RHEL5.2 DNS and DHCP interaction next update
First, the experimental target
In the Linux platform to achieve interactive update DHCP and DNS functionality.
In the experimental environment
銆??涓?彴Linux鏈嶅姟鍣ㄧ増鏈负Red Hat Enterprise Linux Server release 5.2 (Tikanga)锛屽唴鏍哥増鏈彿2.6.18-92.el5;涓ゅ彴瀹㈡埛绔細涓?彴涓篧indows XP Professional SP3;涓?彴涓篖inux涓绘満锛岀増鏈悓鏈嶅姟鍣ㄣ?
銆??涓夈?鎼缓DNS鏈嶅姟(bind)
銆??1.瀹夎bind鐩稿叧杞欢鍖?br />
銆??鏀惧叆瀹夎鍏夌洏锛屽苟鍒囨崲鍒拌蒋浠跺寘鎵?湪鐩綍锛屾墽琛屼笅鍒楀懡浠ゅ畨瑁呯浉搴旇蒋浠跺寘锛?br />
銆??rpm -ivh bind-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ivh bind-chroot-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ivh bind-devel-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ivh bind-libbind-devel-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ivh bind-libs-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ivh bind-sdb-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ihv bind-utils-9.3.4-6.P1.el5.i386.rpm
銆??rpm -ivh caching-nameserver-9.3.4-6.P1.el5.i386.rpm
銆??2.鍒涘缓瀵嗛挜
銆??瑕佸疄鐜癉NS鐨勫姩鎬佹洿鏂帮紝棣栧厛瑕佽?铏戠殑鏄?鏍蜂繚璇佸畨鍏ㄥ湴瀹炵幇DDNS銆傜敱ISC缁欏嚭鐨勬柟娉曟槸鍒涘缓杩涜鍔ㄦ?鏇存柊鐨勫瘑閽ワ紝鍦ㄨ繘琛屾洿鏂版椂閫氳繃璇ュ瘑閽ュ姞浠ラ獙璇併?涓轰簡瀹炵幇杩欎竴鍔熻兘锛岄渶瑕佷互root韬唤杩愯浠ヤ笅鍛戒护锛?br />
銆??[root@server etc]# dnssec-keygen -a HMAC-MD5 -b 128 -n USER administrator
銆??涓婅堪dnssec-keygen鍛戒护鐨勫姛鑳藉氨鏄敓鎴愭洿鏂板瘑閽ワ紝鍏朵腑鍙傛暟-a HMAC-MD5鏄寚瀵嗛挜鐨勭敓鎴愮畻娉曢噰鐢℉MAC-MD5;鍙傛暟-b 128鏄寚瀵嗛挜鐨勪綅鏁颁负128浣?鍙傛暟-n USER administrator鏄寚瀵嗛挜鐨勭敤鎴蜂负administrator銆?br />
銆??璇ュ懡浠ょ敓鎴愮殑涓?瀵嗛挜鏂囦欢濡備笅锛?br />
銆??-rw------- 1 named named 55 Jun 20 00:54 Kadministrator.+157+49362.key
銆??-rw------- 1 named named 81 Jun 20 00:54 Kadministrator.+157+49362.private
銆??鍙互鏌ョ湅鍒氱敓鎴愮殑瀵嗛挜鏂囦欢鍐呭锛?br />
銆??[root@server etc]# cat Kadministrator.+157+49362.key
銆??administrator. IN KEY 0 3 157 txOBJNpI39770VEkbPQQ6w==
銆??[root@server etc]# cat Kadministrator.+157+49362.private
銆??Private-key-format: v1.2
銆??Algorithm: 157 (HMAC_MD5)
銆??Key: txOBJNpI39770VEkbPQQ6w==
銆??浠旂粏闃呰璇ュ瘑閽ユ枃浠跺氨浼氬彂鐜帮紝杩欎袱涓枃浠朵腑鍖呭惈鐨勫瘑閽ユ槸涓?牱鐨勶紝璇ュ瘑閽ュ氨鏄疍HCP瀵笵NS杩涜瀹夊叏鍔ㄦ?鏇存柊鏃剁殑鍑嵁銆傚悗闈㈤渶瑕佸皢璇ュ瘑閽ュ垎鍒坊鍔犲埌DNS鍜孌HCP鐨勯厤缃枃浠朵腑銆?br />
銆??3.閰嶇疆涓婚厤缃枃浠躲?杩欓噷鏈変袱绉嶆柟娉曪細
銆??1) 鍘婚櫎鎺?var/named/chroot/etc/named.caching-nameserver.conf鏂囦欢涓互涓嬪嚑琛屽唴瀹癸細
銆??listen-on port 53 { 127.0.0.1; };
銆??listen-on-v6 port 53 { ::1; };
銆??allow-query { localhost; };
銆??match-clients { localhost; };
銆??match-destinations { localhost; };
銆??淇敼鍚庣殑濡備笅锛?br />
銆??[root@server etc]# cat named.caching-nameserver.conf
/ /
銆??// named.caching-nameserver.conf
/ /
銆??// Provided by Red Hat caching-nameserver package to configure the
銆??// ISC BIND named(8) DNS server as a caching only nameserver
銆??// (as a localhost DNS resolver only).
