Sunday, September 19, 2010

RHEL5.2 DNS and DHCP interaction next update



RHEL5.2 DNS and DHCP interaction next update

First, the experimental target

In the Linux platform to achieve interactive update DHCP and DNS functionality.

In the experimental environment

銆??涓?彴Linux鏈嶅姟鍣ㄧ増鏈负Red Hat Enterprise Linux Server release 5.2 (Tikanga)锛屽唴鏍哥増鏈彿2.6.18-92.el5;涓ゅ彴瀹㈡埛绔細涓?彴涓篧indows XP Professional SP3;涓?彴涓篖inux涓绘満锛岀増鏈悓鏈嶅姟鍣ㄣ?

銆??涓夈?鎼缓DNS鏈嶅姟(bind)

銆??1.瀹夎bind鐩稿叧杞欢鍖?br />
銆??鏀惧叆瀹夎鍏夌洏锛屽苟鍒囨崲鍒拌蒋浠跺寘鎵?湪鐩綍锛屾墽琛屼笅鍒楀懡浠ゅ畨瑁呯浉搴旇蒋浠跺寘锛?br />
銆??rpm -ivh bind-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ivh bind-chroot-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ivh bind-devel-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ivh bind-libbind-devel-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ivh bind-libs-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ivh bind-sdb-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ihv bind-utils-9.3.4-6.P1.el5.i386.rpm

銆??rpm -ivh caching-nameserver-9.3.4-6.P1.el5.i386.rpm

銆??2.鍒涘缓瀵嗛挜

銆??瑕佸疄鐜癉NS鐨勫姩鎬佹洿鏂帮紝棣栧厛瑕佽?铏戠殑鏄?鏍蜂繚璇佸畨鍏ㄥ湴瀹炵幇DDNS銆傜敱ISC缁欏嚭鐨勬柟娉曟槸鍒涘缓杩涜鍔ㄦ?鏇存柊鐨勫瘑閽ワ紝鍦ㄨ繘琛屾洿鏂版椂閫氳繃璇ュ瘑閽ュ姞浠ラ獙璇併?涓轰簡瀹炵幇杩欎竴鍔熻兘锛岄渶瑕佷互root韬唤杩愯浠ヤ笅鍛戒护锛?br />
銆??[root@server etc]# dnssec-keygen -a HMAC-MD5 -b 128 -n USER administrator

銆??涓婅堪dnssec-keygen鍛戒护鐨勫姛鑳藉氨鏄敓鎴愭洿鏂板瘑閽ワ紝鍏朵腑鍙傛暟-a HMAC-MD5鏄寚瀵嗛挜鐨勭敓鎴愮畻娉曢噰鐢℉MAC-MD5;鍙傛暟-b 128鏄寚瀵嗛挜鐨勪綅鏁颁负128浣?鍙傛暟-n USER administrator鏄寚瀵嗛挜鐨勭敤鎴蜂负administrator銆?br />
銆??璇ュ懡浠ょ敓鎴愮殑涓?瀵嗛挜鏂囦欢濡備笅锛?br />
銆??-rw------- 1 named named 55 Jun 20 00:54 Kadministrator.+157+49362.key

銆??-rw------- 1 named named 81 Jun 20 00:54 Kadministrator.+157+49362.private

銆??鍙互鏌ョ湅鍒氱敓鎴愮殑瀵嗛挜鏂囦欢鍐呭锛?br />
銆??[root@server etc]# cat Kadministrator.+157+49362.key

銆??administrator. IN KEY 0 3 157 txOBJNpI39770VEkbPQQ6w==

銆??[root@server etc]# cat Kadministrator.+157+49362.private

銆??Private-key-format: v1.2

銆??Algorithm: 157 (HMAC_MD5)

銆??Key: txOBJNpI39770VEkbPQQ6w==

銆??浠旂粏闃呰璇ュ瘑閽ユ枃浠跺氨浼氬彂鐜帮紝杩欎袱涓枃浠朵腑鍖呭惈鐨勫瘑閽ユ槸涓?牱鐨勶紝璇ュ瘑閽ュ氨鏄疍HCP瀵笵NS杩涜瀹夊叏鍔ㄦ?鏇存柊鏃剁殑鍑嵁銆傚悗闈㈤渶瑕佸皢璇ュ瘑閽ュ垎鍒坊鍔犲埌DNS鍜孌HCP鐨勯厤缃枃浠朵腑銆?br />
銆??3.閰嶇疆涓婚厤缃枃浠躲?杩欓噷鏈変袱绉嶆柟娉曪細

