6. Lati ṣeto ìkápá naa fun dnsmasq, eyiti o tumọ si pe awọn alabara DHCP yoo ni awọn orukọ ìkápá ti o pe ni kikun niwọn igba ti aṣẹ ti a ṣeto ba baamu, ti o si ṣeto aṣayan “ašẹ” DHCP fun gbogbo awọn alabara.

domain=tecmint.lan

7. Itele, tun ṣalaye olupin DNS ti o wa ni oke fun awọn ibugbe ti kii ṣe ti agbegbe nipa lilo aṣayan olupin (ni olupin fọọmu = dns_server_ip) bi a ṣe han.

# Google's nameservers
server=8.8.8.8
server=8.8.4.4

8. Lẹhinna o le fi agbara mu agbegbe agbegbe rẹ si adiresi IP (ni) nipa lilo aṣayan adirẹsi bi o ti han.

address=/tecmint.lan/127.0.0.1 
address=/tecmint.lan/192.168.56.10

9. Fipamọ faili naa ki o ṣayẹwo sintasi faili iṣeto fun awọn aṣiṣe bi o ti han.

# dnsmasq --test

10. Ni igbesẹ yii, o nilo lati ṣe gbogbo awọn ibeere lati firanṣẹ si dnsmasq nipa fifi awọn adirẹsi localhost sii bi awọn orukọ orukọ nikan ni faili /etc/resolv.conf.

# vi /etc/resolv.conf

11. Faili /etc/resolv.conf jẹ itọju nipasẹ daemon agbegbe paapaa aṣẹ chattr bi o ti han.

# chattr +i /etc/resolv.conf
# lsattr /etc/resolv.conf

12. Dnsmasq ka gbogbo awọn ọmọ ogun DNS ati awọn orukọ lati faili/ati be be/awọn ogun, nitorinaa ṣafikun awọn adirẹsi IP awọn olupin DNS rẹ ati awọn orisii orukọ bi o ti han.

127.0.0.1       dnsmasq
192.168.56.10 	dnsmasq 
192.168.56.1   	gateway
192.168.56.100	maas-controller 
192.168.56.20 	nagios
192.168.56.25 	webserver1

Pataki: Awọn orukọ DNS agbegbe tun le ṣalaye nipasẹ gbigbewọle awọn orukọ lati eto DHCP, tabi nipasẹ iṣeto ti ọpọlọpọ awọn iru awọn gbigbasilẹ iwulo.

13. Lati lo awọn ayipada ti o wa loke, tun bẹrẹ iṣẹ dnsmasq bi o ti han.

# systemctl restart dnsmasq

14. Ti o ba ni iṣẹ iṣẹ ina, o nilo lati ṣii awọn iṣẹ DNS ati DHCP ninu iṣeto ogiriina, lati gba awọn ibeere lati ọdọ awọn ọmọ-ogun lori LAN rẹ lati kọja si olupin dnsmasq.

# firewall-cmd --add-service=dns --permanent
# firewall-cmd --add-service=dhcp --permanent
# firewall-cmd --reload

15. Lati ṣe idanwo ti olupin DNS agbegbe tabi firanšẹ siwaju n ṣiṣẹ daradara, o nilo lati lo awọn irinṣẹ bii nslookup fun ṣiṣe awọn ibeere DNS. Awọn irinṣẹ wọnyi ni a pese nipasẹ package ti awọn ohun elo abuda eyiti o le ma wa ni fifi sori ẹrọ tẹlẹ lori CentOS/RHEL 8, ṣugbọn o le fi sii bi o ti han.

# yum install bind-utils

16. Ni kete ti o ba ti fi sii, o le ṣiṣe ibeere ti o rọrun lori agbegbe agbegbe rẹ bi o ti han.

# dig tecmint.lan
OR
# nslookup tecmint.lan

17. O tun le gbiyanju lati beere FQDN ti ọkan ninu awọn olupin naa.

# dig webserver1.tecmint.lan
OR
# nslookup webserver1.tecmint.lan

18. Lati ṣe idanwo wiwa IP yiyipada, ṣiṣe iru aṣẹ kan.

# dig -x 192.168.56.25
OR
# nslookup 192.168.56.25

Jeki olupin DHCP Lilo dnsmasq

19. O le mu olupin DHCP ṣiṣẹ nipa ṣiṣiro aṣayan dhcp-range ki o pese ibiti awọn adirẹsi ti o wa fun yiyalo ati aṣayan akoko yiyalo fun apẹẹrẹ (tun ṣe fun diẹ ẹ sii ju nẹtiwọki kan lọ).

dhcp-range=192.168.0.50,192.168.0.150,12h

20. Aṣayan atẹle n ṣalaye ibiti olupin DHCP yoo tọju ibi ipamọ data rẹ, eyi yoo ṣe iranlọwọ fun ọ lati ṣayẹwo awọn adirẹsi IP ti o ti yan ni irọrun.

dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases

21. Lati ṣe olupin DHCP si ipo aṣẹ, ṣe iyanilenu aṣayan naa.

dhcp-authoritative

22. Fi faili pamọ ki o tun bẹrẹ iṣẹ dnsmasq lati lo awọn ayipada to ṣẹṣẹ.

# systemctl restart dnsmasq

Iyẹn mu wa de opin itọsọna yii. Lati de ọdọ wa fun eyikeyi ibeere tabi awọn ero ti o fẹ pin nipa itọsọna yii, lo fọọmu esi ni isalẹ.