/ /
銆??// See /usr/share/doc/bind*/sample/ for example named configuration files.
/ /
銆??// DO NOT EDIT THIS FILE - use system-config-bind or an editor
銆??// to create named.conf - edits to this file will be lost on
銆??// caching-nameserver package upgrade.
/ /
銆??options {
銆??directory "/var/named";
銆??dump-file "/var/named/data/cache_dump.db";
銆??statistics-file "/var/named/data/named_stats.txt";
銆??memstatistics-file "/var/named/data/named_mem_stats.txt";
銆??query-source port 53;
銆??query-source-v6 port 53;
);
銆??logging {
銆??channel default_debug {
銆??file "data/named.run";
銆??severity dynamic;
);
);
銆??view localhost_resolver {
銆??recursion yes;
銆??include "/etc/named.rfc1912.zones";
);
銆??鍦ㄦ枃浠?var/named/chroot/etc/ named.rfc1912.zones涓坊鍔犳柊鐨勮В鏋愬煙锛岀粨鏋滃涓嬶細
銆??[root@server etc]# cat named.rfc1912.zones
銆??// named.rfc1912.zones:
/ /
銆??// Provided by Red Hat caching-nameserver package
/ /
銆??// ISC BIND named zone configuration for zones recommended by
銆??// RFC 1912 section 4.1 : localhost TLDs and address zones
/ /
銆??// See /usr/share/doc/bind*/sample/ for example named configuration files.
/ /
銆??key administrator {
銆??algorithm HMAC-MD5.SIG-ALG.REG.INT;
銆??secret txOBJNpI39770VEkbPQQ6w==;
);
銆??zone "." IN {
銆??type hint;
銆??file "named.ca";
);
銆??zone "localdomain" IN {
銆??type master;
銆??file "localdomain.zone";
銆??allow-update { none; };
);
銆??zone "localhost" IN {
銆??type master;
銆??file "localhost.zone";
銆??allow-update { none; };
);
銆??zone "0.0.127.in-addr.arpa" IN {
銆??type master;
銆??file "named.local";
銆??allow-update { none; };
);
銆??zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
銆??type master;
銆??file "named.ip6.local";
銆??allow-update { none; };
);
銆??zone "255.in-addr.arpa" IN {
銆??type master;
銆??file "named.broadcast";
銆??allow-update { none; };
);
銆??zone "0.in-addr.arpa" IN {
銆??type master;
銆??file "named.zero";
銆??allow-update { none; };
);
銆??zone "china.test" IN {
銆??type master;
銆??file "china.test.zone";
銆??allow-update { key administrator; };
);
銆??zone "13.168.192.in-addr.arpa" IN {
銆??type master;
銆??file "china.test.arpa";
銆??allow-update { key administrator; };
);
銆??2) 鍒囨崲鍒?var/named/chroot/etc/鐩綍锛屽皢named.rfc1912.zones杩藉姞鍒皀amed.caching-nameserver.conf涓紝鍚堜袱涓轰竴锛屾寜鐓х涓?鏂规硶鍒犻櫎銆佹坊鍔犵浉搴斿唴瀹癸紝骞跺垹闄iew localhost_resolver椤规墍鏈夊唴瀹广?
銆??4.鍦?var/named/chroot/var/named鐩綍涓嬫坊鍔犲煙閰嶇疆鏂囦欢锛屾枃浠跺涓嬶細
銆??[root@server named]# cat china.test.zone
銆??$TTL 86400
銆??@ IN SOA server.china.test. root.china.test. (
銆??2009062000
銆??28800
銆??14400
銆??360000
銆??86400
)
銆??@ IN NS server.china.test.