銆??1) 鍘婚櫎鎺?var/named/chroot/etc/named.caching-nameserver.conf鏂囦欢涓互涓嬪嚑琛屽唴瀹癸細

銆??listen-on port 53 { 127.0.0.1; };

銆??listen-on-v6 port 53 { ::1; };

銆??allow-query { localhost; };

銆??match-clients { localhost; };

銆??match-destinations { localhost; };

銆??淇敼鍚庣殑濡備笅锛?br />
銆??[root@server etc]# cat named.caching-nameserver.conf

/ /

銆??// named.caching-nameserver.conf

/ /

銆??// Provided by Red Hat caching-nameserver package to configure the

銆??// ISC BIND named(8) DNS server as a caching only nameserver

銆??// (as a localhost DNS resolver only).

/ /

銆??// See /usr/share/doc/bind*/sample/ for example named configuration files.

/ /

銆??// DO NOT EDIT THIS FILE - use system-config-bind or an editor

銆??// to create named.conf - edits to this file will be lost on

銆??// caching-nameserver package upgrade.

/ /

銆??options {

銆??directory "/var/named";

銆??dump-file "/var/named/data/cache_dump.db";

銆??statistics-file "/var/named/data/named_stats.txt";

銆??memstatistics-file "/var/named/data/named_mem_stats.txt";

銆??query-source port 53;

銆??query-source-v6 port 53;

);

銆??logging {

銆??channel default_debug {

銆??file "data/named.run";

銆??severity dynamic;

);

);

銆??view localhost_resolver {

銆??recursion yes;

銆??include "/etc/named.rfc1912.zones";

);

銆??鍦ㄦ枃浠?var/named/chroot/etc/ named.rfc1912.zones涓坊鍔犳柊鐨勮В鏋愬煙锛岀粨鏋滃涓嬶細

銆??[root@server etc]# cat named.rfc1912.zones

銆??// named.rfc1912.zones:

/ /

銆??// Provided by Red Hat caching-nameserver package

/ /

銆??// ISC BIND named zone configuration for zones recommended by

銆??// RFC 1912 section 4.1 : localhost TLDs and address zones

/ /

銆??// See /usr/share/doc/bind*/sample/ for example named configuration files.

/ /

銆??key administrator {

銆??algorithm HMAC-MD5.SIG-ALG.REG.INT;

銆??secret txOBJNpI39770VEkbPQQ6w==;

);

銆??zone "." IN {

銆??type hint;

銆??file "named.ca";

);

銆??zone "localdomain" IN {

銆??type master;

銆??file "localdomain.zone";

銆??allow-update { none; };

);

銆??zone "localhost" IN {

銆??type master;

銆??file "localhost.zone";

銆??allow-update { none; };

);

銆??zone "0.0.127.in-addr.arpa" IN {

銆??type master;

銆??file "named.local";

銆??allow-update { none; };

);

銆??zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

銆??type master;

銆??file "named.ip6.local";

銆??allow-update { none; };

);

銆??zone "255.in-addr.arpa" IN {

銆??type master;

銆??file "named.broadcast";

銆??allow-update { none; };

);

銆??zone "0.in-addr.arpa" IN {

銆??type master;

銆??file "named.zero";

銆??allow-update { none; };

);

銆??zone "china.test" IN {

銆??type master;

銆??file "china.test.zone";

銆??allow-update { key administrator; };

);

銆??zone "13.168.192.in-addr.arpa" IN {

銆??type master;

銆??file "china.test.arpa";

銆??allow-update { key administrator; };

);

銆??2) 鍒囨崲鍒?var/named/chroot/etc/鐩綍锛屽皢named.rfc1912.zones杩藉姞鍒皀amed.caching-nameserver.conf涓紝鍚堜袱涓轰竴锛屾寜鐓х涓?鏂规硶鍒犻櫎銆佹坊鍔犵浉搴斿唴瀹癸紝骞跺垹闄iew localhost_resolver椤规墍鏈夊唴瀹广?

銆??4.鍦?var/named/chroot/var/named鐩綍涓嬫坊鍔犲煙閰嶇疆鏂囦欢锛屾枃浠跺涓嬶細

銆??[root@server named]# cat china.test.zone

銆??$TTL 86400

銆??@ IN SOA server.china.test. root.china.test. (

銆??2009062000

銆??28800

銆??14400

銆??360000

銆??86400

)

銆??@ IN NS server.china.test.

