Basic

FreeNAS
       
DNS與DHCP

參考文件cd /usr/share/doc/bind-9.3.X/sample/

安裝

yum install bind bind-chroot bind-libs bind-utils caching-nameserver system-config-bind

設定安全啟用路徑

vi /etc/sysconfig/named

ROOTDIR=/var/named/chroot

主要設定檔

vi /var/named/chroot/etc/named.conf

主要伺服器路徑

/var/named/chroot/var/named/

次要伺服器路徑

/var/named/chroot/var/named/slave

完整設定內容,可直接複製貼上,並稍作修改來使用(以下為--次要伺服器用)

vi /var/named/chroot/etc/named.conf

-------------------主要伺服器-----

options {
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;

    forwarders {
                163.28.136.14;
                163.28.136.2;
                163.28.136.10;
        };

  allow-transfer {
                163.28.136.14;
                163.28.136.2;
                163.28.136.10;
        };

};

controls {
        inet 127.0.0.1 allow {  localhost; } keys { rndckey; };
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};


zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};


zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};


zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};


zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "school.kh.edu.tw" IN {
        type master;
        file "named.school";
        allow-update { none; };
};

zone "x.32.163.in-addr.arpa" IN {
        type master;
        file "named.school.rev";
        allow-update { none; };
        };

include "/etc/rndc.key";

-------------------次要伺服器-----

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;
       
    forwarders {
                163.28.136.14;
                163.28.136.2;
                163.28.136.10;
        };

};

controls {
        inet 127.0.0.1 allow {  localhost; } keys { rndckey; };
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};


zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};


zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};


zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};


zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "school.kh.edu.tw" IN {
        type slave;
        file "slave/named.x.rev";
        masters{
              163.32.代號.1;           
        };
};

zone "代號.32.163.in-addr.arpa" IN {
        type slave;
        file "slave/named.sxhool.rev";
        masters{
               163.32.代號.1;          
        };
};

include "/etc/rndc.key";

重新啟動

service named restart

檢查是否有named.x.rev反解  和  named.x 正解兩個檔案

cd /var/named/chroot/var/named/

次要伺服器的內容會跟隨主要伺服器更新,定期維護主要伺服器,次要伺服器為救急用!

----------named.shsps----------

$TTL          86400
@ IN SOA x.kh.edu.tw. root.x.kh.edu.tw(
        2010052730 ; serial
        1H ; refresh
        15 ; retry
        14D ; expire
        12H ; Minimum
)


@               IN     MX   1                          mail.x.kh.edu.t
@               IN     NS   x.kh.edu.tw.
@               IN     NS   dns.x.kh.edu.tw.
@               IN     A    163.32.x.1
dns             IN     A    163.32.x.1
ftp             IN     A    163.32.x.2

www         IN   CNAME  ftp.x.kh.edu.tw.

 ----------named.shsps.rev----------設定格式

$TTL          86400
@ IN SOA x.kh.edu.tw. root.x.kh.edu.tw. (
2010052710 ; serial
1H ; refresh
15 ; retry
14D ; expire
12H ; Minimum
)
@ IN NS x.kh.edu.tw.
@ IN NS dns.x.kh.edu.tw.
1 IN PTR x.kh.edu.tw.
2 IN PTR www.x.kh.edu.tw.

DHCP伺服器

安裝程式

yum -y install dhcp*

設定檔案注意,網路卡全都要設定

vi /etc/dhcpd.conf

ddns-update-style interim;
ignore client-updates;

subnet 163.32.x.0 netmask 255.255.255.0 {
}

subnet 192.168.1.0 netmask 255.255.255.0 {
}

subnet 192.168.2.0 netmask 255.255.255.0 {

# --- default gateway
option routers                      192.168.1.1;
option subnet-mask              255.255.255.0;
option broadcast-address      192.168.1.255;

option domain-name                 "dns.xxx.kh.edu.tw";
option domain-name-servers      163.32.x.1,140.117.11.1,168.95.1.1;
option netbios-name-servers      163.32.x.1;
option time-offset                    -18000; # Eastern Standard Time
option netbios-node-type 8;
range dynamic-bootp 192.168.1.11 192.168.1.239;
default-lease-time 216000;
max-lease-time 432000;

# we want the nameserver to appear at a fixed address固定主機IP

host shsps00001{
hardware ethernet 00:13:d4:9c:3d:6a;
fixed-address 163.32.x.10;
}

}

 

設定預設GATEWAY

vi /etc/sysconfig/network

NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=hostname.kh.edu.tw
GATEWAY=163.32.x.254 

重新啟動網路

service network restart

查伺服器租約檔

vi /var/lib/dhcpd/dhcpd.leases

Don彙整筆記2010啟用