銆??server IN A 192.168.13.11
銆??client IN A 192.168.13.24
銆??[root@server named]# cat china.test.arpa
銆??$TTL 86400
銆??@ IN SOA server.china.test. root.server.china.test. (
銆??2009062000 ; Serial
銆??28800 ; Refresh
銆??14400 ; Retry
銆??3600000 ; Expire
銆??86400 ) ; Minimum
銆??@ IN NS server.china.test.
銆??11 IN PTR server.china.test.
銆??5. 鐢╟hkconfig --level 3 named on鍛戒护璁剧疆寮?満鑷姩寮?惎DNS鏈嶅姟銆?br />
銆??6. 鍚敤DNS鏈嶅姟service named start
銆??7. 鍦ㄥ鎴风涓绘満鐨?etc/resolv.conf鏂囦欢涓寚瀹欴NS鏈嶅姟鍣細nameserver 192.168.13.11
銆??鍥涖?鎼缓DHCP鏈嶅姟
銆??1. dhcp鐩稿叧杞欢鍖?br />
銆??rpm -ivh dhcp-3.0.5-13.el5.i386.rpm
銆??rpm -ivh dhcp-devel-3.0.5-13.el5.i386.rpm
銆??2. 淇敼閰嶇疆鏂囦欢銆備慨鏀瑰悗鐨勯厤缃枃浠跺涓嬶細
銆??[root@server ~]# cat /etc/dhcpd.conf
銆??ddns-update-style interim;
銆??allow client-updates;
銆??key administrator {
銆??algorithm HMAC-MD5;
銆??secret txOBJNpI39770VEkbPQQ6w==;
);
銆??zone china.test. {
銆??primary 192.168.13.11;
銆??key administrator;
)
銆??zone 13.168.192.in-addr.arpa. {
銆??primary 192.168.13.11;
銆??key administrator;
)
銆??subnet 192.168.13.0 netmask 255.255.255.0 {
銆??# --- default gateway
銆??option routers 192.168.13.13;
銆??option subnet-mask 255.255.255.0;
銆??option nis-domain "china.test";
銆??option domain-name "china.test";
銆??option domain-name-servers 192.168.13.11;
銆??# option time-offset -18000; # Eastern Standard Time
銆??# option ntp-servers 192.168.1.1;
銆??# option netbios-name-servers 192.168.1.1;
銆??# --- Selects point-to-point node (default is hybrid). Don't change this unless
銆??# -- you understand Netbios very well
銆??# option netbios-node-type 2;
銆??range dynamic-bootp 192.168.13.1 192.168.13.23;
銆??default-lease-time 180;
銆??max-lease-time 300;
)
銆??3. 鐢╟hkconfig --level 3 dhcpd on鍛戒护璁剧疆寮?満鑷姩寮?惎DNS鏈嶅姟銆?br />
銆??4. 鍚敤DNS鏈嶅姟service dhcpd start
銆??5. 鍦ㄥ鎴风涓绘満涓婃坊鍔燚HCP瀹㈡埛绔厤缃枃浠?etc/dhclient.conf锛屽唴瀹瑰涓嬶細
銆??[root@client ~]# cat /etc/dhclient.conf
銆??send fqdn.fqdn "client";
銆??send fqdn.encoded on;
銆??6. 鍦ㄦ湇鍔″櫒涓婃煡DHCP鍒嗛厤鏂囦欢/var/lib/dhcpd/dhcpd.leases锛?br />
銆??[root@server ~]# cat /var/lib/dhcpd/dhcpd.leases
銆??# All times in this file are in UTC (GMT), not your local timezone. This is
銆??# not a bug, so please don't ask about it. There is no portable way to
銆??# store leases in the local timezone, so please don't request this as a
銆??# feature. If this is inconvenient or confusing to you, we sincerely
銆??# apologize. Seriously, though - don't ask.
銆??# The format of this file is documented in the dhcpd.leases(5) manual page.
銆??# This lease file was written by isc-dhcp-V3.0.5-RedHat
銆??lease 192.168.13.23 {
銆??starts 6 2009/06/20 08:20:53;
銆??ends 6 2009/06/20 08:25:53;
銆??binding state active;
銆??next binding state free;
銆??hardware ethernet 00:0c:29:71:c6:09;
銆??set ddns-rev-name = "23.13.168.192.in-addr.arpa.";
銆??set ddns-txt = "0003680744ede9faf3e6e8bd78563f6857";
銆??set ddns-fwd-name = "client.china.test";
)
銆??7. 鏌ョ湅/var/named/chroot/var/named鐩綍锛岃嚜鍔ㄧ敓鎴愬涓嬩袱涓枃浠讹紝鐢ㄤ簬DNS鏇存柊銆?br />
銆??-rw-r--r-- 1 named named 1980 Jun 20 16:20 china.test.arpa.jnl
銆??-rw-r--r-- 1 named named 1825 Jun 20 16:20 china.test.zone.jnl
銆??8. 鏌ョ湅鍩熸枃浠跺唴瀹瑰涓嬶細
銆??[root@server named]# cat china.test.zone
銆??$ORIGIN .