銆??server IN A 192.168.13.11

銆??client IN A 192.168.13.24

銆??[root@server named]# cat china.test.arpa

銆??$TTL 86400

銆??@ IN SOA server.china.test. root.server.china.test. (

銆??2009062000 ; Serial

銆??28800 ; Refresh

銆??14400 ; Retry

銆??3600000 ; Expire

銆??86400 ) ; Minimum

銆??@ IN NS server.china.test.

銆??11 IN PTR server.china.test.

銆??5. 鐢╟hkconfig --level 3 named on鍛戒护璁剧疆寮?満鑷姩寮?惎DNS鏈嶅姟銆?br />
銆??6. 鍚敤DNS鏈嶅姟service named start

銆??7. 鍦ㄥ鎴风涓绘満鐨?etc/resolv.conf鏂囦欢涓寚瀹欴NS鏈嶅姟鍣細nameserver 192.168.13.11

銆??鍥涖?鎼缓DHCP鏈嶅姟

銆??1. dhcp鐩稿叧杞欢鍖?br />
銆??rpm -ivh dhcp-3.0.5-13.el5.i386.rpm

銆??rpm -ivh dhcp-devel-3.0.5-13.el5.i386.rpm

銆??2. 淇敼閰嶇疆鏂囦欢銆備慨鏀瑰悗鐨勯厤缃枃浠跺涓嬶細

銆??[root@server ~]# cat /etc/dhcpd.conf

銆??ddns-update-style interim;

銆??allow client-updates;

銆??key administrator {

銆??algorithm HMAC-MD5;

銆??secret txOBJNpI39770VEkbPQQ6w==;

);

銆??zone china.test. {

銆??primary 192.168.13.11;

銆??key administrator;

)

銆??zone 13.168.192.in-addr.arpa. {

銆??primary 192.168.13.11;

銆??key administrator;

)

銆??subnet 192.168.13.0 netmask 255.255.255.0 {

銆??# --- default gateway

銆??option routers 192.168.13.13;

銆??option subnet-mask 255.255.255.0;

銆??option nis-domain "china.test";

銆??option domain-name "china.test";

銆??option domain-name-servers 192.168.13.11;

銆??# option time-offset -18000; # Eastern Standard Time

銆??# option ntp-servers 192.168.1.1;

銆??# option netbios-name-servers 192.168.1.1;

銆??# --- Selects point-to-point node (default is hybrid). Don't change this unless

銆??# -- you understand Netbios very well

銆??# option netbios-node-type 2;

銆??range dynamic-bootp 192.168.13.1 192.168.13.23;

銆??default-lease-time 180;

銆??max-lease-time 300;

)

銆??3. 鐢╟hkconfig --level 3 dhcpd on鍛戒护璁剧疆寮?満鑷姩寮?惎DNS鏈嶅姟銆?br />
銆??4. 鍚敤DNS鏈嶅姟service dhcpd start

銆??5. 鍦ㄥ鎴风涓绘満涓婃坊鍔燚HCP瀹㈡埛绔厤缃枃浠?etc/dhclient.conf锛屽唴瀹瑰涓嬶細

銆??[root@client ~]# cat /etc/dhclient.conf

銆??send fqdn.fqdn "client";

銆??send fqdn.encoded on;

銆??6. 鍦ㄦ湇鍔″櫒涓婃煡DHCP鍒嗛厤鏂囦欢/var/lib/dhcpd/dhcpd.leases锛?br />
銆??[root@server ~]# cat /var/lib/dhcpd/dhcpd.leases

銆??# All times in this file are in UTC (GMT), not your local timezone. This is

銆??# not a bug, so please don't ask about it. There is no portable way to

銆??# store leases in the local timezone, so please don't request this as a

銆??# feature. If this is inconvenient or confusing to you, we sincerely

銆??# apologize. Seriously, though - don't ask.

銆??# The format of this file is documented in the dhcpd.leases(5) manual page.

銆??# This lease file was written by isc-dhcp-V3.0.5-RedHat

銆??lease 192.168.13.23 {

銆??starts 6 2009/06/20 08:20:53;

銆??ends 6 2009/06/20 08:25:53;

銆??binding state active;

銆??next binding state free;

銆??hardware ethernet 00:0c:29:71:c6:09;

銆??set ddns-rev-name = "23.13.168.192.in-addr.arpa.";

銆??set ddns-txt = "0003680744ede9faf3e6e8bd78563f6857";

銆??set ddns-fwd-name = "client.china.test";

)

銆??7. 鏌ョ湅/var/named/chroot/var/named鐩綍锛岃嚜鍔ㄧ敓鎴愬涓嬩袱涓枃浠讹紝鐢ㄤ簬DNS鏇存柊銆?br />
銆??-rw-r--r-- 1 named named 1980 Jun 20 16:20 china.test.arpa.jnl

銆??-rw-r--r-- 1 named named 1825 Jun 20 16:20 china.test.zone.jnl

銆??8. 鏌ョ湅鍩熸枃浠跺唴瀹瑰涓嬶細

銆??[root@server named]# cat china.test.zone

銆??$ORIGIN .

