Ṣiṣeto Caching-Nikan DNS Server Lilo “Di” ni CentOS 6.5

Ọpọlọpọ awọn iru awọn olupin DNS bii oluwa, ẹrú, firanšẹ siwaju ati kaṣe, laarin wọn Caching-Nikan DNS ni ọkan, eyiti o rọrun lati ṣeto. DNS lo ilana UDP nitorinaa yoo dinku akoko ibeere nitori ilana UDP ko ni ijẹwọ kan.

Ka Bakannaa : Ṣiṣeto Titunto-Slave DNS Server ni CentOS 6.5

Olupin caching-nikan olupin DNS tun ni a mọ bi ipinnu. Yoo beere awọn igbasilẹ DNS ati gba gbogbo alaye DNS lati awọn olupin miiran ati tọju awọn ibeere ibeere kọọkan ni kaṣe rẹ fun lilo nigbamii. Lakoko ti a n beere ibeere kanna fun akoko keji, yoo ṣiṣẹ lati ibi ipamọ rẹ, ni ọna yii o dinku akoko ibeere.

Ti o ba n wa lati ṣeto DNS Caching-Nikan Server ni CentOS/RHEL 7, tẹle itọsọna yii nibi:

IP Address	:	192.168.0.200
Host-name	:	dns.tecmintlocal.com
OS		:	Centos 6.5 Final
Ports Used	:	53
Config File	:	/etc/named.conf
script file	:	/etc/init.d/named

Igbese 1: Fifi Caching-Nikan DNS sori

1. Awọn Caching-Nikan DNS, le fi sori ẹrọ nipasẹ lilo package ‘dipọ’. Jẹ ki a ṣe wiwa kekere fun orukọ akopọ ti a ko ba ranti orukọ package ti o kun nipa lilo pipaṣẹ isalẹ.

# yum search bind

2. Ninu abajade ti o wa loke, o wo awọn idii ti o han. Lati pe a nilo lati yan awọn akopọ ‘ dipọ ‘ ati ‘ bind-utils ’, jẹ ki a fi wọn sii nipa lilo atẹle ‘ yum ‘ pipaṣẹ.

# yum install bind bind-utils -y

Igbese 2: Tunto Caching-Nikan DNS

3. Ni ẹẹkan, a ti fi awọn idii DNS sori ẹrọ, gbe siwaju lati tunto DNS. Ṣii ati ṣatunkọ faili ‘ ti a npè ni.conf ‘ faili ni lilo olootu vim.

# vim /etc/named.conf

4. Itele, ṣe awọn ayipada bi a daba ni isalẹ tabi o le lo awọn eto rẹ gẹgẹbi fun awọn ibeere rẹ. Awọn atẹle ni awọn ayipada, ti a nilo lati ṣe fun olupin DNS-caching-nikan. Nibi, ni aiyipada localhost yoo wa nibẹ, a nilo lati ṣafikun ' eyikeyi ' lati gba ibeere lati eyikeyi ibiti nẹtiwọọki wa.

listen-on port 53 { 127.0.0.1; any; };
allow-query     { localhost; any; };
allow-query-cache       { localhost; any; };

  1. tẹtisi-loju ibudo 53 - Eyi sọ pe olupin Kaṣe fẹ lati lo ibudo 53 fun ibeere.
  2. gba laaye-ibere - Eyi Ṣọkasi eyi ti adiresi ip le beere olupin naa, nibi Mo ti ṣalaye fun localhost, lati ibikibi ti ẹnikẹni le fi ibeere ranṣẹ.
  3. gba-kaṣe-kaṣe - Eyi yoo ṣafikun ibeere ibeere si asopọ.
  4. recursion - Eyi yoo beere idahun ki o fun wa pada, lakoko ibeere o le fi ibeere ranṣẹ si olupin DNS miiran lori intanẹẹti ki o fa ibeere naa sẹhin.

5. Lẹhin ti o ṣatunkọ faili naa, a ni lati jẹrisi boya nini awọn faili ' named.conf ' ko yipada lati gbongbo: ti a npè ni , nitori awọn DNS n ṣiṣẹ labẹ olumulo eto kan lorukọ .

