Ịtọlite Bind dị ka ihe nkesa DNS nkeonwe na RHEL 8
Sistemụ Aha ngalaba (DNS) bụ usoro eji atụgharị aha ngalaba mmadụ nwere ike ịgụ (ma ọ bụ aha ngalaba zuru oke (FQDN)) gaa na adreesị IP nke igwe nwere ike ịgụ, iji chọta kọmputa na netwọkụ dị ka ịntanetị.
Na kọmputa na usoro netwọk, nke a dị mkpa n'ihi na, ọ bụ ezie na FQDN dị mfe maka ụmụ mmadụ icheta na iji, kọmputa (ndị ahịa) nweta ihe onwunwe ma ọ bụ ọrụ na kọmputa ndị ọzọ (sava) dabere na adreesị IP.
N'akụkụ a, ihe nkesa DNS (nke a makwaara dị ka ihe nkesa aha) na-edobe ndekọ nke FQDN ma tụgharịa ya na adreesị IP; ọ nwekwara ike weghachi adreesị IP mgbe a na-enye aha nnabata/FQDN. Enwere ụdị sava DNS dị iche iche gụnyere ihe nkesa aha nwere ikike, ihe nkesa aha caching na ọtụtụ ndị ọzọ.
N'isiokwu a, anyị ga-ejegharị gị site na usoro iji wụnye na hazie ihe nkesa DNS nkeonwe/nke ime na RHEL 8 site na iji BIND mepere emepe software.
- RHEL 8 nwere Nwụnye Opekempe
- RHEL 8 nwere ndebanye aha RedHat
- RHEL 8 nwere Adreesị IP Static
Domain: tecmint.lan DNS Server IP and hostname: 192.168.56.100, dns-primary.tecmint.lan DNS Client IP and hostname: 192.168.56.104, tecmint.tecmint.lan
Kwụpụ 1: Wụnye Bind DNS na RHEL 8
1. Iji wụnye bind na ya utilities na gị na ihe nkesa, na-agba ọsọ na-esonụ cdnf iwu.
# dnf install bind bind-utils
2. Ọzọ, bido ọrụ DNS maka ugbu a, wee mee ka ọ malite na-akpaghị aka na boot system wee lelee ma ọ dị elu ma na-agba ọsọ site na iji iwu systemctl.
# systemctl start named # systemctl enable named # systemctl status named
Kwụpụ 2: Na-ahazi BIND DNS na RHEL 8
3. Iji hazie ihe nkesa Bind DNS, nke mbụ ị ga-ebu ụzọ were ndabere nke faịlụ nhazi mbụ /etc/named.conf site na iji iwu cp.
# cp /etc/named.conf /etc/named.conf.orig
4. Ugbu a mepee /etc/named.conf nhazi faịlụ maka edezi iji ọkacha mmasị gị akara ederede editọ dị ka ndị a.
# vi /etc/named.conf
N'okpuru ngalaba nhazi nhọrọ
, kwuo ahịrị ndị a.
options { #listen-on port 53 { 127.0.0.1; }; #listen-on-v6 port 53 { ::1; }; directory "/var/named";
5. Ọzọ, chọọ allow-query
parameter wee tọọ uru ya na netwọkụ gị, nke pụtara na ọ bụ naanị ndị ọbịa nọ na netwọkụ mpaghara gị nwere ike ịjụ ihe nkesa DNS.
allow-query {localhost; 192.168.56.0/24}
Kwụpụ 3: Mepụta Mpaghara DNS na-aga n'ihu na tụgharịa
Mpaghara mbugharị bụ ebe echekwara aha nnabata (ma ọ bụ FQDN) na mmekọrịta adreesị IP; ọ na-eji aha nnabata na-eweghachi adreesị IP. Rịba ama na ajụjụ DNS nkịtị bụ ajụjụ nchọgharị. N'aka nke ọzọ, Mpaghara Reverse na-eweghachi FQDN nke onye ọbịa dabere na adreesị IP ya.