銆??$TTL 86400 ; 1 day

銆??china.test IN SOA server.china.test. root.china.test. (

銆??2009062021 ; serial

銆??28800 ; refresh (8 hours)

銆??14400 ; retry (4 hours)

銆??360000 ; expire (4 days 4 hours)

銆??86400 ; minimum (1 day)

)

銆??NS server.china.test.

銆??$ORIGIN china.test.

銆??$TTL 150 ; 2 minutes 30 seconds

銆??client A 192.168.13.23

銆??TXT "0003680744ede9faf3e6e8bd78563f6857"

銆??$TTL 86400 ; 1 day

銆??server A 192.168.13.11

銆??[root@server named]# cat china.test.arpa

銆??$ORIGIN .

銆??$TTL 86400 ; 1 day

銆??13.168.192.in-addr.arpa IN SOA server.china.test. root.server.china.test. (

銆??2009062017 ; serial

銆??28800 ; refresh (8 hours)

銆??14400 ; retry (4 hours)

銆??3600000 ; expire (5 weeks 6 days 16 hours)

銆??86400 ; minimum (1 day)

)

銆??NS server.china.test.

銆??$ORIGIN 13.168.192.in-addr.arpa.

銆??11 PTR server.china.test.

銆??$TTL 150 ; 2 minutes 30 seconds

銆??23 PTR client.china.test.

銆??浜斻?缁撹

銆??1銆?琛ㄩ潰鐜拌薄锛?br />
銆??1) 鏇存柊姣旇緝鎱紝鐢氳嚦闇?鎵嬪姩閲嶅惎DNS鏈嶅姟鎵嶈兘鏇存柊鎴愬姛銆?br />
銆??2) 鍙嶅悜瑙f瀽娌℃湁娓呴櫎鏃х殑璁板綍锛屽涓嬶細

銆??[root@server ~]# cat /var/named/chroot/var/named/china.test.arpa

銆??$ORIGIN .

銆??$TTL 86400 ; 1 day

銆??13.168.192.in-addr.arpa IN SOA server.china.test. root.server.china.test. (

銆??2009062019 ; serial

銆??28800 ; refresh (8 hours)

銆??14400 ; retry (4 hours)

銆??3600000 ; expire (5 weeks 6 days 16 hours)

銆??86400 ; minimum (1 day)

)

銆??NS server.china.test.

銆??$ORIGIN 13.168.192.in-addr.arpa.

銆??11 PTR server.china.test.

銆??$TTL 150 ; 2 minutes 30 seconds

銆??12 PTR WWW-2E8A24A84C2.china.test.

銆??20 PTR client.china.test.

銆??23 PTR client.china.test.

銆??24 PTR client.china.test.

銆??2銆?鏇存柊鏃ュ織锛?br />
銆??Jun 20 22:35:25 server named[2719]: starting BIND 9.3.4-P1 -u named -c /etc/named.caching-nameserver.conf -t /var/named/chroot

銆??Jun 20 22:35:25 server named[2719]: found 1 CPU, using 1 worker thread

銆??Jun 20 22:35:25 server named[2719]: loading configuration from '/etc/named.caching-nameserver.conf'

銆??Jun 20 22:35:25 server named[2719]: listening on IPv4 interface lo, 127.0.0.1#53

銆??Jun 20 22:35:25 server named[2719]: listening on IPv4 interface eth0, 192.168.13.11#53

銆??Jun 20 22:35:25 server named[2719]: command channel listening on 127.0.0.1#953

銆??Jun 20 22:35:25 server named[2719]: command channel listening on ::1#953

銆??Jun 20 22:35:25 server named[2719]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42

銆??Jun 20 22:35:25 server named[2719]: zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700

銆??Jun 20 22:35:25 server named[2719]: zone 13.168.192.in-addr.arpa/IN/localhost_resolver: loaded serial 2009062027

銆??Jun 20 22:35:25 server named[2719]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42

銆??Jun 20 22:35:25 server named[2719]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700

銆??Jun 20 22:35:25 server named[2719]: zone localdomain/IN/localhost_resolver: loaded serial 42

銆??Jun 20 22:35:25 server named[2719]: zone localhost/IN/localhost_resolver: loaded serial 42

銆??Jun 20 22:35:25 server named[2719]: zone china.test/IN/localhost_resolver: loaded serial 2009062035

銆??Jun 20 22:35:25 server named[2719]: running

銆??Jun 20 22:35:25 server dhcpd: Internet Systems Consortium DHCP Server V3.0.5-RedHat

銆??Jun 20 22:35:25 server dhcpd: Copyright 2004-2006 Internet Systems Consortium.