# ls -l /etc/named.conf
# ls -l /etc/named.rfc1912.zones

6. Ti olupin ba ṣiṣẹ pẹlu selinux, lẹhin ṣiṣatunkọ ' named.conf ' faili, a nilo lati ṣayẹwo fun ipo selinux, gbogbo awọn faili atunto ti a darukọ ti nilo lati wa ni “ system_u: object_r: ti a npè ni_conf_t: s0 ”bi o ṣe han ninu aworan ni isalẹ.

# ls -lZ /etc/named.conf
# ls -lZ /etc/named.rfc1912.zones

O dara, nibi a nilo lati ṣe idanwo iṣeto DNS ni bayi fun diẹ ninu aṣiṣe sintasi, ṣaaju ki o to bẹrẹ iṣẹ abuda, ti eyikeyi aṣiṣe ti o rii diẹ ninu awọn le wa kakiri lati /var/awọn ifiranṣẹ paapaa.

# named-checkconf /etc/named.conf

Lẹhin awọn abajade ayẹwo sintasi dabi pe o pe, tun bẹrẹ iṣẹ naa lati ni ipa fun awọn ayipada ti o wa loke ki o jẹ ki iṣẹ naa ṣiṣe iduroṣinṣin lakoko atunbere olupin naa ki o jẹrisi kanna.

# /etc/init.d/named restart
# chkconfig named on
# chkconfig --list named

7. Itele, ṣii ibudo 53 lori ogiriina lati gba aaye laaye.

# iptables -I INPUT -p udp --dport 53 -j ACCEPT

Igbesẹ 4: Chroot Caching-DNS nikan

8. Ti o ba fẹ ṣiṣe olupin caching-DNS labẹ agbegbe chroot , o nilo lati fi sori ẹrọ package chroot nikan, ko si nilo iṣeto ni siwaju, bi o ṣe jẹ aiyipada lile -sopọ si chroot.

# yum install bind-chroot -y

Lọgan ti a ti fi package chroot sii, o le tun bẹrẹ iṣẹ ti a darukọ lati mu awọn ayipada tuntun.

# /etc/init.d/named restart

9. Ni kete ti o ba tun bẹrẹ iṣẹ ti a darukọ, o ṣẹda ọna asopọ lile lati adaṣe awọn faili atunto /etc/ti a npè ni si itọsọna /var/named/chroot/etc/. Lati jẹrisi, kan lo aṣẹ ologbo labẹ /var/ti a npè ni/chroot .

# sudo cat /var/named/chroot/etc/named.conf

Ninu iṣeto ti o wa loke, iwọ yoo wo iṣeto kanna /etc/named.conf , bi o ti yoo rọpo lakoko fifi package package-chroot sii.

Igbesẹ 5: Eto DNS Side Side

10. Ṣafikun awọn olupin caching DNS IP 192.168.0.200 bi ipinnu si awọn ero onibara.

Ninu awọn ero orisun Debian yoo wa labẹ /etc/resolv.conf ati ninu awọn ero orisun RPM yoo wa labẹ pipaṣẹ iṣeto tabi a le ṣatunkọ pẹlu ọwọ labẹ /ati be be/sysconfig/awọn iwe afọwọkọ nẹtiwọọki/ifcfg-eth0 faili.

11. Lakotan o to akoko lati ṣayẹwo olupin kaṣe wa nipa lilo diẹ ninu awọn irinṣẹ. A le ṣe idanwo nipa lilo awọn pipaṣẹ iwo & nslookup ni awọn ọna ṣiṣe Linux, ati ninu awọn ferese o le lo pipaṣẹ nslookup .

Jẹ ki a beere 'facebook.com' fun igba akọkọ, ki o le ṣe kaṣe ibeere rẹ.

# dig facebook.com

# dig facebook.com

Lo ‘ nslookup ‘ pipaṣẹ lati jẹrisi kanna.

# nslookup facebook.com

Lati ka diẹ sii nipa iwo ati apeere pipaṣẹ nslookup ati lilo, lo awọn ọna asopọ wọnyi.

  1. 8 nslookup awọn pipaṣẹ ati lilo
  2. 10 n walẹ awọn pipaṣẹ ati lilo

Nibi a ti rii bawo ni aṣeyọri a ti ṣeto olupin olupin caching-nikan nipa lilo package asopọ ati tun ni ifipamo rẹ nipa lilo package chroot.