銆??$TTL 86400 ; 1 day
銆??china.test IN SOA server.china.test. root.china.test. (
銆??2009062021 ; serial
銆??28800 ; refresh (8 hours)
銆??14400 ; retry (4 hours)
銆??360000 ; expire (4 days 4 hours)
銆??86400 ; minimum (1 day)
)
銆??NS server.china.test.
銆??$ORIGIN china.test.
銆??$TTL 150 ; 2 minutes 30 seconds
銆??client A 192.168.13.23
銆??TXT "0003680744ede9faf3e6e8bd78563f6857"
銆??$TTL 86400 ; 1 day
銆??server A 192.168.13.11
銆??[root@server named]# cat china.test.arpa
銆??$ORIGIN .
銆??$TTL 86400 ; 1 day
銆??13.168.192.in-addr.arpa IN SOA server.china.test. root.server.china.test. (
銆??2009062017 ; serial
銆??28800 ; refresh (8 hours)
銆??14400 ; retry (4 hours)
銆??3600000 ; expire (5 weeks 6 days 16 hours)
銆??86400 ; minimum (1 day)
)
銆??NS server.china.test.
銆??$ORIGIN 13.168.192.in-addr.arpa.
銆??11 PTR server.china.test.
銆??$TTL 150 ; 2 minutes 30 seconds
銆??23 PTR client.china.test.
銆??浜斻?缁撹
銆??1銆?琛ㄩ潰鐜拌薄锛?br />
銆??1) 鏇存柊姣旇緝鎱紝鐢氳嚦闇?鎵嬪姩閲嶅惎DNS鏈嶅姟鎵嶈兘鏇存柊鎴愬姛銆?br />
銆??2) 鍙嶅悜瑙f瀽娌℃湁娓呴櫎鏃х殑璁板綍锛屽涓嬶細
銆??[root@server ~]# cat /var/named/chroot/var/named/china.test.arpa
銆??$ORIGIN .
銆??$TTL 86400 ; 1 day
銆??13.168.192.in-addr.arpa IN SOA server.china.test. root.server.china.test. (
銆??2009062019 ; serial
銆??28800 ; refresh (8 hours)
銆??14400 ; retry (4 hours)
銆??3600000 ; expire (5 weeks 6 days 16 hours)
銆??86400 ; minimum (1 day)
)
銆??NS server.china.test.
銆??$ORIGIN 13.168.192.in-addr.arpa.
銆??11 PTR server.china.test.
銆??$TTL 150 ; 2 minutes 30 seconds
銆??12 PTR WWW-2E8A24A84C2.china.test.
銆??20 PTR client.china.test.
銆??23 PTR client.china.test.
銆??24 PTR client.china.test.
銆??2銆?鏇存柊鏃ュ織锛?br />
銆??Jun 20 22:35:25 server named[2719]: starting BIND 9.3.4-P1 -u named -c /etc/named.caching-nameserver.conf -t /var/named/chroot
銆??Jun 20 22:35:25 server named[2719]: found 1 CPU, using 1 worker thread
銆??Jun 20 22:35:25 server named[2719]: loading configuration from '/etc/named.caching-nameserver.conf'
銆??Jun 20 22:35:25 server named[2719]: listening on IPv4 interface lo, 127.0.0.1#53
銆??Jun 20 22:35:25 server named[2719]: listening on IPv4 interface eth0, 192.168.13.11#53
銆??Jun 20 22:35:25 server named[2719]: command channel listening on 127.0.0.1#953
銆??Jun 20 22:35:25 server named[2719]: command channel listening on ::1#953
銆??Jun 20 22:35:25 server named[2719]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
銆??Jun 20 22:35:25 server named[2719]: zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
銆??Jun 20 22:35:25 server named[2719]: zone 13.168.192.in-addr.arpa/IN/localhost_resolver: loaded serial 2009062027
銆??Jun 20 22:35:25 server named[2719]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
銆??Jun 20 22:35:25 server named[2719]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
銆??Jun 20 22:35:25 server named[2719]: zone localdomain/IN/localhost_resolver: loaded serial 42
銆??Jun 20 22:35:25 server named[2719]: zone localhost/IN/localhost_resolver: loaded serial 42
銆??Jun 20 22:35:25 server named[2719]: zone china.test/IN/localhost_resolver: loaded serial 2009062035
銆??Jun 20 22:35:25 server named[2719]: running
銆??Jun 20 22:35:25 server dhcpd: Internet Systems Consortium DHCP Server V3.0.5-RedHat
銆??Jun 20 22:35:25 server dhcpd: Copyright 2004-2006 Internet Systems Consortium.