6. Iji kọwapụta mpaghara mbugharị na ntụgharị, gbakwunye ahịrị ndị a na njedebe nke faịlụ /etc/named.conf.
//forward zone zone "tecmint.lan" IN { type master; file "tecmint.lan.db"; allow-update { none; }; allow-query {any; } }; //backward zone zone "56.168.192.in-addr.arpa" IN { type master; file "tecmint.lan.rev"; allow-update { none; }; allow-query { any; } };
Ka anyị kọwaa nkenke nhọrọ na nhazi mpaghara dị n'elu:
- Ụdị
- : Na-akọwa ọrụ nke ihe nkesa a maka mpaghara ahụ. Uru “nna ukwu” pụtara na ọ bụ ihe nkesa nwere ikike ebe a na-edobe nnapụta data mpaghara.
- faịlụ: ezipụta faịlụ nchekwa data mpaghara.
- Nwelite-ekwe ka: ezipụta ndị ụsụụ ndị kwere ka ha nyefee mmelite DNS dị egwu maka mpaghara ukwu. Ọ dịghị onye na nke a.
Nzọụkwụ 4: Ịmepụta Forward DNS Mpaghara File
7. Nke mbụ, mepụta faịlụ mpaghara Forward n'okpuru ndekọ aha/var/named.
# vi /var/named/tecmint.lan.db
Tinye nhazi ndị a na ya.
$TTL 86400 @ IN SOA dns-primary.tecmint.lan. admin.tecmint.lan. ( 2019061800 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) ;Name Server Information @ IN NS dns-primary.tecmint.lan. ;IP for Name Server dns-primary IN A 192.168.56.100 ;A Record for IP address to Hostname www IN A 192.168.56.5 mail IN A 192.168.56.10 docs IN A 192.168.56.20
Ka anyị kọwaa nkenke nkọwa mpaghara dị n'elu na paramita.
- TTL: na-akọwapụta oge na-ebi ndụ nke RR na $TTL ntuziaka na-enye ndabara TTL maka RR ọ bụla na-enweghị kpọmkwem TTL set.
- @: Ọ bụ utu aha aha ngalaba (dịka tecmint.lan) akọwapụtara na faịlụ nhazi isi.
- IN: pụtara ịntanetị.
- SOA: ezipụta Mmalite nke ikike: onye nwe aha nkesa bụ (dns-primary.tecmint.lan), ozi kọntaktị onye nchịkwa (admin.tecmint.lan, akara @ na-anọchi oge) na ndị ọzọ metụtara ya. ozi.
- NS: pụtara ihe nkesa aha.
- Oghere Usoro: ihe nkesa DNS na-eji uru a iji chọpụta na ọdịnaya dị n'otu faịlụ mpaghara adịla ọhụrụ.
- Nweghachi: na-akọwapụta ugboro ole sava DNS ohu kwesịrị ime mbufe mpaghara site na nna ukwu.
- Nwagharịa: na-akọwapụta ugboro ole ohu kwesịrị ịnwale mbufe mpaghara dara ada.
- Expire: na-ekpebi ogologo oge sava ohu kwesịrị ichere tupu ọ zaa ajụjụ ndị ahịa mgbe nna ukwu enweghị ike iru ya.
- Opekempe: na-edozi TTL kacha nta maka mpaghara.
- A: Adreesị ndị ọbịa.
Nzọụkwụ 5: Ịmepụta Reverse DNS mpaghara File
8. Yiri, mepụta faịlụ mpaghara Reverse n'okpuru ndekọ aha/var/ aha.
# vi /var/named/tecmint.lan.rev
Wee tinye ahịrị ndị a n'ime ya. N'ebe a, PTR bụ ihe na-abụghị nke ndekọ eji akọwa adreesị IP na aha nnabata.
