Chinaunix首页 | 论坛 | 博客
  • 博客访问: 10809776
  • 博文数量: 2905
  • 博客积分: 20098
  • 博客等级: 上将
  • 技术积分: 36298
  • 用 户 组: 普通用户
  • 注册时间: 2009-03-23 05:00
文章存档

2012年(1)

2011年(3)

2009年(2901)

分类: LINUX

2009-03-23 11:29:50

named+dhcpdDDNS
 
一、概述
1.       操作系统为RHEL4,所使用软件包均为系统自带。
2.       域名:aptech.com,主机名称:ns,主机IP地址:192.168.1.200
3.       所需软件包:
dhcp-3.0.1-12_EL.i386.rpm
bind-9.2.4-2.i386.rpm
 
二、准备工作
#修改机器名
[root@localhost ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=ns.aptech.com
[root@localhost ~]# vi /etc/hosts
127.0.0.1               localhost.localdomain localhost
192.168.1.200             ns.aptech.com ns
 
#修改网卡IP配置
[root@localhost ~]#vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
TYPE=Ethernet
IPADDR=192.168.1.200
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
 
#修改DNS
[root@localhost ~]# vi /etc/host.conf
order bind,hosts
[root@localhost ~]# vi /etc/resolv.conf
search aptech.com
nameserver 192.168.1.200
 
[root@localhost ~]#reboot
 
三、配置DHCP
使用rpm包安装之后,生成有一个样本/usr/share/doc/dhcp-3.0.1/dhcpd.conf.sample,利用这个文件。
确认存在/var/lib/dhcp/dhcpd.leases这个文件,这是记录用户租约的文件。
 
[root@ns /]# cp /usr/share/doc/dhcp-3.0.1/dhcpd.conf.sample /etc/dhcpd.conf
 
[root@ns ~]# vi etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;
        option domain-name              "aptech.com";
        option domain-name-servers      192.168.1.200;
        option time-offset              -18000; # Eastern Standard Time
        range dynamic-bootp 192.168.1.100 192.168.1.200;
        default-lease-time 21600;
        max-lease-time 43200;
}
 
[root@ns ~]# chkconfig --level 3 dhcpd on
[root@ns ~]# service dhcpd startdhcpd
 
四、配置DNS
 [root@ns ~]# vi /etc/named.conf
#增加以下数行
zone "aptech.com" IN {
        type master;
        file "aptech.com.zone";
        allow-update { none; };
};
 
zone "1.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.1.arpa";
        allow-update { none; };
};
 
[root@ns ~]# cd /var/named/
[root@ns named]# touch aptech.com.zone
[root@ns named]# touch 192.168.1.arpa
[root@ns named]# chown named:named aptech.com.zone
[root@ns named]# chown named:named 192.168.1.arpa
[root@ns named]# chown named:named /var/named
 
 
[root@ns named]# vi aptech.com.zone
#正向解析。参照localdomain.zone。注意完整主机名后面跟一个“.
$TTL    86400
@               IN SOA  ns.aptech.com.     root.aptech.com. (
                           2007100800      ; serial (d. adams)
                           3H              ; refresh
                           15M             ; retry
                           1W              ; expiry
                           1D )            ; minimum
 
                IN NS           ns.aptech.com.
                IN MX   10      mail
                IN A            192.168.1.200
ns              IN A            192.168.1.200
mail            CNAME           ns
 
[root@ns named]# vi 192.168.1.arpa
#反向解析。参照named.local。注意完整主机名后面跟一个“.
$TTL    86400
@       IN      SOA     1.168.192.in-addr.arpa.  root.aptech.com.  (
                                      2007100800 ; Serial
                                      3h         ; Refresh
                                      15m        ; Retry
                                      1w         ; Expire
                                      1d    )    ; Minimum
              IN      NS      ns.aptech.com.
 
200           IN      PTR     ns.aptech.com.
 
#启动服务
[root@ns named]# service named start
Starting named: [  OK  ]
 
#测试
[root@ns named]# nslookup
> ns
Server:         192.168.1.200
Address:        192.168.1.200#53
 
Name:   ns.aptech.com
Address: 192.168.1.200
> mail
Server:         127.0.0.1
Address:        127.0.0.1#53
 
mail.aptech.com    canonical name = ns.aptech.com.
Name:   ns.aptech.com
Address: 192.168.1.200
> 192.168.1.200
Server:         192.168.1.200
Address:        192.168.1.200#53
 
200.1.168.192.in-addr.arpa        name = ns.aptech.com.
> exit
[root@ns named]#
 
#至此,基本的DNSDHCP已经可以工作,连接到网络的客户机也可以自动获取IP地址等信息。但是使用nslookup还是无法解析客户端的IP地址或主机名,需要配置DDNS解决。
 
#关于rndc
#默认情况下,安装bind包的时候,在/etc下已经生成了rndc.confrndc.key文件,#如果没有,可用以下命令生成 rndc-confgen >/etc/rndc.conf
rndc是控制DNS服务器的软件,
 
五、配置DDNS
DDNS的配置,需要在nameddhcp的配置文件中声名一个相同的key
#通过命令dnssec-keygen生成两个文件,其中包含key
[root@ns ~]# dnssec-keygen -a HMAC-MD5 -b 128 -n USER dhcp_updater
Kdhcp_updater.+157+19856
[root@ns ~]# cat Kdhcp_updater.+157+19856.private
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key: AEmzoO5VvkZGgDqco1L+og==
 
#根据以上Key值,修改named.confdhcpd.conf文件
A:
[root@ns ~]# vi /etc/named.conf
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
};
 
 
zone "aptech.com" {
type master;
file "aptech.com.zone";
allow-update { key "dhcp_updater";};
};
zone "1.168.192.in-addr.arpa" {
type master;
file "192.168.1.arpa";
allow-update { key "dhcp_updater";};
};
key dhcp_updater {
        algorithm HMAC-MD5.SIG-ALG.REG.INT;
        secret AEmzoO5VvkZGgDqco1L+og==;
};
include "/etc/rndc.key";
 
B:
[root@ns ~]# vi /etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
 
key dhcp_updater {
        algorithm HMAC-MD5.SIG-ALG.REG.INT;
        secret AEmzoO5VvkZGgDqco1L+og==;
}
zone aptech.com. {
primary 192.168.1.200;
key "dhcp_updater";
}
 
zone 1.168.192.in-addr.arpa. {
primary 192.168.1.200;
key "dhcp_updater";
}
subnet 192.168.1.0 netmask 255.255.255.0 {
 
option routers         192.168.1.1;
option subnet-mask     255.255.255.0;
 
option domain-name     "aptech.com";
option domain-name-servers 192.168.1.200;
 
option time-offset     -18000;    # Eastern Standard Time
 
range dynamic-bootp 192.168.1.128 192.168.1.254;
default-lease-time 21600;
max-lease-time 43200;
}
 

本文出自 “lanfox” 博客,转载请与作者联系!

阅读(1513) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~