銆??Jun 20 22:35:25 server dhcpd: All rights reserved.

銆??Jun 20 22:35:25 server dhcpd: For info, please visit http://www.isc.org/sw/dhcp/

銆??Jun 20 22:35:25 server dhcpd: lease 192.168.13.22: no subnet.

銆??Jun 20 22:35:25 server last message repeated 3 times

銆??Jun 20 22:35:25 server dhcpd: Wrote 1 leases to leases file.

銆??Jun 20 22:35:25 server dhcpd: Listening on LPF/eth0/00:0c:29:64:e2:df/192.168.13/24

銆??Jun 20 22:35:25 server dhcpd: Sending on LPF/eth0/00:0c:29:64:e2:df/192.168.13/24

銆??Jun 20 22:35:25 server dhcpd: Sending on Socket/fallback/fallback-net

銆??Jun 20 22:35:33 server dhcpd: DHCPREQUEST for 192.168.13.22 from 00:0c:29:71:c6:09 via eth0: unknown lease 192.168.13.22.

銆??Jun 20 22:35:37 server dhcpd: DHCPREQUEST for 192.168.13.22 from 00:0c:29:71:c6:09 via eth0: unknown lease 192.168.13.22.

銆??Jun 20 22:35:49 server dhcpd: DHCPDISCOVER from 00:0c:29:71:c6:09 via eth0

銆??Jun 20 22:35:50 server dhcpd: DHCPOFFER on 192.168.13.24 to 00:0c:29:71:c6:09 via eth0

銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone 'china.test/IN': update unsuccessful: client.china.test: 'name not in use' prerequisite not satisfied (YXDOMAIN)

銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone 'china.test/IN': deleting rrset at 'client.china.test' A

銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone 'china.test/IN': adding an RR at 'client.china.test' A

銆??Jun 20 22:35:50 server dhcpd: Added new forward map from client.china.test to 192.168.13.24

銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone '13.168.192.in-addr.arpa/IN': deleting rrset at '24.13.168.192.in-addr.arpa' PTR

銆??Jun 20 22:35:50 server named[2719]: client 192.168.13.11#32772: view localhost_resolver: updating zone '13.168.192.in-addr.arpa/IN': adding an RR at '24.13.168.192.in-addr.arpa' PTR

銆??Jun 20 22:35:50 server dhcpd: added reverse map from 24.13.168.192.in-addr.arpa. to client.china.test

銆??3銆?瀹㈡埛绔В鏋愬涓嬶細

銆??C:>nslookup

銆??Default Server: server.china.test

銆??Address: 192.168.13.11

銆??> client.china.test

銆??Server: server.china.test

銆??Address: 192.168.13.11

銆??Name: client.china.test

銆??Address: 192.168.13.24

銆??> 192.168.13.23

銆??Server: server.china.test

銆??Address: 192.168.13.11

銆??Name: WWW-2E8A24A84C2.china.test

銆??Address: 192.168.13.23

銆??> 192.168.13.24

銆??Server: server.china.test

銆??Address: 192.168.13.11

銆??Name: client.china.test

銆??Address: 192.168.13.24

銆??> WWW-2E8A24A84C2.china.test

銆??Server: server.china.test

銆??Address: 192.168.13.11

銆??Name: WWW-2E8A24A84C2.china.test

銆??Address: 192.168.13.23

銆??4銆佹渶缁堢粨璁猴細

銆??瀹炵幇浜咲NS涓嶥HCP鐨勪簰鍔ㄦ洿鏂板姛鑳姐?宸ヤ綔杩囩▼浣跨敤鍩熸枃浠朵负锛歝hina.test.arpa.jnl







相关链接:



Salesforce executives leaving three hundred will continue To recruit



Simple Automation Tools



Matroska ps3



CGI teaching: CGI environment variables Used



Unlimited access to the latest trick for Gmail account



Tomato Garden in France, Italy and public OPINION



Compare Active X



Dealers sustained growth Quartet



avi to mp4 Converter free download



China has announced measures in the United States blocked WAPI appeal to the international organizat



f4v to AVI



Dealers said the switch to the sale of genuine OEM version of Win7 low profits



Best video format



MSN photo worm attacking Jiangmin Christmas warning Qi Rising