銆??Jun 20 22:35:25 server dhcpd: All rights reserved.
銆??Jun 20 22:35:25 server dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
銆??Jun 20 22:35:25 server dhcpd: lease 192.168.13.22: no subnet.
銆??Jun 20 22:35:25 server last message repeated 3 times
銆??Jun 20 22:35:25 server dhcpd: Wrote 1 leases to leases file.
銆??Jun 20 22:35:25 server dhcpd: Listening on LPF/eth0/00:0c:29:64:e2:df/192.168.13/24
銆??Jun 20 22:35:25 server dhcpd: Sending on LPF/eth0/00:0c:29:64:e2:df/192.168.13/24
銆??Jun 20 22:35:25 server dhcpd: Sending on Socket/fallback/fallback-net
銆??Jun 20 22:35:33 server dhcpd: DHCPREQUEST for 192.168.13.22 from 00:0c:29:71:c6:09 via eth0: unknown lease 192.168.13.22.
銆??Jun 20 22:35:37 server dhcpd: DHCPREQUEST for 192.168.13.22 from 00:0c:29:71:c6:09 via eth0: unknown lease 192.168.13.22.
銆??Jun 20 22:35:49 server dhcpd: DHCPDISCOVER from 00:0c:29:71:c6:09 via eth0
銆??Jun 20 22:35:50 server dhcpd: DHCPOFFER on 192.168.13.24 to 00:0c:29:71:c6:09 via eth0
銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone 'china.test/IN': update unsuccessful: client.china.test: 'name not in use' prerequisite not satisfied (YXDOMAIN)
銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone 'china.test/IN': deleting rrset at 'client.china.test' A
銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone 'china.test/IN': adding an RR at 'client.china.test' A
銆??Jun 20 22:35:50 server dhcpd: Added new forward map from client.china.test to 192.168.13.24
銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone '13.168.192.in-addr.arpa/IN': deleting rrset at '24.13.168.192.in-addr.arpa' PTR
銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone '13.168.192.in-addr.arpa/IN': adding an RR at '24.13.168.192.in-addr.arpa' PTR
銆??Jun 20 22:35:50 server dhcpd: added reverse map from 24.13.168.192.in-addr.arpa. to client.china.test
銆??3銆?瀹㈡埛绔В鏋愬涓嬶細
銆??C:>nslookup
銆??Default Server: server.china.test
銆??Address: 192.168.13.11
銆??> client.china.test
銆??Server: server.china.test
銆??Address: 192.168.13.11
銆??Name: client.china.test
銆??Address: 192.168.13.24
銆??> 192.168.13.23
銆??Server: server.china.test
銆??Address: 192.168.13.11
銆??Name: WWW-2E8A24A84C2.china.test
銆??Address: 192.168.13.23
銆??> 192.168.13.24
銆??Server: server.china.test
銆??Address: 192.168.13.11
銆??Name: client.china.test
銆??Address: 192.168.13.24
銆??> WWW-2E8A24A84C2.china.test
銆??Server: server.china.test
銆??Address: 192.168.13.11
銆??Name: WWW-2E8A24A84C2.china.test
銆??Address: 192.168.13.23
銆??4銆佹渶缁堢粨璁猴細
銆??瀹炵幇浜咲NS涓嶥HCP鐨勪簰鍔ㄦ洿鏂板姛鑳姐?宸ヤ綔杩囩▼浣跨敤鍩熸枃浠朵负锛歝hina.test.arpa.jnl
相关链接:
Salesforce executives leaving three hundred will continue To recruitSimple Automation ToolsMatroska ps3CGI teaching: CGI environment variables UsedUnlimited access to the latest trick for Gmail accountTomato Garden in France, Italy and public OPINIONCompare Active XDealers sustained growth Quartetavi to mp4 Converter free downloadChina has announced measures in the United States blocked WAPI appeal to the international organizatf4v to AVIDealers said the switch to the sale of genuine OEM version of Win7 low profitsBest video formatMSN photo worm attacking Jiangmin Christmas warning Qi Rising