$TTL 86400 @ IN SOA dns-primary.tecmint.lan. admin.tecmint.lan. ( 2019061800 ;Serial 3600 ;Refresh 1800 ;Retry 604800 ;Expire 86400 ;Minimum TTL ) ;Name Server Information @ IN NS dns-primary.tecmint.lan. ;Reverse lookup for Name Server 100 IN PTR dns-primary.tecmint.lan. ;PTR Record IP address to HostName 5 IN PTR www.tecmint.lan. 10 IN PTR mail.tecmint.lan. 20 IN PTR docs.tecmint.lan.
9. Tọọ ikike nwe ziri ezi na faịlụ mpaghara dịka ndị a.
# chown :named /var/named/tecmint.lan.db # chown :named /var/named/tecmint.lan.rev
10. N'ikpeazụ, lelee nhazi DNS na faịlụ mpaghara nwere syntax ziri ezi mgbe emechara mgbanwe ndị a dị n'elu, na-eji aha-checkconf utility (enweghị pụtara enweghị njehie):
# named-checkconf # named-checkzone tecmint.lan /var/named/tecmint.lan.db # named-checkzone 192.168.56.100 /var/named/tecmint.lan.rev
11. Ozugbo ịmechara nhazi niile dị mkpa, ịkwesịrị ịmalitegharị ọrụ DNS maka mgbanwe ndị na-adịbeghị anya iji mee ihe.
# systemctl restart named
12. Ọzọ, tupu ndị ahịa ọ bụla enwee ike ịnweta nhazi ọrụ DNS na ihe nkesa ahụ, ịkwesịrị ịgbakwunye ọrụ DNS na usoro firewall config wee bugharịa ntọala firewall site na iji firewall-cmd utility, dị ka ndị a:
# firewall-cmd --permanent --zone=public --add-service=dns # firewall-cmd --reload
Kwụpụ 6: Nnwale ọrụ DNS Site na onye ahịa
13. Na ngalaba a, anyị ga-egosi otu esi anwale ọrụ DNS site n'akụkụ ndị ahịa. Banye n'ime igwe ndị ahịa, hazie ya ka ọ jiri sava DNS dị n'elu. Na sistemụ Linux, mepee faịlụ /etc/resolve.conf site na iji editọ ederede ọkacha mmasị gị.
# vi /etc/resolve.conf
Tinye ntinye na-esonụ n'ime ya, nke na-agwa onye na-edozi ka ọ jiri aha nkesa akọwapụtara.
nameserver 192.168.56.100
Chekwaa faịlụ ma mechie ya. Rịba ama na ị ga-ezipụtakwa ihe nkesa DNS na faịlụ nhazi nhazi netwọkụ.
14. Tinye ihe nkesa DNS IP 192.168.56.100 dị ka onye na-edozi na faịlụ nhazi nhazi netwọk igwe nke ndị ahịa /etc/sysconfig/network-scripts/ifcfg-enp0s3 dị ka egosiri na foto a.
TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=dhcp DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=enp0s3 UUID=aba298ca-fa65-48cd-add9-6c3f1f28cee2 DEVICE=enp0s3 ONBOOT=no DNS=192.168.56.100
15. wee jiri nslookup utility jụọ IP site na iji hostname na vise versa, nke www, mail na docs sava na netwọk gị dị ka egosiri.
# nslookup 192.168.56.5 # nslookup www.tecmint.lan # nslookup 192.168.56.10 # nslookup mail.tecmint.lan # nslookup 192.168.56.20 # nslookup docs.tecmint.lan # nslookup 192.168.56.100 # nslookup dns-primary.tecmint.lan
N'ime edemede a, anyị egosila otu esi etinye na hazie sava DNS nke nwere ikike na RHEL 8 site na iji ngwa BIND. Anyị na-atụ anya na ihe niile ga-arụ ọrụ nke ọma maka gị, ma ọ bụghị, zitere anyị ajụjụ gị ma ọ bụ okwu ọ bụla ọzọ site na ụdị nzaghachi n'okpuru.